Updated Branches: refs/heads/3.0.x 41afc5fdb -> 4b9f836ea
CS-14955: security_group.py only creates ICMP iptables rules for ICMP type -1 Description: Unindented 3 lines to update logic flow to execute iptables when passed ICMP type is not -1. Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/4b9f836e Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/4b9f836e Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/4b9f836e Branch: refs/heads/3.0.x Commit: 4b9f836ea81a489ec4cf99e57dc61264209162c3 Parents: 41afc5f Author: John Kinsella <[email protected]> Authored: Wed May 16 19:52:32 2012 -0700 Committer: David Nalley <[email protected]> Committed: Sun May 27 19:40:31 2012 -0400 ---------------------------------------------------------------------- scripts/vm/network/security_group.py | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/4b9f836e/scripts/vm/network/security_group.py ---------------------------------------------------------------------- diff --git a/scripts/vm/network/security_group.py b/scripts/vm/network/security_group.py index a5c2087..08f61b8 100755 --- a/scripts/vm/network/security_group.py +++ b/scripts/vm/network/security_group.py @@ -639,8 +639,8 @@ def add_network_rules(vm_name, vm_id, vm_ip, signature, seqno, vmMac, rules, vif range = start + "/" + end if start == "-1": range = "any" - for ip in ips: - execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " " + direction + " " + ip + " -j "+ action) + for ip in ips: + execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " " + direction + " " + ip + " -j "+ action) if allow_any and protocol != 'all': if protocol != 'icmp': @@ -649,7 +649,7 @@ def add_network_rules(vm_name, vm_id, vm_ip, signature, seqno, vmMac, rules, vif range = start + "/" + end if start == "-1": range = "any" - execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " -j "+action) + execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " -j "+action) egress_vmchain = egress_chain_name(vm_name) if egressrule == 0 :
