Package org.midonet.client.resource

Examples of org.midonet.client.resource.RuleChain.addRule()

1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
                                    defaultBlock = true;
                                    break;
                                }
                            }
                            if (!defaultBlock) {
                                preFilter.addRule().type(DtoRule.Drop).nwDstAddress(publicIp).nwDstLength(32).create();
                            }
                        }
                    }
                }
            }
View Full Code Here
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
        for (Rule rule : egressChain.getRules()) {
            rule.delete();
        }

        // Add a matchForwardFlow rule so that we can accept all return traffic
        egressChain.addRule().type(DtoRule.Accept).matchForwardFlow(true).position(1).create();
    }

    protected RuleChain getOrInitEgressACLFilter(Network network) {
        boolean isVpc = getIsVpc(network);
        long id = getRouterId(network, isVpc);
View Full Code Here
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
            }
        }

        int pos = 1;
        // If it is ARP, accept it
        egressChain.addRule().type(DtoRule.Accept).dlType(0x0806).position(pos++).create();

        // If it is ICMP to the router, accept that
        egressChain.addRule()
            .type(DtoRule.Accept)
            .nwProto(SimpleFirewallRule.stringToProtocolNumber("icmp"))
View Full Code Here
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
        int pos = 1;
        // If it is ARP, accept it
        egressChain.addRule().type(DtoRule.Accept).dlType(0x0806).position(pos++).create();

        // If it is ICMP to the router, accept that
        egressChain.addRule()
            .type(DtoRule.Accept)
            .nwProto(SimpleFirewallRule.stringToProtocolNumber("icmp"))
            .nwDstAddress(network.getGateway())
            .nwDstLength(32)
            .position(pos++)
View Full Code Here
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
            .nwDstLength(32)
            .position(pos++)
            .create();

        // Everything else gets dropped
        egressChain.addRule().type(DtoRule.Drop).position(pos).create();

        return egressChain;
    }

    private void connectBridgeToRouter(Network network, Bridge netBridge, Router netRouter) {
View Full Code Here
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
            int pos = 1;

            RuleChain inc = api.addChain().name(getChainName(String.valueOf(network.getId()), routerName, RuleChainCode.ACL_INGRESS)).tenantId(accountIdStr).create();

            // If it is ARP, accept it
            inc.addRule().type(DtoRule.Accept).dlType(0x0806).position(pos++).create();

            // If it is ICMP to the router, accept that
            inc.addRule()
                .type(DtoRule.Accept)
                .nwProto(SimpleFirewallRule.stringToProtocolNumber("icmp"))
View Full Code Here
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
            // If it is ARP, accept it
            inc.addRule().type(DtoRule.Accept).dlType(0x0806).position(pos++).create();

            // If it is ICMP to the router, accept that
            inc.addRule()
                .type(DtoRule.Accept)
                .nwProto(SimpleFirewallRule.stringToProtocolNumber("icmp"))
                .nwDstAddress(network.getGateway())
                .nwDstLength(32)
                .position(pos++)
View Full Code Here
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
                .nwDstLength(32)
                .position(pos++)
                .create();

            // If it is connection tracked, accept that as well
            inc.addRule().type(DtoRule.Accept).matchReturnFlow(true).position(pos++).create();

            inc.addRule().type(DtoRule.Drop).position(pos).create();

            //
            RuleChain out = api.addChain().name(getChainName(String.valueOf(network.getId()), routerName, RuleChainCode.ACL_EGRESS)).tenantId(accountIdStr).create();
View Full Code Here
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
                .create();

            // If it is connection tracked, accept that as well
            inc.addRule().type(DtoRule.Accept).matchReturnFlow(true).position(pos++).create();

            inc.addRule().type(DtoRule.Drop).position(pos).create();

            //
            RuleChain out = api.addChain().name(getChainName(String.valueOf(network.getId()), routerName, RuleChainCode.ACL_EGRESS)).tenantId(accountIdStr).create();

            // Creating the first default rule here that does nothing
View Full Code Here
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
            //
            RuleChain out = api.addChain().name(getChainName(String.valueOf(network.getId()), routerName, RuleChainCode.ACL_EGRESS)).tenantId(accountIdStr).create();

            // Creating the first default rule here that does nothing
            // but start connection tracking.
            out.addRule().type(DtoRule.Accept).matchForwardFlow(true).position(1).create();

            routerPort.outboundFilterId(inc.getId());
            routerPort.inboundFilterId(out.getId());
        }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.