Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openstack/neutron/files/agent/solaris/ipfilters_manager.py
changeset 1944 56ac2df1785b
parent 1760 353323c7bdc1
child 2083 87196737f09f
equal deleted inserted replaced
1943:1a27f000029f 1944:56ac2df1785b 
    17 # @author: Girish Moodalbail, Oracle, Inc.
 
    17 # @author: Girish Moodalbail, Oracle, Inc.
 
    18 #
 
    18 #
 
    19 
    19 
    20 """Implements ipfilter and ipnat rules using Solaris utilities."""
 
    20 """Implements ipfilter and ipnat rules using Solaris utilities."""
 
    21 
    21 
    22 from quantum.agent.solaris import net_lib
 
    22 from neutron.agent.solaris import net_lib
 
    23 
    23 
    24 
    24 
    25 class IpfiltersManager(object):
 
    25 class IPfiltersManager(object):
 
    26     """Wrapper for Solaris IPF commands -- ipf(1m), ipnat(1m),
 
    26     """Wrapper for Solaris IPF commands -- ipf(1m), ipnat(1m),
 
    27     and ippool(1m)."""
 
    27     and ippool(1m)."""
 
    28 
    28 
    29     def __init__(self):
 
    29     def __init__(self):
 
    30         self.ipv4 = {'filter': [], 'nat': []}
 
    30         self.ipv4 = {'filter': [], 'nat': []}
 
    31         self.ipv6 = {'filter': [], 'nat': []}
 
    31         self.ipv6 = {'filter': [], 'nat': []}
 
    32 
    32 
    33     def add_ippool(self, number, ip_cidrs):
 
    33     def add_ippool(self, number, ip_cidrs):
 
    34         ippool = net_lib.IppoolCommand(number)
 
    34         ippool = net_lib.IPpoolCommand(number)
 
    35         if ip_cidrs:
 
    35         if ip_cidrs:
 
    36             ippool.add_pool_nodes(ip_cidrs)
 
    36             ippool.add_pool_nodes(ip_cidrs)
 
    37         else:
 
    37         else:
 
    38             ippool.add_pool()
 
    38             ippool.add_pool()
 
    39 
    39 
    40     def remove_ippool(self, number, ip_cidrs):
 
    40     def remove_ippool(self, number, ip_cidrs):
 
    41         ippool = net_lib.IppoolCommand(number)
 
    41         ippool = net_lib.IPpoolCommand(number)
 
    42         if ip_cidrs:
 
    42         if ip_cidrs:
 
    43             ippool.remove_pool_nodes(ip_cidrs)
 
    43             ippool.remove_pool_nodes(ip_cidrs)
 
    44         else:
 
    44         else:
 
    45             ippool.remove_pool()
 
    45             ippool.remove_pool()
 
    46 
    46 
    47     def add_nat_rules(self, rules, version='4'):
 
    47     def add_nat_rules(self, rules, version='4'):
 
    48         # Solaris doesn't support IPv6 NAT rules
 
    48         # Solaris doesn't support IPv6 NAT rules
 
    49         assert version == '4'
 
    49         assert version == '4'
 
    50         ipnat = net_lib.IpnatCommand()
 
    50         ipnat = net_lib.IPnatCommand()
 
    51         ipnat.add_rules(rules)
 
    51         ipnat.add_rules(rules)
 
    52         # we successfully added the nat rules, update the local copy
 
    52         # we successfully added the nat rules, update the local copy
 
    53         for rule in rules:
 
    53         for rule in rules:
 
    54             self.ipv4['nat'].append(rule)
 
    54             self.ipv4['nat'].append(rule)
 
    55 
    55 
    56     def remove_nat_rules(self, rules, version='4'):
 
    56     def remove_nat_rules(self, rules, version='4'):
 
    57         # Solaris doesn't support IPv6 NAT rules
 
    57         # Solaris doesn't support IPv6 NAT rules
 
    58         assert version == '4'
 
    58         assert version == '4'
 
    59         ipnat = net_lib.IpnatCommand()
 
    59         ipnat = net_lib.IPnatCommand()
 
    60         ipnat.remove_rules(rules)
 
    60         ipnat.remove_rules(rules)
 
    61         # we successfully removed the nat rules, update the local copy
 
    61         # we successfully removed the nat rules, update the local copy
 
    62         for rule in rules:
 
    62         for rule in rules:
 
    63             self.ipv4['nat'].remove(rule)
 
    63             self.ipv4['nat'].remove(rule)
 
    64 
    64 
    65     def add_ipf_rules(self, rules, version='4'):
 
    65     def add_ipf_rules(self, rules, version='4'):
 
    66         ipf = net_lib.IpfilterCommand()
 
    66         ipf = net_lib.IPfilterCommand()
 
    67         ipf.add_rules(rules, version)
 
    67         ipf.add_rules(rules, version)
 
    68         version_rules = (self.ipv4['filter'] if version == '4' else
 
    68         version_rules = (self.ipv4['filter'] if version == '4' else
 
    69                          self.ipv6['filter'])
 
    69                          self.ipv6['filter'])
 
    70         for rule in rules:
 
    70         for rule in rules:
 
    71             version_rules.append(rule)
 
    71             version_rules.append(rule)
 
    72 
    72 
    73     def remove_ipf_rules(self, rules, version='4'):
 
    73     def remove_ipf_rules(self, rules, version='4'):
 
    74         ipf = net_lib.IpfilterCommand()
 
    74         ipf = net_lib.IPfilterCommand()
 
    75         ipf.remove_rules(rules, version)
 
    75         ipf.remove_rules(rules, version)
 
    76         version_rules = (self.ipv4['filter'] if version == '4' else
 
    76         version_rules = (self.ipv4['filter'] if version == '4' else
 
    77                          self.ipv6['filter'])
 
    77                          self.ipv6['filter'])
 
    78         for rule in rules:
 
    78         for rule in rules:
 
    79             version_rules.remove(rule)
 
    79             version_rules.remove(rule)
upstream/oracle/userland-gate