Examples with NetworkACLTO com.cloud.legacymodel.to.NetworkACLTO used on opensource projects

Example 1 with NetworkACLTO

use of com.cloud.legacymodel.to.NetworkACLTO in project cosmic by MissionCriticalCloud.

the class SetNetworkAclConfigItem method generateFwRules.

public String[][] generateFwRules(final SetNetworkACLCommand command) {
    final List<NetworkACLTO> aclList = Arrays.asList(command.getRules());
    orderNetworkAclRulesByRuleNumber(aclList);
    final String[][] result = new String[2][aclList.size()];
    int i = 0;
    for (final NetworkACLTO aclTO : aclList) {
        /*  example  :  Ingress:tcp:80:80:0.0.0.0/0:ACCEPT:,Egress:tcp:220:220:0.0.0.0/0:DROP:,
             *  each entry format      Ingress/Egress:protocol:start port: end port:scidrs:action:
             *  reverted entry format  Ingress/Egress:reverted:0:0:0:
             */
        if (aclTO.revoked()) {
            final StringBuilder sb = new StringBuilder();
            /* This entry is added just to make sure at least there will one entry in the list to get the IP address */
            sb.append(aclTO.getTrafficType().toString()).append(":reverted:0:0:0:");
            final String aclRuleEntry = sb.toString();
            result[0][i++] = aclRuleEntry;
            continue;
        }
        final List<String> cidr;
        final StringBuilder sb = new StringBuilder();
        sb.append(aclTO.getTrafficType().toString()).append(":").append(aclTO.getProtocol()).append(":");
        if ("icmp".equals(aclTO.getProtocol())) {
            sb.append(aclTO.getIcmpType()).append(":").append(aclTO.getIcmpCode()).append(":");
        } else {
            sb.append(aclTO.getStringPortRange()).append(":");
        }
        cidr = aclTO.getSourceCidrList();
        if (cidr == null || cidr.isEmpty()) {
            sb.append("0.0.0.0/0");
        } else {
            Boolean firstEntry = true;
            for (final String tag : cidr) {
                if (!firstEntry) {
                    sb.append(",");
                }
                sb.append(tag);
                firstEntry = false;
            }
        }
        sb.append(":").append(aclTO.getAction()).append(":");
        final String aclRuleEntry = sb.toString();
        result[0][i++] = aclRuleEntry;
    }
    return result;
}

Example 2 with NetworkACLTO

use of com.cloud.legacymodel.to.NetworkACLTO in project cosmic by MissionCriticalCloud.

the class CommandSetupHelper method createNetworkACLsCommands.

public void createNetworkACLsCommands(final List<? extends NetworkACLItem> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId, final boolean privateGateway) {
    final List<NetworkACLTO> rulesTO = new ArrayList<>();
    String guestVlan = null;
    final Network guestNtwk = _networkDao.findById(guestNetworkId);
    final URI uri = guestNtwk.getBroadcastUri();
    if (uri != null) {
        guestVlan = BroadcastDomainType.getValue(uri);
    }
    if (rules != null) {
        for (final NetworkACLItem rule : rules) {
            final NetworkACLTO ruleTO = new NetworkACLTO(rule, guestVlan, rule.getTrafficType());
            rulesTO.add(ruleTO);
        }
    }
    final NicTO nicTO = _networkHelper.getNicTO(router, guestNetworkId, null);
    final SetNetworkACLCommand cmd = new SetNetworkACLCommand(rulesTO, nicTO);
    cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
    cmd.setAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG, guestVlan);
    cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
    final Zone zone = zoneRepository.findById(router.getDataCenterId()).orElse(null);
    cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, zone.getNetworkType().toString());
    if (privateGateway) {
        cmd.setAccessDetail(NetworkElementCommand.VPC_PRIVATE_GATEWAY, String.valueOf(VpcGateway.Type.Private));
    }
    cmds.addCommand(cmd);
}