Ejemplo n.º 1
0
    def execute(self, args):
        mgr = FirewallManager(self.client)
        input_id = resolve_id(
            mgr.resolve_ids, args.get('<identifier>'), 'firewall')
        ha_support = args.get('--ha', False)
        if not args['--really']:
            if args['--vlan']:
                pkg = mgr.get_dedicated_package(ha_enabled=ha_support)
            elif args['--cci']:
                pkg = mgr.get_standard_package(input_id)
            elif args['--server']:
                pkg = mgr.get_standard_package(input_id, is_cci=False)

            if not pkg:
                return "Unable to add firewall - Is network public enabled?"
            print_package_info(pkg)

            if not confirm("This action will incur charges on your account. "
                           "Continue?"):
                raise CLIAbort('Aborted.')

        if args['--vlan']:
            mgr.add_vlan_firewall(input_id, ha_enabled=ha_support)
        elif args['--cci']:
            mgr.add_standard_firewall(input_id, is_cci=True)
        elif args['--server']:
            mgr.add_standard_firewall(input_id, is_cci=False)

        return "Firewall is being created!"
Ejemplo n.º 2
0
    def execute(client, args):
        f = FirewallManager(client)
        fwvlans = f.get_firewalls()
        t = Table(['vlan', 'type', 'features'])

        dedicatedfws = filter(lambda x: x['dedicatedFirewallFlag'], fwvlans)
        for vlan in dedicatedfws:
            features = []
            if vlan['highAvailabilityFirewallFlag']:
                features.append('HA')

            if features:
                feature_list = listing(features, separator=',')
            else:
                feature_list = blank()

            t.add_row([
                vlan['vlanNumber'],
                'dedicated',
                feature_list,
            ])

        shared_vlan = filter(lambda x: not x['dedicatedFirewallFlag'], fwvlans)
        for vlan in shared_vlan:
            t.add_row([vlan['vlanNumber'], 'standard', blank()])

        return t
Ejemplo n.º 3
0
    def execute(self, args):
        mgr = FirewallManager(self.client)
        fwvlans = mgr.get_firewalls()
        table = Table(['vlan', 'type', 'features'])

        dedicatedfws = [vlan['dedicatedFirewallFlag'] for vlan in fwvlans]
        for vlan in dedicatedfws:
            features = []
            if vlan['highAvailabilityFirewallFlag']:
                features.append('HA')

            if features:
                feature_list = listing(features, separator=',')
            else:
                feature_list = blank()

            table.add_row([
                vlan['vlanNumber'],
                'dedicated',
                feature_list,
            ])

        shared_vlan = [vlan['dedicatedFirewallFlag'] for vlan in fwvlans]
        for vlan in shared_vlan:
            table.add_row([vlan['vlanNumber'], 'standard', blank()])

        return table
Ejemplo n.º 4
0
    def execute(self, args):
        mgr = FirewallManager(self.client)
        input_id = args.get('<identifier>')

        key_value = get_ids(input_id)
        if key_value[0] == 'vlan':
            rules = mgr.get_dedicated_fwl_rules(key_value[1])
        else:
            rules = mgr.get_standard_fwl_rules(key_value[1])

        return get_rules_table(rules)
Ejemplo n.º 5
0
    def execute(self, args):
        mgr = FirewallManager(self.client)
        table = Table(['firewall id',
                       'type',
                       'features',
                       'server/vlan id'])

        fwvlans = mgr.get_firewalls()
        dedicatedfws = [firewall for firewall in fwvlans
                        if firewall['dedicatedFirewallFlag']]

        for vlan in dedicatedfws:
            features = []
            if vlan['highAvailabilityFirewallFlag']:
                features.append('HA')

            if features:
                feature_list = listing(features, separator=',')
            else:
                feature_list = blank()

            table.add_row([
                'vlan:%s' % vlan['networkVlanFirewall']['id'],
                'VLAN - dedicated',
                feature_list,
                vlan['id']
            ])

        shared_vlan = [firewall for firewall in fwvlans
                       if not firewall['dedicatedFirewallFlag']]
        for vlan in shared_vlan:
            fwls = [guest for guest in vlan['firewallGuestNetworkComponents']
                    if has_firewall_component(guest)]

            for firewall in fwls:
                table.add_row([
                    'cci:%s' % firewall['id'],
                    'CCI - standard',
                    '-',
                    firewall['guestNetworkComponent']['guest']['id']
                ])

            fwls = [server for server in vlan['firewallNetworkComponents']
                    if has_firewall_component(server)]

            for fwl in fwls:
                table.add_row([
                    'server:%s' % fwl['id'],
                    'Server - standard',
                    '-',
                    fwl['networkComponent']['downlinkComponent']['hardwareId']
                ])

        return table
Ejemplo n.º 6
0
    def execute(self, args):
        mgr = FirewallManager(self.client)
        input_id = args.get('<identifier>')
        key_value = get_ids(input_id)
        firewall_id = int(key_value[1])

        if args['--really'] or confirm("This action will cancel a firewall"
                                       " from your account. Continue?"):
            if key_value[0] in ['cci', 'server']:
                mgr.cancel_firewall(firewall_id, dedicated=False)
            elif key_value[0] == 'vlan':
                mgr.cancel_firewall(firewall_id, dedicated=True)
            return 'Firewall with id %s is being cancelled!' % input_id
        else:
            raise CLIAbort('Aborted.')
Ejemplo n.º 7
0
    def execute(self, args):
        mgr = FirewallManager(self.client)
        input_id = args.get('<identifier>')

        key_value = get_ids(input_id)
        firewall_id = int(key_value[1])
        if key_value[0] == 'vlan':
            orig_rules = mgr.get_dedicated_fwl_rules(firewall_id)
        else:
            orig_rules = mgr.get_standard_fwl_rules(firewall_id)
        # open an editor for the user to enter their rules
        edited_rules = open_editor(rules=orig_rules)
        print(edited_rules)
        if confirm("Would you like to submit the rules. "
                   "Continue?"):
            while True:
                try:
                    rules = parse_rules(edited_rules)
                    if key_value[0] == 'vlan':
                        rules = mgr.edit_dedicated_fwl_rules(firewall_id,
                                                             rules)
                    else:
                        rules = mgr.edit_standard_fwl_rules(firewall_id,
                                                            rules)
                    break
                except (SoftLayerError, ValueError) as error:
                    print("Unexpected error({%s})" % (error))
                    if confirm("Would you like to continue editing the rules"
                               ". Continue?"):
                        edited_rules = open_editor(content=edited_rules)
                        print(edited_rules)
                        if confirm("Would you like to submit the rules. "
                                   "Continue?"):
                            continue
                        else:
                            raise CLIAbort('Aborted.')
                    else:
                        raise CLIAbort('Aborted.')
                    return 'Firewall updated!'
        else:
            raise CLIAbort('Aborted.')
class FirewallTests(unittest.TestCase):

    def setUp(self):
        self.client = FixtureClient()
        self.firewall = FirewallManager(self.client)

    def test_get_firewalls(self):
        call = self.client['Account'].getObject

        firewalls = self.firewall.get_firewalls()

        call.assert_called_once_with(mask=ANY)
        self.assertEqual(firewalls, Account.getObject['networkVlans'])
class FirewallTests(unittest.TestCase):

    def setUp(self):
        self.client = MagicMock()
        self.firewall = FirewallManager(self.client)

    def test_get_firewalls(self):
        vlan = {
            'dedicatedFirewallFlag': True,
        }
        call = self.client['Account'].getObject
        call.return_value = {'networkVlans': [vlan]}

        firewalls = self.firewall.get_firewalls()

        self.assertEqual([vlan], firewalls)
        call.assert_called_once_with(mask=ANY)
Ejemplo n.º 10
0
 def setUp(self):
     self.client = FixtureClient()
     self.firewall = FirewallManager(self.client)
Ejemplo n.º 11
0
class FirewallTests(unittest.TestCase):

    def setUp(self):
        self.client = FixtureClient()
        self.firewall = FirewallManager(self.client)

    def test_get_firewalls(self):
        call = self.client['Account'].getObject

        firewalls = self.firewall.get_firewalls()

        call.assert_called_once_with(mask=ANY)
        self.assertEqual(firewalls, Account.getObject['networkVlans'])

    def test_get_standard_fwl_rules(self):
        call = self.client['Network_Component_Firewall'].getRules

        rules = self.firewall.get_standard_fwl_rules(1234)
        call.assert_called_once_with(id=1234, mask=MASK)
        self.assertEqual(rules, Network_Component_Firewall.getRules)

    def test_get_dedicated_fwl_rules(self):
        call = self.client['Network_Vlan_Firewall'].getRules

        rules = self.firewall.get_dedicated_fwl_rules(1234)
        call.assert_called_once_with(id=1234, mask=MASK)
        self.assertEqual(rules, Network_Vlan_Firewall.getRules)

    def test_get_standard_package(self):
        # test standard firewalls
        self.firewall.get_standard_package(server_id=1234, is_cci=True)
        call2 = self.client['Virtual_Guest'].getObject
        mask = ('mask[primaryNetworkComponent[speed]]')
        f = self.client['Product_Package'].getItems
        _filter = {
            'items': {
                'description': {
                    'operation': '_= 10Mbps Hardware Firewall'
                    }
                }
            }
        f.assert_called_once_with(filter=_filter, id=0)
        call2.assert_called_once_with(id=1234, mask=mask)

        self.firewall.get_standard_package(server_id=1234, is_cci=False)
        call2 = self.client['Hardware_Server'].getObject
        mask = ('mask[primaryNetworkComponent[speed]]')
        f = self.client['Product_Package'].getItems
        _filter = {
            'items': {
                'description': {
                    'operation': '_= 10Mbps Hardware Firewall'
                    }
                }
            }
        f.assert_called_twice_with(filter=_filter, id=0)
        call2.assert_called_once_with(id=1234, mask=mask)

    def test_get_dedicated_package_ha(self):
        # test dedicated HA firewalls
        self.firewall.get_dedicated_package(ha_enabled=True)
        f = self.client['Product_Package'].getItems
        _filter = {
            'items': {
                'description': {
                    'operation': '_= Hardware Firewall (High Availability)'
                    }
                }
            }
        f.assert_called_once_with(filter=_filter, id=0)

    def test_get_dedicated_package_pkg(self):
        # test dedicated HA firewalls
        self.firewall.get_dedicated_package(ha_enabled=False)
        f = self.client['Product_Package'].getItems
        _filter = {
            'items': {
                'description': {
                    'operation': '_= Hardware Firewall (Dedicated)'
                    }
                }
            }
        f.assert_called_once_with(filter=_filter, id=0)

    def test_cancel_firewall(self):
        # test standard firewalls
        fwl_id = 6327
        billing_item_id = 21370814
        result = self.firewall.cancel_firewall(fwl_id, dedicated=False)
        f = self.client['Billing_Item'].cancelService
        f.assert_called_once_with(id=billing_item_id)
        self.assertEqual(result, Billing_Item.cancelService)
        call = self.client['Network_Component_Firewall'].getObject
        MASK = ('mask[id,billingItem[id]]')
        call.assert_called_once_with(id=6327, mask=MASK)
        # test dedicated firewalls
        billing_item_id = 21370815
        result = self.firewall.cancel_firewall(fwl_id, dedicated=True)
        f = self.client['Billing_Item'].cancelService
        f.assert_called_twice_with(id=billing_item_id)
        self.assertEqual(result, Billing_Item.cancelService)
        call = self.client['Network_Vlan_Firewall'].getObject
        MASK = ('mask[id,billingItem[id]]')
        call.assert_called_once_with(id=6327, mask=MASK)

    def test_add_standard_firewall_cci(self):
        # test standard firewalls for CCI
        server_id = 6327
        self.firewall.add_standard_firewall(server_id, is_cci=True)
        f = self.client['Product_Package'].getItems
        _filter = {
            'items': {
                'description': {
                    'operation': '_= 10Mbps Hardware Firewall'
                    }
                }
            }
        f.assert_called_once_with(filter=_filter, id=0)

        call2 = self.client['Virtual_Guest'].getObject
        mask = ('mask[primaryNetworkComponent[speed]]')
        call2.assert_called_once_with(id=6327, mask=mask)
        f = self.client['Product_Order'].placeOrder
        f.assert_called_once()

    def test_add_standard_firewall_server(self):
        # test dedicated firewall for Servers
        server_id = 6327
        mask = ('mask[primaryNetworkComponent[speed]]')
        self.firewall.add_standard_firewall(server_id, is_cci=False)
        f = self.client['Product_Order'].placeOrder
        f.assert_called_once()

        f = self.client['Product_Package'].getItems
        _filter = {
            'items': {
                'description': {
                    'operation': '_= 10Mbps Hardware Firewall'
                    }
                }
            }
        f.assert_called_once_with(filter=_filter, id=0)

        call2 = self.client['Hardware_Server'].getObject
        call2.assert_called_once_with(id=6327, mask=mask)

    def test_add_vlan_firewall(self):
        # test dedicated firewall for Vlan
        vlan_id = 6327
        self.firewall.add_vlan_firewall(vlan_id, ha_enabled=False)
        f = self.client['Product_Order'].placeOrder
        f.assert_called_once()

        f = self.client['Product_Package'].getItems
        _filter = {
            'items': {
                'description': {
                    'operation': '_= Hardware Firewall (Dedicated)'
                    }
                }
            }
        f.assert_called_once_with(filter=_filter, id=0)

    def test_add_vlan_firewall_ha(self):
        # test dedicated firewall for Vlan
        vlan_id = 6327
        self.firewall.add_vlan_firewall(vlan_id, ha_enabled=True)
        f = self.client['Product_Order'].placeOrder
        f.assert_called_once()

        f = self.client['Product_Package'].getItems
        _filter = {
            'items': {
                'description': {
                    'operation': '_= Hardware Firewall (High Availability)'
                    }
                }
            }

        f.assert_called_once_with(filter=_filter, id=0)

    def test_edit_dedicated_fwl_rules(self):
        # test standard firewalls
        rules = Network_Vlan_Firewall.getRules
        fwl_id = 1234
        fwl_ctx_acl_id = 3142
        self.firewall.edit_dedicated_fwl_rules(firewall_id=fwl_id,
                                               rules=rules)
        template = {
            'firewallContextAccessControlListId': fwl_ctx_acl_id,
            'rules': rules
        }
        f = self.client['Network_Firewall_Update_Request'].createObject
        f.assert_called_once_with(template)

    def test_edit_standard_fwl_rules(self):
        # test standard firewalls
        rules = Network_Component_Firewall.getRules
        fwl_id = 1234
        self.firewall.edit_standard_fwl_rules(firewall_id=fwl_id,
                                              rules=rules)
        tempObject = {
            "networkComponentFirewallId": fwl_id,
            "rules": rules}
        f = self.client['Network_Firewall_Update_Request'].createObject

        f.assert_called_once_with(tempObject)
 def setUp(self):
     self.client = MagicMock()
     self.firewall = FirewallManager(self.client)