Example #1
0
def _validate_gbproutes(data, valid_values=None):
    # Shamelessly copied from Neutron, will pass even if nexthop is valid
    if not isinstance(data, list):
        msg = _("Invalid data format for hostroute: '%s'") % data
        LOG.debug(msg)
        return msg

    expected_keys = ['destination', 'nexthop']
    hostroutes = []
    for hostroute in data:
        msg = attr._verify_dict_keys(expected_keys, hostroute)
        if msg:
            LOG.debug(msg)
            return msg
        msg = attr._validate_subnet(hostroute['destination'])
        if msg:
            LOG.debug(msg)
            return msg
        if hostroute['nexthop']:
            msg = attr._validate_ip_address(hostroute['nexthop'])
        if msg:
            LOG.debug(msg)
            return msg
        if hostroute in hostroutes:
            msg = _("Duplicate hostroute '%s'") % hostroute
            LOG.debug(msg)
            return msg
        hostroutes.append(hostroute)
Example #2
0
def _validate_gbproutes(data, valid_values=None):
    # Shamelessly copied from Neutron, will pass even if nexthop is valid
    if not isinstance(data, list):
        msg = _("Invalid data format for hostroute: '%s'") % data
        LOG.debug(msg)
        return msg

    expected_keys = ['destination', 'nexthop']
    hostroutes = []
    for hostroute in data:
        msg = attr._verify_dict_keys(expected_keys, hostroute)
        if msg:
            LOG.debug(msg)
            return msg
        msg = attr._validate_subnet(hostroute['destination'])
        if msg:
            LOG.debug(msg)
            return msg
        if hostroute['nexthop'] is not None:
            msg = attr._validate_ip_address(hostroute['nexthop'])
        if msg:
            LOG.debug(msg)
            return msg
        if hostroute in hostroutes:
            msg = _("Duplicate hostroute '%s'") % hostroute
            LOG.debug(msg)
            return msg
        hostroutes.append(hostroute)
Example #3
0
def _validate_portforwardings(data, valid_values=None):
    if not isinstance(data, list):
        msg = _("Invalid data format for portforwarding: '%s'") % data
        raise webob.exc.HTTPBadRequest(msg)
#        LOG.debug(msg)
#        return msg

    expected_keys = ['protocol', 'outside_port', 'inside_addr', 'inside_port']
    portfwds = []
    for portfwd in data:
        msg = attributes._verify_dict_keys(expected_keys, portfwd)
        if msg:
            raise webob.exc.HTTPBadRequest(msg)
#            LOG.debug(msg)
#            return msg
#raise InvalidInput(portfwd=portfwd, msg=msg)
        msg = attributes._validate_range(portfwd['outside_port'], (0, 65535))
        if msg:
            raise webob.exc.HTTPBadRequest(msg)
#            LOG.debug(msg)
#            return msg
#raise InvalidPortValue(port=portfwd['outside_port'], msg=msg)
        msg = attributes._validate_ip_address(portfwd['inside_addr'])
        if msg:
            raise webob.exc.HTTPBadRequest(msg)
#            LOG.debug(msg)
#            return msg
        msg = attributes._validate_range(portfwd['inside_port'], (0, 65535))
        if msg:
            raise webob.exc.HTTPBadRequest(msg)
#            LOG.debug(msg)
#            return msg
#raise InvalidPortValue(portfwd['inside_port'], msg=msg)
        msg = attributes._validate_values(portfwd['protocol'].upper(),
                                          ('TCP', 'UDP'))
        if msg:
            raise webob.exc.HTTPBadRequest(msg)
#            LOG.debug(msg)
#            return msg
#raise InvalidProtocol(protocol=portfwd['protocol'].upper(), msg=msg)
        if portfwd in portfwds:
            raise DuplicatePortforwardingRuleInRequest(portfwds=portfwds)
Example #4
0
def convert_to_valid_router_rules(data):
    """
    Validates and converts router rules to the appropriate data structure
    Example argument = [{'source': 'any', 'destination': 'any',
                         'action':'deny'},
                        {'source': '1.1.1.1/32', 'destination': 'external',
                         'action':'permit',
                         'nexthops': ['1.1.1.254', '1.1.1.253']}
                       ]
    """
    V4ANY = '0.0.0.0/0'
    CIDRALL = ['any', 'external']
    if not isinstance(data, list):
        emsg = _("Invalid data format for router rule: '%s'") % data
        LOG.debug(emsg)
        raise nexception.InvalidInput(error_message=emsg)
    _validate_uniquerules(data)
    rules = []
    expected_keys = ['source', 'destination', 'action']
    for rule in data:
        rule['nexthops'] = rule.get('nexthops', [])
        if not isinstance(rule['nexthops'], list):
            rule['nexthops'] = rule['nexthops'].split('+')

        src = V4ANY if rule['source'] in CIDRALL else rule['source']
        dst = V4ANY if rule['destination'] in CIDRALL else rule['destination']

        errors = [
            attr._verify_dict_keys(expected_keys, rule, False),
            attr._validate_subnet(dst),
            attr._validate_subnet(src),
            _validate_nexthops(rule['nexthops']),
            _validate_action(rule['action'])
        ]
        errors = [m for m in errors if m]
        if errors:
            LOG.debug(errors)
            raise nexception.InvalidInput(error_message=errors)
        rules.append(rule)
    return rules
Example #5
0
def convert_to_valid_router_rules(data):
    """
    Validates and converts router rules to the appropriate data structure
    Example argument = [{'source': 'any', 'destination': 'any',
                         'action':'deny'},
                        {'source': '1.1.1.1/32', 'destination': 'external',
                         'action':'permit',
                         'nexthops': ['1.1.1.254', '1.1.1.253']}
                       ]
    """
    V4ANY = '0.0.0.0/0'
    CIDRALL = ['any', 'external']
    if not isinstance(data, list):
        emsg = _("Invalid data format for router rule: '%s'") % data
        LOG.debug(emsg)
        raise qexception.InvalidInput(error_message=emsg)
    _validate_uniquerules(data)
    rules = []
    expected_keys = ['source', 'destination', 'action']
    for rule in data:
        rule['nexthops'] = rule.get('nexthops', [])
        if not isinstance(rule['nexthops'], list):
            rule['nexthops'] = rule['nexthops'].split('+')

        src = V4ANY if rule['source'] in CIDRALL else rule['source']
        dst = V4ANY if rule['destination'] in CIDRALL else rule['destination']

        errors = [attr._verify_dict_keys(expected_keys, rule, False),
                  attr._validate_subnet(dst),
                  attr._validate_subnet(src),
                  _validate_nexthops(rule['nexthops']),
                  _validate_action(rule['action'])]
        errors = [m for m in errors if m]
        if errors:
            LOG.debug(errors)
            raise qexception.InvalidInput(error_message=errors)
        rules.append(rule)
    return rules