Example 1 with SetNetworkACLCommand
use of com.cloud.legacymodel.communication.command.SetNetworkACLCommand in project cosmic by MissionCriticalCloud.
the class SetNetworkAclConfigItem method generateConfig.
@Override
public List<ConfigItem> generateConfig(final NetworkElementCommand cmd) {
final SetNetworkACLCommand command = (SetNetworkACLCommand) cmd;
final String privateGw = cmd.getAccessDetail(NetworkElementCommand.VPC_PRIVATE_GATEWAY);
final String[][] rules = generateFwRules(command);
final String[] aclRules = rules[0];
final NicTO nic = command.getNic();
final String netmask = Long.toString(NetUtils.getCidrSize(nic.getNetmask()));
final List<AclRule> ingressRules = new ArrayList<>();
final List<AclRule> egressRules = new ArrayList<>();
for (final String aclRule1 : aclRules) {
final AclRule aclRule;
final String[] ruleParts = aclRule1.split(":");
switch(ruleParts[1].toLowerCase()) {
case "icmp":
aclRule = new IcmpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
break;
case "tcp":
aclRule = new TcpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
break;
case "udp":
aclRule = new UdpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
break;
case "all":
aclRule = new AllAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]));
break;
default:
// So, let's catch the exception and continue in the loop.
try {
aclRule = new ProtocolAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[1]));
} catch (final Exception e) {
s_logger.warn("Unable to read ACL rule definition, string format is different than expected. Original message => " + e.getMessage());
continue;
}
}
if ("Ingress".equals(ruleParts[0])) {
ingressRules.add(aclRule);
} else {
egressRules.add(aclRule);
}
}
final NetworkACL networkACL = new NetworkACL(nic.getMac(), privateGw != null, nic.getIp(), netmask, ingressRules.toArray(new AclRule[ingressRules.size()]), egressRules.toArray(new AclRule[egressRules.size()]));
return generateConfigItems(networkACL);
}
Also used :
AllAclRule(com.cloud.legacymodel.network.rules.AllAclRule)
ArrayList(java.util.ArrayList)
SetNetworkACLCommand(com.cloud.legacymodel.communication.command.SetNetworkACLCommand)
IcmpAclRule(com.cloud.legacymodel.network.rules.IcmpAclRule)
NetworkACL(com.cloud.legacymodel.network.rules.NetworkACL)
ProtocolAclRule(com.cloud.legacymodel.network.rules.ProtocolAclRule)
TcpAclRule(com.cloud.legacymodel.network.rules.TcpAclRule)
UdpAclRule(com.cloud.legacymodel.network.rules.UdpAclRule)
IcmpAclRule(com.cloud.legacymodel.network.rules.IcmpAclRule)
UdpAclRule(com.cloud.legacymodel.network.rules.UdpAclRule)
AclRule(com.cloud.legacymodel.network.rules.AclRule)
AllAclRule(com.cloud.legacymodel.network.rules.AllAclRule)
ProtocolAclRule(com.cloud.legacymodel.network.rules.ProtocolAclRule)
TcpAclRule(com.cloud.legacymodel.network.rules.TcpAclRule)
NicTO(com.cloud.legacymodel.to.NicTO)
Example 2 with SetNetworkACLCommand
use of com.cloud.legacymodel.communication.command.SetNetworkACLCommand in project cosmic by MissionCriticalCloud.
the class CommandSetupHelper method createNetworkACLsCommands.
public void createNetworkACLsCommands(final List<? extends NetworkACLItem> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId, final boolean privateGateway) {
final List<NetworkACLTO> rulesTO = new ArrayList<>();
String guestVlan = null;
final Network guestNtwk = _networkDao.findById(guestNetworkId);
final URI uri = guestNtwk.getBroadcastUri();
if (uri != null) {
guestVlan = BroadcastDomainType.getValue(uri);
}
if (rules != null) {
for (final NetworkACLItem rule : rules) {
final NetworkACLTO ruleTO = new NetworkACLTO(rule, guestVlan, rule.getTrafficType());
rulesTO.add(ruleTO);
}
}
final NicTO nicTO = _networkHelper.getNicTO(router, guestNetworkId, null);
final SetNetworkACLCommand cmd = new SetNetworkACLCommand(rulesTO, nicTO);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
cmd.setAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG, guestVlan);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
final Zone zone = zoneRepository.findById(router.getDataCenterId()).orElse(null);
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, zone.getNetworkType().toString());
if (privateGateway) {
cmd.setAccessDetail(NetworkElementCommand.VPC_PRIVATE_GATEWAY, String.valueOf(VpcGateway.Type.Private));
}
cmds.addCommand(cmd);
}
Also used :
NetworkACLItem(com.cloud.legacymodel.network.vpc.NetworkACLItem)
NetworkACLTO(com.cloud.legacymodel.to.NetworkACLTO)
Zone(com.cloud.db.model.Zone)
Network(com.cloud.legacymodel.network.Network)
ArrayList(java.util.ArrayList)
SetNetworkACLCommand(com.cloud.legacymodel.communication.command.SetNetworkACLCommand)
URI(java.net.URI)
NicTO(com.cloud.legacymodel.to.NicTO)
Aggregations
SetNetworkACLCommand (com.cloud.legacymodel.communication.command.SetNetworkACLCommand)2
NicTO (com.cloud.legacymodel.to.NicTO)2
ArrayList (java.util.ArrayList)2
Zone (com.cloud.db.model.Zone)1
Network (com.cloud.legacymodel.network.Network)1
AclRule (com.cloud.legacymodel.network.rules.AclRule)1
AllAclRule (com.cloud.legacymodel.network.rules.AllAclRule)1
IcmpAclRule (com.cloud.legacymodel.network.rules.IcmpAclRule)1
NetworkACL (com.cloud.legacymodel.network.rules.NetworkACL)1
ProtocolAclRule (com.cloud.legacymodel.network.rules.ProtocolAclRule)1
TcpAclRule (com.cloud.legacymodel.network.rules.TcpAclRule)1
UdpAclRule (com.cloud.legacymodel.network.rules.UdpAclRule)1
NetworkACLItem (com.cloud.legacymodel.network.vpc.NetworkACLItem)1
NetworkACLTO (com.cloud.legacymodel.to.NetworkACLTO)1
URI (java.net.URI)1
