Example 1 with PublicIpACLTO
use of com.cloud.agent.api.to.PublicIpACLTO in project cosmic by MissionCriticalCloud.
the class SetPublicIpACLCommand method generateFwRules.
public String[][] generateFwRules() {
final List<PublicIpACLTO> aclList = Arrays.asList(rules);
orderNetworkAclRulesByRuleNumber(aclList);
final String[][] result = new String[2][aclList.size()];
int i = 0;
for (final PublicIpACLTO aclTO : aclList) {
/* example : Ingress:tcp:80:80:0.0.0.0/0:ACCEPT:,Egress:tcp:220:220:0.0.0.0/0:DROP:,
* each entry format Ingress/Egress:protocol:start port: end port:scidrs:action:
* reverted entry format Ingress/Egress:reverted:0:0:0:
*/
if (aclTO.revoked()) {
final StringBuilder sb = new StringBuilder();
/* This entry is added just to make sure at least there will one entry in the list to get the IP address */
sb.append(aclTO.getTrafficType().toString()).append(":reverted:0:0:0:");
final String aclRuleEntry = sb.toString();
result[0][i++] = aclRuleEntry;
continue;
}
final List<String> cidr;
final StringBuilder sb = new StringBuilder();
sb.append(aclTO.getTrafficType().toString()).append(":").append(aclTO.getProtocol()).append(":");
if ("icmp".equals(aclTO.getProtocol())) {
sb.append(aclTO.getIcmpType()).append(":").append(aclTO.getIcmpCode()).append(":");
} else {
sb.append(aclTO.getStringPortRange()).append(":");
}
cidr = aclTO.getSourceCidrList();
if (cidr == null || cidr.isEmpty()) {
sb.append("0.0.0.0/0");
} else {
Boolean firstEntry = true;
for (final String tag : cidr) {
if (!firstEntry) {
sb.append(",");
}
sb.append(tag);
firstEntry = false;
}
}
sb.append(":").append(aclTO.getAction()).append(":");
final String aclRuleEntry = sb.toString();
result[0][i++] = aclRuleEntry;
}
return result;
}
Also used :
PublicIpACLTO(com.cloud.agent.api.to.PublicIpACLTO)
Example 2 with PublicIpACLTO
use of com.cloud.agent.api.to.PublicIpACLTO in project cosmic by MissionCriticalCloud.
the class CommandSetupHelper method createPublicIpACLsCommands.
public void createPublicIpACLsCommands(final List<? extends NetworkACLItem> rules, final VirtualRouter router, final Commands cmds, final IpAddress publicIp) {
final List<PublicIpACLTO> rulesTO = new ArrayList<>();
if (rules != null) {
for (final NetworkACLItem rule : rules) {
final PublicIpACLTO ruleTO = new PublicIpACLTO(rule, publicIp.getAddress().toString(), rule.getTrafficType());
rulesTO.add(ruleTO);
}
}
final NicTO nicTO = _networkHelper.getNicTO(router, publicIp.getNetworkId(), null);
final SetPublicIpACLCommand cmd = new SetPublicIpACLCommand(rulesTO, nicTO, publicIp.getAddress().toString());
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
final Zone zone = zoneRepository.findOne(router.getDataCenterId());
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, zone.getNetworkType().toString());
cmds.addCommand(cmd);
}
Also used :
NetworkACLItem(com.cloud.network.vpc.NetworkACLItem)
SetPublicIpACLCommand(com.cloud.agent.api.routing.SetPublicIpACLCommand)
Zone(com.cloud.db.model.Zone)
ArrayList(java.util.ArrayList)
PublicIpACLTO(com.cloud.agent.api.to.PublicIpACLTO)
NicTO(com.cloud.agent.api.to.NicTO)
Aggregations
PublicIpACLTO (com.cloud.agent.api.to.PublicIpACLTO)2
SetPublicIpACLCommand (com.cloud.agent.api.routing.SetPublicIpACLCommand)1
NicTO (com.cloud.agent.api.to.NicTO)1
Zone (com.cloud.db.model.Zone)1
NetworkACLItem (com.cloud.network.vpc.NetworkACLItem)1
ArrayList (java.util.ArrayList)1
