incubator-cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ke4...@apache.org
Subject git commit: CS-14955: security_group.py only creates ICMP iptables rules for ICMP type -1
Date Sun, 27 May 2012 23:41:14 GMT
Updated Branches:
  refs/heads/3.0.x 41afc5fdb -> 4b9f836ea


CS-14955: security_group.py only creates ICMP iptables rules for ICMP type -1

Description:
Unindented 3 lines to update logic flow to execute iptables when
passed ICMP type is not -1.


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/4b9f836e
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/4b9f836e
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/4b9f836e

Branch: refs/heads/3.0.x
Commit: 4b9f836ea81a489ec4cf99e57dc61264209162c3
Parents: 41afc5f
Author: John Kinsella <jlk@stratosec.com>
Authored: Wed May 16 19:52:32 2012 -0700
Committer: David Nalley <david@gnsa.us>
Committed: Sun May 27 19:40:31 2012 -0400

----------------------------------------------------------------------
 scripts/vm/network/security_group.py |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/4b9f836e/scripts/vm/network/security_group.py
----------------------------------------------------------------------
diff --git a/scripts/vm/network/security_group.py b/scripts/vm/network/security_group.py
index a5c2087..08f61b8 100755
--- a/scripts/vm/network/security_group.py
+++ b/scripts/vm/network/security_group.py
@@ -639,8 +639,8 @@ def add_network_rules(vm_name, vm_id, vm_ip, signature, seqno, vmMac,
rules, vif
                 range = start + "/" + end
                 if start == "-1":
                     range = "any"
-                    for ip in ips:
-                        execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range
+ " " + direction + "  " + ip + " -j "+ action)
+                for ip in ips:
+                    execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range +
" " + direction + "  " + ip + " -j "+ action)
         
         if allow_any and protocol != 'all':
             if protocol != 'icmp':
@@ -649,7 +649,7 @@ def add_network_rules(vm_name, vm_id, vm_ip, signature, seqno, vmMac,
rules, vif
                 range = start + "/" + end
                 if start == "-1":
                     range = "any"
-                    execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range +
" -j "+action)
+                execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " -j
"+action)
  
     egress_vmchain = egress_chain_name(vm_name)
     if egressrule == 0 :


Mime
View raw message