Example 1 with PolicyEntriesType
use of net.juniper.contrail.api.types.PolicyEntriesType in project cloudstack by apache.
the class NetworkPolicyModel method build.
public void build(ModelController controller, List<? extends NetworkACLItem> rules) throws Exception {
String projectName = null;
if (_project != null) {
_fqName = StringUtils.join(_project.getQualifiedName(), ':') + ":" + _name;
projectName = StringUtils.join(_project.getQualifiedName(), ':');
} else {
_fqName = ContrailManager.VNC_ROOT_DOMAIN + ":" + ContrailManager.VNC_DEFAULT_PROJECT + ":" + _name;
projectName = ContrailManager.VNC_ROOT_DOMAIN + ":" + ContrailManager.VNC_DEFAULT_PROJECT;
}
PolicyEntriesType policyMap = new PolicyEntriesType();
for (NetworkACLItem rule : rules) {
if (rule.getState() != NetworkACLItem.State.Active && rule.getState() != NetworkACLItem.State.Add) {
continue;
}
String action = null;
if (rule.getAction() == Action.Allow) {
action = "pass";
} else if (rule.getAction() == Action.Deny) {
action = "deny";
}
List<String> cidrList = rule.getSourceCidrList();
String protocol = rule.getProtocol();
if (protocol == null || protocol.equalsIgnoreCase("ALL") || protocol.isEmpty()) {
protocol = "any";
} else {
protocol = protocol.toLowerCase();
}
Integer portStart = rule.getSourcePortStart();
Integer portEnd = rule.getSourcePortEnd();
if (portStart == null) {
portStart = 0;
}
if (portEnd == null) {
portEnd = 65535;
}
List<PolicyRuleType.AddressType> srcList = new ArrayList<PolicyRuleType.AddressType>();
List<PolicyRuleType.AddressType> dstList = new ArrayList<PolicyRuleType.AddressType>();
List<PolicyRuleType.PortType> srcPorts = new ArrayList<PolicyRuleType.PortType>();
List<PolicyRuleType.PortType> dstPorts = new ArrayList<PolicyRuleType.PortType>();
if (rule.getTrafficType() == NetworkACLItem.TrafficType.Egress) {
for (String cidr : cidrList) {
NetworkVO net = cidrToNetwork(controller, cidr);
/*String[] maskInfo = StringUtils.splitByWholeSeparator(cidr, "/");
SubnetType subnet = new SubnetType();
subnet.setIpPrefix(maskInfo[0]);
subnet.setIpPrefixLen(Integer.parseInt(maskInfo[1]));
*/
String netName = projectName + ":" + controller.getManager().getCanonicalName(net);
dstList.add(new PolicyRuleType.AddressType(null, netName, null));
}
dstPorts.add(new PolicyRuleType.PortType(portStart, portEnd));
srcList.add(new PolicyRuleType.AddressType(null, "local", null));
srcPorts.add(new PolicyRuleType.PortType(0, 65535));
} else {
for (String cidr : cidrList) {
NetworkVO net = cidrToNetwork(controller, cidr);
String netName = projectName + ":" + controller.getManager().getCanonicalName(net);
srcList.add(new PolicyRuleType.AddressType(null, netName, null));
}
dstPorts.add(new PolicyRuleType.PortType(portStart, portEnd));
dstList.add(new PolicyRuleType.AddressType(null, "local", null));
srcPorts.add(new PolicyRuleType.PortType(0, 65535));
}
PolicyRuleType vnRule = new PolicyRuleType(new PolicyRuleType.SequenceType(1, 0), rule.getUuid(), "<>", protocol, srcList, srcPorts, null, dstList, dstPorts, new PolicyRuleType.ActionListType(action, null, null, null));
policyMap.addPolicyRule(vnRule);
}
_policyMap = policyMap;
}
Also used :
NetworkVO(com.cloud.network.dao.NetworkVO)
PolicyEntriesType(net.juniper.contrail.api.types.PolicyEntriesType)
ArrayList(java.util.ArrayList)
PolicyRuleType(net.juniper.contrail.api.types.PolicyEntriesType.PolicyRuleType)
NetworkACLItem(com.cloud.network.vpc.NetworkACLItem)
Example 2 with PolicyEntriesType
use of net.juniper.contrail.api.types.PolicyEntriesType in project cloudstack by apache.
the class NetworkPolicyModel method build.
/* for service instance policy */
public void build(ModelController modelController, String leftVn, String rightVn, String gatewayName, List<String> siList, String action) {
if (_project != null) {
_fqName = StringUtils.join(_project.getQualifiedName(), ':') + ":" + _name;
} else {
_fqName = ContrailManager.VNC_ROOT_DOMAIN + ":" + ContrailManager.VNC_DEFAULT_PROJECT + ":" + _name;
}
PolicyEntriesType policyMap = new PolicyEntriesType();
List<PolicyRuleType.AddressType> srcList = new ArrayList<PolicyRuleType.AddressType>();
srcList.add(new PolicyRuleType.AddressType(null, leftVn, null));
List<PolicyRuleType.AddressType> dstList = new ArrayList<PolicyRuleType.AddressType>();
dstList.add(new PolicyRuleType.AddressType(null, rightVn, null));
List<PolicyRuleType.PortType> portAny = new ArrayList<PolicyRuleType.PortType>();
portAny.add(new PolicyRuleType.PortType(0, 65535));
PolicyRuleType rule = new PolicyRuleType(new PolicyRuleType.SequenceType(1, 0), null, "<>", "any", srcList, portAny, null, dstList, portAny, new PolicyRuleType.ActionListType(action, gatewayName, siList, null));
policyMap.addPolicyRule(rule);
_policyMap = policyMap;
}
Also used :
PolicyRuleType(net.juniper.contrail.api.types.PolicyEntriesType.PolicyRuleType)
PolicyEntriesType(net.juniper.contrail.api.types.PolicyEntriesType)
ArrayList(java.util.ArrayList)
Aggregations
ArrayList (java.util.ArrayList)2
PolicyEntriesType (net.juniper.contrail.api.types.PolicyEntriesType)2
PolicyRuleType (net.juniper.contrail.api.types.PolicyEntriesType.PolicyRuleType)2
NetworkVO (com.cloud.network.dao.NetworkVO)1
NetworkACLItem (com.cloud.network.vpc.NetworkACLItem)1
