Examples with Protocol org.platformlayer.ops.firewall.Protocol used on opensource projects

Search in sources :

Example 1 with Protocol

use of org.platformlayer.ops.firewall.Protocol in project platformlayer by platformlayer.

the class IptablesSimpleRuleBase method handler.

@Handler
public void handler(OpsTarget target) throws OpsException {
    // We're trying not parsing everything (as IpTablesManager does!)
    List<Protocol> protocols = Lists.newArrayList();
    if (protocol == null) {
        protocols = Arrays.asList(Protocol.Tcp, Protocol.Udp);
    } else {
        protocols = Collections.singletonList(protocol);
    }
    List<Transport> transports = Lists.newArrayList();
    if (transport == null) {
        transports = Transport.all();
    } else {
        transports = Collections.singletonList(transport);
    }
    IptablesChain chain = getChain();
    for (Transport transport : transports) {
        SimpleIptablesRules rules = SimpleIptablesRules.listRules(target, transport, chain);
        for (Protocol protocol : protocols) {
            String comment = "pl-" + uuid + "-" + protocol.toString().toLowerCase();
            SimpleIptablesRules matches = rules.filterByComment(comment);
            if (matches.size() > 1) {
                log.warn("Found multiple matching rules: " + Joiner.on("\n").join(matches));
            }
            if (OpsContext.isConfigure()) {
                List<SimpleIptablesRule> correct = checkMatchingRules(matches, protocol);
                if (correct.isEmpty()) {
                    String ruleSpec = buildRuleSpec(protocol);
                    Command command = SimpleIptablesRules.buildCommand(transport, chain);
                    command.addLiteral("-A").addLiteral(ruleSpec);
                    command.addLiteral("-m").addLiteral("comment");
                    command.addLiteral("--comment").addQuoted(comment);
                    target.executeCommand(command);
                } else {
                    log.info("Found existing rule: " + Joiner.on("\n").join(matches));
                }
            }
            if (OpsContext.isDelete()) {
                if (!matches.isEmpty()) {
                    for (SimpleIptablesRule rule : matches) {
                        log.info("Deleting rule: " + rule);
                        String deleteRuleSpec = rule.convertToDeleteSpec();
                        Command command = SimpleIptablesRules.buildCommand(transport, chain);
                        command.addLiteral(deleteRuleSpec);
                        target.executeCommand(command);
                    }
                }
            }
        }
    }
}
Also used : Command(org.platformlayer.ops.Command) IptablesChain(org.platformlayer.ops.firewall.IptablesChain) Protocol(org.platformlayer.ops.firewall.Protocol) Transport(org.platformlayer.ops.firewall.Transport) Handler(org.platformlayer.ops.Handler)

Example 2 with Protocol

use of org.platformlayer.ops.firewall.Protocol in project platformlayer by platformlayer.

the class DirectPublicPorts method addChildren.

@Override
protected void addChildren() throws OpsException {
    final CloudInstanceMapper cloudHost;
    {
        cloudHost = injected(CloudInstanceMapper.class);
        cloudHost.createInstance = false;
        cloudHost.instance = backendItem;
        addChild(cloudHost);
    }
    final SocketAddressPoolAssignment assignPublicAddress;
    {
        assignPublicAddress = cloudHost.addChild(SocketAddressPoolAssignment.class);
        assignPublicAddress.holder = backendItem.getKey();
        if (Objects.equal(transport, Transport.Ipv6)) {
            assignPublicAddress.poolProvider = new OpsProvider<ResourcePool<InetSocketAddress>>() {

                @Override
                public ResourcePool<InetSocketAddress> get() throws OpsException {
                    final ResourcePool<AddressModel> pool = directCloudHelpers.getAddressPool6().get();
                    return new AssignPortToAddressPool(pool, publicPort);
                }
            };
        } else {
            List<Integer> publicPortCluster = this.publicPortCluster;
            if (publicPortCluster == null) {
                publicPortCluster = Lists.newArrayList();
                publicPortCluster.add(publicPort);
            }
            if (!publicPortCluster.contains(publicPort)) {
                throw new OpsException("Port set specified, but public port not in the set");
            }
            assignPublicAddress.poolProvider = directCloudHelpers.getPublicAddressPool4(publicPort, publicPortCluster);
        }
    }
    if (Objects.equal(transport, Transport.Ipv6)) {
        // TODO: Do we need separate frontend / backend ports really?
        if (this.publicPort != this.backendPort) {
            throw new UnsupportedOperationException();
        }
    } else {
        for (Protocol protocol : Protocol.TcpAndUdp()) {
            IptablesForwardPort forward = injected(IptablesForwardPort.class);
            forward.publicAddress = assignPublicAddress;
            forward.ruleKey = protocol.name() + "-" + uuid;
            forward.protocol = protocol;
            forward.privateAddress = new OpsProvider<String>() {

                @Override
                public String get() throws OpsException {
                    // Refresh item to pick up new tags
                    backendItem = platformLayerClient.getItem(backendItem.getKey(), DirectInstance.class);
                    PlatformLayerCloudMachine instanceMachine = (PlatformLayerCloudMachine) instanceHelpers.getMachine(backendItem);
                    DirectInstance instance = (DirectInstance) instanceMachine.getInstance();
                    List<InetAddress> addresses = Tag.NETWORK_ADDRESS.find(instance);
                    InetAddress address = InetAddressChooser.preferIpv4().choose(addresses);
                    if (address == null) {
                        throw new IllegalStateException();
                    }
                    if (InetAddressUtils.isIpv6(address)) {
                        // We can't NAT IPV4 -> IPV6 (I think)
                        throw new IllegalStateException();
                    }
                    return address.getHostAddress();
                }
            };
            forward.privatePort = backendPort;
            cloudHost.addChild(forward);
        }
    }
    {
        OpsProvider<TagChanges> tagChanges = new OpsProvider<TagChanges>() {

            @Override
            public TagChanges get() {
                TagChanges tagChanges = new TagChanges();
                InetSocketAddress socketAddress = assignPublicAddress.get();
                if (socketAddress == null) {
                    return null;
                }
                if (socketAddress.getPort() != publicPort) {
                    throw new IllegalStateException();
                }
                EndpointInfo endpoint = new EndpointInfo(socketAddress);
                tagChanges.addTags.add(endpoint.toTag());
                return tagChanges;
            }
        };
        for (ItemBase tagItem : tagItems) {
            Tagger tagger = addChild(Tagger.class);
            tagger.platformLayerKey = tagItem.getKey();
            tagger.tagChangesProvider = tagChanges;
        }
    }
}
Also used : OpsException(org.platformlayer.ops.OpsException) Tagger(org.platformlayer.ops.tagger.Tagger) SocketAddressPoolAssignment(org.platformlayer.ops.pool.SocketAddressPoolAssignment) ItemBase(org.platformlayer.core.model.ItemBase) InetSocketAddress(java.net.InetSocketAddress) PlatformLayerCloudMachine(org.platformlayer.ops.machines.PlatformLayerCloudMachine) DirectInstance(org.platformlayer.service.cloud.direct.model.DirectInstance) TagChanges(org.platformlayer.core.model.TagChanges) EndpointInfo(org.platformlayer.core.model.EndpointInfo) OpsProvider(org.platformlayer.ops.OpsProvider) AddressModel(org.platformlayer.core.model.AddressModel) List(java.util.List) Protocol(org.platformlayer.ops.firewall.Protocol) IptablesForwardPort(org.platformlayer.ops.firewall.scripts.IptablesForwardPort) InetAddress(java.net.InetAddress)

Example 3 with Protocol

use of org.platformlayer.ops.firewall.Protocol in project platformlayer by platformlayer.

the class NetworkConnectionController method addChildren.

@Override
protected void addChildren() throws OpsException {
    NetworkConnection model = ops.getInstance(NetworkConnection.class);
    Protocol protocol = null;
    if (model.protocol != null) {
        protocol = EnumUtils.valueOfCaseInsensitive(Protocol.class, model.protocol);
    }
    Transport transport = null;
    // if (model.transport != null) {
    // protocol = EnumUtils.valueOfCaseInsensitive(Transport.class, model.transport);
    // }
    List<Integer> ports = Lists.newArrayList();
    if (model.port != 0) {
        ports.add(model.port);
        if (model.protocol == null) {
            protocol = Protocol.Tcp;
        }
    } else {
        ItemBase destItem = platformLayer.getItem(model.destItem);
        HasPorts hasPorts = providers.toInterface(destItem, HasPorts.class);
        ports.addAll(hasPorts.getPorts());
        if (model.protocol == null) {
            // TODO: Support UDP?
            protocol = Protocol.Tcp;
        }
    }
    UUID uniqueId = platformLayer.getOrCreateUuid(model);
    for (int port : ports) {
        PlatformLayerFirewallEntry net = injected(PlatformLayerFirewallEntry.class);
        net.destItem = model.destItem;
        net.port = port;
        net.sourceItemKey = model.sourceItem;
        net.sourceCidr = model.sourceCidr;
        net.protocol = protocol;
        net.transport = transport;
        net.uniqueId = port + "-" + uniqueId.toString();
        addChild(net);
    }
}
Also used : HasPorts(org.platformlayer.ops.networks.HasPorts) ItemBase(org.platformlayer.core.model.ItemBase) NetworkConnection(org.platformlayer.service.network.model.NetworkConnection) Protocol(org.platformlayer.ops.firewall.Protocol) Transport(org.platformlayer.ops.firewall.Transport) UUID(java.util.UUID)

Aggregations

Protocol (org.platformlayer.ops.firewall.Protocol)3 ItemBase (org.platformlayer.core.model.ItemBase)2 Transport (org.platformlayer.ops.firewall.Transport)2 InetAddress (java.net.InetAddress)1 InetSocketAddress (java.net.InetSocketAddress)1 List (java.util.List)1 UUID (java.util.UUID)1 AddressModel (org.platformlayer.core.model.AddressModel)1 EndpointInfo (org.platformlayer.core.model.EndpointInfo)1 TagChanges (org.platformlayer.core.model.TagChanges)1 Command (org.platformlayer.ops.Command)1 Handler (org.platformlayer.ops.Handler)1 OpsException (org.platformlayer.ops.OpsException)1 OpsProvider (org.platformlayer.ops.OpsProvider)1 IptablesChain (org.platformlayer.ops.firewall.IptablesChain)1 IptablesForwardPort (org.platformlayer.ops.firewall.scripts.IptablesForwardPort)1 PlatformLayerCloudMachine (org.platformlayer.ops.machines.PlatformLayerCloudMachine)1 HasPorts (org.platformlayer.ops.networks.HasPorts)1 SocketAddressPoolAssignment (org.platformlayer.ops.pool.SocketAddressPoolAssignment)1 Tagger (org.platformlayer.ops.tagger.Tagger)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial