jclouds-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ignasi Barrera <notificati...@github.com>
Subject Re: [jclouds-labs] CloudSigma2 ComputeService and SecurityGroupExtension (#70)
Date Sun, 05 Oct 2014 14:10:08 GMT
> +
> +   @Inject
> +   public FirewallRuleToIpPermission(Map<FirewallIpProtocol, IpProtocol> firewallIpProtocolToIpProtocol)
{
> +      this.firewallIpProtocolToIpProtocol = checkNotNull(firewallIpProtocolToIpProtocol,
> +            "firewallIpProtocolToIpProtocol");
> +   }
> +
> +   @Override
> +   public IpPermission apply(FirewallRule input) {
> +      IpPermission.Builder permissionBuilder = new IpPermission.Builder();
> +      String destinationPort = input.getDestinationPort();
> +      if (destinationPort != null) {
> +         if (destinationPort.contains("!")) {
> +            destinationPort = destinationPort.substring(destinationPort.indexOf("!")
+ 1,
> +                  destinationPort.length());
> +         }

Having a deeper look at this, I think this class doesn't do the right thing. According to
[the API docs](http://cloudsigma-docs.readthedocs.org/en/2.10/fwpolicies.html) the `!` character
is used to "negate" a range. That is, a `!0-1024` range would mean any port that is **not**
in that range. This class, however, just "ignores" the `!` character when parsing the ports
and sets a range that is just the opposite than the one defined by the rule.

This must be changed so the returned port range properly reflects the behavior of the rule.
That may require to change the function to return "more than one `IpPermission` given a single
`FirewallRule`, but it is not a big deal to change this function to return an `Iterable`.
It is important that this class returns the right thing.

---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs/pull/70/files#r18435394
Mime
View raw message