apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-02 20:02:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added new capabilities to VPN and Firewall services defining if VPN is S2S or Remote access, and if the Firewall rules should be created per cidr or per public ip address

Browse Source
This commit is contained in:
Alena Prokharchyk 2012-06-13 10:17:04 -07:00
parent 2deba9bd86
commit b3985a3b48
5 changed files with 21 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
api/src/com/cloud/network/Network.java
View File

@ -41,12 +41,12 @@ public interface Network extends ControlledEntity {
public static class Service {
private static List<Service> supportedServices = new ArrayList<Service>();
public static final Service Vpn = new Service("Vpn", Capability.SupportedVpnTypes);
public static final Service Vpn = new Service("Vpn", Capability.SupportedVpnProtocols, Capability.VpnTypes);
public static final Service Dhcp = new Service("Dhcp");
public static final Service Dns = new Service("Dns", Capability.AllowDnsSuffixModification);
public static final Service Gateway = new Service("Gateway");
public static final Service Firewall = new Service("Firewall", Capability.SupportedProtocols,
Capability.MultipleIps, Capability.TrafficStatistics);
Capability.MultipleIps, Capability.TrafficStatistics, Capability.FirewallType);
public static final Service Lb = new Service("Lb", Capability.SupportedLBAlgorithms, Capability.SupportedLBIsolation,
Capability.SupportedProtocols, Capability.TrafficStatistics, Capability.LoadBalancingSupportedIps,
Capability.SupportedStickinessMethods, Capability.ElasticLb);
@ -156,13 +156,16 @@ public interface Network extends ControlledEntity {
public static final Capability SupportedStickinessMethods = new Capability("SupportedStickinessMethods");
public static final Capability MultipleIps = new Capability("MultipleIps");
public static final Capability SupportedSourceNatTypes = new Capability("SupportedSourceNatTypes");
public static final Capability SupportedVpnTypes = new Capability("SupportedVpnTypes");
public static final Capability SupportedVpnProtocols = new Capability("SupportedVpnTypes");
public static final Capability VpnTypes = new Capability("VpnTypes");
public static final Capability TrafficStatistics = new Capability("TrafficStatistics");
public static final Capability LoadBalancingSupportedIps = new Capability("LoadBalancingSupportedIps");
public static final Capability AllowDnsSuffixModification = new Capability("AllowDnsSuffixModification");
public static final Capability RedundantRouter = new Capability("RedundantRouter");
public static final Capability ElasticIp = new Capability("ElasticIp");
public static final Capability ElasticLb = new Capability("ElasticLb");
public static final Capability FirewallType = new Capability("FirewallType");
private String name;

1
server/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java
View File

@ -266,6 +266,7 @@ public class JuniperSRXExternalFirewallElement extends ExternalFirewallDeviceMan
firewallCapabilities.put(Capability.SupportedProtocols, "tcp,udp");
firewallCapabilities.put(Capability.MultipleIps, "true");
firewallCapabilities.put(Capability.TrafficStatistics, "per public ip");
firewallCapabilities.put(Capability.FirewallType, "perpublicip");
capabilities.put(Service.Firewall, firewallCapabilities);
// Disabling VPN for Juniper in Acton as it 1) Was never tested 2) probably just doesn't work

2
server/src/com/cloud/network/element/NetscalerElement.java
View File

@ -279,7 +279,7 @@ public class NetscalerElement extends ExternalLoadBalancerDeviceManagerImpl impl
firewallCapabilities.put(Capability.TrafficStatistics, "per public ip");
firewallCapabilities.put(Capability.SupportedProtocols, "tcp,udp,icmp");
firewallCapabilities.put(Capability.MultipleIps, "true");
firewallCapabilities.put(Capability.FirewallType, "perpublicip");
capabilities.put(Service.Firewall, firewallCapabilities);
return capabilities;

5
server/src/com/cloud/network/element/VirtualRouterElement.java
View File

@ -559,12 +559,13 @@ public class VirtualRouterElement extends AdapterBase implements VirtualRouterEl
firewallCapabilities.put(Capability.TrafficStatistics, "per public ip");
firewallCapabilities.put(Capability.SupportedProtocols, "tcp,udp,icmp");
firewallCapabilities.put(Capability.MultipleIps, "true");
firewallCapabilities.put(Capability.FirewallType, "perpublicip");
capabilities.put(Service.Firewall, firewallCapabilities);
// Set capabilities for vpn
Map<Capability, String> vpnCapabilities = new HashMap<Capability, String>();
vpnCapabilities.put(Capability.SupportedVpnTypes, "pptp,l2tp,ipsec");
vpnCapabilities.put(Capability.SupportedVpnProtocols, "pptp,l2tp,ipsec");
vpnCapabilities.put(Capability.VpnTypes, "removeaccessvpn");
capabilities.put(Service.Vpn, vpnCapabilities);
Map<Capability, String> dnsCapabilities = new HashMap<Capability, String>();

10
server/src/com/cloud/network/element/VpcVirtualRouterElement.java
View File

@ -89,6 +89,8 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
s_logger.trace("Element " + getProvider().getName() + " doesn't support service " + service.getName()
+ " in the network " + network);
return false;
} else if (service == Service.Firewall) {
//todo - get capability here
}
}
@ -239,6 +241,14 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
sourceNatCapabilities.put(Capability.RedundantRouter, "false");
capabilities.put(Service.SourceNat, sourceNatCapabilities);
Map<Capability, String> vpnCapabilities = capabilities.get(Service.Vpn);
vpnCapabilities.put(Capability.VpnTypes, "s2svpn");
capabilities.put(Service.Vpn, vpnCapabilities);
Map<Capability, String> firewallCapabilities = capabilities.get(Service.Firewall);
firewallCapabilities.put(Capability.FirewallType, "percidr");
capabilities.put(Service.Firewall, firewallCapabilities);
return capabilities;
}