Examples with PortForwardingRuleTO com.cloud.agent.api.to.PortForwardingRuleTO used on opensource projects

Search in sources :

Example 1 with PortForwardingRuleTO

use of com.cloud.agent.api.to.PortForwardingRuleTO in project cloudstack by apache.

the class SetPortForwardingRulesConfigItem method generateConfig.

@Override
public List<ConfigItem> generateConfig(final NetworkElementCommand cmd) {
    final SetPortForwardingRulesCommand command = (SetPortForwardingRulesCommand) cmd;
    final List<ForwardingRule> rules = new ArrayList<ForwardingRule>();
    for (final PortForwardingRuleTO rule : command.getRules()) {
        final ForwardingRule fwdRule = new ForwardingRule(rule.revoked(), rule.getProtocol().toLowerCase(), rule.getSrcIp(), rule.getStringSrcPortRange(), rule.getDstIp(), rule.getStringDstPortRange());
        rules.add(fwdRule);
    }
    final ForwardingRules ruleSet = new ForwardingRules(rules.toArray(new ForwardingRule[rules.size()]));
    return generateConfigItems(ruleSet);
}
Also used : ForwardingRule(com.cloud.agent.resource.virtualnetwork.model.ForwardingRule) SetPortForwardingRulesCommand(com.cloud.agent.api.routing.SetPortForwardingRulesCommand) PortForwardingRuleTO(com.cloud.agent.api.to.PortForwardingRuleTO) ArrayList(java.util.ArrayList) ForwardingRules(com.cloud.agent.resource.virtualnetwork.model.ForwardingRules)

Example 2 with PortForwardingRuleTO

use of com.cloud.agent.api.to.PortForwardingRuleTO in project cloudstack by apache.

the class CiscoVnmcElement method applyPFRules.

@Override
public boolean applyPFRules(Network network, List<PortForwardingRule> rules) throws ResourceUnavailableException {
    if (!_networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.PortForwarding, Provider.CiscoVnmc)) {
        s_logger.error("Port forwarding service is not provided by Cisco Vnmc device on network " + network.getName());
        return false;
    }
    // Find VNMC host for physical network
    List<CiscoVnmcControllerVO> devices = _ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId());
    if (devices.isEmpty()) {
        s_logger.error("No Cisco Vnmc device on network " + network.getName());
        return true;
    }
    // Find if ASA 1000v is associated with network
    NetworkAsa1000vMapVO asaForNetwork = _networkAsa1000vMapDao.findByNetworkId(network.getId());
    if (asaForNetwork == null) {
        s_logger.debug("Cisco ASA 1000v device is not associated with network " + network.getName());
        return true;
    }
    if (network.getState() == Network.State.Allocated) {
        s_logger.debug("External firewall was asked to apply port forwarding rules for network with ID " + network.getId() + "; this network is not implemented. Skipping backend commands.");
        return true;
    }
    CiscoVnmcControllerVO ciscoVnmcDevice = devices.get(0);
    HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcDevice.getHostId());
    List<PortForwardingRuleTO> rulesTO = new ArrayList<PortForwardingRuleTO>();
    for (PortForwardingRule rule : rules) {
        IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
        Vlan vlan = _vlanDao.findById(sourceIp.getVlanId());
        PortForwardingRuleTO ruleTO = new PortForwardingRuleTO(rule, vlan.getVlanTag(), sourceIp.getAddress().addr());
        rulesTO.add(ruleTO);
    }
    if (!rulesTO.isEmpty()) {
        SetPortForwardingRulesCommand cmd = new SetPortForwardingRulesCommand(rulesTO);
        cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, BroadcastDomainType.getValue(network.getBroadcastUri()));
        cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, network.getCidr());
        Answer answer = _agentMgr.easySend(ciscoVnmcHost.getId(), cmd);
        if (answer == null || !answer.getResult()) {
            String details = (answer != null) ? answer.getDetails() : "details unavailable";
            String msg = "Unable to apply port forwarding rules to Cisco ASA 1000v appliance due to: " + details + ".";
            s_logger.error(msg);
            throw new ResourceUnavailableException(msg, DataCenter.class, network.getDataCenterId());
        }
    }
    return true;
}
Also used : PortForwardingRuleTO(com.cloud.agent.api.to.PortForwardingRuleTO) ArrayList(java.util.ArrayList) Vlan(com.cloud.dc.Vlan) PortForwardingRule(com.cloud.network.rules.PortForwardingRule) HostVO(com.cloud.host.HostVO) Answer(com.cloud.agent.api.Answer) SetPortForwardingRulesCommand(com.cloud.agent.api.routing.SetPortForwardingRulesCommand) NetworkAsa1000vMapVO(com.cloud.network.cisco.NetworkAsa1000vMapVO) ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException) CiscoVnmcControllerVO(com.cloud.network.cisco.CiscoVnmcControllerVO) IpAddress(com.cloud.network.IpAddress) PublicIpAddress(com.cloud.network.PublicIpAddress)

Example 3 with PortForwardingRuleTO

use of com.cloud.agent.api.to.PortForwardingRuleTO in project cloudstack by apache.

the class CiscoVnmcResource method execute.

private Answer execute(SetPortForwardingRulesCommand cmd, int numRetries) {
    String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG);
    String tenant = "vlan-" + vlanId;
    PortForwardingRuleTO[] rules = cmd.getRules();
    Map<String, List<PortForwardingRuleTO>> publicIpRulesMap = new HashMap<String, List<PortForwardingRuleTO>>();
    for (PortForwardingRuleTO rule : rules) {
        String publicIp = rule.getSrcIp();
        if (!publicIpRulesMap.containsKey(publicIp)) {
            List<PortForwardingRuleTO> publicIpRulesList = new ArrayList<PortForwardingRuleTO>();
            publicIpRulesMap.put(publicIp, publicIpRulesList);
        }
        publicIpRulesMap.get(publicIp).add(rule);
    }
    try {
        if (!_connection.createTenantVDCNatPolicySet(tenant)) {
            throw new ExecutionException("Failed to create NAT policy set in VNMC for guest network with vlan " + vlanId);
        }
        if (!_connection.createTenantVDCAclPolicySet(tenant, true)) {
            throw new ExecutionException("Failed to create ACL ingress policy set in VNMC for guest network with vlan " + vlanId);
        }
        if (!_connection.createTenantVDCAclPolicySet(tenant, false)) {
            throw new ExecutionException("Failed to create ACL egress policy set in VNMC for guest network with vlan " + vlanId);
        }
        for (String publicIp : publicIpRulesMap.keySet()) {
            String policyIdentifier = publicIp.replace('.', '-');
            if (!_connection.createTenantVDCPFPolicy(tenant, policyIdentifier)) {
                throw new ExecutionException("Failed to create PF policy in VNMC for guest network with vlan " + vlanId);
            }
            if (!_connection.createTenantVDCPFPolicyRef(tenant, policyIdentifier)) {
                throw new ExecutionException("Failed to associate PF policy with NAT policy set in VNMC for guest network with vlan " + vlanId);
            }
            if (!_connection.createTenantVDCAclPolicy(tenant, policyIdentifier)) {
                throw new ExecutionException("Failed to create ACL policy in VNMC for guest network with vlan " + vlanId);
            }
            if (!_connection.createTenantVDCAclPolicyRef(tenant, policyIdentifier, true)) {
                throw new ExecutionException("Failed to associate ACL policy with ACL ingress policy set in VNMC for guest network with vlan " + vlanId);
            }
            if (!_connection.createTenantVDCAclPolicyRef(tenant, policyIdentifier, false)) {
                throw new ExecutionException("Failed to associate ACL policy with ACL egress policy set in VNMC for guest network with vlan " + vlanId);
            }
            for (PortForwardingRuleTO rule : publicIpRulesMap.get(publicIp)) {
                if (rule.revoked()) {
                    if (!_connection.deleteTenantVDCPFRule(tenant, rule.getId(), policyIdentifier)) {
                        throw new ExecutionException("Failed to delete PF rule in VNMC for guest network with vlan " + vlanId);
                    }
                } else {
                    if (!_connection.createTenantVDCPFIpPool(tenant, Long.toString(rule.getId()), rule.getDstIp())) {
                        throw new ExecutionException("Failed to create PF ip pool in VNMC for guest network with vlan " + vlanId);
                    }
                    if (!_connection.createTenantVDCPFPortPool(tenant, Long.toString(rule.getId()), Integer.toString(rule.getDstPortRange()[0]), Integer.toString(rule.getDstPortRange()[1]))) {
                        throw new ExecutionException("Failed to create PF port pool in VNMC for guest network with vlan " + vlanId);
                    }
                    if (!_connection.createTenantVDCPFRule(tenant, rule.getId(), policyIdentifier, rule.getProtocol().toUpperCase(), rule.getSrcIp(), Integer.toString(rule.getSrcPortRange()[0]), Integer.toString(rule.getSrcPortRange()[1]))) {
                        throw new ExecutionException("Failed to create PF rule in VNMC for guest network with vlan " + vlanId);
                    }
                }
            }
        }
        if (!_connection.associateAclPolicySet(tenant)) {
            throw new ExecutionException("Failed to associate source NAT policy set with edge security profile in VNMC for guest network with vlan " + vlanId);
        }
    } catch (ExecutionException e) {
        String msg = "SetPortForwardingRulesCommand failed due to " + e.getMessage();
        s_logger.error(msg, e);
        return new Answer(cmd, false, msg);
    }
    return new Answer(cmd, true, "Success");
}
Also used : ReadyAnswer(com.cloud.agent.api.ReadyAnswer) Answer(com.cloud.agent.api.Answer) MaintainAnswer(com.cloud.agent.api.MaintainAnswer) ExternalNetworkResourceUsageAnswer(com.cloud.agent.api.ExternalNetworkResourceUsageAnswer) IpAssocAnswer(com.cloud.agent.api.routing.IpAssocAnswer) PortForwardingRuleTO(com.cloud.agent.api.to.PortForwardingRuleTO) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List) ExecutionException(com.cloud.utils.exception.ExecutionException)

Example 4 with PortForwardingRuleTO

use of com.cloud.agent.api.to.PortForwardingRuleTO in project cloudstack by apache.

the class CiscoVnmcResourceTest method testPortForwarding.

@Test
public void testPortForwarding() throws ConfigurationException, Exception {
    long vlanId = 123;
    List<PortForwardingRuleTO> rules = new ArrayList<PortForwardingRuleTO>();
    PortForwardingRuleTO active = new PortForwardingRuleTO(1, "1.2.3.4", 22, 22, "5.6.7.8", 22, 22, "tcp", false, false);
    rules.add(active);
    PortForwardingRuleTO revoked = new PortForwardingRuleTO(1, "1.2.3.4", 22, 22, "5.6.7.8", 22, 22, "tcp", false, false);
    rules.add(revoked);
    SetPortForwardingRulesCommand cmd = new SetPortForwardingRulesCommand(rules);
    cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId));
    cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "1.2.3.4/32");
    _resource.setConnection(_connection);
    when(_connection.createTenantVDCNatPolicySet(anyString())).thenReturn(true);
    when(_connection.createTenantVDCAclPolicySet(anyString(), anyBoolean())).thenReturn(true);
    when(_connection.createTenantVDCPFPolicy(anyString(), anyString())).thenReturn(true);
    when(_connection.createTenantVDCPFPolicyRef(anyString(), anyString())).thenReturn(true);
    when(_connection.createTenantVDCAclPolicy(anyString(), anyString())).thenReturn(true);
    when(_connection.createTenantVDCAclPolicyRef(anyString(), anyString(), anyBoolean())).thenReturn(true);
    when(_connection.deleteTenantVDCPFRule(anyString(), anyLong(), anyString())).thenReturn(true);
    when(_connection.deleteTenantVDCAclRule(anyString(), anyLong(), anyString())).thenReturn(true);
    when(_connection.createTenantVDCPFIpPool(anyString(), anyString(), anyString())).thenReturn(true);
    when(_connection.createTenantVDCPFPortPool(anyString(), anyString(), anyString(), anyString())).thenReturn(true);
    when(_connection.createTenantVDCPFRule(anyString(), anyLong(), anyString(), anyString(), anyString(), anyString(), anyString())).thenReturn(true);
    when(_connection.createTenantVDCAclRuleForPF(anyString(), anyLong(), anyString(), anyString(), anyString(), anyString(), anyString())).thenReturn(true);
    when(_connection.associateAclPolicySet(anyString())).thenReturn(true);
    Answer answer = _resource.executeRequest(cmd);
    System.out.println(answer.getDetails());
    assertTrue(answer.getResult());
}
Also used : Answer(com.cloud.agent.api.Answer) PortForwardingRuleTO(com.cloud.agent.api.to.PortForwardingRuleTO) SetPortForwardingRulesCommand(com.cloud.agent.api.routing.SetPortForwardingRulesCommand) ArrayList(java.util.ArrayList) Test(org.junit.Test)

Example 5 with PortForwardingRuleTO

use of com.cloud.agent.api.to.PortForwardingRuleTO in project cloudstack by apache.

the class JuniperSrxResource method execute.

private Answer execute(SetPortForwardingRulesCommand cmd, int numRetries) {
    PortForwardingRuleTO[] allRules = cmd.getRules();
    Map<String, ArrayList<FirewallRuleTO>> activeRules = getActiveRules(allRules);
    try {
        openConfiguration();
        Set<String> ipPairs = activeRules.keySet();
        for (String ipPair : ipPairs) {
            String[] ipPairComponents = ipPair.split("-");
            String publicIp = ipPairComponents[0];
            String privateIp = ipPairComponents[1];
            List<FirewallRuleTO> activeRulesForIpPair = activeRules.get(ipPair);
            // Get a list of all destination NAT rules for the public/private IP address pair
            List<String[]> destNatRules = getDestNatRules(RuleMatchCondition.PUBLIC_PRIVATE_IPS, publicIp, privateIp, null, null);
            Map<String, Long> publicVlanTags = getPublicVlanTagsForNatRules(destNatRules);
            // Delete all of these rules, along with the destination NAT pools and security policies they use
            removeDestinationNatRules(null, publicVlanTags, destNatRules);
            // If there are active rules for the public/private IP address pair, add them back
            for (FirewallRuleTO rule : activeRulesForIpPair) {
                Long publicVlanTag = getVlanTag(rule.getSrcVlanTag());
                PortForwardingRuleTO portForwardingRule = (PortForwardingRuleTO) rule;
                addDestinationNatRule(getProtocol(rule.getProtocol()), publicVlanTag, portForwardingRule.getSrcIp(), portForwardingRule.getDstIp(), portForwardingRule.getSrcPortRange()[0], portForwardingRule.getSrcPortRange()[1], portForwardingRule.getDstPortRange()[0], portForwardingRule.getDstPortRange()[1]);
            }
        }
        commitConfiguration();
        return new Answer(cmd);
    } catch (ExecutionException e) {
        s_logger.error(e);
        closeConfiguration();
        if (numRetries > 0 && refreshSrxConnection()) {
            int numRetriesRemaining = numRetries - 1;
            s_logger.debug("Retrying SetPortForwardingRulesCommand. Number of retries remaining: " + numRetriesRemaining);
            return execute(cmd, numRetriesRemaining);
        } else {
            return new Answer(cmd, e);
        }
    }
}
Also used : PortForwardingRuleTO(com.cloud.agent.api.to.PortForwardingRuleTO) ArrayList(java.util.ArrayList) FirewallRuleTO(com.cloud.agent.api.to.FirewallRuleTO) Answer(com.cloud.agent.api.Answer) MaintainAnswer(com.cloud.agent.api.MaintainAnswer) IpAssocAnswer(com.cloud.agent.api.routing.IpAssocAnswer) ReadyAnswer(com.cloud.agent.api.ReadyAnswer) ExternalNetworkResourceUsageAnswer(com.cloud.agent.api.ExternalNetworkResourceUsageAnswer) ExecutionException(com.cloud.utils.exception.ExecutionException)

Aggregations

PortForwardingRuleTO (com.cloud.agent.api.to.PortForwardingRuleTO)26 ArrayList (java.util.ArrayList)22 Test (org.junit.Test)8 Answer (com.cloud.agent.api.Answer)7 ConfigurePortForwardingRulesOnLogicalRouterAnswer (com.cloud.agent.api.ConfigurePortForwardingRulesOnLogicalRouterAnswer)7 SetPortForwardingRulesCommand (com.cloud.agent.api.routing.SetPortForwardingRulesCommand)7 ConfigurePortForwardingRulesOnLogicalRouterCommand (com.cloud.agent.api.ConfigurePortForwardingRulesOnLogicalRouterCommand)6 NatRule (com.cloud.network.nicira.NatRule)6 IpAssocAnswer (com.cloud.agent.api.routing.IpAssocAnswer)5 DestinationNatRule (com.cloud.network.nicira.DestinationNatRule)5 SourceNatRule (com.cloud.network.nicira.SourceNatRule)5 PortForwardingRule (com.cloud.network.rules.PortForwardingRule)5 IpAddress (com.cloud.network.IpAddress)4 PublicIpAddress (com.cloud.network.PublicIpAddress)4 HashMap (java.util.HashMap)4 ExternalNetworkResourceUsageAnswer (com.cloud.agent.api.ExternalNetworkResourceUsageAnswer)3 MaintainAnswer (com.cloud.agent.api.MaintainAnswer)3 ReadyAnswer (com.cloud.agent.api.ReadyAnswer)3 SetPortForwardingRulesVpcCommand (com.cloud.agent.api.routing.SetPortForwardingRulesVpcCommand)3 Vlan (com.cloud.dc.Vlan)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial