CLOUDSTACK-10135 ACL rules order is not maintained for ACL_OUTBOUND in VPC VR (#2313)

subhash yedugundla · resmo · commit f250b3ae0cf7 · 2017-11-15T10:09:35.000+01:00
(cherry picked from commit 60bec39)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsNetfilter.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsNetfilter.py
@@ -168,7 +168,7 @@ def compare(self, list):
                     cpy = cpy.replace('-A', '-I')
                 if isinstance(fw[1], int):
                     # if the rule is for ACLs, we want to insert them in order, right before the DROP all
-                    if rule_chain.startswith("ACL_INBOUND"):
+                    if rule_chain.startswith("ACL_INBOUND") or rule_chain.startswith("ACL_OUTBOUND"):
                         rule_count = self.chain.get_count(rule_chain)
                         cpy = cpy.replace("-A %s" % new_rule.get_chain(), '-I %s %s' % (new_rule.get_chain(), rule_count))
                     else:
