Examples of FirewallRuleVO

com.cloud.network.rules.FirewallRuleVO

Examples of com.cloud.network.rules.FirewallRuleVO


    private void applyStaticNatRuleForInlineLBRule(DataCenterVO zone, Network network, HostVO firewallHost, boolean revoked, String publicIp, String privateIp) throws ResourceUnavailableException {
        List<StaticNatRuleTO> staticNatRules = new ArrayList<StaticNatRuleTO>();
        IPAddressVO ipVO = _ipAddressDao.listByDcIdIpAddress(zone.getId(), publicIp).get(0);
        VlanVO vlan = _vlanDao.findById(ipVO.getVlanId());
        FirewallRuleVO fwRule = new FirewallRuleVO(null, ipVO.getId(), -1, -1, "any", network.getId(), network.getAccountId(), network.getDomainId(), Purpose.StaticNat, null, null, null, null, null);
        FirewallRule.State state = !revoked ? FirewallRule.State.Add : FirewallRule.State.Revoke;
        fwRule.setState(state);
        StaticNatRule rule = new StaticNatRuleImpl(fwRule, privateIp);
        StaticNatRuleTO ruleTO = new StaticNatRuleTO(rule, vlan.getVlanTag(), publicIp, privateIp);
        staticNatRules.add(ruleTO);


        applyStaticNatRules(staticNatRules, network, firewallHost.getId());

View Full Code Here

Examples of com.cloud.network.rules.FirewallRuleVO

                }
                return false;
            }
        }


        FirewallRuleVO relatedRule = _firewallDao.findByRelatedId(lb.getId());
        if (relatedRule != null) {
            s_logger.warn("Unable to remove firewall rule id=" + lb.getId() + " as it has related firewall rule id=" + relatedRule.getId() + "; leaving it in Revoke state");
            success = false;
        } else {
            _firewallMgr.removeRule(lb);
        }

View Full Code Here

Examples of com.cloud.network.rules.FirewallRuleVO

        validateNetworkACL(caller, network, portStart, portEnd, protocol);


        Transaction txn = Transaction.currentTxn();
        txn.start();


        FirewallRuleVO newRule = new FirewallRuleVO(xId, null, portStart, portEnd, protocol.toLowerCase(), networkId,
                aclOwner.getAccountId(), aclOwner.getDomainId(), Purpose.NetworkACL, sourceCidrList, icmpCode, icmpType, 
                relatedRuleId, trafficType);
        newRule.setType(type);
        newRule = _firewallDao.persist(newRule);


        if (type == FirewallRule.FirewallRuleType.User) {
            detectNetworkACLConflict(newRule);
        }


        if (!_firewallDao.setStateToAdd(newRule)) {
            throw new CloudRuntimeException("Unable to update the state to add for " + newRule);
        }
        UserContext.current().setEventDetails("Rule Id: " + newRule.getId());


        txn.commit();


        return getNetworkACL(newRule.getId());
    }

View Full Code Here

Examples of com.cloud.network.rules.FirewallRuleVO

    }
    
    @ActionEvent(eventType = EventTypes.EVENT_FIREWALL_CLOSE, eventDescription = "revoking firewall rule", async = true)
    protected boolean revokeNetworkACL(long ruleId, boolean apply, Account caller, long userId) {


        FirewallRuleVO rule = _firewallDao.findById(ruleId);
        if (rule == null || rule.getPurpose() != Purpose.NetworkACL) {
            throw new InvalidParameterValueException("Unable to find " + ruleId + " having purpose " + Purpose.NetworkACL);
        }
        
        _accountMgr.checkAccess(caller, null, true, rule);


        _firewallMgr.revokeRule(rule, caller, userId, false);


        boolean success = false;


        if (apply) {
            List<FirewallRuleVO> rules = _firewallDao.listByNetworkAndPurpose(rule.getNetworkId(), Purpose.NetworkACL);
            success = _firewallMgr.applyFirewallRules(rules, false, caller);
        } else {
            success = true;
        }

View Full Code Here

Examples of com.cloud.network.rules.FirewallRuleVO

    @DB
    public FirewallRuleVO persist(FirewallRuleVO firewallRule) {
        Transaction txn = Transaction.currentTxn();
        txn.start();


        FirewallRuleVO dbfirewallRule = super.persist(firewallRule);
        saveSourceCidrs(firewallRule, firewallRule.getSourceCidrList());


        txn.commit();
        return dbfirewallRule;
    }

View Full Code Here

Examples of com.cloud.network.rules.FirewallRuleVO

    }
    @DB
    public boolean remove(Long id) {
        Transaction txn = Transaction.currentTxn();
        txn.start();
        FirewallRuleVO entry = findById(id);
        if (entry != null) {
            if (entry.getPurpose() == Purpose.LoadBalancing) {
                _tagsDao.removeByIdAndType(id, TaggedResourceType.LoadBalancer);
            } else if (entry.getPurpose() == Purpose.PortForwarding) {
                _tagsDao.removeByIdAndType(id, TaggedResourceType.PortForwardingRule);
            } else if (entry.getPurpose() == Purpose.Firewall) {
                _tagsDao.removeByIdAndType(id, TaggedResourceType.FirewallRule);
            } else if (entry.getPurpose() == Purpose.NetworkACL) {
                _tagsDao.removeByIdAndType(id, TaggedResourceType.NetworkACL);
            }
        }
        boolean result = super.remove(id);
        txn.commit();

View Full Code Here

Examples of com.cloud.network.rules.FirewallRuleVO

        }


        Transaction txn = Transaction.currentTxn();
        txn.start();


        FirewallRuleVO newRule = new FirewallRuleVO(xId, ipAddrId, portStart, portEnd, protocol.toLowerCase(), networkId,
                accountId, domainId, Purpose.Firewall, sourceCidrList, icmpCode, icmpType, relatedRuleId, null);
        newRule.setType(type);
        newRule = _firewallDao.persist(newRule);


        if (type == FirewallRuleType.User)
            detectRulesConflict(newRule);


        if (!_firewallDao.setStateToAdd(newRule)) {
            throw new CloudRuntimeException("Unable to update the state to add for " + newRule);
        }
        UserContext.current().setEventDetails("Rule Id: " + newRule.getId());


        txn.commit();


        return newRule;
    }

View Full Code Here

Examples of com.cloud.network.rules.FirewallRuleVO

            return false;
        } else {
            if (updateRulesInDB) {
                for (FirewallRule rule : rules) {
                    if (rule.getState() == FirewallRule.State.Revoke) {
                        FirewallRuleVO relatedRule = _firewallDao.findByRelatedId(rule.getId());
                        if (relatedRule != null) {
                            s_logger.warn("Can't remove the firewall rule id=" + rule.getId() + 
                                    " as it has related firewall rule id=" + relatedRule.getId() + "; leaving it in Revoke state");
                            success = false;
                        } else {
                            removeRule(rule);
                            if (rule.getSourceIpAddressId() != null) {
                                //if the rule is the last one for the ip address assigned to VPC, unassign it from the network
                                IpAddress ip = _ipAddressDao.findById(rule.getSourceIpAddressId());
                                _vpcMgr.unassignIPFromVpcNetwork(ip.getId(), rule.getNetworkId());
                             }
                        }
                    } else if (rule.getState() == FirewallRule.State.Add) {
                        FirewallRuleVO ruleVO = _firewallDao.findById(rule.getId());
                        ruleVO.setState(FirewallRule.State.Active);
                        _firewallDao.update(ruleVO.getId(), ruleVO);
                    }
                }
            }
        }

View Full Code Here

Examples of com.cloud.network.rules.FirewallRuleVO


    @Override
    @ActionEvent(eventType = EventTypes.EVENT_FIREWALL_CLOSE, eventDescription = "revoking firewall rule", async = true)
    public boolean revokeFirewallRule(long ruleId, boolean apply, Account caller, long userId) {


        FirewallRuleVO rule = _firewallDao.findById(ruleId);
        if (rule == null || rule.getPurpose() != Purpose.Firewall) {
            throw new InvalidParameterValueException("Unable to find " + ruleId + " having purpose " + Purpose.Firewall);
        }


        if (rule.getType() == FirewallRuleType.System && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
            throw new InvalidParameterValueException("Only root admin can delete the system wide firewall rule");
        }


        _accountMgr.checkAccess(caller, null, true, rule);


        revokeRule(rule, caller, userId, false);


        boolean success = false;


        if (apply) {
            List<FirewallRuleVO> rules = _firewallDao.listByIpAndPurpose(rule.getSourceIpAddressId(), Purpose.Firewall);
            return applyFirewallRules(rules, false, caller);
        } else {
            success = true;
        }

View Full Code Here

Examples of com.cloud.network.rules.FirewallRuleVO

        List<FirewallRuleVO> staticNatRules = _firewallDao.listStaticNatByVmId(vm.getId());
        List<FirewallRuleVO> firewallRules = new ArrayList<FirewallRuleVO>();


        // Make a list of firewall rules to reprogram
        for (PortForwardingRuleVO pfRule : pfRules) {
            FirewallRuleVO relatedRule = _firewallDao.findByRelatedId(pfRule.getId());
            if (relatedRule != null) {
                firewallRules.add(relatedRule);
            }
        }


        for (FirewallRuleVO staticNatRule : staticNatRules) {
            FirewallRuleVO relatedRule = _firewallDao.findByRelatedId(staticNatRule.getId());
            if (relatedRule != null) {
                firewallRules.add(relatedRule);
            }
        }

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.