/** * Get the list of public IPs that need to be applied for a static NAT enable/disable operation. * Manipulating only these ips prevents concurrency issues when disabling static nat at the same time. * @param staticNats * @return The list of IPs that need to be applied for the static NAT to work. */ public List<IPAddressVO> getStaticNatSourceIps(List<? extends StaticNat> staticNats) { List<IPAddressVO> userIps = new ArrayList<>(); for (StaticNat snat : staticNats) { userIps.add(_ipAddressDao.findById(snat.getSourceIpAddressId())); } return userIps; }
@Override public boolean applyStaticNats(Network config, List<? extends StaticNat> rules) throws ResourceUnavailableException { List<VspStaticNat> vspStaticNatDetails = new ArrayList<VspStaticNat>(); for (StaticNat staticNat : rules) { IPAddressVO sourceNatIp = _ipAddressDao.findById(staticNat.getSourceIpAddressId()); VlanVO sourceNatVlan = _vlanDao.findById(sourceNatIp.getVlanId()); checkVlanUnderlayCompatibility(sourceNatVlan); if (!staticNat.isForRevoke()) { final List<FirewallRuleVO> firewallRules = _firewallRulesDao.listByIpAndNotRevoked(staticNat.getSourceIpAddressId()); for (FirewallRuleVO firewallRule : firewallRules) { _nuageVspEntityBuilder.buildVspAclRule(firewallRule, config, sourceNatIp); } } NicVO nicVO = _nicDao.findByIp4AddressAndNetworkId(staticNat.getDestIpAddress(), staticNat.getNetworkId()); VspStaticNat vspStaticNat = _nuageVspEntityBuilder.buildVspStaticNat(staticNat.isForRevoke(), sourceNatIp, sourceNatVlan, nicVO); vspStaticNatDetails.add(vspStaticNat); } VspNetwork vspNetwork = _nuageVspEntityBuilder.buildVspNetwork(config); ApplyStaticNatVspCommand cmd = new ApplyStaticNatVspCommand(vspNetwork, vspStaticNatDetails); send(cmd, config); return true; }
if (staticNat.isForRevoke()) { for (PublicIp publicIp : publicIps) { if (publicIp.getId() == staticNat.getSourceIpAddressId()) { publicIps.remove(publicIp); IPAddressVO ip = _ipAddressDao.findByIdIncludingRemoved(staticNat.getSourceIpAddressId());
rulesTO = new ArrayList<StaticNatRuleTO>(); for (StaticNat rule : rules) { IpAddress sourceIp = _networkMgr.getIp(rule.getSourceIpAddressId()); StaticNatRuleTO ruleTO = new StaticNatRuleTO(0, sourceIp.getAddress().addr(), null, null, rule.getDestIpAddress(), null, null, null, rule.isForRevoke(), false); IpAddress sourceIp = _networkMgr.getIp(rule.getSourceIpAddressId()); StaticNatRuleTO ruleTO = new StaticNatRuleTO(0, sourceIp.getAddress().addr(), null, null, rule.getDestIpAddress(), null, null, null, rule.isForRevoke(), false);
IpAddress sourceIp = networkModel.getIp(rule.getSourceIpAddressId());
public boolean applyStaticNatRules(Network network, List<? extends StaticNat> rules) throws ResourceUnavailableException { long zoneId = network.getDataCenterId(); DataCenterVO zone = _dcDao.findById(zoneId); ExternalFirewallDeviceVO fwDeviceVO = getExternalFirewallForNetwork(network); HostVO externalFirewall = _hostDao.findById(fwDeviceVO.getHostId()); assert (externalFirewall != null); if (network.getState() == Network.State.Allocated) { s_logger.debug("External firewall was asked to apply firewall rules for network with ID " + network.getId() + "; this network is not implemented. Skipping backend commands."); return true; } List<StaticNatRuleTO> staticNatRules = new ArrayList<StaticNatRuleTO>(); for (StaticNat rule : rules) { IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId()); Vlan vlan = _vlanDao.findById(sourceIp.getVlanId()); StaticNatRuleTO ruleTO = new StaticNatRuleTO(0, vlan.getVlanTag(), sourceIp.getAddress().addr(), -1, -1, rule.getDestIpAddress(), -1, -1, "any", rule.isForRevoke(), false); staticNatRules.add(ruleTO); } sendStaticNatRules(staticNatRules, zone, externalFirewall.getId()); return true; }
public void createApplyStaticNatCommands(final List<? extends StaticNat> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId) { final List<StaticNatRuleTO> rulesTO = new ArrayList<StaticNatRuleTO>(); if (rules != null) { for (final StaticNat rule : rules) { final IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId()); final StaticNatRuleTO ruleTO = new StaticNatRuleTO(0, sourceIp.getAddress().addr(), null, null, rule.getDestIpAddress(), null, null, null, rule.isForRevoke(), false); rulesTO.add(ruleTO); } } final SetStaticNatRulesCommand cmd = new SetStaticNatRulesCommand(rulesTO, router.getVpcId()); cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId())); cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(guestNetworkId, router.getId())); cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName()); final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId()); cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString()); cmds.addCommand(cmd); }
String srcIp = _ipAddressDao.findById(rule.getSourceIpAddressId()).getAddress().addr(); String dstIp = rule.getDestIpAddress(); String mac = rule.getSourceMacAddress();