[ https://issues.apache.org/jira/browse/CLOUDSTACK-2417?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sailaja Mada closed CLOUDSTACK-2417. ------------------------------------ Regressed with latest master. There is no NPE now while creating egress rules. But with 'ALL' option it results as unsupported for this zone. I will confirm this behavior . Closing this bug. > NPE while creating Egress rules with Networking using Cisco ASA firewall > provider > --------------------------------------------------------------------------------- > > Key: CLOUDSTACK-2417 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2417 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Network Controller > Affects Versions: 4.2.0 > Reporter: Sailaja Mada > Assignee: Koushik Das > Priority: Critical > Fix For: 4.2.0 > > > Setup: Advanced Networking Zone with VMWARE Cluster > Steps : > 1. Configure VMWARE Cluster with Nexus 1000v > 2. Add Network Service provider CiscoVnmc and add Cisco VNMC and ASA firewall > devices to CS > 3. Create Network offering with Firewall/PF/Source Nat/Static NAT provider as > Cisco VNMC > 4. Deploy guest network with this Offering and deploy instance using this > guest network > 5. Tried to create Egress rules with Cidr 10.0.0.0/00 TCP with 22 port > Observation: > NPE while creating Egress rules with Networking using Cisco ASA firewall > provider > 2013-05-09 17:14:22,886 DEBUG [cloud.api.ApiServlet] (catalina-exec-5:null) > ===START=== 10.144.6.19 -- GET > command=createEgressFirewallRule&response=json&sessionkey=zynphD7KqJbmsaitAu1b9gOogUw%3D&protocol=tcp&cidrlist=10.0.0.0%2F00&networkid=7fac418a-19e7-4455-8e8c-1dc11b9200d3&startport=8080&endport=8080&_=1368100003217 > 2013-05-09 17:14:22,896 DEBUG [cloud.user.AccountManagerImpl] > (catalina-exec-5:null) Access to Acct[3-cdcuser1] granted to Acct[3-cdcuser1] > by DomainChecker_EnhancerByCloudStack_d007a7cf > 2013-05-09 17:14:22,907 DEBUG [network.firewall.FirewallManagerImpl] > (catalina-exec-5:null) No network rule conflicts detected for > Rule[11-Firewall-Staged] against 0 existing rules > 2013-05-09 17:14:22,956 DEBUG [cloud.async.AsyncJobManagerImpl] > (catalina-exec-5:null) submit async job-45, details: AsyncJobVO {id:45, > userId: 3, accountId: 3, sessionKey: null, instanceType: FirewallRule, > instanceId: 11, cmd: > org.apache.cloudstack.api.command.user.firewall.CreateEgressFirewallRuleCmd, > cmdOriginator: null, cmdInfo: > {"sessionkey":"zynphD7KqJbmsaitAu1b9gOogUw\u003d","protocol":"tcp","ctxUserId":"3","httpmethod":"GET","startport":"8080","endport":"8080","response":"json","id":"11","cidrlist":"10.0.0.0/00","_":"1368100003217","ctxAccountId":"3","networkid":"7fac418a-19e7-4455-8e8c-1dc11b9200d3","ctxStartEventId":"191"}, > cmdVersion: 0, callbackType: 0, callbackAddress: null, status: 0, > processStatus: 0, resultCode: 0, result: null, initMsid: 214053811722752, > completeMsid: null, lastUpdated: null, lastPolled: null, created: null} > 2013-05-09 17:14:22,958 DEBUG [cloud.api.ApiServlet] (catalina-exec-5:null) > ===END=== 10.144.6.19 -- GET > command=createEgressFirewallRule&response=json&sessionkey=zynphD7KqJbmsaitAu1b9gOogUw%3D&protocol=tcp&cidrlist=10.0.0.0%2F00&networkid=7fac418a-19e7-4455-8e8c-1dc11b9200d3&startport=8080&endport=8080&_=1368100003217 > 2013-05-09 17:14:22,961 DEBUG [cloud.async.AsyncJobManagerImpl] > (Job-Executor-52:job-45) Executing > org.apache.cloudstack.api.command.user.firewall.CreateEgressFirewallRuleCmd > for job-45 > 2013-05-09 17:14:22,968 DEBUG [cloud.user.AccountManagerImpl] > (Job-Executor-52:job-45) Access to Acct[3-cdcuser1] granted to > Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf > 2013-05-09 17:14:22,969 DEBUG [cloud.async.AsyncJobManagerImpl] > (Job-Executor-52:job-45) Sync job-45 execution on object network.204 > 2013-05-09 17:14:22,979 DEBUG [cloud.async.AsyncJobManagerImpl] > (Job-Executor-52:job-45) job > org.apache.cloudstack.api.command.user.firewall.CreateEgressFirewallRuleCmd > for job-45 was queued, processing the queue. > 2013-05-09 17:14:22,998 DEBUG [cloud.async.AsyncJobManagerImpl] > (Job-Executor-52:job-45) Executing sync queue item: SyncQueueItemVO {id:24, > queueId: 1, contentType: AsyncJob, contentId: 45, lastProcessMsid: > 214053811722752, lastprocessNumber: 21, lastProcessTime: Thu May 09 17:14:22 > IST 2013, created: Thu May 09 17:14:22 IST 2013} > 2013-05-09 17:14:23,000 DEBUG [cloud.async.AsyncJobManagerImpl] > (Job-Executor-52:job-45) Schedule queued job-45 > 2013-05-09 17:14:23,016 DEBUG [cloud.async.SyncQueueManagerImpl] > (Job-Executor-52:job-45) There is a pending process in sync queue(id: 1) > 2013-05-09 17:14:23,018 DEBUG [cloud.async.AsyncJobManagerImpl] > (Job-Executor-53:job-45) Executing > org.apache.cloudstack.api.command.user.firewall.CreateEgressFirewallRuleCmd > for job-45 > 2013-05-09 17:14:23,024 DEBUG [cloud.user.AccountManagerImpl] > (Job-Executor-53:job-45) Access to Acct[3-cdcuser1] granted to > Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf > 2013-05-09 17:14:23,033 DEBUG [cloud.user.AccountManagerImpl] > (Job-Executor-53:job-45) Access to Rule[9-Firewall-Revoke] granted to > Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf > 2013-05-09 17:14:23,034 DEBUG [cloud.user.AccountManagerImpl] > (Job-Executor-53:job-45) Access to Rule[10-Firewall-Revoke] granted to > Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf > 2013-05-09 17:14:23,036 DEBUG [cloud.user.AccountManagerImpl] > (Job-Executor-53:job-45) Access to Rule[11-Firewall-Add] granted to > Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf > 2013-05-09 17:14:23,058 DEBUG [cloud.user.AccountManagerImpl] > (Job-Executor-53:job-45) Access to Rule[11-Firewall-Add] granted to > Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf > 2013-05-09 17:14:23,060 DEBUG [cloud.user.AccountManagerImpl] > (Job-Executor-53:job-45) Access to Rule[11-Firewall-Add] granted to > Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf > 2013-05-09 17:14:23,072 DEBUG [cloud.user.AccountManagerImpl] > (Job-Executor-53:job-45) Access to Rule[9-Firewall-Revoke] granted to > Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf > 2013-05-09 17:14:23,074 DEBUG [cloud.user.AccountManagerImpl] > (Job-Executor-53:job-45) Access to Rule[10-Firewall-Revoke] granted to > Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf > 2013-05-09 17:14:23,075 DEBUG [cloud.user.AccountManagerImpl] > (Job-Executor-53:job-45) Access to Rule[11-Firewall-Revoke] granted to > Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf > 2013-05-09 17:14:23,094 ERROR [cloud.async.AsyncJobManagerImpl] > (Job-Executor-53:job-45) Unexpected exception while executing > org.apache.cloudstack.api.command.user.firewall.CreateEgressFirewallRuleCmd > java.lang.NullPointerException > at > com.cloud.network.element.CiscoVnmcElement.applyFWRules(CiscoVnmcElement.java:657) > at > com.cloud.network.firewall.FirewallManagerImpl.applyRules(FirewallManagerImpl.java:548) > at > com.cloud.network.NetworkManagerImpl.applyRules(NetworkManagerImpl.java:2472) > at > com.cloud.network.firewall.FirewallManagerImpl.applyRules(FirewallManagerImpl.java:504) > at > com.cloud.network.firewall.FirewallManagerImpl.applyFirewallRules(FirewallManagerImpl.java:634) > at > com.cloud.network.firewall.FirewallManagerImpl.revokeFirewallRule(FirewallManagerImpl.java:674) > at > com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) > at > com.cloud.network.firewall.FirewallManagerImpl.revokeFirewallRule(FirewallManagerImpl.java:687) > at > org.apache.cloudstack.api.command.user.firewall.CreateEgressFirewallRuleCmd.execute(CreateEgressFirewallRuleCmd.java:147) > at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:155) > at > com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.java:437) > at > java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) > at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) > at java.util.concurrent.FutureTask.run(FutureTask.java:166) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) > at java.lang.Thread.run(Thread.java:679) > 2013-05-09 17:14:23,096 DEBUG [cloud.async.AsyncJobManagerImpl] > (Job-Executor-53:job-45) Complete async job-45, jobStatus: 2, resultCode: > 530, result: Error Code: 530 Error text: null > 2013-05-09 17:14:23,123 DEBUG [cloud.async.SyncQueueManagerImpl] > (Job-Executor-53:job-45) Sync queue (1) is currently empty > 2013-05-09 17:14:22,958 INFO [cloud.api.ApiServer] (catalina-exec-5:null) > (userId=3 accountId=3 sessionId=F7A1166AF52AE9647B9147F569AD7683) 10.144.6.19 > -- GET > command=createEgressFirewallRule&response=json&sessionkey=zynphD7KqJbmsaitAu1b9gOogUw%3D&protocol=tcp&cidrlist=10.0.0.0%2F00&networkid=7fac418a-19e7-4455-8e8c-1dc11b9200d3&startport=8080&endport=8080&_=1368100003217 > 200 { "createegressfirewallruleresponse" : > {"id":"11","jobid":"9ad7ea78-c358-4367-a811-163a5b0d91d8"} } -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira