@Override public List<? extends Network> listNetworks(ListPaloAltoFirewallNetworksCmd cmd) { Long fwDeviceId = cmd.getFirewallDeviceId(); List<NetworkVO> networks = new ArrayList<NetworkVO>(); ExternalFirewallDeviceVO fwDeviceVo = _fwDevicesDao.findById(fwDeviceId); if (fwDeviceVo == null || !fwDeviceVo.getDeviceName().equalsIgnoreCase(NetworkDevice.PaloAltoFirewall.getName())) { throw new InvalidParameterValueException("Could not find Palo Alto firewall device with ID " + fwDeviceId); } List<NetworkExternalFirewallVO> networkFirewallMaps = _networkFirewallDao.listByFirewallDeviceId(fwDeviceId); if (networkFirewallMaps != null && !networkFirewallMaps.isEmpty()) { for (NetworkExternalFirewallVO networkFirewallMap : networkFirewallMaps) { NetworkVO network = _networkDao.findById(networkFirewallMap.getNetworkId()); networks.add(network); } } return networks; }
@Override public boolean deletePaloAltoFirewall(DeletePaloAltoFirewallCmd cmd) { Long fwDeviceId = cmd.getFirewallDeviceId(); ExternalFirewallDeviceVO fwDeviceVO = _fwDevicesDao.findById(fwDeviceId); if (fwDeviceVO == null || !fwDeviceVO.getDeviceName().equalsIgnoreCase(NetworkDevice.PaloAltoFirewall.getName())) { throw new InvalidParameterValueException("No Palo Alto firewall device found with ID: " + fwDeviceId); } return deleteExternalFirewall(fwDeviceVO.getHostId()); }
@Override public ExternalFirewallDeviceVO configurePaloAltoFirewall(ConfigurePaloAltoFirewallCmd cmd) { Long fwDeviceId = cmd.getFirewallDeviceId(); Long deviceCapacity = cmd.getFirewallCapacity(); ExternalFirewallDeviceVO fwDeviceVO = _fwDevicesDao.findById(fwDeviceId); if (fwDeviceVO == null || !fwDeviceVO.getDeviceName().equalsIgnoreCase(NetworkDevice.PaloAltoFirewall.getName())) { throw new InvalidParameterValueException("No Palo Alto firewall device found with ID: " + fwDeviceId); } if (deviceCapacity != null) { // check if any networks are using this Palo Alto device List<NetworkExternalFirewallVO> networks = _networkFirewallDao.listByFirewallDeviceId(fwDeviceId); if ((networks != null) && !networks.isEmpty()) { if (deviceCapacity < networks.size()) { throw new CloudRuntimeException("There are more number of networks already using this Palo Alto firewall device than configured capacity"); } } if (deviceCapacity != null) { fwDeviceVO.setCapacity(deviceCapacity); } } fwDeviceVO.setDeviceState(FirewallDeviceState.Enabled); _fwDevicesDao.update(fwDeviceId, fwDeviceVO); return fwDeviceVO; }
@Override public List<ExternalFirewallDeviceVO> listPaloAltoFirewalls(ListPaloAltoFirewallsCmd cmd) { Long physcialNetworkId = cmd.getPhysicalNetworkId(); Long fwDeviceId = cmd.getFirewallDeviceId(); PhysicalNetworkVO pNetwork = null; List<ExternalFirewallDeviceVO> fwDevices = new ArrayList<ExternalFirewallDeviceVO>(); if (physcialNetworkId == null && fwDeviceId == null) { throw new InvalidParameterValueException("Either physical network Id or load balancer device Id must be specified"); } if (fwDeviceId != null) { ExternalFirewallDeviceVO fwDeviceVo = _fwDevicesDao.findById(fwDeviceId); if (fwDeviceVo == null || !fwDeviceVo.getDeviceName().equalsIgnoreCase(NetworkDevice.PaloAltoFirewall.getName())) { throw new InvalidParameterValueException("Could not find Palo Alto firewall device with ID: " + fwDeviceId); } fwDevices.add(fwDeviceVo); } if (physcialNetworkId != null) { pNetwork = _physicalNetworkDao.findById(physcialNetworkId); if (pNetwork == null) { throw new InvalidParameterValueException("Could not find phyical network with ID: " + physcialNetworkId); } fwDevices = _fwDevicesDao.listByPhysicalNetworkAndProvider(physcialNetworkId, Provider.PaloAlto.getName()); } return fwDevices; }
@Override public PaloAltoFirewallResponse createPaloAltoFirewallResponse(ExternalFirewallDeviceVO fwDeviceVO) { PaloAltoFirewallResponse response = new PaloAltoFirewallResponse(); Map<String, String> fwDetails = _hostDetailDao.findDetails(fwDeviceVO.getHostId()); Host fwHost = _hostDao.findById(fwDeviceVO.getHostId()); response.setId(fwDeviceVO.getUuid()); PhysicalNetwork pnw = ApiDBUtils.findPhysicalNetworkById(fwDeviceVO.getPhysicalNetworkId()); if (pnw != null) { response.setPhysicalNetworkId(pnw.getUuid()); } response.setDeviceName(fwDeviceVO.getDeviceName()); if (fwDeviceVO.getCapacity() == 0) { long defaultFwCapacity = NumbersUtil.parseLong(_configDao.getValue(Config.DefaultExternalFirewallCapacity.key()), 50); response.setDeviceCapacity(defaultFwCapacity); } else { response.setDeviceCapacity(fwDeviceVO.getCapacity()); } response.setProvider(fwDeviceVO.getProviderName()); response.setDeviceState(fwDeviceVO.getDeviceState().name()); response.setIpAddress(fwHost.getPrivateIpAddress()); response.setPublicInterface(fwDetails.get("publicInterface")); response.setUsageInterface(fwDetails.get("usageInterface")); response.setPrivateInterface(fwDetails.get("privateInterface")); response.setPublicZone(fwDetails.get("publicZone")); response.setPrivateZone(fwDetails.get("privateZone")); response.setNumRetries(fwDetails.get("numRetries")); response.setTimeout(fwDetails.get("timeout")); response.setObjectName("paloaltofirewall"); return response; }