Search in sources :

Example 1 with AclRule

use of com.cloud.legacymodel.network.rules.AclRule in project cosmic by MissionCriticalCloud.

the class SetNetworkAclConfigItem method generateConfig.

@Override
public List<ConfigItem> generateConfig(final NetworkElementCommand cmd) {
    final SetNetworkACLCommand command = (SetNetworkACLCommand) cmd;
    final String privateGw = cmd.getAccessDetail(NetworkElementCommand.VPC_PRIVATE_GATEWAY);
    final String[][] rules = generateFwRules(command);
    final String[] aclRules = rules[0];
    final NicTO nic = command.getNic();
    final String netmask = Long.toString(NetUtils.getCidrSize(nic.getNetmask()));
    final List<AclRule> ingressRules = new ArrayList<>();
    final List<AclRule> egressRules = new ArrayList<>();
    for (final String aclRule1 : aclRules) {
        final AclRule aclRule;
        final String[] ruleParts = aclRule1.split(":");
        switch(ruleParts[1].toLowerCase()) {
            case "icmp":
                aclRule = new IcmpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
                break;
            case "tcp":
                aclRule = new TcpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
                break;
            case "udp":
                aclRule = new UdpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
                break;
            case "all":
                aclRule = new AllAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]));
                break;
            default:
                // So, let's catch the exception and continue in the loop.
                try {
                    aclRule = new ProtocolAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[1]));
                } catch (final Exception e) {
                    s_logger.warn("Unable to read ACL rule definition, string format is different than expected. Original message => " + e.getMessage());
                    continue;
                }
        }
        if ("Ingress".equals(ruleParts[0])) {
            ingressRules.add(aclRule);
        } else {
            egressRules.add(aclRule);
        }
    }
    final NetworkACL networkACL = new NetworkACL(nic.getMac(), privateGw != null, nic.getIp(), netmask, ingressRules.toArray(new AclRule[ingressRules.size()]), egressRules.toArray(new AclRule[egressRules.size()]));
    return generateConfigItems(networkACL);
}
Also used : AllAclRule(com.cloud.legacymodel.network.rules.AllAclRule) ArrayList(java.util.ArrayList) SetNetworkACLCommand(com.cloud.legacymodel.communication.command.SetNetworkACLCommand) IcmpAclRule(com.cloud.legacymodel.network.rules.IcmpAclRule) NetworkACL(com.cloud.legacymodel.network.rules.NetworkACL) ProtocolAclRule(com.cloud.legacymodel.network.rules.ProtocolAclRule) TcpAclRule(com.cloud.legacymodel.network.rules.TcpAclRule) UdpAclRule(com.cloud.legacymodel.network.rules.UdpAclRule) IcmpAclRule(com.cloud.legacymodel.network.rules.IcmpAclRule) UdpAclRule(com.cloud.legacymodel.network.rules.UdpAclRule) AclRule(com.cloud.legacymodel.network.rules.AclRule) AllAclRule(com.cloud.legacymodel.network.rules.AllAclRule) ProtocolAclRule(com.cloud.legacymodel.network.rules.ProtocolAclRule) TcpAclRule(com.cloud.legacymodel.network.rules.TcpAclRule) NicTO(com.cloud.legacymodel.to.NicTO)

Example 2 with AclRule

use of com.cloud.legacymodel.network.rules.AclRule in project cosmic by MissionCriticalCloud.

the class SetPublicIpAclConfigItem method generateConfig.

@Override
public List<ConfigItem> generateConfig(final NetworkElementCommand cmd) {
    final SetPublicIpACLCommand command = (SetPublicIpACLCommand) cmd;
    final String[][] rules = command.generateFwRules();
    final String[] aclRules = rules[0];
    final NicTO nic = command.getNic();
    final String netmask = Long.toString(NetUtils.getCidrSize(nic.getNetmask()));
    final List<AclRule> ingressRules = new ArrayList<>();
    final List<AclRule> egressRules = new ArrayList<>();
    for (final String aclRule1 : aclRules) {
        final AclRule aclRule;
        final String[] ruleParts = aclRule1.split(":");
        switch(ruleParts[1].toLowerCase()) {
            case "icmp":
                aclRule = new IcmpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
                break;
            case "tcp":
                aclRule = new TcpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
                break;
            case "udp":
                aclRule = new UdpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
                break;
            case "all":
                aclRule = new AllAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]));
                break;
            default:
                // So, let's catch the exception and continue in the loop.
                try {
                    aclRule = new ProtocolAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[1]));
                } catch (final Exception e) {
                    s_logger.warn("Unable to read ACL rule definition, string format is different than expected. Original message => " + e.getMessage());
                    continue;
                }
        }
        if ("Ingress".equals(ruleParts[0])) {
            ingressRules.add(aclRule);
        } else {
            egressRules.add(aclRule);
        }
    }
    final PublicIpACL publicIpACL = new PublicIpACL(nic.getMac(), nic.getIp(), netmask, command.getPublicIp(), ingressRules.toArray(new AclRule[ingressRules.size()]), egressRules.toArray(new AclRule[egressRules.size()]));
    return generateConfigItems(publicIpACL);
}
Also used : AllAclRule(com.cloud.legacymodel.network.rules.AllAclRule) ArrayList(java.util.ArrayList) PublicIpACL(com.cloud.legacymodel.network.rules.PublicIpACL) IcmpAclRule(com.cloud.legacymodel.network.rules.IcmpAclRule) ProtocolAclRule(com.cloud.legacymodel.network.rules.ProtocolAclRule) TcpAclRule(com.cloud.legacymodel.network.rules.TcpAclRule) SetPublicIpACLCommand(com.cloud.legacymodel.communication.command.SetPublicIpACLCommand) UdpAclRule(com.cloud.legacymodel.network.rules.UdpAclRule) IcmpAclRule(com.cloud.legacymodel.network.rules.IcmpAclRule) UdpAclRule(com.cloud.legacymodel.network.rules.UdpAclRule) AclRule(com.cloud.legacymodel.network.rules.AclRule) AllAclRule(com.cloud.legacymodel.network.rules.AllAclRule) ProtocolAclRule(com.cloud.legacymodel.network.rules.ProtocolAclRule) TcpAclRule(com.cloud.legacymodel.network.rules.TcpAclRule) NicTO(com.cloud.legacymodel.to.NicTO)

Aggregations

AclRule (com.cloud.legacymodel.network.rules.AclRule)2 AllAclRule (com.cloud.legacymodel.network.rules.AllAclRule)2 IcmpAclRule (com.cloud.legacymodel.network.rules.IcmpAclRule)2 ProtocolAclRule (com.cloud.legacymodel.network.rules.ProtocolAclRule)2 TcpAclRule (com.cloud.legacymodel.network.rules.TcpAclRule)2 UdpAclRule (com.cloud.legacymodel.network.rules.UdpAclRule)2 NicTO (com.cloud.legacymodel.to.NicTO)2 ArrayList (java.util.ArrayList)2 SetNetworkACLCommand (com.cloud.legacymodel.communication.command.SetNetworkACLCommand)1 SetPublicIpACLCommand (com.cloud.legacymodel.communication.command.SetPublicIpACLCommand)1 NetworkACL (com.cloud.legacymodel.network.rules.NetworkACL)1 PublicIpACL (com.cloud.legacymodel.network.rules.PublicIpACL)1