Examples with IptablesFilterPolicy org.platformlayer.ops.firewall.scripts.IptablesFilterPolicy used on opensource projects

Search in sources :

Example 1 with IptablesFilterPolicy

use of org.platformlayer.ops.firewall.scripts.IptablesFilterPolicy in project platformlayer by platformlayer.

the class IpsecInstall method addChildren.

@Override
protected void addChildren() throws OpsException {
    addChild(PackageDependency.build("racoon"));
    addChild(SimpleFile.build(getClass(), new File("/etc/racoon/racoon.conf")));
    // addChild(SimpleFile.build(getClass(), new File("/etc/racoon/psk.txt")));
    addChild(SimpleFile.build(getClass(), new File("/etc/ipsec-tools.conf")));
    addChild(IpsecBootstrap.class);
    ItemBase model = OpsContext.get().getInstance(ItemBase.class);
    String uuid = platformLayerClient.getOrCreateUuid(model).toString();
    // TODO: Rationalize between our complicated version that can open cloud ports, and this streamlined version
    for (Transport transport : Transport.all()) {
        {
            IptablesFilterEntry allowIKE = addChild(IptablesFilterEntry.class);
            allowIKE.port = 500;
            allowIKE.protocol = Protocol.Udp;
            allowIKE.ruleKey = transport.getKey() + "-ike-" + uuid;
            allowIKE.transport = transport;
        }
        {
            // TODO: Do we want to open NAT-T (4500?)
            IptablesFilterEntry allowEsp = addChild(IptablesFilterEntry.class);
            allowEsp.protocol = Protocol.Esp;
            allowEsp.ruleKey = transport.getKey() + "-esp-" + uuid;
            allowEsp.transport = transport;
        }
        // AH iptables allow doesn't seem to work
        // AllowProtocol allowAh = addChild(AllowProtocol.class);
        // allowAh.protocol = Protocol.Ah;
        // allowAh.uuid = "ah-" + uuid;
        {
            IptablesFilterPolicy allowPolicy = addChild(IptablesFilterPolicy.class);
            allowPolicy.direction = Direction.In;
            allowPolicy.policy = "ipsec";
            allowPolicy.ruleKey = transport.getKey() + "-ipsec-" + uuid;
            allowPolicy.transport = transport;
        }
    }
    addChild(ManagedService.build("racoon"));
}
Also used : ItemBase(org.platformlayer.core.model.ItemBase) Transport(org.platformlayer.ops.firewall.Transport) IptablesFilterEntry(org.platformlayer.ops.firewall.scripts.IptablesFilterEntry) IptablesFilterPolicy(org.platformlayer.ops.firewall.scripts.IptablesFilterPolicy) File(java.io.File) SimpleFile(org.platformlayer.ops.filesystem.SimpleFile)

Aggregations

File (java.io.File)1 ItemBase (org.platformlayer.core.model.ItemBase)1 SimpleFile (org.platformlayer.ops.filesystem.SimpleFile)1 Transport (org.platformlayer.ops.firewall.Transport)1 IptablesFilterEntry (org.platformlayer.ops.firewall.scripts.IptablesFilterEntry)1 IptablesFilterPolicy (org.platformlayer.ops.firewall.scripts.IptablesFilterPolicy)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial