use of org.eclipse.kura.net.firewall.FirewallNatConfig in project kura by eclipse.
the class GwtNetworkServiceImpl method findDeviceFirewallNATs.
@Override
public ArrayList<GwtFirewallNatEntry> findDeviceFirewallNATs(GwtXSRFToken xsrfToken) throws GwtKuraException {
checkXSRFToken(xsrfToken);
NetworkAdminService nas = ServiceLocator.getInstance().getService(NetworkAdminService.class);
List<GwtFirewallNatEntry> gwtNatEntries = new ArrayList<GwtFirewallNatEntry>();
try {
List<NetConfig> firewallConfigs = nas.getFirewallConfiguration();
if (firewallConfigs != null && !firewallConfigs.isEmpty()) {
for (NetConfig netConfig : firewallConfigs) {
if (netConfig instanceof FirewallNatConfig) {
s_logger.debug("findDeviceFirewallNATs() :: adding new NAT Entry");
GwtFirewallNatEntry entry = new GwtFirewallNatEntry();
entry.setInInterface(((FirewallNatConfig) netConfig).getSourceInterface());
entry.setOutInterface(((FirewallNatConfig) netConfig).getDestinationInterface());
entry.setProtocol(((FirewallNatConfig) netConfig).getProtocol());
entry.setSourceNetwork(((FirewallNatConfig) netConfig).getSource());
entry.setDestinationNetwork(((FirewallNatConfig) netConfig).getDestination());
String masquerade = ((FirewallNatConfig) netConfig).isMasquerade() ? "yes" : "no";
entry.setMasquerade(masquerade);
gwtNatEntries.add(entry);
}
}
}
return new ArrayList<GwtFirewallNatEntry>(gwtNatEntries);
} catch (KuraException e) {
s_logger.warn("Failed", e);
throw new GwtKuraException(GwtKuraErrorCode.INTERNAL_ERROR, e);
}
}
use of org.eclipse.kura.net.firewall.FirewallNatConfig in project kura by eclipse.
the class GwtNetworkServiceImpl method updateDeviceFirewallNATs.
@Override
public void updateDeviceFirewallNATs(GwtXSRFToken xsrfToken, List<GwtFirewallNatEntry> entries) throws GwtKuraException {
s_logger.debug("updateDeviceFirewallNATs() :: updating NAT entries");
checkXSRFToken(xsrfToken);
NetworkAdminService nas = ServiceLocator.getInstance().getService(NetworkAdminService.class);
List<FirewallNatConfig> firewallNatConfigs = new ArrayList<FirewallNatConfig>();
for (GwtFirewallNatEntry entry : entries) {
String srcNetwork = GwtSafeHtmlUtils.htmlEscape(entry.getSourceNetwork());
String dstNetwork = GwtSafeHtmlUtils.htmlEscape(entry.getDestinationNetwork());
if (srcNetwork == null || "".equals(srcNetwork)) {
srcNetwork = "0.0.0.0/0";
}
if (dstNetwork == null || "".equals(dstNetwork)) {
dstNetwork = "0.0.0.0/0";
}
boolean masquerade = entry.getMasquerade().equals("yes") ? true : false;
FirewallNatConfig firewallNatConfig = new FirewallNatConfig(GwtSafeHtmlUtils.htmlEscape(entry.getInInterface()), GwtSafeHtmlUtils.htmlEscape(entry.getOutInterface()), GwtSafeHtmlUtils.htmlEscape(entry.getProtocol()), srcNetwork, dstNetwork, masquerade);
firewallNatConfigs.add(firewallNatConfig);
}
try {
nas.setFirewallNatConfiguration(firewallNatConfigs);
} catch (KuraException e) {
throw new GwtKuraException(GwtKuraErrorCode.INTERNAL_ERROR, e);
}
}
use of org.eclipse.kura.net.firewall.FirewallNatConfig in project kura by eclipse.
the class FirewallAutoNatConfigWriter method getNatConfigs.
private LinkedHashSet<NATRule> getNatConfigs(NetworkConfiguration networkConfig) {
LinkedHashSet<NATRule> natConfigs = new LinkedHashSet<NATRule>();
if (networkConfig != null) {
ArrayList<String> wanList = new ArrayList<String>();
ArrayList<String> natList = new ArrayList<String>();
// get relevant interfaces
for (NetInterfaceConfig<? extends NetInterfaceAddressConfig> netInterfaceConfig : networkConfig.getNetInterfaceConfigs()) {
String interfaceName = netInterfaceConfig.getName();
NetInterfaceStatus status = NetInterfaceStatus.netIPv4StatusUnknown;
boolean isNat = false;
for (NetInterfaceAddressConfig addressConfig : netInterfaceConfig.getNetInterfaceAddresses()) {
for (NetConfig netConfig : addressConfig.getConfigs()) {
if (netConfig instanceof NetConfigIP4) {
status = ((NetConfigIP4) netConfig).getStatus();
} else if (netConfig instanceof FirewallAutoNatConfig) {
s_logger.debug("getNatConfigs() :: FirewallAutoNatConfig: {}", ((FirewallAutoNatConfig) netConfig).toString());
isNat = true;
} else if (netConfig instanceof FirewallNatConfig) {
s_logger.debug("getNatConfigs() :: FirewallNatConfig: {}", ((FirewallNatConfig) netConfig).toString());
}
}
}
if (NetInterfaceStatus.netIPv4StatusEnabledWAN.equals(status)) {
wanList.add(interfaceName);
} else if (NetInterfaceStatus.netIPv4StatusEnabledLAN.equals(status) && isNat) {
natList.add(interfaceName);
}
}
// create a nat rule for each interface to all potential wan interfaces
for (String sourceInterface : natList) {
for (String destinationInterface : wanList) {
s_logger.debug("Got NAT rule for source: " + sourceInterface + ", destination: " + destinationInterface);
natConfigs.add(new NATRule(sourceInterface, destinationInterface, true));
}
}
}
return natConfigs;
}
use of org.eclipse.kura.net.firewall.FirewallNatConfig in project kura by eclipse.
the class FirewallConfigurationServiceImpl method setFirewallNatConfiguration.
@Override
public void setFirewallNatConfiguration(List<FirewallNatConfig> natConfigs) throws KuraException {
LinuxFirewall firewall = LinuxFirewall.getInstance();
firewall.deleteAllNatRules();
ArrayList<NATRule> natRules = new ArrayList<NATRule>();
for (FirewallNatConfig natConfig : natConfigs) {
NATRule natRule = new NATRule(natConfig.getSourceInterface(), natConfig.getDestinationInterface(), natConfig.getProtocol(), natConfig.getSource(), natConfig.getDestination(), natConfig.isMasquerade());
natRules.add(natRule);
}
firewall.addNatRules(natRules);
}
use of org.eclipse.kura.net.firewall.FirewallNatConfig in project kura by eclipse.
the class FirewallConfigurationServiceImpl method getFirewallConfiguration.
@Override
public FirewallConfiguration getFirewallConfiguration() throws KuraException {
s_logger.debug("getting the firewall configuration");
FirewallConfiguration firewallConfiguration = new FirewallConfiguration();
LinuxFirewall firewall = LinuxFirewall.getInstance();
Iterator<LocalRule> localRules = firewall.getLocalRules().iterator();
while (localRules.hasNext()) {
LocalRule localRule = localRules.next();
if (localRule.getPortRange() != null) {
s_logger.debug("getFirewallConfiguration() :: Adding local rule for {}", localRule.getPortRange());
firewallConfiguration.addConfig(new FirewallOpenPortConfigIP4(localRule.getPortRange(), NetProtocol.valueOf(localRule.getProtocol()), localRule.getPermittedNetwork(), localRule.getPermittedInterfaceName(), localRule.getUnpermittedInterfaceName(), localRule.getPermittedMAC(), localRule.getSourcePortRange()));
} else {
s_logger.debug("getFirewallConfiguration() :: Adding local rule for {}", localRule.getPort());
firewallConfiguration.addConfig(new FirewallOpenPortConfigIP4(localRule.getPort(), NetProtocol.valueOf(localRule.getProtocol()), localRule.getPermittedNetwork(), localRule.getPermittedInterfaceName(), localRule.getUnpermittedInterfaceName(), localRule.getPermittedMAC(), localRule.getSourcePortRange()));
}
}
Iterator<PortForwardRule> portForwardRules = firewall.getPortForwardRules().iterator();
while (portForwardRules.hasNext()) {
PortForwardRule portForwardRule = portForwardRules.next();
try {
s_logger.debug("getFirewallConfiguration() :: Adding port forwarding - inbound iface is {}", portForwardRule.getInboundIface());
firewallConfiguration.addConfig(new FirewallPortForwardConfigIP4(portForwardRule.getInboundIface(), portForwardRule.getOutboundIface(), (IP4Address) IPAddress.parseHostAddress(portForwardRule.getAddress()), NetProtocol.valueOf(portForwardRule.getProtocol()), portForwardRule.getInPort(), portForwardRule.getOutPort(), portForwardRule.isMasquerade(), new NetworkPair<IP4Address>((IP4Address) IPAddress.parseHostAddress(portForwardRule.getPermittedNetwork()), (short) portForwardRule.getPermittedNetworkMask()), portForwardRule.getPermittedMAC(), portForwardRule.getSourcePortRange()));
} catch (UnknownHostException e) {
e.printStackTrace();
throw new KuraException(KuraErrorCode.INTERNAL_ERROR, e);
}
}
Iterator<NATRule> autoNatRules = firewall.getAutoNatRules().iterator();
while (autoNatRules.hasNext()) {
NATRule autoNatRule = autoNatRules.next();
s_logger.debug("getFirewallConfiguration() :: Adding auto NAT rules {}", autoNatRule.getSourceInterface());
firewallConfiguration.addConfig(new FirewallAutoNatConfig(autoNatRule.getSourceInterface(), autoNatRule.getDestinationInterface(), autoNatRule.isMasquerade()));
}
Iterator<NATRule> natRules = firewall.getNatRules().iterator();
while (natRules.hasNext()) {
NATRule natRule = natRules.next();
s_logger.debug("getFirewallConfiguration() :: Adding NAT rules {}", natRule.getSourceInterface());
firewallConfiguration.addConfig(new FirewallNatConfig(natRule.getSourceInterface(), natRule.getDestinationInterface(), natRule.getProtocol(), natRule.getSource(), natRule.getDestination(), natRule.isMasquerade()));
}
return firewallConfiguration;
}
Aggregations