Example 1 with SetPublicIpACLCommand
use of com.cloud.agent.api.routing.SetPublicIpACLCommand in project cosmic by MissionCriticalCloud.
the class CommandSetupHelper method createPublicIpACLsCommands.
public void createPublicIpACLsCommands(final List<? extends NetworkACLItem> rules, final VirtualRouter router, final Commands cmds, final IpAddress publicIp) {
final List<PublicIpACLTO> rulesTO = new ArrayList<>();
if (rules != null) {
for (final NetworkACLItem rule : rules) {
final PublicIpACLTO ruleTO = new PublicIpACLTO(rule, publicIp.getAddress().toString(), rule.getTrafficType());
rulesTO.add(ruleTO);
}
}
final NicTO nicTO = _networkHelper.getNicTO(router, publicIp.getNetworkId(), null);
final SetPublicIpACLCommand cmd = new SetPublicIpACLCommand(rulesTO, nicTO, publicIp.getAddress().toString());
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
final Zone zone = zoneRepository.findOne(router.getDataCenterId());
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, zone.getNetworkType().toString());
cmds.addCommand(cmd);
}
Also used :
NetworkACLItem(com.cloud.network.vpc.NetworkACLItem)
SetPublicIpACLCommand(com.cloud.agent.api.routing.SetPublicIpACLCommand)
Zone(com.cloud.db.model.Zone)
ArrayList(java.util.ArrayList)
PublicIpACLTO(com.cloud.agent.api.to.PublicIpACLTO)
NicTO(com.cloud.agent.api.to.NicTO)
Example 2 with SetPublicIpACLCommand
use of com.cloud.agent.api.routing.SetPublicIpACLCommand in project cosmic by MissionCriticalCloud.
the class SetPublicIpAclConfigItem method generateConfig.
@Override
public List<ConfigItem> generateConfig(final NetworkElementCommand cmd) {
final SetPublicIpACLCommand command = (SetPublicIpACLCommand) cmd;
final String[][] rules = command.generateFwRules();
final String[] aclRules = rules[0];
final NicTO nic = command.getNic();
final String netmask = Long.toString(NetUtils.getCidrSize(nic.getNetmask()));
final List<AclRule> ingressRules = new ArrayList<>();
final List<AclRule> egressRules = new ArrayList<>();
for (final String aclRule1 : aclRules) {
final AclRule aclRule;
final String[] ruleParts = aclRule1.split(":");
switch(ruleParts[1].toLowerCase()) {
case "icmp":
aclRule = new IcmpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
break;
case "tcp":
aclRule = new TcpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
break;
case "udp":
aclRule = new UdpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
break;
case "all":
aclRule = new AllAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]));
break;
default:
// So, let's catch the exception and continue in the loop.
try {
aclRule = new ProtocolAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[1]));
} catch (final Exception e) {
s_logger.warn("Unable to read ACL rule definition, string format is different than expected. Original message => " + e.getMessage());
continue;
}
}
if ("Ingress".equals(ruleParts[0])) {
ingressRules.add(aclRule);
} else {
egressRules.add(aclRule);
}
}
final PublicIpACL publicIpACL = new PublicIpACL(nic.getMac(), nic.getIp(), netmask, command.getPublicIp(), ingressRules.toArray(new AclRule[ingressRules.size()]), egressRules.toArray(new AclRule[egressRules.size()]));
return generateConfigItems(publicIpACL);
}
Also used :
AllAclRule(com.cloud.agent.resource.virtualnetwork.model.AllAclRule)
ArrayList(java.util.ArrayList)
PublicIpACL(com.cloud.agent.resource.virtualnetwork.model.PublicIpACL)
IcmpAclRule(com.cloud.agent.resource.virtualnetwork.model.IcmpAclRule)
ProtocolAclRule(com.cloud.agent.resource.virtualnetwork.model.ProtocolAclRule)
TcpAclRule(com.cloud.agent.resource.virtualnetwork.model.TcpAclRule)
SetPublicIpACLCommand(com.cloud.agent.api.routing.SetPublicIpACLCommand)
UdpAclRule(com.cloud.agent.resource.virtualnetwork.model.UdpAclRule)
TcpAclRule(com.cloud.agent.resource.virtualnetwork.model.TcpAclRule)
AclRule(com.cloud.agent.resource.virtualnetwork.model.AclRule)
UdpAclRule(com.cloud.agent.resource.virtualnetwork.model.UdpAclRule)
IcmpAclRule(com.cloud.agent.resource.virtualnetwork.model.IcmpAclRule)
ProtocolAclRule(com.cloud.agent.resource.virtualnetwork.model.ProtocolAclRule)
AllAclRule(com.cloud.agent.resource.virtualnetwork.model.AllAclRule)
NicTO(com.cloud.agent.api.to.NicTO)
Aggregations
SetPublicIpACLCommand (com.cloud.agent.api.routing.SetPublicIpACLCommand)2
NicTO (com.cloud.agent.api.to.NicTO)2
ArrayList (java.util.ArrayList)2
PublicIpACLTO (com.cloud.agent.api.to.PublicIpACLTO)1
AclRule (com.cloud.agent.resource.virtualnetwork.model.AclRule)1
AllAclRule (com.cloud.agent.resource.virtualnetwork.model.AllAclRule)1
IcmpAclRule (com.cloud.agent.resource.virtualnetwork.model.IcmpAclRule)1
ProtocolAclRule (com.cloud.agent.resource.virtualnetwork.model.ProtocolAclRule)1
PublicIpACL (com.cloud.agent.resource.virtualnetwork.model.PublicIpACL)1
TcpAclRule (com.cloud.agent.resource.virtualnetwork.model.TcpAclRule)1
UdpAclRule (com.cloud.agent.resource.virtualnetwork.model.UdpAclRule)1
Zone (com.cloud.db.model.Zone)1
NetworkACLItem (com.cloud.network.vpc.NetworkACLItem)1
