diff --git a/cosmic-core/engine/schema/src/main/java/com/cloud/network/dao/IPAddressDaoImpl.java b/cosmic-core/engine/schema/src/main/java/com/cloud/network/dao/IPAddressDaoImpl.java index 07deb24cf4..c87a661240 100644 --- a/cosmic-core/engine/schema/src/main/java/com/cloud/network/dao/IPAddressDaoImpl.java +++ b/cosmic-core/engine/schema/src/main/java/com/cloud/network/dao/IPAddressDaoImpl.java @@ -4,6 +4,7 @@ import com.cloud.dc.VlanVO; import com.cloud.dc.dao.VlanDao; import com.cloud.network.IpAddress.State; +import com.cloud.network.vpc.NetworkACL; import com.cloud.resourcedetail.dao.UserIpAddressDetailsDao; import com.cloud.tags.dao.ResourceTagDao; import com.cloud.utils.db.DB; @@ -157,6 +158,7 @@ public IPAddressVO markAsUnavailable(final long ipAddressId) { final IPAddressVO ip = createForUpdate(); ip.setState(State.Releasing); + ip.setIpACLId(NetworkACL.DEFAULT_DENY); if (update(ip, sc) != 1) { return null; } diff --git a/cosmic-core/engine/schema/src/main/java/com/cloud/network/dao/IPAddressVO.java b/cosmic-core/engine/schema/src/main/java/com/cloud/network/dao/IPAddressVO.java index 1d4614cd35..7d64ba773a 100644 --- a/cosmic-core/engine/schema/src/main/java/com/cloud/network/dao/IPAddressVO.java +++ b/cosmic-core/engine/schema/src/main/java/com/cloud/network/dao/IPAddressVO.java @@ -1,6 +1,7 @@ package com.cloud.network.dao; import com.cloud.network.IpAddress; +import com.cloud.network.vpc.NetworkACL; import com.cloud.utils.db.GenericDao; import com.cloud.utils.net.Ip; @@ -84,7 +85,7 @@ public class IPAddressVO implements IpAddress { protected IPAddressVO() { uuid = UUID.randomUUID().toString(); - ipACLId = 2L; // Default Allow ACL + ipACLId = NetworkACL.DEFAULT_DENY; } public IPAddressVO(final Ip address, final long dataCenterId, final long macAddress, final long vlanDbId, final boolean sourceNat) { @@ -98,7 +99,7 @@ public IPAddressVO(final Ip address, final long dataCenterId, final long macAddr state = State.Free; this.macAddress = macAddress; uuid = UUID.randomUUID().toString(); - ipACLId = 2L; // Default Allow ACL + ipACLId = NetworkACL.DEFAULT_DENY; } public IPAddressVO(final Ip address, final long dataCenterId, final Long networkId, final Long vpcId, final long physicalNetworkId, final long sourceNetworkId, final long @@ -111,7 +112,7 @@ public IPAddressVO(final Ip address, final long dataCenterId, final Long network this.sourceNetworkId = sourceNetworkId; vlanId = vlanDbId; uuid = UUID.randomUUID().toString(); - ipACLId = 2L; // Default Allow ACL + ipACLId = NetworkACL.DEFAULT_DENY; } public void setId(final long id) { diff --git a/cosmic-core/server/src/main/java/com/cloud/network/IpAddressManagerImpl.java b/cosmic-core/server/src/main/java/com/cloud/network/IpAddressManagerImpl.java index ce72b077d5..fa591202b2 100644 --- a/cosmic-core/server/src/main/java/com/cloud/network/IpAddressManagerImpl.java +++ b/cosmic-core/server/src/main/java/com/cloud/network/IpAddressManagerImpl.java @@ -55,6 +55,7 @@ import com.cloud.network.rules.FirewallRuleVO; import com.cloud.network.rules.RulesManager; import com.cloud.network.rules.StaticNat; +import com.cloud.network.vpc.NetworkACL; import com.cloud.network.vpc.Vpc; import com.cloud.network.vpc.VpcVO; import com.cloud.network.vpc.dao.VpcDao; @@ -644,6 +645,7 @@ public IPAddressVO doInTransaction(final TransactionStatus status) throws Insuff addr.setAllocatedInDomainId(owner.getDomainId()); addr.setAllocatedToAccountId(owner.getId()); addr.setSystem(isSystem); + addr.setIpACLId(NetworkACL.DEFAULT_DENY); if (displayIp != null) { addr.setDisplay(displayIp); } @@ -795,6 +797,7 @@ public boolean applyIpAssociations(final Network network, final boolean continue for (final IPAddressVO addr : userIps) { if (addr.getState() == IpAddress.State.Allocating) { addr.setAssociatedWithNetworkId(network.getId()); + addr.setIpACLId(1L); // Default DENY ACL markPublicIpAsAllocated(addr); } else if (addr.getState() == IpAddress.State.Releasing) { // Cleanup all the resources for ip address if there are any, and only then un-assign ip in the system