Examples of com.cloud.agent.api.to.FirewallRuleTO

com.cloud.agent.api.to.FirewallRuleTO
FirewallRuleTO transfers a port range for an ip to be opened. There are essentially three states transferred with each state. sent multiple times to the destination. If the rule is not on 2. alreadyAdded - the rule has been successfully added before. Rules in this state are sent for completeness and optimization. If the rule already exists on the destination, the destination should reply the rule is successfully applied. - srcPortRange: port range to open. - protocol: protocol to open for. Usually tcp and udp.

            for (FirewallRule rule : rules) {
                _rulesDao.loadSourceCidrs((FirewallRuleVO)rule);
                FirewallRule.TrafficType traffictype = rule.getTrafficType();
                if(traffictype == FirewallRule.TrafficType.Ingress){
                    IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
                    FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, sourceIp.getAddress().addr(),Purpose.Firewall,traffictype);
                    rulesTO.add(ruleTO);
                } else if (rule.getTrafficType() == FirewallRule.TrafficType.Egress){
                    NetworkVO network = _networkDao.findById(guestNetworkId);
                    NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
                    defaultEgressPolicy = offering.getEgressDefaultPolicy();
                    assert (rule.getSourceIpAddressId()==null) : "ipAddressId should be null for egress firewall rule. ";
                    FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null,"",Purpose.Firewall, traffictype, defaultEgressPolicy);
                    rulesTO.add(ruleTO);
                }
            }
        }

View Full Code Here


        long vlanId = 3954;
        List<FirewallRuleTO> rules = new ArrayList<FirewallRuleTO>();
        List<String> cidrList = new ArrayList<String>();
        cidrList.add("0.0.0.0/0");
        FirewallRuleTO active = new FirewallRuleTO(8, null, "192.168.80.103", "tcp", 80, 80, false, false, FirewallRule.Purpose.Firewall, cidrList, null, null);
        rules.add(active);


        SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rules);
        cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId));
        cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "10.3.96.1/20");

View Full Code Here

        _resource.setMockContext(_context);
        _resource.configure("PaloAltoResource", _resourceParams);


        long vlanId = 3954;
        List<FirewallRuleTO> rules = new ArrayList<FirewallRuleTO>();
        FirewallRuleTO revoked = new FirewallRuleTO(8, null, "192.168.80.103", "tcp", 80, 80, true, false, FirewallRule.Purpose.Firewall, null, null, null);
        rules.add(revoked);


        SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rules);
        cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId));
        cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "10.3.96.1/20");

View Full Code Here

        long vlanId = 3954;
        List<FirewallRuleTO> rules = new ArrayList<FirewallRuleTO>();
        List<String> cidrList = new ArrayList<String>();
        cidrList.add("0.0.0.0/0");
        FirewallRuleVO activeVO = new FirewallRuleVO(null, null, 80, 80, "tcp", 1, 1, 1, Purpose.Firewall, cidrList, null, null, null, FirewallRule.TrafficType.Egress);
        FirewallRuleTO active = new FirewallRuleTO(activeVO, Long.toString(vlanId), null, Purpose.Firewall, FirewallRule.TrafficType.Egress);
        rules.add(active);


        SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rules);
        cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId));
        cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "10.3.96.1/20");

View Full Code Here


        long vlanId = 3954;
        List<FirewallRuleTO> rules = new ArrayList<FirewallRuleTO>();
        FirewallRuleVO revokedVO = new FirewallRuleVO(null, null, 80, 80, "tcp", 1, 1, 1, Purpose.Firewall, null, null, null, null, FirewallRule.TrafficType.Egress);
        revokedVO.setState(State.Revoke);
        FirewallRuleTO revoked = new FirewallRuleTO(revokedVO, Long.toString(vlanId), null, Purpose.Firewall, FirewallRule.TrafficType.Egress);
        rules.add(revoked);


        SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rules);
        cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId));
        cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "10.3.96.1/20");

View Full Code Here

    public void testFirewall() throws ConfigurationException, Exception {
        long vlanId = 123;
        List<FirewallRuleTO> rules = new ArrayList<FirewallRuleTO>();
        List<String> cidrList = new ArrayList<String>();
        cidrList.add("2.3.2.3/32");
        FirewallRuleTO active = new FirewallRuleTO(1, null, "1.2.3.4", "tcp", 22, 22, false, false, FirewallRule.Purpose.Firewall, cidrList, null, null);
        rules.add(active);
        FirewallRuleTO revoked = new FirewallRuleTO(1, null, "1.2.3.4", "tcp", 22, 22, true, false, FirewallRule.Purpose.Firewall, null, null, null);
        rules.add(revoked);


        SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rules);
        cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId));
        cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "1.2.3.4/32");

View Full Code Here

            String address = "0.0.0.0";
            if (rule.getTrafficType() == TrafficType.Ingress) {
                IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
                address = sourceIp.getAddress().addr();
            }
            FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, address, rule.getPurpose(), rule.getTrafficType());
            rulesTO.add(ruleTO);
        }


        if (!rulesTO.isEmpty()) {
            SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rulesTO);

View Full Code Here

        List<FirewallRuleTO> rulesTO = null;
        if (rules != null) {
            rulesTO = new ArrayList<FirewallRuleTO>();
            for (FirewallRule rule : rules) {
                IpAddress sourceIp = _networkMgr.getIp(rule.getSourceIpAddressId());
                FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, sourceIp.getAddress().addr());
                rulesTO.add(ruleTO);
            }
        }


        SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rulesTO);

View Full Code Here


        for (FirewallRule rule : rules) {
            if (rule.getSourceCidrList() == null && (rule.getPurpose() == Purpose.Firewall || rule.getPurpose() == Purpose.NetworkACL)) {
                _fwRulesDao.loadSourceCidrs((FirewallRuleVO)rule);
            }
            FirewallRuleTO ruleTO;
            if (rule.getPurpose() == Purpose.Firewall && rule.getTrafficType() == FirewallRule.TrafficType.Egress) {
                String guestVlanTag = BroadcastDomainType.getValue(network.getBroadcastUri());
                String guestCidr = network.getCidr();
                ruleTO = new FirewallRuleTO(rule, guestVlanTag, rule.getTrafficType(), guestCidr, defaultEgressPolicy, rule.getType());
            } else {
                IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
                Vlan vlan = _vlanDao.findById(sourceIp.getVlanId());


                ruleTO = new FirewallRuleTO(rule, vlan.getVlanTag(), sourceIp.getAddress().addr());
            }
            rulesTO.add(ruleTO);
        }


        //Firewall rules configured for staticNAT/PF

View Full Code Here

            for (final FirewallRule rule : rules) {
                _rulesDao.loadSourceCidrs((FirewallRuleVO)rule);
                final FirewallRule.TrafficType traffictype = rule.getTrafficType();
                if (traffictype == FirewallRule.TrafficType.Ingress) {
                    final IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
                    final FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, sourceIp.getAddress().addr(), Purpose.Firewall, traffictype);
                    rulesTO.add(ruleTO);
                } else if (rule.getTrafficType() == FirewallRule.TrafficType.Egress) {
                    final NetworkVO network = _networkDao.findById(guestNetworkId);
                    final NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
                    defaultEgressPolicy = offering.getEgressDefaultPolicy();
                    assert (rule.getSourceIpAddressId() == null) : "ipAddressId should be null for egress firewall rule. ";
                    final FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, "", Purpose.Firewall, traffictype, defaultEgressPolicy);
                    rulesTO.add(ruleTO);
                }
            }
        }

View Full Code Here

0 1 2 3

TOP

Related Classes of com.cloud.agent.api.to.FirewallRuleTO

com.cloud.agent.resource.virtualnetwork.VirtualRoutingResourceTest

com.cloud.network.element.CiscoVnmcElement

com.cloud.network.element.MidoNetElement

com.cloud.network.ExternalFirewallDeviceManagerImpl

com.cloud.network.resource.CiscoVnmcResourceTest

com.cloud.network.resource.PaloAltoResourceTest

com.cloud.network.router.VirtualNetworkApplianceManagerImpl

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.