Search in sources :

Example 21 with FirewallRule

use of com.cloud.legacymodel.network.FirewallRule in project cosmic by MissionCriticalCloud.

the class FirewallManagerImpl method revokeAllFirewallRulesForNetwork.

@Override
@ActionEvent(eventType = EventTypes.EVENT_FIREWALL_CLOSE, eventDescription = "revoking firewall rule", async = true)
public boolean revokeAllFirewallRulesForNetwork(final long networkId, final long userId, final Account caller) throws ResourceUnavailableException {
    final List<FirewallRule> rules = new ArrayList<>();
    final List<FirewallRuleVO> fwRules = _firewallDao.listByNetworkAndPurposeAndNotRevoked(networkId, Purpose.Firewall);
    if (s_logger.isDebugEnabled()) {
        s_logger.debug("Releasing " + fwRules.size() + " firewall rules for network id=" + networkId);
    }
    for (final FirewallRuleVO rule : fwRules) {
        // Mark all Firewall rules as Revoke, but don't revoke them yet - we have to revoke all rules for ip, no
        // need to send them one by one
        revokeFirewallRule(rule.getId(), false, caller, Account.ACCOUNT_ID_SYSTEM);
    }
    // now send everything to the backend
    final List<FirewallRuleVO> rulesToApply = _firewallDao.listByNetworkAndPurpose(networkId, Purpose.Firewall);
    final boolean success = applyFirewallRules(rulesToApply, true, caller);
    // Now we check again in case more rules have been inserted.
    rules.addAll(_firewallDao.listByNetworkAndPurposeAndNotRevoked(networkId, Purpose.Firewall));
    if (s_logger.isDebugEnabled()) {
        s_logger.debug("Successfully released firewall rules for network id=" + networkId + " and # of rules now = " + rules.size());
    }
    return success && rules.size() == 0;
}
Also used : ArrayList(java.util.ArrayList) FirewallRule(com.cloud.legacymodel.network.FirewallRule) FirewallRuleVO(com.cloud.network.rules.FirewallRuleVO) ActionEvent(com.cloud.event.ActionEvent)

Example 22 with FirewallRule

use of com.cloud.legacymodel.network.FirewallRule in project cosmic by MissionCriticalCloud.

the class FirewallManagerImpl method revokeFirewallRulesForIp.

@Override
@ActionEvent(eventType = EventTypes.EVENT_FIREWALL_CLOSE, eventDescription = "revoking firewall rule", async = true)
public boolean revokeFirewallRulesForIp(final long ipId, final long userId, final Account caller) throws ResourceUnavailableException {
    final List<FirewallRule> rules = new ArrayList<>();
    final List<FirewallRuleVO> fwRules = _firewallDao.listByIpAndPurposeAndNotRevoked(ipId, Purpose.Firewall);
    if (s_logger.isDebugEnabled()) {
        s_logger.debug("Releasing " + fwRules.size() + " firewall rules for ip id=" + ipId);
    }
    for (final FirewallRuleVO rule : fwRules) {
        // Mark all Firewall rules as Revoke, but don't revoke them yet - we have to revoke all rules for ip, no
        // need to send them one by one
        revokeFirewallRule(rule.getId(), false, caller, Account.ACCOUNT_ID_SYSTEM);
    }
    // now send everything to the backend
    final List<FirewallRuleVO> rulesToApply = _firewallDao.listByIpAndPurpose(ipId, Purpose.Firewall);
    applyFirewallRules(rulesToApply, true, caller);
    // Now we check again in case more rules have been inserted.
    rules.addAll(_firewallDao.listByIpAndPurposeAndNotRevoked(ipId, Purpose.Firewall));
    if (s_logger.isDebugEnabled()) {
        s_logger.debug("Successfully released firewall rules for ip id=" + ipId + " and # of rules now = " + rules.size());
    }
    return rules.size() == 0;
}
Also used : ArrayList(java.util.ArrayList) FirewallRule(com.cloud.legacymodel.network.FirewallRule) FirewallRuleVO(com.cloud.network.rules.FirewallRuleVO) ActionEvent(com.cloud.event.ActionEvent)

Example 23 with FirewallRule

use of com.cloud.legacymodel.network.FirewallRule in project cosmic by MissionCriticalCloud.

the class FirewallManagerImpl method revokeRelatedFirewallRule.

@Override
public boolean revokeRelatedFirewallRule(final long ruleId, final boolean apply) {
    final FirewallRule fwRule = _firewallDao.findByRelatedId(ruleId);
    if (fwRule == null) {
        s_logger.trace("No related firewall rule exists for rule id=" + ruleId + " so returning true here");
        return true;
    }
    s_logger.debug("Revoking Firewall rule id=" + fwRule.getId() + " as a part of rule delete id=" + ruleId + " with apply=" + apply);
    return revokeIngressFirewallRule(fwRule.getId(), apply);
}
Also used : FirewallRule(com.cloud.legacymodel.network.FirewallRule)

Aggregations

FirewallRule (com.cloud.legacymodel.network.FirewallRule)23 ArrayList (java.util.ArrayList)14 FirewallResponse (com.cloud.api.response.FirewallResponse)7 FirewallRuleVO (com.cloud.network.rules.FirewallRuleVO)7 ServerApiException (com.cloud.api.ServerApiException)5 NetworkRuleConflictException (com.cloud.legacymodel.exceptions.NetworkRuleConflictException)4 StaticNatRule (com.cloud.legacymodel.network.StaticNatRule)4 IpAddress (com.cloud.network.IpAddress)4 List (java.util.List)4 ListResponse (com.cloud.api.response.ListResponse)3 ActionEvent (com.cloud.event.ActionEvent)3 InvalidParameterValueException (com.cloud.legacymodel.exceptions.InvalidParameterValueException)3 PublicIpAddress (com.cloud.network.PublicIpAddress)3 NetworkVO (com.cloud.network.dao.NetworkVO)3 NetworkOfferingVO (com.cloud.offerings.NetworkOfferingVO)3 IpForwardingRuleResponse (com.cloud.api.response.IpForwardingRuleResponse)2 CallContext (com.cloud.context.CallContext)2 Zone (com.cloud.db.model.Zone)2 SetFirewallRulesCommand (com.cloud.legacymodel.communication.command.SetFirewallRulesCommand)2 ResourceUnavailableException (com.cloud.legacymodel.exceptions.ResourceUnavailableException)2