Integer cnt = ipRuleCounts.get(ip);
if (cnt != null) {
if (cnt == 1) {
ipRuleCounts.remove(ip);
// no more rules for this IP. delete the route.
Route route = routes.remove(ip);
route.delete();
} else {
ipRuleCounts.put(ip, new Integer(ipRuleCounts.get(ip).intValue() - 1));
}
}
foundPreNatRule.delete();
}
}
} else if (rule.getState() == FirewallRule.State.Add) {
for(int i = 0; i < ruleStrings.length; i++){
String ruleString = ruleStrings[i];
Rule foundRule = existingPreNatRules.get(ruleString);
if(foundRule == null){
String vmIp = ruleTO.getDstIp();
String publicIp = dstIp.getAddress().addr();
int privPortStart = ruleTO.getDstPortRange()[0];
int privPortEnd = ruleTO.getDstPortRange()[1];
int pubPortStart = ruleTO.getSrcPortRange()[0];
int pubPortEnd = ruleTO.getSrcPortRange()[1];
DtoRule.DtoNatTarget[] preTargets = new DtoRule.DtoNatTarget[]{
new DtoRule.DtoNatTarget(vmIp, vmIp, privPortStart, privPortEnd)};
Rule preNatRule = preNat.addRule()
.type(DtoRule.DNAT)
.flowAction(DtoRule.Accept)
.nwDstAddress(publicIp)
.nwDstLength(32)
.tpDst(new DtoRange(pubPortStart, pubPortEnd))
.natTargets(preTargets)
.nwProto(SimpleFirewallRule.stringToProtocolNumber(rule.getProtocol()))
.position(1);
Integer cnt = ipRuleCounts.get(publicIp);
if (cnt != null) {
ipRuleCounts.put(publicIp, new Integer(cnt.intValue() + 1));
} else {
ipRuleCounts.put(publicIp, new Integer(1));
}
String preNatRuleStr = new SimpleFirewallRule(preNatRule).toStringArray()[0];
existingPreNatRules.put(preNatRuleStr, preNatRule);
preNatRule.create();
if (routes.get(publicIp) == null) {
Route route = providerRouter.addRoute()
.type("Normal")
.weight(100)
.srcNetworkAddr("0.0.0.0")
.srcNetworkLength(0)
.dstNetworkAddr(publicIp)
.dstNetworkLength(32)
.nextHopPort(providerDownlink.getId());
route.create();
routes.put(publicIp, route);
}
// If Firewall is in our service offering, set up the
// default firewall rule