Updated Branches: refs/heads/master 40f9d84ea -> fbdc7fc59
CS-16178 - when remove PF rule, in VPC setup make sure if the rule is the last one for the network, disassociate it from the network Reviewed-by: Sheng Yang Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/fbdc7fc5 Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/fbdc7fc5 Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/fbdc7fc5 Branch: refs/heads/master Commit: fbdc7fc59fa0bb7788d1c1a9f1f19814cf8e18e3 Parents: 40f9d84 Author: Alena Prokharchyk <[email protected]> Authored: Mon Aug 27 13:43:02 2012 -0700 Committer: Alena Prokharchyk <[email protected]> Committed: Mon Aug 27 13:46:36 2012 -0700 ---------------------------------------------------------------------- .../network/firewall/FirewallManagerImpl.java | 5 +++++ .../VpcVirtualNetworkApplianceManagerImpl.java | 9 ++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/fbdc7fc5/server/src/com/cloud/network/firewall/FirewallManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java index f112065..82aa9d2 100644 --- a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java +++ b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java @@ -439,6 +439,11 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma success = false; } else { removeRule(rule); + if (rule.getSourceIpAddressId() != null) { + //if the rule is the last one for the ip address assigned to VPC, unassign it from the network + IpAddress ip = _ipAddressDao.findById(rule.getSourceIpAddressId()); + _vpcMgr.unassignIPFromVpcNetwork(ip.getId(), rule.getNetworkId()); + } } } else if (rule.getState() == FirewallRule.State.Add) { FirewallRuleVO ruleVO = _firewallDao.findById(rule.getId()); http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/fbdc7fc5/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java index 2d4d0bf..61846cb 100644 --- a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java @@ -626,7 +626,6 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian Map<String, String> vlanMacAddress = new HashMap<String, String>(); List<PublicIpAddress> ipsToSend = new ArrayList<PublicIpAddress>(); for (PublicIpAddress ipAddr : ipAddress) { - String broadcastURI = BroadcastDomainType.Vlan.toUri(ipAddr.getVlanTag()).toString(); Nic nic = _nicDao.findByNetworkIdInstanceIdAndBroadcastUri(ipAddr.getNetworkId(), router.getId(), broadcastURI); @@ -645,8 +644,12 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian ipsToSend.add(ipAddr); } } - createVpcAssociatePublicIPCommands(router, ipsToSend, cmds, vlanMacAddress); - return sendCommandsToRouter(router, cmds); + if (!ipsToSend.isEmpty()) { + createVpcAssociatePublicIPCommands(router, ipsToSend, cmds, vlanMacAddress); + return sendCommandsToRouter(router, cmds); + }else { + return true; + } } }); if(result && netUsagecmds.size() > 0){
