Example 1 with FirewallRule
use of com.cloud.network.rules.FirewallRule in project CloudStack-archive by CloudStack-extras.
the class CreateFirewallRuleCmd method execute.
@Override
public void execute() throws ResourceUnavailableException {
UserContext callerContext = UserContext.current();
boolean success = false;
FirewallRule rule = _entityMgr.findById(FirewallRule.class, getEntityId());
try {
UserContext.current().setEventDetails("Rule Id: " + getEntityId());
success = _firewallService.applyFirewallRules(rule.getSourceIpAddressId(), callerContext.getCaller());
// State is different after the rule is applied, so get new object here
rule = _entityMgr.findById(FirewallRule.class, getEntityId());
FirewallResponse fwResponse = new FirewallResponse();
if (rule != null) {
fwResponse = _responseGenerator.createFirewallResponse(rule);
setResponseObject(fwResponse);
}
fwResponse.setResponseName(getCommandName());
} finally {
if (!success || rule == null) {
_firewallService.revokeFirewallRule(getEntityId(), true);
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to create firewall rule");
}
}
}
Also used :
ServerApiException(com.cloud.api.ServerApiException)
UserContext(com.cloud.user.UserContext)
FirewallRule(com.cloud.network.rules.FirewallRule)
FirewallResponse(com.cloud.api.response.FirewallResponse)
Example 2 with FirewallRule
use of com.cloud.network.rules.FirewallRule in project CloudStack-archive by CloudStack-extras.
the class CreateFirewallRuleCmd method create.
@Override
public void create() {
if (getSourceCidrList() != null) {
for (String cidr : getSourceCidrList()) {
if (!NetUtils.isValidCIDR(cidr)) {
throw new ServerApiException(BaseCmd.PARAM_ERROR, "Source cidrs formatting error " + cidr);
}
}
}
try {
FirewallRule result = _firewallService.createFirewallRule(this);
setEntityId(result.getId());
} catch (NetworkRuleConflictException ex) {
s_logger.info("Network rule conflict: " + ex.getMessage());
s_logger.trace("Network Rule Conflict: ", ex);
throw new ServerApiException(BaseCmd.NETWORK_RULE_CONFLICT_ERROR, ex.getMessage());
}
}
Also used :
ServerApiException(com.cloud.api.ServerApiException)
FirewallRule(com.cloud.network.rules.FirewallRule)
NetworkRuleConflictException(com.cloud.exception.NetworkRuleConflictException)
Example 3 with FirewallRule
use of com.cloud.network.rules.FirewallRule in project CloudStack-archive by CloudStack-extras.
the class CreateIpForwardingRuleCmd method execute.
@Override
public void execute() throws ResourceUnavailableException {
boolean result = true;
FirewallRule rule = null;
try {
UserContext.current().setEventDetails("Rule Id: " + getEntityId());
if (getOpenFirewall()) {
result = result && _firewallService.applyFirewallRules(ipAddressId, UserContext.current().getCaller());
}
result = result && _rulesService.applyStaticNatRules(ipAddressId, UserContext.current().getCaller());
rule = _entityMgr.findById(FirewallRule.class, getEntityId());
StaticNatRule staticNatRule = _rulesService.buildStaticNatRule(rule, false);
IpForwardingRuleResponse fwResponse = _responseGenerator.createIpForwardingRuleResponse(staticNatRule);
fwResponse.setResponseName(getCommandName());
this.setResponseObject(fwResponse);
} finally {
if (!result || rule == null) {
if (getOpenFirewall()) {
_firewallService.revokeRelatedFirewallRule(getEntityId(), true);
}
_rulesService.revokeStaticNatRule(getEntityId(), true);
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Error in creating ip forwarding rule on the domr");
}
}
}
Also used :
ServerApiException(com.cloud.api.ServerApiException)
StaticNatRule(com.cloud.network.rules.StaticNatRule)
FirewallRule(com.cloud.network.rules.FirewallRule)
IpForwardingRuleResponse(com.cloud.api.response.IpForwardingRuleResponse)
Example 4 with FirewallRule
use of com.cloud.network.rules.FirewallRule in project CloudStack-archive by CloudStack-extras.
the class ListFirewallRulesCmd method execute.
@Override
public void execute() {
List<? extends FirewallRule> result = _firewallService.listFirewallRules(this);
ListResponse<FirewallResponse> response = new ListResponse<FirewallResponse>();
List<FirewallResponse> fwResponses = new ArrayList<FirewallResponse>();
for (FirewallRule fwRule : result) {
FirewallResponse ruleData = _responseGenerator.createFirewallResponse(fwRule);
ruleData.setObjectName("firewallrule");
fwResponses.add(ruleData);
}
response.setResponses(fwResponses);
response.setResponseName(getCommandName());
this.setResponseObject(response);
}
Also used :
ListResponse(com.cloud.api.response.ListResponse)
ArrayList(java.util.ArrayList)
FirewallRule(com.cloud.network.rules.FirewallRule)
FirewallResponse(com.cloud.api.response.FirewallResponse)
Example 5 with FirewallRule
use of com.cloud.network.rules.FirewallRule in project cloudstack by apache.
the class NuageVspElement method applyACLRules.
protected boolean applyACLRules(final Network network, List<? extends InternalIdentity> rules, boolean isNetworkAcl, boolean networkReset) throws ResourceUnavailableException {
VspNetwork vspNetwork = _nuageVspEntityBuilder.buildVspNetwork(network);
List<VspAclRule> vspAclRules = Lists.transform(rules, new Function<InternalIdentity, VspAclRule>() {
@Nullable
@Override
public VspAclRule apply(@Nullable InternalIdentity input) {
if (input instanceof FirewallRule) {
return _nuageVspEntityBuilder.buildVspAclRule((FirewallRule) input, network);
}
return _nuageVspEntityBuilder.buildVspAclRule((NetworkACLItem) input);
}
});
HostVO nuageVspHost = _nuageVspManager.getNuageVspHost(network.getPhysicalNetworkId());
VspAclRule.ACLType vspAclType = isNetworkAcl ? VspAclRule.ACLType.NetworkACL : VspAclRule.ACLType.Firewall;
ApplyAclRuleVspCommand cmd = new ApplyAclRuleVspCommand(vspAclType, vspNetwork, vspAclRules, networkReset);
Answer answer = _agentMgr.easySend(nuageVspHost.getId(), cmd);
if (answer == null || !answer.getResult()) {
s_logger.error("ApplyAclRuleNuageVspCommand for network " + network.getUuid() + " failed on Nuage VSD " + nuageVspHost.getDetail("hostname"));
if ((null != answer) && (null != answer.getDetails())) {
throw new ResourceUnavailableException(answer.getDetails(), Network.class, network.getId());
}
}
return true;
}
Also used :
HostVO(com.cloud.host.HostVO)
Answer(com.cloud.agent.api.Answer)
NetworkACLItem(com.cloud.network.vpc.NetworkACLItem)
ApplyAclRuleVspCommand(com.cloud.agent.api.element.ApplyAclRuleVspCommand)
VspAclRule(net.nuage.vsp.acs.client.api.model.VspAclRule)
ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException)
VspNetwork(net.nuage.vsp.acs.client.api.model.VspNetwork)
InternalIdentity(org.apache.cloudstack.api.InternalIdentity)
FirewallRule(com.cloud.network.rules.FirewallRule)
Nullable(javax.annotation.Nullable)
Aggregations
FirewallRule (com.cloud.network.rules.FirewallRule)59
ArrayList (java.util.ArrayList)32
FirewallRuleVO (com.cloud.network.rules.FirewallRuleVO)16
IpAddress (com.cloud.network.IpAddress)13
NetworkRuleConflictException (com.cloud.exception.NetworkRuleConflictException)10
FirewallResponse (com.cloud.api.response.FirewallResponse)9
List (java.util.List)9
ServerApiException (com.cloud.api.ServerApiException)8
PublicIpAddress (com.cloud.network.PublicIpAddress)8
NetworkVO (com.cloud.network.dao.NetworkVO)8
StaticNatRule (com.cloud.network.rules.StaticNatRule)8
FirewallRuleTO (com.cloud.agent.api.to.FirewallRuleTO)7
ResourceUnavailableException (com.cloud.exception.ResourceUnavailableException)7
NetworkOfferingVO (com.cloud.offerings.NetworkOfferingVO)7
FirewallResponse (org.apache.cloudstack.api.response.FirewallResponse)7
SetFirewallRulesCommand (com.cloud.agent.api.routing.SetFirewallRulesCommand)6
ActionEvent (com.cloud.event.ActionEvent)6
ListResponse (com.cloud.api.response.ListResponse)5
ServerApiException (org.apache.cloudstack.api.ServerApiException)5
IpForwardingRuleResponse (com.cloud.api.response.IpForwardingRuleResponse)4
