From ea4cde387c04e450c7bea9407772ca4276ea54f4 Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren@linux2go.dk>
Date: Tue, 11 Jan 2011 11:06:16 +0100
Subject: Fixed a number of issues with the iptables firewall backend:  * Port
 specifications for firewalls come back from the data store as integers, but
 were compared as strings.  * --icmp-type was misspelled as --icmp_type
 (underscore vs dash)  * There weren't any unit tests for these issues.

---
 nova/virt/libvirt_conn.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'nova/virt')

diff --git a/nova/virt/libvirt_conn.py b/nova/virt/libvirt_conn.py
index 3a4b6d469..759ef62ab 100644
--- a/nova/virt/libvirt_conn.py
+++ b/nova/virt/libvirt_conn.py
@@ -1105,15 +1105,15 @@ class IptablesFirewallDriver(FirewallDriver):
                     icmp_type = rule.from_port
                     icmp_code = rule.to_port
 
-                    if icmp_type == '-1':
+                    if icmp_type == -1:
                         icmp_type_arg = None
                     else:
                         icmp_type_arg = '%s' % icmp_type
-                        if not icmp_code == '-1':
+                        if not icmp_code == -1:
                             icmp_type_arg += '/%s' % icmp_code
 
                     if icmp_type_arg:
-                        args += ['-m', 'icmp', '--icmp_type', icmp_type_arg]
+                        args += ['-m', 'icmp', '--icmp-type', icmp_type_arg]
 
                 args += ['-j ACCEPT']
                 our_rules += [' '.join(args)]
-- 
cgit