Chandan Purushothama created CLOUDSTACK-2487:
------------------------------------------------
Summary: NTier: Unable to create an ACL rule on a Network Tier
Key: CLOUDSTACK-2487
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2487
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: Management Server
Affects Versions: 4.2.0
Reporter: Chandan Purushothama
Priority: Blocker
Fix For: 4.2.0
================
Steps to Reproduce:
================
1. Create a VPC.
2. Create a Network Tier
3. Create an ACL rule on the Network Tier
==========
Observations:
==========
2013-05-14 14:03:18,638 DEBUG [cloud.api.ApiServlet] (catalina-exec-17:null)
===START=== 10.216.133.86 -- GET
command=createNetworkACL&response=json&sessionkey=1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&cidrlist=10.223.195.44%2F32&protocol=tcp&startport=22&endport=23&networkid=bcc163c5-c23f-4b47-a0c8-562b8460b3fe&traffictype=Ingress&_=1368565441624
2013-05-14 14:03:18,667 DEBUG [cloud.user.AccountManagerImpl]
(catalina-exec-17:null) Access to Acct[3-atoms] granted to Acct[3-atoms] by
DomainChecker_EnhancerByCloudStack_32dba8cb
2013-05-14 14:03:18,673 INFO [cloud.api.ApiServer] (catalina-exec-17:null)
Unable to find Vpc associated with the NetworkACL
2013-05-14 14:03:18,678 DEBUG [cloud.api.ApiServlet] (catalina-exec-17:null)
===END=== 10.216.133.86 -- GET
command=createNetworkACL&response=json&sessionkey=1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&cidrlist=10.223.195.44%2F32&protocol=tcp&startport=22&endport=23&networkid=bcc163c5-c23f-4b47-a0c8-562b8460b3fe&traffictype=Ingress&_=1368565441624
mysql> select * from network_acl_item;
+----+--------------------------------------+--------+------------+----------+--------+----------+---------------------+-----------+-----------+--------------+-----------+--------+--------+
| id | uuid | acl_id | start_port | end_port |
state | protocol | created | icmp_code | icmp_type | traffic_type
| cidr | number | action |
+----+--------------------------------------+--------+------------+----------+--------+----------+---------------------+-----------+-----------+--------------+-----------+--------+--------+
| 1 | 28bf54e2-bbfa-11e2-98e5-06d4460004b1 | 1 | NULL | NULL |
Active | all | 2013-05-13 11:23:07 | NULL | NULL | Ingress
| 0.0.0.0/0 | 1 | Deny |
| 2 | 28bf61e4-bbfa-11e2-98e5-06d4460004b1 | 1 | NULL | NULL |
Active | all | 2013-05-13 11:23:07 | NULL | NULL | Egress
| 0.0.0.0/0 | 2 | Deny |
| 3 | 28bf78fa-bbfa-11e2-98e5-06d4460004b1 | 2 | NULL | NULL |
Active | all | 2013-05-13 11:23:07 | NULL | NULL | Ingress
| 0.0.0.0/0 | 1 | Allow |
| 4 | 28bf8516-bbfa-11e2-98e5-06d4460004b1 | 2 | NULL | NULL |
Active | all | 2013-05-13 11:23:07 | NULL | NULL | Egress
| 0.0.0.0/0 | 2 | Allow |
+----+--------------------------------------+--------+------------+----------+--------+----------+---------------------+-----------+-----------+--------------+-----------+--------+--------+
4 rows in set (0.00 sec)
mysql> select * from network_acl;
+----+---------------+--------------------------------------+--------+-------------------------------+
| id | name | uuid | vpc_id |
description |
+----+---------------+--------------------------------------+--------+-------------------------------+
| 1 | default_deny | 28bf460a-bbfa-11e2-98e5-06d4460004b1 | 0 | Default
Network ACL Deny All |
| 2 | default_allow | 28bf6e50-bbfa-11e2-98e5-06d4460004b1 | 0 | Default
Network ACL Allow All |
+----+---------------+--------------------------------------+--------+-------------------------------+
2 rows in set (0.00 sec)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
