You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ko...@apache.org on 2013/02/25 13:37:19 UTC
[2/2] git commit: refs/heads/cisco-vnmc-api-integration - Added
support for static NAT rules. - Xmls for creating static nat rules in VNMC -
applyStaticNats implementation in VNMC network element - handler for static
nat in resource class
Updated Branches:
refs/heads/cisco-vnmc-api-integration 66b01a658 -> deed3cc95
Added support for static NAT rules.
- Xmls for creating static nat rules in VNMC
- applyStaticNats implementation in VNMC network element
- handler for static nat in resource class
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/deed3cc9
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/deed3cc9
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/deed3cc9
Branch: refs/heads/cisco-vnmc-api-integration
Commit: deed3cc9510fee58a02d4f485e3625335f038a57
Parents: 681f0b7
Author: Koushik Das <ko...@citrix.com>
Authored: Mon Feb 25 18:03:59 2013 +0530
Committer: Koushik Das <ko...@citrix.com>
Committed: Mon Feb 25 18:03:59 2013 +0530
----------------------------------------------------------------------
.../scripts/network/cisco/create-dnat-rule.xml | 77 +-----
.../scripts/network/cisco/create-pf-rule.xml | 149 +++++++++
.../cloud/network/cisco/CiscoVnmcConnection.java | 29 ++-
.../network/cisco/CiscoVnmcConnectionImpl.java | 250 ++++++++-------
.../cloud/network/element/CiscoVnmcElement.java | 62 ++++-
.../cloud/network/resource/CiscoVnmcResource.java | 87 +++++-
6 files changed, 443 insertions(+), 211 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/deed3cc9/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-dnat-rule.xml
----------------------------------------------------------------------
diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-dnat-rule.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-dnat-rule.xml
index 8f53003..8193762 100755
--- a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-dnat-rule.xml
+++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-dnat-rule.xml
@@ -26,7 +26,7 @@
isRoundRobinIpEnabled="no"
srcTranslatedIpPatPool=""
srcTranslatedIpPool="%ippoolname%"
- srcTranslatedPortPool="%portpoolname%"
+ srcTranslatedPortPool=""
status="created"/>
</pair>
@@ -62,77 +62,6 @@
value="%srcip%"/>
</pair>
- <pair key="%natruledn%/rule-cond-3">
- <policyRuleCondition
- dn="%natruledn%/rule-cond-3"
- id="3"
- order="unspecified"
- status="created"/>
- </pair>
- <pair key="%natruledn%/rule-cond-3/nw-expr2/nw-attr-qual">
- <policyNwAttrQualifier
- attrEp="source"
- dn="%natruledn%/rule-cond-3/nw-expr2/nw-attr-qual"
- status="created"/>
- </pair>
- <pair key="%natruledn%/rule-cond-3/nw-expr2">
- <policyNetworkExpression
- dn="%natruledn%/rule-cond-3/nw-expr2"
- id="2"
- opr="range"
- status="created"/>
- </pair>
- <pair key="%natruledn%/rule-cond-3/nw-expr2/nw-port-2">
- <policyNetworkPort
- appType="Other"
- dataType="string"
- descr=""
- dn="%natruledn%/rule-cond-3/nw-expr2/nw-port-2"
- id="2"
- name=""
- placement="begin"
- status="created"
- value="%srcportstart%"/>
- </pair>
- <pair key="%natruledn%/rule-cond-3/nw-expr2/nw-port-3">
- <policyNetworkPort
- appType="Other"
- dataType="string"
- descr=""
- dn="%natruledn%/rule-cond-3/nw-expr2/nw-port-3"
- id="3"
- name=""
- placement="end"
- status="created"
- value="%srcportend%"/>
- </pair>
-
- <pair key="%natruledn%/rule-cond-4">
- <policyRuleCondition
- dn="%natruledn%/rule-cond-4"
- id="4"
- order="unspecified"
- status="created"/>
- </pair>
- <pair key="%natruledn%/rule-cond-4/nw-expr2">
- <policyNetworkExpression
- dn="%natruledn%/rule-cond-4/nw-expr2"
- id="2"
- opr="eq"
- status="created"/>
- </pair>
- <pair key="%natruledn%/rule-cond-4/nw-expr2/nw-protocol-2">
- <policyProtocol
- dataType="string"
- descr=""
- dn="%natruledn%/rule-cond-4/nw-expr2/nw-protocol-2"
- id="2"
- name=""
- placement="none"
- status="created"
- value="%protocolvalue%"/>
- </pair>
-
</inConfigs>
</configConfMos>
@@ -141,9 +70,5 @@
natrulename="bbb"
descr=value
ippoolname="ccc"
- portpoolname="ddd"
srcip="10.147.30.230"
- srcportstart="22"
- srcportend="22"
- protocolvalue="TCP"
--!>
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/deed3cc9/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-pf-rule.xml
----------------------------------------------------------------------
diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-pf-rule.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-pf-rule.xml
new file mode 100755
index 0000000..8f53003
--- /dev/null
+++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-pf-rule.xml
@@ -0,0 +1,149 @@
+
+<configConfMos
+ cookie="%cookie%"
+ inHierarchical="false">
+ <inConfigs>
+
+ <pair key="%natruledn%">
+ <policyRule
+ descr="%descr%"
+ dn="%natruledn%"
+ name="%natrulename%"
+ order="100"
+ status="created"/>
+ </pair>
+
+ <pair key="%natruledn%/nat-action">
+ <natpolicyNatAction
+ actionType="static"
+ destTranslatedIpPool=""
+ destTranslatedPortPool=""
+ dn="%natruledn%/nat-action"
+ id="0"
+ isBidirectionalEnabled="yes"
+ isDnsEnabled="no"
+ isNoProxyArpEnabled="no"
+ isRoundRobinIpEnabled="no"
+ srcTranslatedIpPatPool=""
+ srcTranslatedIpPool="%ippoolname%"
+ srcTranslatedPortPool="%portpoolname%"
+ status="created"/>
+ </pair>
+
+ <pair key="%natruledn%/rule-cond-2">
+ <policyRuleCondition
+ dn="%natruledn%/rule-cond-2"
+ id="2"
+ order="unspecified"
+ status="created"/>
+ </pair>
+ <pair key="%natruledn%/rule-cond-2/nw-expr2/nw-attr-qual">
+ <policyNwAttrQualifier
+ attrEp="source"
+ dn="%natruledn%/rule-cond-2/nw-expr2/nw-attr-qual"
+ status="created"/>
+ </pair>
+ <pair key="%natruledn%/rule-cond-2/nw-expr2">
+ <policyNetworkExpression
+ dn="%natruledn%/rule-cond-2/nw-expr2"
+ id="2"
+ opr="eq"
+ status="created"/>
+ </pair>
+ <pair key="%natruledn%/rule-cond-2/nw-expr2/nw-ip-2">
+ <policyIPAddress
+ dataType="string"
+ descr=""
+ dn="%natruledn%/rule-cond-2/nw-expr2/nw-ip-2"
+ id="2"
+ name=""
+ placement="none"
+ status="created"
+ value="%srcip%"/>
+ </pair>
+
+ <pair key="%natruledn%/rule-cond-3">
+ <policyRuleCondition
+ dn="%natruledn%/rule-cond-3"
+ id="3"
+ order="unspecified"
+ status="created"/>
+ </pair>
+ <pair key="%natruledn%/rule-cond-3/nw-expr2/nw-attr-qual">
+ <policyNwAttrQualifier
+ attrEp="source"
+ dn="%natruledn%/rule-cond-3/nw-expr2/nw-attr-qual"
+ status="created"/>
+ </pair>
+ <pair key="%natruledn%/rule-cond-3/nw-expr2">
+ <policyNetworkExpression
+ dn="%natruledn%/rule-cond-3/nw-expr2"
+ id="2"
+ opr="range"
+ status="created"/>
+ </pair>
+ <pair key="%natruledn%/rule-cond-3/nw-expr2/nw-port-2">
+ <policyNetworkPort
+ appType="Other"
+ dataType="string"
+ descr=""
+ dn="%natruledn%/rule-cond-3/nw-expr2/nw-port-2"
+ id="2"
+ name=""
+ placement="begin"
+ status="created"
+ value="%srcportstart%"/>
+ </pair>
+ <pair key="%natruledn%/rule-cond-3/nw-expr2/nw-port-3">
+ <policyNetworkPort
+ appType="Other"
+ dataType="string"
+ descr=""
+ dn="%natruledn%/rule-cond-3/nw-expr2/nw-port-3"
+ id="3"
+ name=""
+ placement="end"
+ status="created"
+ value="%srcportend%"/>
+ </pair>
+
+ <pair key="%natruledn%/rule-cond-4">
+ <policyRuleCondition
+ dn="%natruledn%/rule-cond-4"
+ id="4"
+ order="unspecified"
+ status="created"/>
+ </pair>
+ <pair key="%natruledn%/rule-cond-4/nw-expr2">
+ <policyNetworkExpression
+ dn="%natruledn%/rule-cond-4/nw-expr2"
+ id="2"
+ opr="eq"
+ status="created"/>
+ </pair>
+ <pair key="%natruledn%/rule-cond-4/nw-expr2/nw-protocol-2">
+ <policyProtocol
+ dataType="string"
+ descr=""
+ dn="%natruledn%/rule-cond-4/nw-expr2/nw-protocol-2"
+ id="2"
+ name=""
+ placement="none"
+ status="created"
+ value="%protocolvalue%"/>
+ </pair>
+
+ </inConfigs>
+</configConfMos>
+
+<!--
+ natruledn="org-root/org-vlan-123/org-VDC-vlan-123/natpol-aaa/rule-bbb"
+ natrulename="bbb"
+ descr=value
+ ippoolname="ccc"
+ portpoolname="ddd"
+ srcip="10.147.30.230"
+ srcportstart="22"
+ srcportend="22"
+ protocolvalue="TCP"
+--!>
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/deed3cc9/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java
----------------------------------------------------------------------
diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java
index c83e5ce..7140847 100644
--- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java
+++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java
@@ -64,17 +64,12 @@ public interface CiscoVnmcConnection {
public boolean createTenantVDCSourceNatPolicyRef(String tenantName, String identifier)
throws ExecutionException;
- public boolean createTenantVDCDNatPortPool(String tenantName, String identifier,
- String startPort, String endPort)
- throws ExecutionException;
-
public boolean createTenantVDCDNatIpPool(String tenantName, String identifier,
String ipAddress) throws ExecutionException;
public boolean createTenantVDCDNatRule(String tenantName,
String identifier, String policyIdentifier,
- String protocol, String sourceIp,
- String startSourcePort, String endSourcePort)
+ String sourceIp)
throws ExecutionException;
public boolean createTenantVDCDNatPolicy(String tenantName, String identifier)
@@ -86,6 +81,28 @@ public interface CiscoVnmcConnection {
public boolean createTenantVDCDNatPolicyRef(String tenantName, String identifier)
throws ExecutionException;
+ public boolean createTenantVDCPFPortPool(String tenantName, String identifier,
+ String startPort, String endPort)
+ throws ExecutionException;
+
+ public boolean createTenantVDCPFIpPool(String tenantName, String identifier,
+ String ipAddress) throws ExecutionException;
+
+ public boolean createTenantVDCPFRule(String tenantName,
+ String identifier, String policyIdentifier,
+ String protocol, String sourceIp,
+ String startSourcePort, String endSourcePort)
+ throws ExecutionException;
+
+ public boolean createTenantVDCPFPolicy(String tenantName, String identifier)
+ throws ExecutionException;
+
+ public boolean deleteTenantVDCPFPolicy(String tenantName, String identifier)
+ throws ExecutionException;
+
+ public boolean createTenantVDCPFPolicyRef(String tenantName, String identifier)
+ throws ExecutionException;
+
public boolean createTenantVDCNatPolicySet(String tenantName)
throws ExecutionException;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/deed3cc9/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java
----------------------------------------------------------------------
diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java
index f21045f..6a2a1f0 100644
--- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java
+++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java
@@ -72,6 +72,7 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
CREATE_PORT_POOL("create-port-pool.xml", "policy-mgr"),
CREATE_IP_POOL("create-ip-pool.xml", "policy-mgr"),
+ CREATE_PF_RULE("create-pf-rule.xml", "policy-mgr"),
CREATE_DNAT_RULE("create-dnat-rule.xml", "policy-mgr"),
CREATE_SOURCE_NAT_RULE("create-source-nat-rule.xml", "policy-mgr"),
@@ -416,20 +417,18 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
}
private String getNameForSourceNatIpPool(String tenantName) {
- return "SNAT-Ip-" + tenantName;
+ return "SNATIp-" + tenantName;
}
private String getDnForSourceNatPool(String tenantName) {
return getDnForTenantVDC(tenantName) + "/objgrp-" + getNameForSourceNatIpPool(tenantName);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCSourceNatIpPool(java.lang.String, java.lang.String, java.lang.String)
- */
@Override
public boolean createTenantVDCSourceNatIpPool(String tenantName, String identifier,
String publicIp) throws ExecutionException {
- return createTenantVDCIpPool(getDnForSourceNatPool(tenantName),
+ return createTenantVDCIpPool(
+ getDnForSourceNatPool(tenantName),
getNameForSourceNatIpPool(tenantName),
"Source NAT ip pool for Tenant VDC " + tenantName,
publicIp);
@@ -451,9 +450,18 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return getDnForSourceNatPolicy(tenantName) + "/rule-" + getNameForSourceNatRule(tenantName);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCSourceNatRule(java.lang.String, java.lang.String, java.lang.String)
- */
+ private String getNameForNatPolicySet(String tenantName) {
+ return "NAT-PolicySet-" + tenantName;
+ }
+
+ private String getDnForNatPolicySet(String tenantName) {
+ return getDnForTenantVDC(tenantName) + "/natpset-" + getNameForNatPolicySet(tenantName) ;
+ }
+
+ private String getDnForSourceNatPolicyRef(String tenantName) {
+ return getDnForNatPolicySet(tenantName) + "/polref-" + getNameForSourceNatPolicy(tenantName) ;
+ }
+
@Override
public boolean createTenantVDCSourceNatRule(String tenantName, String identifier,
String startSourceIp, String endSourceIp) throws ExecutionException {
@@ -473,21 +481,6 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return verifySuccess(response);
}
- private String getNameForNatPolicySet(String tenantName) {
- return "NAT-PolicySet-" + tenantName;
- }
-
- private String getDnForNatPolicySet(String tenantName) {
- return getDnForTenantVDC(tenantName) + "/natpset-" + getNameForNatPolicySet(tenantName) ;
- }
-
- private String getDnForSourceNatPolicyRef(String tenantName) {
- return getDnForNatPolicySet(tenantName) + "/polref-" + getNameForSourceNatPolicy(tenantName) ;
- }
-
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCSourceNatPolicyRef(java.lang.String, java.lang.String)
- */
@Override
public boolean createTenantVDCSourceNatPolicyRef(String tenantName, String identifier) throws ExecutionException {
return createTenantVDCNatPolicyRef(
@@ -496,9 +489,6 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
tenantName);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCSourceNatPolicy(java.lang.String, java.lang.String)
- */
@Override
public boolean createTenantVDCSourceNatPolicy(String tenantName, String identifier) throws ExecutionException {
return createTenantVDCNatPolicy(
@@ -506,9 +496,6 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
getNameForSourceNatPolicy(tenantName));
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCNatPolicySet(java.lang.String)
- */
@Override
public boolean createTenantVDCNatPolicySet(String tenantName) throws ExecutionException {
String xml = VnmcXml.CREATE_NAT_POLICY_SET.getXml();
@@ -523,9 +510,6 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return verifySuccess(response);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#associateNatPolicySet(java.lang.String)
- */
@Override
public boolean associateNatPolicySet(String tenantName) throws ExecutionException {
String xml = VnmcXml.RESOLVE_NAT_POLICY_SET.getXml();
@@ -571,9 +555,6 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return getDnForAclPolicy(tenantName, policyIdentifier) + "/rule-" + getNameForAclRule(tenantName, identifier);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCAclPolicy(java.lang.String, java.lang.String, boolean)
- */
@Override
public boolean createTenantVDCAclPolicy(String tenantName, String identifier, boolean ingress) throws ExecutionException {
String xml = VnmcXml.CREATE_ACL_POLICY.getXml();
@@ -588,9 +569,6 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return verifySuccess(response);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#deleteTenantVDCAclPolicy(java.lang.String, java.lang.String)
- */
@Override
public boolean deleteTenantVDCAclPolicy(String tenantName, String identifier) throws ExecutionException {
String xml = VnmcXml.DELETE_ACL_POLICY.getXml();
@@ -604,9 +582,6 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return verifySuccess(response);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCAclPolicyRef(java.lang.String, java.lang.String, boolean)
- */
@Override
public boolean createTenantVDCAclPolicyRef(String tenantName, String identifier, boolean ingress) throws ExecutionException {
String xml = VnmcXml.CREATE_ACL_POLICY_REF.getXml();
@@ -621,9 +596,6 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return verifySuccess(response);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCAclPolicySet(java.lang.String, boolean)
- */
@Override
public boolean createTenantVDCAclPolicySet(String tenantName, boolean ingress) throws ExecutionException {
String xml = VnmcXml.CREATE_ACL_POLICY_SET.getXml();
@@ -638,9 +610,6 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return verifySuccess(response);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#associateAclPolicySet(java.lang.String)
- */
@Override
public boolean associateAclPolicySet(String tenantName) throws ExecutionException {
String xml = VnmcXml.RESOLVE_ACL_POLICY_SET.getXml();
@@ -659,9 +628,6 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return verifySuccess(response);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createIngressAclRule(java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String)
- */
@Override
public boolean createIngressAclRule(String tenantName,
String identifier, String policyIdentifier,
@@ -686,9 +652,6 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return verifySuccess(response);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#deleteAclRule(java.lang.String, java.lang.String, java.lang.String)
- */
@Override
public boolean deleteAclRule(String tenantName, String identifier, String policyIdentifier) throws ExecutionException {
String xml = VnmcXml.DELETE_ACL_RULE.getXml();
@@ -702,20 +665,20 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return verifySuccess(response);
}
- private String getNameForDNatPortPool(String tenantName, String identifier) {
- return "Port-" + tenantName + "-" + identifier;
+ private String getNameForPFPortPool(String tenantName, String identifier) {
+ return "PFPort-" + tenantName + "-" + identifier;
}
- private String getDnForDNatPortPool(String tenantName, String identifier) {
- return getDnForTenantVDC(tenantName) + "/objgrp-" + getNameForDNatPortPool(tenantName, identifier);
+ private String getDnForPFPortPool(String tenantName, String identifier) {
+ return getDnForTenantVDC(tenantName) + "/objgrp-" + getNameForPFPortPool(tenantName, identifier);
}
- private String getNameForDNatIpPool(String tenantName, String identifier) {
- return "Ip-" + tenantName + "-" + identifier;
+ private String getNameForPFIpPool(String tenantName, String identifier) {
+ return "PFIp-" + tenantName + "-" + identifier;
}
- private String getDnForDNatIpPool(String tenantName, String identifier) {
- return getDnForTenantVDC(tenantName) + "/objgrp-" + getNameForDNatIpPool(tenantName, identifier);
+ private String getDnForPFIpPool(String tenantName, String identifier) {
+ return getDnForTenantVDC(tenantName) + "/objgrp-" + getNameForPFIpPool(tenantName, identifier);
}
private boolean createTenantVDCPortPool(String poolDn, String name,
@@ -811,68 +774,109 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
}
return result;
-
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCDNatPortPool(java.lang.String, java.lang.String, java.lang.String, java.lang.String)
- */
@Override
- public boolean createTenantVDCDNatPortPool(String tenantName, String identifier,
+ public boolean createTenantVDCPFPortPool(String tenantName, String identifier,
String startPort, String endPort) throws ExecutionException {
return createTenantVDCPortPool(
- getDnForDNatPortPool(tenantName, identifier), getNameForDNatPortPool(tenantName, identifier),
- "DNAT port pool for " + getNameForDNatPortPool(tenantName, identifier), startPort, endPort);
+ getDnForPFPortPool(tenantName, identifier),
+ getNameForPFPortPool(tenantName, identifier),
+ "PF port pool for " + getNameForPFPortPool(tenantName, identifier),
+ startPort, endPort);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCDNatIpPool(java.lang.String, java.lang.String, java.lang.String)
- */
+
@Override
- public boolean createTenantVDCDNatIpPool(String tenantName, String identifier,
+ public boolean createTenantVDCPFIpPool(String tenantName, String identifier,
String ipAddress) throws ExecutionException {
return createTenantVDCIpPool(
- getDnForDNatIpPool(tenantName, identifier), getNameForDNatIpPool(tenantName, identifier),
- "DNAT ip pool for " + getNameForDNatIpPool(tenantName, identifier), ipAddress);
+ getDnForPFIpPool(tenantName, identifier),
+ getNameForPFIpPool(tenantName, identifier),
+ "PF ip pool for " + getNameForPFIpPool(tenantName, identifier),
+ ipAddress);
}
- private String getNameForDNatPolicy(String tenantName, String identifier) {
- return "DNAT-" + tenantName + "-" + identifier;
+ private String getNameForPFPolicy(String tenantName, String identifier) {
+ return "PF-" + tenantName + "-" + identifier;
}
- private String getDnForDNatPolicy(String tenantName, String identifier) {
- return getDnForTenantVDC(tenantName) + "/natpol-" + getNameForDNatPolicy(tenantName, identifier);
+ private String getDnForPFPolicy(String tenantName, String identifier) {
+ return getDnForTenantVDC(tenantName) + "/natpol-" + getNameForPFPolicy(tenantName, identifier);
}
- private String getDnForDNatPolicyRef(String tenantName, String identifier) {
- return getDnForNatPolicySet(tenantName) + "/polref-" + getNameForDNatPolicy(tenantName, identifier);
+ private String getDnForPFPolicyRef(String tenantName, String identifier) {
+ return getDnForNatPolicySet(tenantName) + "/polref-" + getNameForPFPolicy(tenantName, identifier);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCDNatPolicyRef(java.lang.String, java.lang.String)
- */
- public boolean createTenantVDCDNatPolicyRef(String tenantName, String identifier) throws ExecutionException {
+ private String getNameForPFRule(String tenantName, String identifier) {
+ return "Rule-" + tenantName + "-" + identifier;
+ }
+
+ private String getDnForPFRule(String tenantName, String identifier, String policyIdentifier) {
+ return getDnForPFPolicy(tenantName, policyIdentifier) + "/rule-" + getNameForPFRule(tenantName, identifier);
+ }
+
+ @Override
+ public boolean createTenantVDCPFRule(String tenantName,
+ String identifier, String policyIdentifier,
+ String protocol, String sourceIp,
+ String startSourcePort, String endSourcePort) throws ExecutionException {
+ String xml = VnmcXml.CREATE_PF_RULE.getXml();
+ String service = VnmcXml.CREATE_PF_RULE.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ xml = replaceXmlValue(xml, "natruledn", getDnForPFRule(tenantName, identifier, policyIdentifier));
+ xml = replaceXmlValue(xml, "natrulename", getNameForPFRule(tenantName, identifier));
+ xml = replaceXmlValue(xml, "descr", "PF rule for Tenant VDC " + tenantName);
+ xml = replaceXmlValue(xml, "ippoolname", getNameForPFIpPool(tenantName, policyIdentifier + "-" + identifier));
+ xml = replaceXmlValue(xml, "portpoolname", getNameForPFPortPool(tenantName, policyIdentifier + "-" + identifier));
+ xml = replaceXmlValue(xml, "srcip", sourceIp);
+ xml = replaceXmlValue(xml, "srcportstart", startSourcePort);
+ xml = replaceXmlValue(xml, "srcportend", endSourcePort);
+ xml = replaceXmlValue(xml, "protocolvalue", protocol);
+
+ String response = sendRequest(service, xml);
+
+ return verifySuccess(response);
+ }
+
+ @Override
+ public boolean createTenantVDCPFPolicyRef(String tenantName, String identifier) throws ExecutionException {
return createTenantVDCNatPolicyRef(
- getDnForDNatPolicyRef(tenantName, identifier),
- getNameForDNatPolicy(tenantName, identifier),
+ getDnForPFPolicyRef(tenantName, identifier),
+ getNameForPFPolicy(tenantName, identifier),
tenantName);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCDNatPolicy(java.lang.String, java.lang.String)
- */
- public boolean createTenantVDCDNatPolicy(String tenantName, String identifier) throws ExecutionException {
+ @Override
+ public boolean createTenantVDCPFPolicy(String tenantName, String identifier) throws ExecutionException {
return createTenantVDCNatPolicy(
- getDnForDNatPolicy(tenantName, identifier),
- getNameForDNatPolicy(tenantName, identifier));
+ getDnForPFPolicy(tenantName, identifier),
+ getNameForPFPolicy(tenantName, identifier));
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#deleteTenantVDCDNatPolicy(java.lang.String, java.lang.String)
- */
- public boolean deleteTenantVDCDNatPolicy(String tenantName, String identifier) throws ExecutionException {
+ @Override
+ public boolean deleteTenantVDCPFPolicy(String tenantName, String identifier) throws ExecutionException {
return deleteTenantVDCNatPolicy(
- getDnForDNatPolicy(tenantName, identifier),
- getNameForDNatPolicy(tenantName, identifier));
+ getDnForPFPolicy(tenantName, identifier),
+ getNameForPFPolicy(tenantName, identifier));
+ }
+
+ private String getNameForDNatIpPool(String tenantName, String identifier) {
+ return "DNATIp-" + tenantName + "-" + identifier;
+ }
+
+ private String getDnForDNatIpPool(String tenantName, String identifier) {
+ return getDnForTenantVDC(tenantName) + "/objgrp-" + getNameForDNatIpPool(tenantName, identifier);
+ }
+
+ @Override
+ public boolean createTenantVDCDNatIpPool(String tenantName,
+ String identifier, String ipAddress) throws ExecutionException {
+ return createTenantVDCIpPool(
+ getDnForDNatIpPool(tenantName, identifier),
+ getNameForDNatIpPool(tenantName, identifier),
+ "DNAT ip pool for " + getNameForDNatIpPool(tenantName, identifier),
+ ipAddress);
}
private String getNameForDNatRule(String tenantName, String identifier) {
@@ -883,13 +887,22 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return getDnForDNatPolicy(tenantName, policyIdentifier) + "/rule-" + getNameForDNatRule(tenantName, identifier);
}
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCDNatRule(java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String)
- */
+ private String getNameForDNatPolicy(String tenantName, String identifier) {
+ return "DNAT-" + tenantName + "-" + identifier;
+ }
+
+ private String getDnForDNatPolicy(String tenantName, String identifier) {
+ return getDnForTenantVDC(tenantName) + "/natpol-" + getNameForDNatPolicy(tenantName, identifier);
+ }
+
+ private String getDnForDNatPolicyRef(String tenantName, String identifier) {
+ return getDnForNatPolicySet(tenantName) + "/polref-" + getNameForDNatPolicy(tenantName, identifier);
+ }
+
+ @Override
public boolean createTenantVDCDNatRule(String tenantName,
- String identifier, String policyIdentifier,
- String protocol, String sourceIp,
- String startSourcePort, String endSourcePort) throws ExecutionException {
+ String identifier, String policyIdentifier, String sourceIp)
+ throws ExecutionException {
String xml = VnmcXml.CREATE_DNAT_RULE.getXml();
String service = VnmcXml.CREATE_DNAT_RULE.getService();
xml = replaceXmlValue(xml, "cookie", _cookie);
@@ -897,17 +910,38 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
xml = replaceXmlValue(xml, "natrulename", getNameForDNatRule(tenantName, identifier));
xml = replaceXmlValue(xml, "descr", "DNAT rule for Tenant VDC " + tenantName);
xml = replaceXmlValue(xml, "ippoolname", getNameForDNatIpPool(tenantName, policyIdentifier + "-" + identifier));
- xml = replaceXmlValue(xml, "portpoolname", getNameForDNatPortPool(tenantName, policyIdentifier + "-" + identifier));
xml = replaceXmlValue(xml, "srcip", sourceIp);
- xml = replaceXmlValue(xml, "srcportstart", startSourcePort);
- xml = replaceXmlValue(xml, "srcportend", endSourcePort);
- xml = replaceXmlValue(xml, "protocolvalue", protocol);
String response = sendRequest(service, xml);
return verifySuccess(response);
}
+ @Override
+ public boolean createTenantVDCDNatPolicyRef(String tenantName,
+ String identifier) throws ExecutionException {
+ return createTenantVDCNatPolicyRef(
+ getDnForDNatPolicyRef(tenantName, identifier),
+ getNameForDNatPolicy(tenantName, identifier),
+ tenantName);
+ }
+
+ @Override
+ public boolean createTenantVDCDNatPolicy(String tenantName,
+ String identifier) throws ExecutionException {
+ return createTenantVDCNatPolicy(
+ getDnForDNatPolicy(tenantName, identifier),
+ getNameForDNatPolicy(tenantName, identifier));
+ }
+
+ @Override
+ public boolean deleteTenantVDCDNatPolicy(String tenantName,
+ String identifier) throws ExecutionException {
+ return deleteTenantVDCNatPolicy(
+ getDnForDNatPolicy(tenantName, identifier),
+ getNameForDNatPolicy(tenantName, identifier));
+ }
+
private String getNameForEdgeFirewall(String tenantName) {
return "ASA-1000v-" + tenantName;
}
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/deed3cc9/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java
----------------------------------------------------------------------
diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java
index b024a32..9639d5b 100644
--- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java
+++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java
@@ -41,9 +41,11 @@ import com.cloud.agent.api.routing.NetworkElementCommand;
import com.cloud.agent.api.routing.SetFirewallRulesCommand;
import com.cloud.agent.api.routing.SetPortForwardingRulesCommand;
import com.cloud.agent.api.routing.SetSourceNatCommand;
+import com.cloud.agent.api.routing.SetStaticNatRulesCommand;
import com.cloud.agent.api.to.FirewallRuleTO;
import com.cloud.agent.api.to.IpAddressTO;
import com.cloud.agent.api.to.PortForwardingRuleTO;
+import com.cloud.agent.api.to.StaticNatRuleTO;
import com.cloud.api.commands.AddCiscoAsa1000vResourceCmd;
import com.cloud.api.commands.AddCiscoVnmcResourceCmd;
import com.cloud.api.commands.DeleteCiscoAsa1000vResourceCmd;
@@ -56,7 +58,6 @@ import com.cloud.configuration.ConfigurationManager;
import com.cloud.dc.ClusterVO;
import com.cloud.dc.ClusterVSMMapVO;
import com.cloud.dc.DataCenter;
-import com.cloud.dc.DataCenterVO;
import com.cloud.dc.Vlan;
import com.cloud.dc.DataCenter.NetworkType;
import com.cloud.dc.dao.ClusterDao;
@@ -612,8 +613,8 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
public boolean applyPFRules(Network network, List<PortForwardingRule> rules)
throws ResourceUnavailableException {
- if (!_networkMgr.isProviderSupportServiceInNetwork(network.getId(), Service.Firewall, Provider.CiscoVnmc)) {
- s_logger.error("Firewall service is not provided by Cisco Vnmc device on network " + network.getName());
+ if (!_networkMgr.isProviderSupportServiceInNetwork(network.getId(), Service.PortForwarding, Provider.CiscoVnmc)) {
+ s_logger.error("Port forwarding service is not provided by Cisco Vnmc device on network " + network.getName());
return false;
}
@@ -632,7 +633,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
}
if (network.getState() == Network.State.Allocated) {
- s_logger.debug("External firewall was asked to apply firewall rules for network with ID " + network.getId() + "; this network is not implemented. Skipping backend commands.");
+ s_logger.debug("External firewall was asked to apply port forwarding rules for network with ID " + network.getId() + "; this network is not implemented. Skipping backend commands.");
return true;
}
@@ -664,11 +665,58 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
}
@Override
- public boolean applyStaticNats(Network config,
+ public boolean applyStaticNats(Network network,
List<? extends StaticNat> rules)
throws ResourceUnavailableException {
- // TODO Auto-generated method stub
- return false;
+ if (!_networkMgr.isProviderSupportServiceInNetwork(network.getId(), Service.StaticNat, Provider.CiscoVnmc)) {
+ s_logger.error("Static NAT service is not provided by Cisco Vnmc device on network " + network.getName());
+ return false;
+ }
+
+ // Find VNMC host for physical network
+ List<CiscoVnmcControllerVO> devices = _ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId());
+ if (devices.isEmpty()) {
+ s_logger.error("No Cisco Vnmc device on network " + network.getName());
+ return true;
+ }
+
+ // Find if ASA 1000v is associated with network
+ NetworkAsa1000vMapVO asaForNetwork = _networkAsa1000vMapDao.findByNetworkId(network.getId());
+ if (asaForNetwork == null) {
+ s_logger.debug("Cisco ASA 1000v device is not associated with network " + network.getName());
+ return true;
+ }
+
+ if (network.getState() == Network.State.Allocated) {
+ s_logger.debug("External firewall was asked to apply static NAT rules for network with ID " + network.getId() + "; this network is not implemented. Skipping backend commands.");
+ return true;
+ }
+
+ CiscoVnmcControllerVO ciscoVnmcDevice = devices.get(0);
+ HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcDevice.getHostId());
+
+ List<StaticNatRuleTO> rulesTO = new ArrayList<StaticNatRuleTO>();
+ for (StaticNat rule : rules) {
+ IpAddress sourceIp = _networkMgr.getIp(rule.getSourceIpAddressId());
+ StaticNatRuleTO ruleTO = new StaticNatRuleTO(0, sourceIp.getAddress().addr(), null,
+ null, rule.getDestIpAddress(), null, null, null, rule.isForRevoke(), false);
+ rulesTO.add(ruleTO);
+ }
+
+ if (!rulesTO.isEmpty()) {
+ SetStaticNatRulesCommand cmd = new SetStaticNatRulesCommand(rulesTO, null);
+ cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, network.getBroadcastUri().getHost());
+ cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, network.getCidr());
+ Answer answer = _agentMgr.easySend(ciscoVnmcHost.getId(), cmd);
+ if (answer == null || !answer.getResult()) {
+ String details = (answer != null) ? answer.getDetails() : "details unavailable";
+ String msg = "Unable to apply static NAT rules to Cisco ASA 1000v appliance due to: " + details + ".";
+ s_logger.error(msg);
+ throw new ResourceUnavailableException(msg, DataCenter.class, network.getDataCenterId());
+ }
+ }
+
+ return true;
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/deed3cc9/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java
----------------------------------------------------------------------
diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java
index 63911de..3ab6626 100644
--- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java
+++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java
@@ -49,6 +49,7 @@ import com.cloud.agent.api.routing.SetSourceNatCommand;
import com.cloud.agent.api.routing.SetStaticNatRulesCommand;
import com.cloud.agent.api.to.FirewallRuleTO;
import com.cloud.agent.api.to.PortForwardingRuleTO;
+import com.cloud.agent.api.to.StaticNatRuleTO;
import com.cloud.host.Host;
import com.cloud.network.cisco.CiscoVnmcConnectionImpl;
import com.cloud.resource.ServerResource;
@@ -259,7 +260,7 @@ public class CiscoVnmcResource implements ServerResource{
return execute(cmd, _numRetries);
}
- private Answer execute(IpAssocCommand cmd, int numRetries) {
+ private Answer execute(IpAssocCommand cmd, int numRetries) {
String[] results = new String[cmd.getIpAddresses().length];
return new IpAssocAnswer(cmd, results);
}
@@ -402,7 +403,65 @@ public class CiscoVnmcResource implements ServerResource{
}
private Answer execute(SetStaticNatRulesCommand cmd, int numRetries) {
- return new Answer(cmd);
+ String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG);
+ String tenant = "vlan-" + vlanId;
+
+ StaticNatRuleTO[] rules = cmd.getRules();
+ Map<String, List<StaticNatRuleTO>> publicIpRulesMap = new HashMap<String, List<StaticNatRuleTO>>();
+ for (StaticNatRuleTO rule : rules) {
+ String publicIp = rule.getSrcIp();
+ if (!publicIpRulesMap.containsKey(publicIp)) {
+ List<StaticNatRuleTO> publicIpRulesList = new ArrayList<StaticNatRuleTO>();
+ publicIpRulesMap.put(publicIp, publicIpRulesList);
+ }
+ publicIpRulesMap.get(publicIp).add(rule);
+ }
+
+ try {
+ if (!_connection.createTenantVDCNatPolicySet(tenant)) {
+ throw new Exception("Failed to create NAT policy set in VNMC for guest network with vlan " + vlanId);
+ }
+
+ for (String publicIp : publicIpRulesMap.keySet()) {
+ String policyIdentifier = publicIp.replace('.', '-');
+
+ if (!_connection.deleteTenantVDCDNatPolicy(tenant, policyIdentifier)) {
+ throw new Exception("Failed to delete ACL ingress policy in VNMC for guest network with vlan " + vlanId);
+ }
+
+ if (!_connection.createTenantVDCDNatPolicy(tenant, policyIdentifier)) {
+ throw new Exception("Failed to create DNAT policy in VNMC for guest network with vlan " + vlanId);
+ }
+ if (!_connection.createTenantVDCDNatPolicyRef(tenant, policyIdentifier)) {
+ throw new Exception("Failed to associate DNAT policy with NAT policy set in VNMC for guest network with vlan " + vlanId);
+ }
+
+ for (StaticNatRuleTO rule : publicIpRulesMap.get(publicIp)) {
+ if (rule.revoked()) {
+ //_connection.deleteDNatRule(tenant, Long.toString(rule.getId()), publicIp);
+ } else {
+ if (!_connection.createTenantVDCDNatIpPool(tenant, policyIdentifier + "-" + rule.getId(), rule.getDstIp())) {
+ throw new Exception("Failed to create DNAT ip pool in VNMC for guest network with vlan " + vlanId);
+ }
+
+ if (!_connection.createTenantVDCDNatRule(tenant,
+ Long.toString(rule.getId()), policyIdentifier, rule.getSrcIp())) {
+ throw new Exception("Failed to create DNAT rule in VNMC for guest network with vlan " + vlanId);
+ }
+ }
+ }
+ }
+
+ if (!_connection.associateNatPolicySet(tenant)) {
+ throw new Exception("Failed to associate source NAT policy set with edge security profile in VNMC for guest network with vlan " + vlanId);
+ }
+ } catch (Throwable e) {
+ String msg = "SetSourceNatCommand failed due to " + e.getMessage();
+ s_logger.error(msg, e);
+ return new Answer(cmd, false, msg);
+ }
+
+ return new Answer(cmd, true, "Success");
}
/*
@@ -436,35 +495,35 @@ public class CiscoVnmcResource implements ServerResource{
for (String publicIp : publicIpRulesMap.keySet()) {
String policyIdentifier = publicIp.replace('.', '-');
- if (!_connection.deleteTenantVDCDNatPolicy(tenant, policyIdentifier)) {
+ if (!_connection.deleteTenantVDCPFPolicy(tenant, policyIdentifier)) {
throw new Exception("Failed to delete ACL ingress policy in VNMC for guest network with vlan " + vlanId);
}
- if (!_connection.createTenantVDCDNatPolicy(tenant, policyIdentifier)) {
- throw new Exception("Failed to create DNAT policy in VNMC for guest network with vlan " + vlanId);
+ if (!_connection.createTenantVDCPFPolicy(tenant, policyIdentifier)) {
+ throw new Exception("Failed to create PF policy in VNMC for guest network with vlan " + vlanId);
}
- if (!_connection.createTenantVDCDNatPolicyRef(tenant, policyIdentifier)) {
- throw new Exception("Failed to associate DNAT policy with NAT policy set in VNMC for guest network with vlan " + vlanId);
+ if (!_connection.createTenantVDCPFPolicyRef(tenant, policyIdentifier)) {
+ throw new Exception("Failed to associate PF policy with NAT policy set in VNMC for guest network with vlan " + vlanId);
}
for (PortForwardingRuleTO rule : publicIpRulesMap.get(publicIp)) {
if (rule.revoked()) {
- //_connection.deleteDNatRule(tenant, Long.toString(rule.getId()), publicIp);
+ //_connection.deletePFRule(tenant, Long.toString(rule.getId()), publicIp);
} else {
- if (!_connection.createTenantVDCDNatIpPool(tenant, policyIdentifier + "-" + rule.getId(), rule.getDstIp())) {
- throw new Exception("Failed to create DNAT ip pool in VNMC for guest network with vlan " + vlanId);
+ if (!_connection.createTenantVDCPFIpPool(tenant, policyIdentifier + "-" + rule.getId(), rule.getDstIp())) {
+ throw new Exception("Failed to create PF ip pool in VNMC for guest network with vlan " + vlanId);
}
- if (!_connection.createTenantVDCDNatPortPool(tenant, policyIdentifier + "-" + rule.getId(),
+ if (!_connection.createTenantVDCPFPortPool(tenant, policyIdentifier + "-" + rule.getId(),
Integer.toString(rule.getDstPortRange()[0]), Integer.toString(rule.getDstPortRange()[1]))) {
- throw new Exception("Failed to create DNAT port pool in VNMC for guest network with vlan " + vlanId);
+ throw new Exception("Failed to create PF port pool in VNMC for guest network with vlan " + vlanId);
}
- if (!_connection.createTenantVDCDNatRule(tenant,
+ if (!_connection.createTenantVDCPFRule(tenant,
Long.toString(rule.getId()), policyIdentifier,
rule.getProtocol().toUpperCase(), rule.getSrcIp(),
Integer.toString(rule.getSrcPortRange()[0]), Integer.toString(rule.getSrcPortRange()[1]))) {
- throw new Exception("Failed to create DNAT rule in VNMC for guest network with vlan " + vlanId);
+ throw new Exception("Failed to create PF rule in VNMC for guest network with vlan " + vlanId);
}
}
}