Package com.cloud.network.rules.FirewallRule

Examples of com.cloud.network.rules.FirewallRule.Purpose

3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
    }

    @Override
    public boolean validateRule(FirewallRule rule) {
        Network network = _networksDao.findById(rule.getNetworkId());
        Purpose purpose = rule.getPurpose();
        for (NetworkElement ne : _networkElements) {
            boolean validated;
            switch (purpose) {
            case LoadBalancing:
                if (!(ne instanceof LoadBalancingServiceProvider)) {
                    continue;
                }
                validated = ((LoadBalancingServiceProvider) ne).validateLBRule(network, (LoadBalancingRule) rule);
                if (!validated)
                    return false;
                break;
            default:
                s_logger.debug("Unable to validate network rules for purpose: " + purpose.toString());
                validated = false;
            }
        }
        return true;
    }
View Full Code Here
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
            return true;
        }

        boolean success = true;
        Network network = _networksDao.findById(rules.get(0).getNetworkId());
        Purpose purpose = rules.get(0).getPurpose();

        // get the list of public ip's owned by the network
        List<IPAddressVO> userIps = _ipAddressDao.listByAssociatedNetwork(network.getId(), null);
        List<PublicIp> publicIps = new ArrayList<PublicIp>();
        if (userIps != null && !userIps.isEmpty()) {
            for (IPAddressVO userIp : userIps) {
                PublicIp publicIp = new PublicIp(userIp, _vlanDao.findById(userIp.getVlanId()), NetUtils.createSequenceBasedMacAddress(userIp.getMacAddress()));
                publicIps.add(publicIp);
            }
        }

        // rules can not programmed unless IP is associated with network service provider, so run IP assoication for
        // the network so as to ensure IP is associated before applying rules (in add state)
        applyIpAssociations(network, false, continueOnError, publicIps);

        for (NetworkElement ne : _networkElements) {
            Provider provider = Network.Provider.getProvider(ne.getName());
            if (provider == null) {
                if (ne.getName().equalsIgnoreCase("Ovs") || ne.getName().equalsIgnoreCase("BareMetal")
                        || ne.getName().equalsIgnoreCase("CiscoNexus1000vVSM")) {
                    continue;
                }
                throw new CloudRuntimeException("Unable to identify the provider by name " + ne.getName());
            }
            try {
                boolean handled;
                switch (purpose) {
                case LoadBalancing:
                    boolean isLbProvider = isProviderSupportServiceInNetwork(network.getId(), Service.Lb, provider);
                    if (!(ne instanceof LoadBalancingServiceProvider && isLbProvider)) {
                        continue;
                    }
                    handled = ((LoadBalancingServiceProvider) ne).applyLBRules(network, (List<LoadBalancingRule>) rules);
                    break;
                case PortForwarding:
                    boolean isPfProvider = isProviderSupportServiceInNetwork(network.getId(), Service.PortForwarding, provider);
                    if (!(ne instanceof PortForwardingServiceProvider && isPfProvider)) {
                        continue;
                    }
                    handled = ((PortForwardingServiceProvider) ne).applyPFRules(network, (List<PortForwardingRule>) rules);
                    break;
                case StaticNat:
                    /* It's firewall rule for static nat, not static nat rule */
                    /* Fall through */
                case Firewall:
                    boolean isFirewallProvider = isProviderSupportServiceInNetwork(network.getId(), Service.Firewall, provider);
                    if (!(ne instanceof FirewallServiceProvider && isFirewallProvider)) {
                        continue;
                    }
                    handled = ((FirewallServiceProvider) ne).applyFWRules(network, rules);
                    break;
                case NetworkACL:
                    boolean isNetworkACLProvider = isProviderSupportServiceInNetwork(network.getId(), Service.NetworkACL, provider);
                    if (!(ne instanceof NetworkACLServiceProvider && isNetworkACLProvider)) {
                        continue;
                    }
                    handled = ((NetworkACLServiceProvider) ne).applyNetworkACLs(network, rules);
                    break;
                default:
                    s_logger.debug("Unable to handle network rules for purpose: " + purpose.toString());
                    handled = false;
                }
                s_logger.debug("Network Rules for network " + network.getId() + " were " + (handled ? "" : " not") + " handled by " + ne.getName());
            } catch (ResourceUnavailableException e) {
                if (!continueOnError) {
View Full Code Here
504
505
506
507
508
509
510
511
512
513
514
        boolean success = true;
        if (rules == null || rules.size() == 0) {
            s_logger.debug("There are no rules to forward to the network elements");
            return true;
        }
        Purpose purpose = rules.get(0).getPurpose();
        if (!_networkMgr.applyRules(rules, purpose, this, continueOnError)) {
            s_logger.warn("Rules are not completely applied");
            return false;
        } else {
            if (updateRulesInDB) {
View Full Code Here
631
632
633
634
635
636
637
638
639
640
641
642
643
    }

    @Override
    public boolean validateLbRule(LoadBalancingRule lbRule) {
        Network network = _networkDao.findById(lbRule.getNetworkId());
        Purpose purpose = lbRule.getPurpose();
        if (purpose != Purpose.LoadBalancing) {
            s_logger.debug("Unable to validate network rules for purpose: " + purpose.toString());
            return false;
        }
        for (LoadBalancingServiceProvider ne : _lbProviders) {
            boolean validated = ne.validateLBRule(network, lbRule);
            if (!validated)
View Full Code Here
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
    }

    @Override
    public boolean validateRule(FirewallRule rule) {
        Network network = _networksDao.findById(rule.getNetworkId());
        Purpose purpose = rule.getPurpose();
        for (NetworkElement ne : _networkElements) {
            boolean validated;
            switch (purpose) {
            case LoadBalancing:
                if (!(ne instanceof LoadBalancingServiceProvider)) {
                    continue;
                }
                validated = ((LoadBalancingServiceProvider) ne).validateLBRule(network, (LoadBalancingRule) rule);
                if (!validated)
                    return false;
                break;
            default:
                s_logger.debug("Unable to validate network rules for purpose: " + purpose.toString());
                validated = false;
            }
        }
        return true;
    }
View Full Code Here
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
            return true;
        }

        boolean success = true;
        Network network = _networksDao.findById(rules.get(0).getNetworkId());
        Purpose purpose = rules.get(0).getPurpose();

        // get the list of public ip's owned by the network
        List<IPAddressVO> userIps = _ipAddressDao.listByAssociatedNetwork(network.getId(), null);
        List<PublicIp> publicIps = new ArrayList<PublicIp>();
        if (userIps != null && !userIps.isEmpty()) {
            for (IPAddressVO userIp : userIps) {
                PublicIp publicIp = new PublicIp(userIp, _vlanDao.findById(userIp.getVlanId()), NetUtils.createSequenceBasedMacAddress(userIp.getMacAddress()));
                publicIps.add(publicIp);
            }
        }

        // rules can not programmed unless IP is associated with network service provider, so run IP assoication for
        // the network so as to ensure IP is associated before applying rules (in add state)
        applyIpAssociations(network, false, continueOnError, publicIps);

        for (NetworkElement ne : _networkElements) {
            Provider provider = Network.Provider.getProvider(ne.getName());
            if (provider == null) {
                if (ne.getName().equalsIgnoreCase("Ovs") || ne.getName().equalsIgnoreCase("BareMetal")
                        || ne.getName().equalsIgnoreCase("CiscoNexus1000vVSM")) {
                    continue;
                }
                throw new CloudRuntimeException("Unable to identify the provider by name " + ne.getName());
            }
            try {
                boolean handled;
                switch (purpose) {
                case LoadBalancing:
                    boolean isLbProvider = isProviderSupportServiceInNetwork(network.getId(), Service.Lb, provider);
                    if (!(ne instanceof LoadBalancingServiceProvider && isLbProvider)) {
                        continue;
                    }
                    handled = ((LoadBalancingServiceProvider) ne).applyLBRules(network, (List<LoadBalancingRule>) rules);
                    break;
                case PortForwarding:
                    boolean isPfProvider = isProviderSupportServiceInNetwork(network.getId(), Service.PortForwarding, provider);
                    if (!(ne instanceof PortForwardingServiceProvider && isPfProvider)) {
                        continue;
                    }
                    handled = ((PortForwardingServiceProvider) ne).applyPFRules(network, (List<PortForwardingRule>) rules);
                    break;
                case StaticNat:
                    /* It's firewall rule for static nat, not static nat rule */
                    /* Fall through */
                case Firewall:
                    boolean isFirewallProvider = isProviderSupportServiceInNetwork(network.getId(), Service.Firewall, provider);
                    if (!(ne instanceof FirewallServiceProvider && isFirewallProvider)) {
                        continue;
                    }
                    handled = ((FirewallServiceProvider) ne).applyFWRules(network, rules);
                    break;
                case NetworkACL:
                    boolean isNetworkACLProvider = isProviderSupportServiceInNetwork(network.getId(), Service.NetworkACL, provider);
                    if (!(ne instanceof NetworkACLServiceProvider && isNetworkACLProvider)) {
                        continue;
                    }
                    handled = ((NetworkACLServiceProvider) ne).applyNetworkACLs(network, rules);
                    break;
                default:
                    s_logger.debug("Unable to handle network rules for purpose: " + purpose.toString());
                    handled = false;
                }
                s_logger.debug("Network Rules for network " + network.getId() + " were " + (handled ? "" : " not") + " handled by " + ne.getName());
            } catch (ResourceUnavailableException e) {
                if (!continueOnError) {
View Full Code Here
635
636
637
638
639
640
641
642
643
644
645
646
647
    }

    @Override
    public boolean validateLbRule(LoadBalancingRule lbRule) {
        Network network = _networkDao.findById(lbRule.getNetworkId());
        Purpose purpose = lbRule.getPurpose();
        if (purpose != Purpose.LoadBalancing) {
            s_logger.debug("Unable to validate network rules for purpose: " + purpose.toString());
            return false;
        }
        for (LoadBalancingServiceProvider ne : _lbProviders) {
            boolean validated = ne.validateLBRule(network, lbRule);
            if (!validated)
View Full Code Here
520
521
522
523
524
525
526
527
528
529
530
        boolean success = true;
        if (rules == null || rules.size() == 0) {
            s_logger.debug("There are no rules to forward to the network elements");
            return true;
        }
        Purpose purpose = rules.get(0).getPurpose();
        if (!_ipAddrMgr.applyRules(rules, purpose, this, continueOnError)) {
            s_logger.warn("Rules are not completely applied");
            return false;
        } else {
            if (updateRulesInDB) {
View Full Code Here
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
    }

    @Override
    public boolean validateRule(FirewallRule rule) {
        Network network = _networksDao.findById(rule.getNetworkId());
        Purpose purpose = rule.getPurpose();
        for (NetworkElement ne : _networkElements) {
            boolean validated;
            switch (purpose) {
            case LoadBalancing:
                if (!(ne instanceof LoadBalancingServiceProvider)) {
                    continue;
                }
                validated = ((LoadBalancingServiceProvider) ne).validateLBRule(network, (LoadBalancingRule) rule);
                if (!validated)
                    return false;
                break;
            default:
                s_logger.debug("Unable to validate network rules for purpose: " + purpose.toString());
                validated = false;
            }
        }
        return true;
    }
View Full Code Here
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
            return true;
        }

        boolean success = true;
        Network network = _networksDao.findById(rules.get(0).getNetworkId());
        Purpose purpose = rules.get(0).getPurpose();

        // get the list of public ip's owned by the network
        List<IPAddressVO> userIps = _ipAddressDao.listByAssociatedNetwork(network.getId(), null);
        List<PublicIp> publicIps = new ArrayList<PublicIp>();
        if (userIps != null && !userIps.isEmpty()) {
            for (IPAddressVO userIp : userIps) {
                PublicIp publicIp = new PublicIp(userIp, _vlanDao.findById(userIp.getVlanId()), NetUtils.createSequenceBasedMacAddress(userIp.getMacAddress()));
                publicIps.add(publicIp);
            }
        }

        // rules can not programmed unless IP is associated with network service provider, so run IP assoication for
        // the network so as to ensure IP is associated before applying rules (in add state)
        applyIpAssociations(network, false, continueOnError, publicIps);

        for (NetworkElement ne : _networkElements) {
            Provider provider = Network.Provider.getProvider(ne.getName());
            if (provider == null) {
                if (ne.getName().equalsIgnoreCase("Ovs") || ne.getName().equalsIgnoreCase("BareMetal")
                        || ne.getName().equalsIgnoreCase("CiscoNexus1000vVSM")) {
                    continue;
                }
                throw new CloudRuntimeException("Unable to identify the provider by name " + ne.getName());
            }
            try {
                boolean handled;
                switch (purpose) {
                case LoadBalancing:
                    boolean isLbProvider = isProviderSupportServiceInNetwork(network.getId(), Service.Lb, provider);
                    if (!(ne instanceof LoadBalancingServiceProvider && isLbProvider)) {
                        continue;
                    }
                    handled = ((LoadBalancingServiceProvider) ne).applyLBRules(network, (List<LoadBalancingRule>) rules);
                    break;
                case PortForwarding:
                    boolean isPfProvider = isProviderSupportServiceInNetwork(network.getId(), Service.PortForwarding, provider);
                    if (!(ne instanceof PortForwardingServiceProvider && isPfProvider)) {
                        continue;
                    }
                    handled = ((PortForwardingServiceProvider) ne).applyPFRules(network, (List<PortForwardingRule>) rules);
                    break;
                case StaticNat:
                    /* It's firewall rule for static nat, not static nat rule */
                    /* Fall through */
                case Firewall:
                    boolean isFirewallProvider = isProviderSupportServiceInNetwork(network.getId(), Service.Firewall, provider);
                    if (!(ne instanceof FirewallServiceProvider && isFirewallProvider)) {
                        continue;
                    }
                    handled = ((FirewallServiceProvider) ne).applyFWRules(network, rules);
                    break;
                case NetworkACL:
                    boolean isNetworkACLProvider = isProviderSupportServiceInNetwork(network.getId(), Service.NetworkACL, provider);
                    if (!(ne instanceof NetworkACLServiceProvider && isNetworkACLProvider)) {
                        continue;
                    }
                    handled = ((NetworkACLServiceProvider) ne).applyNetworkACLs(network, rules);
                    break;
                default:
                    s_logger.debug("Unable to handle network rules for purpose: " + purpose.toString());
                    handled = false;
                }
                s_logger.debug("Network Rules for network " + network.getId() + " were " + (handled ? "" : " not") + " handled by " + ne.getName());
            } catch (ResourceUnavailableException e) {
                if (!continueOnError) {
View Full Code Here
TOP

Related Classes of com.cloud.network.rules.FirewallRule.Purpose

  • com.cloud.network.firewall.FirewallManagerImpl
  • com.cloud.network.lb.LoadBalancingRulesManagerImpl
  • com.cloud.network.NetworkManagerImpl
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.