Example 1 with NetworkACL
use of com.cloud.legacymodel.network.rules.NetworkACL in project cosmic by MissionCriticalCloud.
the class SetNetworkAclConfigItem method generateConfig.
@Override
public List<ConfigItem> generateConfig(final NetworkElementCommand cmd) {
final SetNetworkACLCommand command = (SetNetworkACLCommand) cmd;
final String privateGw = cmd.getAccessDetail(NetworkElementCommand.VPC_PRIVATE_GATEWAY);
final String[][] rules = generateFwRules(command);
final String[] aclRules = rules[0];
final NicTO nic = command.getNic();
final String netmask = Long.toString(NetUtils.getCidrSize(nic.getNetmask()));
final List<AclRule> ingressRules = new ArrayList<>();
final List<AclRule> egressRules = new ArrayList<>();
for (final String aclRule1 : aclRules) {
final AclRule aclRule;
final String[] ruleParts = aclRule1.split(":");
switch(ruleParts[1].toLowerCase()) {
case "icmp":
aclRule = new IcmpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
break;
case "tcp":
aclRule = new TcpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
break;
case "udp":
aclRule = new UdpAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[2]), Integer.parseInt(ruleParts[3]));
break;
case "all":
aclRule = new AllAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]));
break;
default:
// So, let's catch the exception and continue in the loop.
try {
aclRule = new ProtocolAclRule(ruleParts[4], "ACCEPT".equals(ruleParts[5]), Integer.parseInt(ruleParts[1]));
} catch (final Exception e) {
s_logger.warn("Unable to read ACL rule definition, string format is different than expected. Original message => " + e.getMessage());
continue;
}
}
if ("Ingress".equals(ruleParts[0])) {
ingressRules.add(aclRule);
} else {
egressRules.add(aclRule);
}
}
final NetworkACL networkACL = new NetworkACL(nic.getMac(), privateGw != null, nic.getIp(), netmask, ingressRules.toArray(new AclRule[ingressRules.size()]), egressRules.toArray(new AclRule[egressRules.size()]));
return generateConfigItems(networkACL);
}
Also used :
AllAclRule(com.cloud.legacymodel.network.rules.AllAclRule)
ArrayList(java.util.ArrayList)
SetNetworkACLCommand(com.cloud.legacymodel.communication.command.SetNetworkACLCommand)
IcmpAclRule(com.cloud.legacymodel.network.rules.IcmpAclRule)
NetworkACL(com.cloud.legacymodel.network.rules.NetworkACL)
ProtocolAclRule(com.cloud.legacymodel.network.rules.ProtocolAclRule)
TcpAclRule(com.cloud.legacymodel.network.rules.TcpAclRule)
UdpAclRule(com.cloud.legacymodel.network.rules.UdpAclRule)
IcmpAclRule(com.cloud.legacymodel.network.rules.IcmpAclRule)
UdpAclRule(com.cloud.legacymodel.network.rules.UdpAclRule)
AclRule(com.cloud.legacymodel.network.rules.AclRule)
AllAclRule(com.cloud.legacymodel.network.rules.AllAclRule)
ProtocolAclRule(com.cloud.legacymodel.network.rules.ProtocolAclRule)
TcpAclRule(com.cloud.legacymodel.network.rules.TcpAclRule)
NicTO(com.cloud.legacymodel.to.NicTO)
Aggregations
SetNetworkACLCommand (com.cloud.legacymodel.communication.command.SetNetworkACLCommand)1
AclRule (com.cloud.legacymodel.network.rules.AclRule)1
AllAclRule (com.cloud.legacymodel.network.rules.AllAclRule)1
IcmpAclRule (com.cloud.legacymodel.network.rules.IcmpAclRule)1
NetworkACL (com.cloud.legacymodel.network.rules.NetworkACL)1
ProtocolAclRule (com.cloud.legacymodel.network.rules.ProtocolAclRule)1
TcpAclRule (com.cloud.legacymodel.network.rules.TcpAclRule)1
UdpAclRule (com.cloud.legacymodel.network.rules.UdpAclRule)1
NicTO (com.cloud.legacymodel.to.NicTO)1
ArrayList (java.util.ArrayList)1
