Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openstack/neutron/files/agent/solaris/ipfilters_manager.py
author Drew Fisher <drew.fisher@oracle.com>
Mon, 31 Mar 2014 16:44:02 -0700
branchs11-update
changeset 3028 5e73a3a3f66a
child 1944 56ac2df1785b
permissions -rw-r--r--
PSARC/2013/350 OpenStack for Solaris (Umbrella) PSARC/2014/007 OpenStack client API components for Grizzly PSARC/2014/048 OpenStack Keystone (OpenStack Identity Service) PSARC/2014/049 OpenStack Nova (OpenStack Compute Service) PSARC/2014/054 OpenStack Cinder (OpenStack Block Storage Service) PSARC/2014/055 OpenStack Glance (OpenStack Image Service) PSARC/2014/058 OpenStack Horizon (OpenStack Dashboard) PSARC/2014/059 OpenStack Neutron (OpenStack Networking Service) 17531161 greenlet doesn't build with gcc 4.7.X 18143276 greenlet can crash with register window corruption on MP SPARC 18290089 integrate cinderclient 18290097 integrate glanceclient 18290102 integrate keystoneclient 18290109 integrate neutronclient 18290113 integrate novaclient 18290119 integrate swiftclient 18290125 integrate quantumclient 18307582 Request to integrate Cinder into userland 18307595 Request to integrate Glance into userland 18307626 Request to integrate Horizon into userland 18307641 Request to integrate Keystone into userland 18307650 Request to integrate Neutron into userland 18307659 Request to integrate Nova into userland 18321909 a few Python packages deliver both po and mo files 18362900 Dnsmasq's SMF method_credential is missing a privilege 18363793 Dnsmasq should use SIOCSXARP ioctl
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
3028
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     1
 
# vim: tabstop=4 shiftwidth=4 softtabstop=4
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     2
 












5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     3


# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     4


#













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     5


#    Licensed under the Apache License, Version 2.0 (the "License"); you may













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     6


#    not use this file except in compliance with the License. You may obtain













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     7


#    a copy of the License at













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     8


#













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     9


#         http://www.apache.org/licenses/LICENSE-2.0













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    10


#













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    11


#    Unless required by applicable law or agreed to in writing, software













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    12


#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    13


#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    14


#    License for the specific language governing permissions and limitations













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    15


#    under the License.













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    16


#













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    17


# @author: Girish Moodalbail, Oracle, Inc.













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    18


#













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    19














5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    20


"""Implements ipfilter and ipnat rules using Solaris utilities."""













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    21














5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    22


from quantum.agent.solaris import net_lib













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    23














5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    24














5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    25


class IpfiltersManager(object):













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    26


    """Wrapper for Solaris IPF commands -- ipf(1m), ipnat(1m),













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    27


    and ippool(1m)."""













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    28














5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    29


    def __init__(self):













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    30


        self.ipv4 = {'filter': [], 'nat': []}













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    31


        self.ipv6 = {'filter': [], 'nat': []}













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    32














5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    33


    def add_ippool(self, number, ip_cidrs):













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    34


        ippool = net_lib.IppoolCommand(number)













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    35


        if ip_cidrs:













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    36


            ippool.add_pool_nodes(ip_cidrs)













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    37


        else:













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    38


            ippool.add_pool()













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    39














5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    40


    def remove_ippool(self, number, ip_cidrs):













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    41


        ippool = net_lib.IppoolCommand(number)













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    42


        if ip_cidrs:













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    43


            ippool.remove_pool_nodes(ip_cidrs)













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    44


        else:













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    45


            ippool.remove_pool()













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    46














5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    47


    def add_nat_rules(self, rules, version='4'):













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    48


        # Solaris doesn't support IPv6 NAT rules













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    49


        assert version == '4'













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    50


        ipnat = net_lib.IpnatCommand()













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    51


        ipnat.add_rules(rules)













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    52


        # we successfully added the nat rules, update the local copy













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    53


        for rule in rules:













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    54


            self.ipv4['nat'].append(rule)













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    55














5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    56


    def remove_nat_rules(self, rules, version='4'):













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    57


        # Solaris doesn't support IPv6 NAT rules













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    58


        assert version == '4'













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    59


        ipnat = net_lib.IpnatCommand()













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    60


        ipnat.remove_rules(rules)













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    61


        # we successfully removed the nat rules, update the local copy













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    62


        for rule in rules:













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    63


            self.ipv4['nat'].remove(rule)













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    64














5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    65


    def add_ipf_rules(self, rules, version='4'):













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    66


        ipf = net_lib.IpfilterCommand()













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    67


        ipf.add_rules(rules, version)













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    68


        version_rules = (self.ipv4['filter'] if version == '4' else













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    69


                         self.ipv6['filter'])













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    70


        for rule in rules:













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    71


            version_rules.append(rule)













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    72














5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    73


    def remove_ipf_rules(self, rules, version='4'):













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    74


        ipf = net_lib.IpfilterCommand()













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    75


        ipf.remove_rules(rules, version)













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    76


        version_rules = (self.ipv4['filter'] if version == '4' else













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    77


                         self.ipv6['filter'])













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    78


        for rule in rules:













5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    79


            version_rules.remove(rule)















upstream/oracle/userland-gate