You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@vcl.apache.org by ar...@apache.org on 2017/03/30 21:16:27 UTC
svn commit: r1789585 - in /vcl/trunk/managementnode/lib/VCL: DataStructure.pm Module/OS.pm

Author: arkurth
Date: Thu Mar 30 21:16:27 2017
New Revision: 1789585

URL: http://svn.apache.org/viewvc?rev=1789585&view=rev
Log:
VCL-1031
Added subroutines:
DataStructure.pm::get_connect_method_protocol_port_array

Removed subroutines and all calls to them:
Linux.pm::grant_management_node_access
Linux.pm::
Linux.pm::
Linux.pm::
Linux.pm::
Linux.pm::
Linux.pm::
Linux.pm::


Renamed subroutines:
iptables.pm::configure_nat --> nat_configure_host
iptables.pm::configure_nat_reservation --> nat_configure_reservation
add_nat_port_forward --> nat_add_port_forward

Added calls to firewall module subroutines if the object implements it:
OS.pm::firewall_compare_update --> firewall/process_inuse
Linux.pm::pre_capture --> firewall/process_pre_capture
Linux.pm::post_load --> firewall/process_post_load
Linux.pm::grant_access --> firewall/process_reserved


Modified:
    vcl/trunk/managementnode/lib/VCL/DataStructure.pm
    vcl/trunk/managementnode/lib/VCL/Module/OS.pm

Modified: vcl/trunk/managementnode/lib/VCL/DataStructure.pm
URL: http://svn.apache.org/viewvc/vcl/trunk/managementnode/lib/VCL/DataStructure.pm?rev=1789585&r1=1789584&r2=1789585&view=diff
==============================================================================
--- vcl/trunk/managementnode/lib/VCL/DataStructure.pm (original)
+++ vcl/trunk/managementnode/lib/VCL/DataStructure.pm Thu Mar 30 21:16:27 2017
@@ -2388,6 +2388,44 @@ sub get_connect_method_info_matching_nam
 
 #/////////////////////////////////////////////////////////////////////////////
 
+=head2 get_connect_method_protocol_port_array
+
+ Parameters  : none
+ Returns     : array
+ Description : Processes all of the connect methods assigned to the image
+               revision and constructs an simpler array for easier processing.
+               An array is returned. Each array element is an array reference
+               with exactly 2 elements, a protocol name and port number:
+                  (
+                     ["tcp", 22],
+                     ["tcp", 3389],
+                     ["udp", 3389],
+                  )
+
+=cut
+
+sub get_connect_method_protocol_port_array {
+	my $self = shift;
+	if (ref($self) !~ /VCL::/i) {
+		notify($ERRORS{'CRITICAL'}, 0, "subroutine was called as a function, it must be called as a class method");
+		return 0;
+	}
+	
+	my @protocol_port_array;
+	
+	my $connect_method_info = $self->get_connect_methods();
+	for my $connect_method_id (sort keys %{$connect_method_info}) {
+		for my $connect_method_port_id (keys %{$connect_method_info->{$connect_method_id}{connectmethodport}}) {
+			my $protocol = $connect_method_info->{$connect_method_id}{connectmethodport}{$connect_method_port_id}{protocol};
+			my $port = $connect_method_info->{$connect_method_id}{connectmethodport}{$connect_method_port_id}{port};
+			push @protocol_port_array, [lc($protocol), $port],
+		}
+	}
+	return @protocol_port_array;
+}
+
+#/////////////////////////////////////////////////////////////////////////////
+
 1;
 __END__
 

Modified: vcl/trunk/managementnode/lib/VCL/Module/OS.pm
URL: http://svn.apache.org/viewvc/vcl/trunk/managementnode/lib/VCL/Module/OS.pm?rev=1789585&r1=1789584&r2=1789585&view=diff
==============================================================================
--- vcl/trunk/managementnode/lib/VCL/Module/OS.pm (original)
+++ vcl/trunk/managementnode/lib/VCL/Module/OS.pm Thu Mar 30 21:16:27 2017
@@ -3585,14 +3585,14 @@ sub process_connect_methods {
 		
 		# Perform general NAT configuration
 		if ($nathost_internal_ip_address) {
-			if ($self->nathost_os->firewall->can('configure_nat')) {
-				if (!$self->nathost_os->firewall->configure_nat($nathost_public_ip_address, $nathost_internal_ip_address)) {
+			if ($self->nathost_os->firewall->can('nat_configure_host')) {
+				if (!$self->nathost_os->firewall->nat_configure_host($nathost_public_ip_address, $nathost_internal_ip_address)) {
 					notify($ERRORS{'WARNING'}, 0, "unable to process connect methods, failed to configure NAT on $nathost_hostname");
 					return;
 				}
 			}
 			else {
-				notify($ERRORS{'DEBUG'}, 0, "NAT not configured on $nathost_hostname, " . ref($self->nathost_os->firewall) . " does not implement a 'configure_nat' subroutine");
+				notify($ERRORS{'DEBUG'}, 0, "NAT not configured on $nathost_hostname, " . ref($self->nathost_os->firewall) . " does not implement a 'nat_configure_host' subroutine");
 			}
 		}
 		else {
@@ -3600,14 +3600,14 @@ sub process_connect_methods {
 		}
 		
 		# Perform reservation-specific NAT configuration
-		if ($self->nathost_os->firewall->can('configure_nat_reservation')) {
-			if (!$self->nathost_os->firewall->configure_nat_reservation()) {
+		if ($self->nathost_os->firewall->can('nat_configure_reservation')) {
+			if (!$self->nathost_os->firewall->nat_configure_reservation()) {
 				notify($ERRORS{'WARNING'}, 0, "unable to process connect methods, failed to configure NAT on $nathost_hostname for this reservation");
 				return;
 			}
 		}
 		else {
-			notify($ERRORS{'DEBUG'}, 0, "NAT not configured on $nathost_hostname for this reservation, " . ref($self->nathost_os->firewall) . " does not implement a 'configure_nat_reservation' subroutine");
+			notify($ERRORS{'DEBUG'}, 0, "NAT not configured on $nathost_hostname for this reservation, " . ref($self->nathost_os->firewall) . " does not implement a 'nat_configure_reservation' subroutine");
 		}
 	}
 	
@@ -3698,7 +3698,7 @@ sub process_connect_methods {
 						return;
 					}
 					
-					if ($self->nathost_os->firewall->add_nat_port_forward($protocol, $nat_public_port, $computer_ip_address, $port)) {
+					if ($self->nathost_os->firewall->nat_add_port_forward($protocol, $nat_public_port, $computer_ip_address, $port)) {
 						notify($ERRORS{'OK'}, 0, "NAT port forwarding configured on $nathost_hostname for '$name' connect method: $nathost_public_ip_address:$nat_public_port --> $computer_ip_address:$port ($protocol)");
 					}
 					else {
@@ -4590,10 +4590,6 @@ sub firewall_compare_update {
 		return;
 	}
 	
-	# Make sure the OS module implements get_firewall_configuration and enable_firewall_port subroutine
-	return 1 unless $self->can('enable_firewall_port');
-	return 1 unless $self->can('get_firewall_configuration');
-	
 	my $computer_node_name = $self->data->get_computer_node_name();
 	
 	my $remote_ip = $self->data->get_reservation_remote_ip();
@@ -4602,6 +4598,15 @@ sub firewall_compare_update {
 		return;
 	}
 	
+	if ($self->can('firewall') && $self->firewall->can('process_inuse')) {
+		return $self->firewall->process_inuse($remote_ip);
+	}
+	
+	# Make sure the OS module implements get_firewall_configuration and enable_firewall_port subroutine
+	unless ($self->can('enable_firewall_port') && $self->can('get_firewall_configuration')) {
+		return 1;
+	}
+	
 	# Retrieve the connect method info
 	my $connect_method_info = $self->data->get_connect_methods();
 	if (!$connect_method_info) {