Example 11 with NetworkACLItem
use of com.cloud.network.vpc.NetworkACLItem in project cloudstack by apache.
the class CreateNetworkACLCmd method execute.
@Override
public void execute() throws ResourceUnavailableException {
boolean success = false;
NetworkACLItem rule = _networkACLService.getNetworkACLItem(getEntityId());
try {
CallContext.current().setEventDetails("Rule ID: " + getEntityId());
success = _networkACLService.applyNetworkACL(rule.getAclId());
// State is different after the rule is applied, so get new object here
rule = _networkACLService.getNetworkACLItem(getEntityId());
NetworkACLItemResponse aclResponse = new NetworkACLItemResponse();
if (rule != null) {
aclResponse = _responseGenerator.createNetworkACLItemResponse(rule);
setResponseObject(aclResponse);
}
aclResponse.setResponseName(getCommandName());
} finally {
if (!success || rule == null) {
_networkACLService.revokeNetworkACLItem(getEntityId());
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create network ACL Item");
}
}
}
Also used :
NetworkACLItem(com.cloud.network.vpc.NetworkACLItem)
ServerApiException(org.apache.cloudstack.api.ServerApiException)
NetworkACLItemResponse(org.apache.cloudstack.api.response.NetworkACLItemResponse)
Example 12 with NetworkACLItem
use of com.cloud.network.vpc.NetworkACLItem in project cloudstack by apache.
the class MoveNetworkAclItemCmd method execute.
@Override
public void execute() {
CallContext.current().setEventDetails(getEventDescription());
NetworkACLItem aclItem = _networkACLService.moveNetworkAclRuleToNewPosition(this);
NetworkACLItemResponse aclResponse = _responseGenerator.createNetworkACLItemResponse(aclItem);
setResponseObject(aclResponse);
aclResponse.setResponseName(getCommandName());
}
Also used :
NetworkACLItem(com.cloud.network.vpc.NetworkACLItem)
NetworkACLItemResponse(org.apache.cloudstack.api.response.NetworkACLItemResponse)
Example 13 with NetworkACLItem
use of com.cloud.network.vpc.NetworkACLItem in project cloudstack by apache.
the class CommandSetupHelper method createNetworkACLsCommands.
public void createNetworkACLsCommands(final List<? extends NetworkACLItem> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId, final boolean privateGateway) {
final List<NetworkACLTO> rulesTO = new ArrayList<NetworkACLTO>();
String guestVlan = null;
final Network guestNtwk = _networkDao.findById(guestNetworkId);
final URI uri = guestNtwk.getBroadcastUri();
if (uri != null) {
guestVlan = BroadcastDomainType.getValue(uri);
}
if (rules != null) {
for (final NetworkACLItem rule : rules) {
final NetworkACLTO ruleTO = new NetworkACLTO(rule, guestVlan, rule.getTrafficType());
rulesTO.add(ruleTO);
}
}
NicTO nicTO = _networkHelper.getNicTO(router, guestNetworkId, null);
final SetNetworkACLCommand cmd = new SetNetworkACLCommand(rulesTO, nicTO);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(guestNetworkId, router.getId()));
cmd.setAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG, guestVlan);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
if (privateGateway) {
cmd.setAccessDetail(NetworkElementCommand.VPC_PRIVATE_GATEWAY, String.valueOf(VpcGateway.Type.Private));
}
cmds.addCommand(cmd);
}
Also used :
DataCenterVO(com.cloud.dc.DataCenterVO)
NetworkACLItem(com.cloud.network.vpc.NetworkACLItem)
NetworkACLTO(com.cloud.agent.api.to.NetworkACLTO)
Network(com.cloud.network.Network)
ArrayList(java.util.ArrayList)
SetNetworkACLCommand(com.cloud.agent.api.routing.SetNetworkACLCommand)
URI(java.net.URI)
NicTO(com.cloud.agent.api.to.NicTO)
Example 14 with NetworkACLItem
use of com.cloud.network.vpc.NetworkACLItem in project cloudstack by apache.
the class BigSwitchBcfElement method applyNetworkACLs.
@Override
public boolean applyNetworkACLs(Network network, List<? extends NetworkACLItem> rules) throws ResourceUnavailableException {
SubnetUtils utils;
String cidr = null;
List<String> cidrList;
for (NetworkACLItem r : rules) {
if (r.getState() == NetworkACLItem.State.Revoke) {
continue;
}
cidrList = r.getSourceCidrList();
if (cidrList != null) {
if (cidrList.size() > 1 || !r.getSourcePortEnd().equals(r.getSourcePortStart())) {
throw new ResourceUnavailableException("One CIDR and one port only please.", Network.class, network.getId());
} else {
cidr = cidrList.get(0);
}
}
if (cidr == null || cidr.equalsIgnoreCase("0.0.0.0/0")) {
cidr = "";
} else {
utils = new SubnetUtils(cidr);
if (!utils.getInfo().getNetworkAddress().equals(utils.getInfo().getAddress())) {
throw new ResourceUnavailableException("Invalid CIDR in Network ACL rule.", Network.class, network.getId());
}
}
}
updateBcfRouter(network);
return true;
}
Also used :
SubnetUtils(org.apache.commons.net.util.SubnetUtils)
NetworkACLItem(com.cloud.network.vpc.NetworkACLItem)
ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException)
Example 15 with NetworkACLItem
use of com.cloud.network.vpc.NetworkACLItem in project cosmic by MissionCriticalCloud.
the class CommandSetupHelper method createNetworkACLsCommands.
public void createNetworkACLsCommands(final List<? extends NetworkACLItem> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId, final boolean privateGateway) {
final List<NetworkACLTO> rulesTO = new ArrayList<>();
String guestVlan = null;
final Network guestNtwk = _networkDao.findById(guestNetworkId);
final URI uri = guestNtwk.getBroadcastUri();
if (uri != null) {
guestVlan = BroadcastDomainType.getValue(uri);
}
if (rules != null) {
for (final NetworkACLItem rule : rules) {
final NetworkACLTO ruleTO = new NetworkACLTO(rule, guestVlan, rule.getTrafficType());
rulesTO.add(ruleTO);
}
}
final NicTO nicTO = _networkHelper.getNicTO(router, guestNetworkId, null);
final SetNetworkACLCommand cmd = new SetNetworkACLCommand(rulesTO, nicTO);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
cmd.setAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG, guestVlan);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
final Zone zone = zoneRepository.findOne(router.getDataCenterId());
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, zone.getNetworkType().toString());
if (privateGateway) {
cmd.setAccessDetail(NetworkElementCommand.VPC_PRIVATE_GATEWAY, String.valueOf(VpcGateway.Type.Private));
}
cmds.addCommand(cmd);
}
Also used :
NetworkACLItem(com.cloud.network.vpc.NetworkACLItem)
NetworkACLTO(com.cloud.agent.api.to.NetworkACLTO)
Zone(com.cloud.db.model.Zone)
Network(com.cloud.network.Network)
ArrayList(java.util.ArrayList)
SetNetworkACLCommand(com.cloud.agent.api.routing.SetNetworkACLCommand)
URI(java.net.URI)
NicTO(com.cloud.agent.api.to.NicTO)
Aggregations
NetworkACLItem (com.cloud.network.vpc.NetworkACLItem)18
ArrayList (java.util.ArrayList)9
NetworkACLItemResponse (org.apache.cloudstack.api.response.NetworkACLItemResponse)5
NetworkACLItemResponse (com.cloud.api.response.NetworkACLItemResponse)4
NicTO (com.cloud.agent.api.to.NicTO)3
SetNetworkACLCommand (com.cloud.agent.api.routing.SetNetworkACLCommand)2
NetworkACLTO (com.cloud.agent.api.to.NetworkACLTO)2
ServerApiException (com.cloud.api.ServerApiException)2
Zone (com.cloud.db.model.Zone)2
ResourceUnavailableException (com.cloud.exception.ResourceUnavailableException)2
Network (com.cloud.network.Network)2
NetworkACL (com.cloud.network.vpc.NetworkACL)2
ResourceTag (com.cloud.server.ResourceTag)2
URI (java.net.URI)2
List (java.util.List)2
SubnetUtils (org.apache.commons.net.util.SubnetUtils)2
Answer (com.cloud.agent.api.Answer)1
ApplyAclRuleVspCommand (com.cloud.agent.api.element.ApplyAclRuleVspCommand)1
SetPublicIpACLCommand (com.cloud.agent.api.routing.SetPublicIpACLCommand)1
PublicIpACLTO (com.cloud.agent.api.to.PublicIpACLTO)1
