private void applySecurityGroupsAcls(Map<String, Configuration> cfgNodes) { for (Entry<String, Set<SecurityGroup>> entry : _configurationSecurityGroups.entrySet()) { Configuration cfgNode = cfgNodes.get(entry.getKey()); List<IpAccessListLine> inboundRules = new LinkedList<>(); List<IpAccessListLine> outboundRules = new LinkedList<>(); entry .getValue() .forEach( securityGroup -> securityGroup.addInOutAccessLines(inboundRules, outboundRules, this)); // create ACLs from inboundRules and outboundRules IpAccessList inAcl = IpAccessList.builder().setName(SG_INGRESS_ACL_NAME).setLines(inboundRules).build(); IpAccessList outAcl = IpAccessList.builder().setName(SG_EGRESS_ACL_NAME).setLines(outboundRules).build(); cfgNode.getIpAccessLists().put(SG_INGRESS_ACL_NAME, inAcl); cfgNode.getIpAccessLists().put(SG_EGRESS_ACL_NAME, outAcl); // applying the filters to all interfaces in the node cfgNode .getAllInterfaces() .values() .forEach( iface -> { iface.setIncomingFilter(inAcl); iface.setOutgoingFilter(outAcl); }); } }
iface.setIncomingFilter(_c.getIpAccessLists().get(FILTER_INPUT)); iface.setOutgoingFilter(_c.getIpAccessLists().get(FILTER_OUTPUT));
newIface.setIncomingFilter(composedInAcl);
Interface instanceIface = Utils.newInterface(instanceIfaceName, instanceCfgNode, instanceIfaceAddress); instanceIface.setIncomingFilter( instanceCfgNode .getIpAccessLists()
iface.setHsrpVersion(_hsrpVersion); iface.setFirewallSessionInterfaceInfo(_firewallSessionInterfaceInfo); iface.setIncomingFilter(_incomingFilter); iface.setIncomingTransformation(_incomingTransformation); iface.setIsis(_isis);
cfgNode.getIpAccessLists().put(outAcl.getName(), outAcl); subnetToVpc.setIncomingFilter(inAcl); subnetToVpc.setOutgoingFilter(outAcl);
newIface.setIncomingFilter(ipAccessLists.get(incomingFilterName));
i2.setIncomingFilter( nf.aclBuilder() .setOwner(c2)