Examples of FirewallRuleTO

Examples of com.cloud.agent.api.to.FirewallRuleTO

3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
            rulesTO = new ArrayList<FirewallRuleTO>();
            for (FirewallRule rule : rules) {
                FirewallRule.TrafficType traffictype = rule.getTrafficType();
                if(traffictype == FirewallRule.TrafficType.Ingress){
                IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
                        FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, sourceIp.getAddress().addr(),Purpose.Firewall,traffictype);
                rulesTO.add(ruleTO);
            }
                else if (rule.getTrafficType() == FirewallRule.TrafficType.Egress){
                        assert (rule.getSourceIpAddressId()==null) : "ipAddressId should be null for egress firewall rule. ";
                        FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null,"",Purpose.Firewall,traffictype);
                        rulesTO.add(ruleTO);
                }
            }
        }
View Full Code Here

Examples of com.cloud.agent.api.to.FirewallRuleTO

654
655
656
657
658
659
660
661
662
663
664
665
666
    protected SetFirewallRulesCommand generateSetFirewallRulesCommand() {
        List<FirewallRuleTO> rules = new ArrayList<>();
        List<String> sourceCidrs = new ArrayList<>();
        sourceCidrs.add("10.10.1.1/24");
        sourceCidrs.add("10.10.1.2/24");
        rules.add(new FirewallRuleTO(1, "64.10.10.10", "TCP", 22, 80, false, false, Purpose.Firewall, sourceCidrs, 0, 0));
        rules.add(new FirewallRuleTO(2, "64.10.10.10", "ICMP", 0, 0, false, false, Purpose.Firewall, sourceCidrs, -1, -1));
        rules.add(new FirewallRuleTO(3, "64.10.10.10", "ICMP", 0, 0, true, true, Purpose.Firewall, sourceCidrs, -1, -1));
        SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rules);
        cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, ROUTERNAME);

        return cmd;
    }
View Full Code Here

Examples of com.cloud.agent.api.to.FirewallRuleTO

3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
            rulesTO = new ArrayList<FirewallRuleTO>();
            for (FirewallRule rule : rules) {
                FirewallRule.TrafficType traffictype = rule.getTrafficType();
                if(traffictype == FirewallRule.TrafficType.Ingress){
                IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
                        FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, sourceIp.getAddress().addr(),Purpose.Firewall,traffictype);
                rulesTO.add(ruleTO);
            }
                else if (rule.getTrafficType() == FirewallRule.TrafficType.Egress){
                        assert (rule.getSourceIpAddressId()==null) : "ipAddressId should be null for egress firewall rule. ";
                        FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null,"",Purpose.Firewall,traffictype);
                        rulesTO.add(ruleTO);
                }
            }
        }
View Full Code Here

Examples of com.cloud.agent.api.to.FirewallRuleTO

708
709
710
711
712
713
714
715
716
717
718
            String address = "0.0.0.0";
            if (rule.getTrafficType() == TrafficType.Ingress) {
                IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
                address = sourceIp.getAddress().addr();
            }
            FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, address, rule.getPurpose(), rule.getTrafficType());
            rulesTO.add(ruleTO);
        }

        if (!rulesTO.isEmpty()) {
            SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rulesTO);
View Full Code Here

Examples of com.cloud.agent.api.to.FirewallRuleTO

690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
            }

            for (FirewallRule rule : rulesToApply) {
                if (rule.getState() == FirewallRule.State.Revoke || rule.getState() == FirewallRule.State.Add) {
                    IpAddress dstIp = _networkModel.getIp(rule.getSourceIpAddressId());
                    FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, dstIp.getAddress().addr());

                    // Convert to string representation
                    SimpleFirewallRule fwRule = new SimpleFirewallRule(ruleTO);
                    String[] ruleStrings = fwRule.toStringArray();

                    if (rule.getState() == FirewallRule.State.Revoke) {
                        // Lookup in existingRules, delete if present
                        for(String revokeRuleString : ruleStrings){
                            Rule foundRule = existingRules.get(revokeRuleString);
                            if(foundRule != null){
                                foundRule.delete();
                            }
                        }
                    } else if (rule.getState() == FirewallRule.State.Add) {
                        // Lookup in existingRules, add if not present
                        for(int i = 0; i < ruleStrings.length; i++){
                            String ruleString = ruleStrings[i];
                            Rule foundRule = existingRules.get(ruleString);
                            if(foundRule == null){
                                // Get the cidr for the related entry in the Source Cidrs list
                                String relatedCidr = fwRule.sourceCidrs.get(i);
                                Pair<String,Integer> cidrParts = NetUtils.getCidr(relatedCidr);

                                // Create rule with correct proto, cidr, ACCEPT, dst IP
                                Rule toApply = preFilter.addRule()
                                        .type(DtoRule.Jump)
                                        .jumpChainId(preNat.getId())
                                        .position(1)
                                        .nwSrcAddress(cidrParts.first())
                                        .nwSrcLength(cidrParts.second())
                                        .nwDstAddress(ruleTO.getSrcIp())
                                        .nwDstLength(32)
                                        .nwProto(SimpleFirewallRule.stringToProtocolNumber(rule.getProtocol()));

                                if(rule.getProtocol().equals("icmp")){
                                    // ICMP rules - reuse port fields
View Full Code Here

Examples of com.cloud.agent.api.to.FirewallRuleTO

3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
3832
3833
3834
3835
3836
3837
            for (FirewallRule rule : rules) {
                _rulesDao.loadSourceCidrs((FirewallRuleVO)rule);
                FirewallRule.TrafficType traffictype = rule.getTrafficType();
                if(traffictype == FirewallRule.TrafficType.Ingress){
                    IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
                    FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, sourceIp.getAddress().addr(),Purpose.Firewall,traffictype);
                    rulesTO.add(ruleTO);
                } else if (rule.getTrafficType() == FirewallRule.TrafficType.Egress){
                    NetworkVO network = _networkDao.findById(guestNetworkId);
                    NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
                    defaultEgressPolicy = offering.getEgressDefaultPolicy();
                    assert (rule.getSourceIpAddressId()==null) : "ipAddressId should be null for egress firewall rule. ";
                    FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null,"",Purpose.Firewall, traffictype, defaultEgressPolicy);
                    rulesTO.add(ruleTO);
                }
            }
        }
View Full Code Here

Examples of com.cloud.agent.api.to.FirewallRuleTO

282
283
284
285
286
287
288
289
290
291
292
        long vlanId = 3954;
        List<FirewallRuleTO> rules = new ArrayList<FirewallRuleTO>();
        List<String> cidrList = new ArrayList<String>();
        cidrList.add("0.0.0.0/0");
        FirewallRuleTO active = new FirewallRuleTO(8,
            null, "192.168.80.103", "tcp", 80, 80, false, false,
            FirewallRule.Purpose.Firewall, cidrList, null, null);
        rules.add(active);

        SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rules);
View Full Code Here

Examples of com.cloud.agent.api.to.FirewallRuleTO

312
313
314
315
316
317
318
319
320
321
322
    _resource.setMockContext(_context);
    _resource.configure("PaloAltoResource", _resource_params);

        long vlanId = 3954;
        List<FirewallRuleTO> rules = new ArrayList<FirewallRuleTO>();
        FirewallRuleTO revoked = new FirewallRuleTO(8,
            null, "192.168.80.103", "tcp", 80, 80, true, false,
            FirewallRule.Purpose.Firewall, null, null, null);
        rules.add(revoked);

        SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rules);
View Full Code Here

Examples of com.cloud.agent.api.to.FirewallRuleTO

346
347
348
349
350
351
352
353
354
355
356
        List<String> cidrList = new ArrayList<String>();
        cidrList.add("0.0.0.0/0");
        FirewallRuleVO activeVO = new FirewallRuleVO(null, null, 80, 80, "tcp",
            1, 1, 1, Purpose.Firewall, cidrList, null,
            null, null, FirewallRule.TrafficType.Egress);
        FirewallRuleTO active = new FirewallRuleTO(activeVO, Long.toString(vlanId), null, Purpose.Firewall, FirewallRule.TrafficType.Egress);
        rules.add(active);

        SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rules);
        cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId));
        cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "10.3.96.1/20");
View Full Code Here

Examples of com.cloud.agent.api.to.FirewallRuleTO

377
378
379
380
381
382
383
384
385
386
387
        long vlanId = 3954;
        List<FirewallRuleTO> rules = new ArrayList<FirewallRuleTO>();
        FirewallRuleVO revokedVO = new FirewallRuleVO(null, null, 80, 80, "tcp",
            1, 1, 1, Purpose.Firewall, null, null, null, null, FirewallRule.TrafficType.Egress);
        revokedVO.setState(State.Revoke);
        FirewallRuleTO revoked = new FirewallRuleTO(revokedVO, Long.toString(vlanId), null, Purpose.Firewall, FirewallRule.TrafficType.Egress);
        rules.add(revoked);

        SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rules);
        cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId));
        cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "10.3.96.1/20");
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.