[4.22] Prevent Load Balancer rule creation when adding a VM from a different network

Author: nvazquez

server/src/main/java/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java

@@ -1738,6 +1738,8 @@ public LoadBalancer createPublicLoadBalancerRule(String xId, String name, String
             throw new NetworkRuleConflictException("Can't do load balance on IP address: " + ipVO.getAddress());
         }
 
+        verifyLoadBalancerRuleNetwork(name, network, ipVO);
+
         String cidrString = generateCidrString(cidrList);
 
         boolean performedIpAssoc = false;
@@ -1790,7 +1792,17 @@ public LoadBalancer createPublicLoadBalancerRule(String xId, String name, String
 
         return result;
     }
-   /**
+
+    protected void verifyLoadBalancerRuleNetwork(String lbName, Network network, IPAddressVO ipVO) {
+        if (ipVO.getAssociatedWithNetworkId() != null && network.getId() != ipVO.getAssociatedWithNetworkId()) {
+            String msg = String.format("Cannot create Load Balancer rule %s as the IP address %s is not associated " +
+                    "with the network %s (ID=%s)", lbName, ipVO.getAddress(), network.getName(), network.getUuid());
+            logger.error(msg);
+            throw new InvalidParameterValueException(msg);
+        }
+    }
+
+    /**
     * Transforms the cidrList from a List of Strings to a String which contains all the CIDRs from cidrList separated by whitespaces. This is used to facilitate both the persistence
     * in the DB and also later when building the configuration String in the getRulesForPool method of the HAProxyConfigurator class.
    */