use of com.cloud.legacymodel.to.NetworkACLTO in project cosmic by MissionCriticalCloud.
the class SetNetworkAclConfigItem method generateFwRules.
public String[][] generateFwRules(final SetNetworkACLCommand command) {
final List<NetworkACLTO> aclList = Arrays.asList(command.getRules());
orderNetworkAclRulesByRuleNumber(aclList);
final String[][] result = new String[2][aclList.size()];
int i = 0;
for (final NetworkACLTO aclTO : aclList) {
/* example : Ingress:tcp:80:80:0.0.0.0/0:ACCEPT:,Egress:tcp:220:220:0.0.0.0/0:DROP:,
* each entry format Ingress/Egress:protocol:start port: end port:scidrs:action:
* reverted entry format Ingress/Egress:reverted:0:0:0:
*/
if (aclTO.revoked()) {
final StringBuilder sb = new StringBuilder();
/* This entry is added just to make sure at least there will one entry in the list to get the IP address */
sb.append(aclTO.getTrafficType().toString()).append(":reverted:0:0:0:");
final String aclRuleEntry = sb.toString();
result[0][i++] = aclRuleEntry;
continue;
}
final List<String> cidr;
final StringBuilder sb = new StringBuilder();
sb.append(aclTO.getTrafficType().toString()).append(":").append(aclTO.getProtocol()).append(":");
if ("icmp".equals(aclTO.getProtocol())) {
sb.append(aclTO.getIcmpType()).append(":").append(aclTO.getIcmpCode()).append(":");
} else {
sb.append(aclTO.getStringPortRange()).append(":");
}
cidr = aclTO.getSourceCidrList();
if (cidr == null || cidr.isEmpty()) {
sb.append("0.0.0.0/0");
} else {
Boolean firstEntry = true;
for (final String tag : cidr) {
if (!firstEntry) {
sb.append(",");
}
sb.append(tag);
firstEntry = false;
}
}
sb.append(":").append(aclTO.getAction()).append(":");
final String aclRuleEntry = sb.toString();
result[0][i++] = aclRuleEntry;
}
return result;
}
use of com.cloud.legacymodel.to.NetworkACLTO in project cosmic by MissionCriticalCloud.
the class CommandSetupHelper method createNetworkACLsCommands.
public void createNetworkACLsCommands(final List<? extends NetworkACLItem> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId, final boolean privateGateway) {
final List<NetworkACLTO> rulesTO = new ArrayList<>();
String guestVlan = null;
final Network guestNtwk = _networkDao.findById(guestNetworkId);
final URI uri = guestNtwk.getBroadcastUri();
if (uri != null) {
guestVlan = BroadcastDomainType.getValue(uri);
}
if (rules != null) {
for (final NetworkACLItem rule : rules) {
final NetworkACLTO ruleTO = new NetworkACLTO(rule, guestVlan, rule.getTrafficType());
rulesTO.add(ruleTO);
}
}
final NicTO nicTO = _networkHelper.getNicTO(router, guestNetworkId, null);
final SetNetworkACLCommand cmd = new SetNetworkACLCommand(rulesTO, nicTO);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
cmd.setAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG, guestVlan);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
final Zone zone = zoneRepository.findById(router.getDataCenterId()).orElse(null);
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, zone.getNetworkType().toString());
if (privateGateway) {
cmd.setAccessDetail(NetworkElementCommand.VPC_PRIVATE_GATEWAY, String.valueOf(VpcGateway.Type.Private));
}
cmds.addCommand(cmd);
}
Aggregations