public StaticNatRuleImpl(FirewallRuleVO rule, String dstIp) { id = rule.getId(); xid = rule.getXid(); uuid = rule.getUuid(); protocol = rule.getProtocol(); portStart = rule.getSourcePortStart().intValue(); portEnd = rule.getSourcePortEnd().intValue(); state = rule.getState(); accountId = rule.getAccountId(); domainId = rule.getDomainId(); networkId = rule.getNetworkId(); sourceIpAddressId = rule.getSourceIpAddressId(); destIpAddress = dstIp; forDisplay = rule.isDisplay(); }
@Override @ActionEvent(eventType = EventTypes.EVENT_FIREWALL_OPEN, eventDescription = "creating firewall rule", create = true) public boolean addSystemFirewallRules(IPAddressVO ip, Account acct) { List<FirewallRuleVO> systemRules = _firewallDao.listSystemRules(); for (FirewallRuleVO rule : systemRules) { try { if (rule.getSourceCidrList() == null && (rule.getPurpose() == Purpose.Firewall || rule.getPurpose() == Purpose.NetworkACL)) { _firewallDao.loadSourceCidrs(rule); } createFirewallRule(ip.getId(), acct, rule.getXid(), rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), rule.getSourceCidrList(),null, rule.getIcmpCode(), rule.getIcmpType(), rule.getRelated(), FirewallRuleType.System, rule.getNetworkId(), rule.getTrafficType(), true); } catch (Exception e) { s_logger.debug("Failed to add system wide firewall rule, due to:" + e.toString()); } } return true; }
(newRule.getSourcePortStart() != null && newRule.getSourcePortEnd() != null && rule.getSourcePortStart() != null && rule.getSourcePortEnd() != null); boolean nullPorts = (newRule.getSourcePortStart() == null && newRule.getSourcePortEnd() == null && rule.getSourcePortStart() == null && rule.getSourcePortEnd() == null); } else if (!oneOfRulesIsFirewall && !(bothRulesFirewall && !duplicatedCidrs) && ((rule.getSourcePortStart().intValue() <= newRule.getSourcePortStart().intValue() && rule.getSourcePortEnd().intValue() >= newRule.getSourcePortStart().intValue()) || (rule.getSourcePortStart().intValue() <= newRule.getSourcePortEnd().intValue() && rule.getSourcePortEnd().intValue() >= newRule.getSourcePortEnd().intValue()) || (newRule.getSourcePortStart().intValue() <= rule.getSourcePortStart().intValue() && newRule.getSourcePortEnd().intValue() >= rule.getSourcePortStart().intValue()) || (newRule.getSourcePortStart().intValue() <= rule.getSourcePortEnd().intValue() && newRule.getSourcePortEnd().intValue() >= rule.getSourcePortEnd().intValue()))) { ", conflicts with rule " + rule.getId() + " which has " + rule.getSourcePortStart() + "-" + rule.getSourcePortEnd());
acl.setIpProto(rule.getProtocol()); String cidr = null; Integer port = rule.getSourcePortStart(); fwCidrList = _fwCidrsDao.listByFirewallRuleId(rule.getId()); if(fwCidrList != null){
FirewallRuleVO ruleVO = new FirewallRuleVO(originalFirewallRule.getXid(), originalFirewallRule.getSourceIpAddressId(), originalFirewallRule.getSourcePortStart(), originalFirewallRule.getSourcePortEnd(), originalFirewallRule.getProtocol(),
NotRevokedSearch.and("purpose", NotRevokedSearch.entity().getPurpose(), Op.EQ); NotRevokedSearch.and("protocol", NotRevokedSearch.entity().getProtocol(), Op.EQ); NotRevokedSearch.and("sourcePortStart", NotRevokedSearch.entity().getSourcePortStart(), Op.EQ); NotRevokedSearch.and("sourcePortEnd", NotRevokedSearch.entity().getSourcePortEnd(), Op.EQ); NotRevokedSearch.and("networkId", NotRevokedSearch.entity().getNetworkId(), Op.EQ); ReleaseSearch.and("ipId", ReleaseSearch.entity().getSourceIpAddressId(), Op.EQ); ReleaseSearch.and("purpose", ReleaseSearch.entity().getPurpose(), Op.EQ); ReleaseSearch.and("ports", ReleaseSearch.entity().getSourcePortStart(), Op.IN); ReleaseSearch.done();