private List<PortForwardingRuleVO> listByNetworkId(long networkId) { return _portForwardingDao.listByNetwork(networkId); }
protected void removePFRule(PortForwardingRuleVO rule) { _portForwardingDao.remove(rule.getId()); }
@Override public List<PortForwardingRuleVO> listByDestIpAddr(String ip4Address) { SearchCriteria<PortForwardingRuleVO> sc = AllFieldsSearch.create(); sc.setParameters("dstIp", ip4Address); return listBy(sc); }
List<FirewallRule> rules = new ArrayList<FirewallRule>(); List<PortForwardingRuleVO> pfRules = _portForwardingDao.listByNetwork(networkId); if (s_logger.isDebugEnabled()) { s_logger.debug("Releasing " + pfRules.size() + " port forwarding rules for network id=" + networkId); rules.addAll(_portForwardingDao.listByNetworkAndNotRevoked(networkId)); rules.addAll(_firewallDao.listByNetworkAndPurposeAndNotRevoked(networkId, Purpose.StaticNat));
private boolean revokePortForwardingRuleInternal(long ruleId, Account caller, long userId, boolean apply) { PortForwardingRuleVO rule = _portForwardingDao.findById(ruleId); _firewallMgr.revokeRule(rule, caller, userId, true); boolean success = false; if (apply) { success = applyPortForwardingRules(rule.getSourceIpAddressId(), _ipAddrMgr.RulesContinueOnError.value(), caller); } else { success = true; } return success; }
protected boolean applyPortForwardingRules(long ipId, boolean continueOnError, Account caller) { List<PortForwardingRuleVO> rules = _portForwardingDao.listForApplication(ipId); if (rules.size() == 0) { s_logger.debug("There are no port forwarding rules to apply for ip id=" + ipId); return true; } if (caller != null) { _accountMgr.checkAccess(caller, null, true, rules.toArray(new PortForwardingRuleVO[rules.size()])); } try { if (!_firewallMgr.applyRules(rules, continueOnError, true)) { return false; } } catch (ResourceUnavailableException ex) { s_logger.warn("Failed to apply port forwarding rules for ip due to ", ex); return false; } return true; }
@Override public PortForwardingRuleVO findByIdAndIp(long id, String secondaryIp) { SearchCriteria<PortForwardingRuleVO> sc = AllFieldsSearch.create(); sc.setParameters("id", id); sc.setParameters("dstIp", secondaryIp); return findOneBy(sc); } }
List<FirewallRule> rules = new ArrayList<FirewallRule>(); List<PortForwardingRuleVO> pfRules = _portForwardingDao.listByIpAndNotRevoked(ipId); if (s_logger.isDebugEnabled()) { s_logger.debug("Releasing " + pfRules.size() + " port forwarding rules for ip id=" + ipId); rules.addAll(_portForwardingDao.listByIpAndNotRevoked(ipId)); rules.addAll(_firewallDao.listByIpAndPurposeAndNotRevoked(ipId, Purpose.StaticNat));
@Override public boolean revokePortForwardingRulesForVm(long vmId) { boolean success = true; UserVmVO vm = _vmDao.findByIdIncludingRemoved(vmId); if (vm == null) { return false; } List<PortForwardingRuleVO> rules = _portForwardingDao.listByVm(vmId); Set<Long> ipsToReprogram = new HashSet<Long>(); if (rules == null || rules.isEmpty()) { s_logger.debug("No port forwarding rules are found for vm id=" + vmId); return true; } for (PortForwardingRuleVO rule : rules) { // Mark port forwarding rule as Revoked, but don't revoke it yet (apply=false) revokePortForwardingRuleInternal(rule.getId(), _accountMgr.getSystemAccount(), Account.ACCOUNT_ID_SYSTEM, false); ipsToReprogram.add(rule.getSourceIpAddressId()); } // apply rules for all ip addresses for (Long ipId : ipsToReprogram) { s_logger.debug("Applying port forwarding rules for ip address id=" + ipId + " as a part of vm expunge"); if (!applyPortForwardingRules(ipId, _ipAddrMgr.RulesContinueOnError.value(), _accountMgr.getSystemAccount())) { s_logger.warn("Failed to apply port forwarding rules for ip id=" + ipId); success = false; } } return success; }
protected PortForwardingRulesDaoImpl() { super(); AllFieldsSearch = createSearchBuilder(); AllFieldsSearch.and("id", AllFieldsSearch.entity().getId(), Op.EQ); AllFieldsSearch.and("state", AllFieldsSearch.entity().getState(), Op.EQ); AllFieldsSearch.done(); ApplicationSearch = createSearchBuilder(); ApplicationSearch.and("ipId", ApplicationSearch.entity().getSourceIpAddressId(), Op.EQ); ApplicationSearch.and("state", ApplicationSearch.entity().getState(), Op.NEQ); ApplicationSearch.done(); ActiveRulesSearch = createSearchBuilder(); ActiveRulesSearch.and("ipId", ActiveRulesSearch.entity().getSourceIpAddressId(), Op.EQ); ActiveRulesSearch.and("networkId", ActiveRulesSearch.entity().getNetworkId(), Op.EQ); ActiveRulesSearch.done(); AllRulesSearchByVM = createSearchBuilder(); AllRulesSearchByVM.and("vmId", AllRulesSearchByVM.entity().getVirtualMachineId(), Op.EQ); AllRulesSearchByVM.and("purpose", AllRulesSearchByVM.entity().getPurpose(), Op.EQ); AllRulesSearchByVM.done(); ActiveRulesSearchByAccount = createSearchBuilder(); ActiveRulesSearchByAccount.and("accountId", ActiveRulesSearchByAccount.entity().getAccountId(), Op.EQ); ActiveRulesSearchByAccount.and("state", ActiveRulesSearchByAccount.entity().getState(), Op.NEQ);
newRule.setDisplay(forDisplay); newRule = _portForwardingDao.persist(newRule);
@Override public List<PortForwardingRuleVO> listByNetworkAndDestIpAddr(String ip4Address, long networkId) { SearchCriteria<PortForwardingRuleVO> sc = AllFieldsSearch.create(); sc.setParameters("dstIp", ip4Address); sc.setParameters("networkId", networkId); return listBy(sc); }
@Override @ActionEvent(eventType = EventTypes.EVENT_NET_RULE_DELETE, eventDescription = "revoking forwarding rule", async = true) public boolean revokePortForwardingRule(long ruleId, boolean apply) { CallContext ctx = CallContext.current(); Account caller = ctx.getCallingAccount(); PortForwardingRuleVO rule = _portForwardingDao.findById(ruleId); if (rule == null) { throw new InvalidParameterValueException("Unable to find " + ruleId); } _accountMgr.checkAccess(caller, null, true, rule); if (!revokePortForwardingRuleInternal(ruleId, caller, ctx.getCallingUserId(), apply)) { throw new CloudRuntimeException("Failed to delete port forwarding rule"); } return true; }
@Override public List<PortForwardingRuleVO> listByVm(Long vmId) { SearchCriteria<PortForwardingRuleVO> sc = AllRulesSearchByVM.create(); sc.setParameters("vmId", vmId); sc.setParameters("purpose", Purpose.PortForwarding); return listBy(sc, null); }
@Override public List<PortForwardingRuleVO> listByNetwork(long networkId) { SearchCriteria<PortForwardingRuleVO> sc = AllFieldsSearch.create(); sc.setParameters("networkId", networkId); sc.setParameters("purpose", Purpose.PortForwarding); return listBy(sc); }
@Override public List<PortForwardingRuleVO> listByIp(long ipId) { SearchCriteria<PortForwardingRuleVO> sc = AllFieldsSearch.create(); sc.setParameters("ipId", ipId); sc.setParameters("purpose", Purpose.PortForwarding); return listBy(sc, null); }
@Override public List<PortForwardingRuleVO> listForApplication(long ipId) { SearchCriteria<PortForwardingRuleVO> sc = ApplicationSearch.create(); sc.setParameters("ipId", ipId); sc.setParameters("state", State.Staged); sc.setParameters("purpose", Purpose.PortForwarding); return listBy(sc, null); }
@Override public List<PortForwardingRuleVO> listByNetworkAndNotRevoked(long networkId) { SearchCriteria<PortForwardingRuleVO> sc = ActiveRulesSearch.create(); sc.setParameters("networkId", networkId); sc.setParameters("state", State.Revoke); sc.setParameters("purpose", Purpose.PortForwarding); return listBy(sc, null); }
@Override public List<PortForwardingRuleVO> listByIpAndNotRevoked(long ipId) { SearchCriteria<PortForwardingRuleVO> sc = ActiveRulesSearch.create(); sc.setParameters("ipId", ipId); sc.setParameters("state", State.Revoke); sc.setParameters("purpose", Purpose.PortForwarding); return listBy(sc, null); }
@Override public List<PortForwardingRuleVO> listByAccount(long accountId) { SearchCriteria<PortForwardingRuleVO> sc = ActiveRulesSearchByAccount.create(); sc.setParameters("accountId", accountId); sc.setParameters("state", State.Revoke); sc.setParameters("purpose", Purpose.PortForwarding); return listBy(sc); }