This is an automated email from the ASF dual-hosted git repository.
dahn pushed a commit to branch 4.19
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/4.19 by this push:
new ba7ec886504 SG: Apply rules for both ipv4/ipv6 of VMs with associated
account/SG (#11243)
ba7ec886504 is described below
commit ba7ec8865049794dc5a0c8beddfcd43de497c7bc
Author: Wei Zhou <weiz...@apache.org>
AuthorDate: Fri Aug 29 11:39:50 2025 +0200
SG: Apply rules for both ipv4/ipv6 of VMs with associated account/SG
(#11243)
---
.../main/java/com/cloud/network/security/SecurityGroupVMMapVO.java | 7 +++++++
.../java/com/cloud/network/security/SecurityGroupManagerImpl.java | 3 +++
.../java/com/cloud/network/security/SecurityGroupManagerImpl2.java | 3 +++
3 files changed, 13 insertions(+)
diff --git
a/engine/schema/src/main/java/com/cloud/network/security/SecurityGroupVMMapVO.java
b/engine/schema/src/main/java/com/cloud/network/security/SecurityGroupVMMapVO.java
index d12b9f9443f..59699cba1d4 100644
---
a/engine/schema/src/main/java/com/cloud/network/security/SecurityGroupVMMapVO.java
+++
b/engine/schema/src/main/java/com/cloud/network/security/SecurityGroupVMMapVO.java
@@ -50,6 +50,9 @@ public class SecurityGroupVMMapVO implements InternalIdentity
{
@Column(name = "ip4_address", table = "nics", insertable = false,
updatable = false)
private String guestIpAddress;
+ @Column(name = "ip6_address", table = "nics", insertable = false,
updatable = false)
+ private String guestIpv6Address;
+
@Column(name = "state", table = "vm_instance", insertable = false,
updatable = false)
private State vmState;
@@ -77,6 +80,10 @@ public class SecurityGroupVMMapVO implements
InternalIdentity {
return guestIpAddress;
}
+ public String getGuestIpv6Address() {
+ return guestIpv6Address;
+ }
+
public long getInstanceId() {
return instanceId;
}
diff --git
a/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl.java
b/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl.java
index 5d4b4737cbe..585975e7898 100644
---
a/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl.java
+++
b/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl.java
@@ -354,6 +354,9 @@ public class SecurityGroupManagerImpl extends ManagerBase
implements SecurityGro
String cidr = defaultNic.getIPv4Address();
cidr = cidr + "/32";
cidrs.add(cidr);
+ if (defaultNic.getIPv6Address() != null) {
+ cidrs.add(defaultNic.getIPv6Address() + "/64");
+ }
}
}
} else if (rule.getAllowedSourceIpCidr() != null) {
diff --git
a/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl2.java
b/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl2.java
index b75c39560cf..b8be55c4048 100644
---
a/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl2.java
+++
b/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl2.java
@@ -250,6 +250,9 @@ public class SecurityGroupManagerImpl2 extends
SecurityGroupManagerImpl {
//did a join with the nics table
String cidr = ngmapVO.getGuestIpAddress() + "/32";
cidrs.add(cidr);
+ if (ngmapVO.getGuestIpv6Address() != null) {
+ cidrs.add(ngmapVO.getGuestIpv6Address() + "/64");
+ }
}
} else if (rule.getAllowedSourceIpCidr() != null) {
cidrs.add(rule.getAllowedSourceIpCidr());
