def __getattr__(self, key): # Dispatch to instance methods but only for adding interfaces. # Makes this work: engine.loopback_interface.add if key.startswith('add_'): if 'fw_cluster' not in self._engine.type: return getattr(LoopbackInterface(None, self._engine), key) else: # Cluster return getattr(LoopbackClusterInterface(None, self._engine), key) raise AttributeError('Cannot proxy to given method: %s for the ' 'following engine type: %s' % (key, self._engine.type))
def get_all_loopbacks(engine): """ Get all loopback interfaces for a given engine """ data = [] if 'fw_cluster' in engine.type: for cvi in engine.data.get('loopback_cluster_virtual_interface', []): data.append(LoopbackClusterInterface(cvi, engine)) for node in engine.nodes: for lb in node.data.get('loopback_node_dedicated_interface', []): data.append(LoopbackInterface(lb, engine)) return data
def create_dynamic(cls, name, interface_id, dynamic_index=1, primary_mgt=True, reverse_connection=True, automatic_default_route=True, domain_server_address=None, loopback_ndi='127.0.0.1', loopback_ndi_network='127.0.0.1/32', location_ref=None, log_server_ref=None, zone_ref=None, enable_gti=False, enable_antivirus=False, sidewinder_proxy_enabled=False, default_nat=False): """ Create a single layer 3 firewall with only a single DHCP interface. Useful when creating virtualized FW's such as in Microsoft Azure. """ builder = InterfaceBuilder() builder.interface_id = interface_id builder.add_dhcp(dynamic_index, is_mgmt=primary_mgt) builder.zone = zone_ref loopback = LoopbackInterface.create( address=loopback_ndi, nodeid=1, auth_request=True, rank=1) engine = super(Layer3Firewall, cls)._create( name=name, node_type='firewall_node', loopback_ndi=[loopback.data], physical_interfaces=[{'physical_interface': builder.data}], domain_server_address=domain_server_address, log_server_ref=log_server_ref, nodes=1, enable_gti=enable_gti, enable_antivirus=enable_antivirus, sidewinder_proxy_enabled=sidewinder_proxy_enabled, default_nat=default_nat, location_ref=location_ref) try: return ElementCreator(cls, json=engine) except CreateElementFailed as e: raise CreateEngineFailed(e)
def loopback_interface(self): """ Loopback interfaces for this node. This will return empty if the engine is not a layer 3 firewall type:: >>> engine = Engine('dingo') >>> for node in engine.nodes: ... for loopback in node.loopback_interface: ... loopback ... LoopbackInterface(address=172.20.1.1, nodeid=1, rank=1) LoopbackInterface(address=172.31.1.1, nodeid=1, rank=2) LoopbackInterface(address=2.2.2.2, nodeid=1, rank=3) :rtype: list(LoopbackInterface) """ for lb in self.data.get('loopback_node_dedicated_interface', []): yield LoopbackInterface(lb, self._engine)
def create_dynamic(cls, name, interface_id, dynamic_index=1, reverse_connection=True, automatic_default_route=True, domain_server_address=None, loopback_ndi="127.0.0.1", location_ref=None, log_server_ref=None, zone_ref=None, enable_gti=False, enable_antivirus=False, sidewinder_proxy_enabled=False, default_nat=False, comment=None, extra_opts=None, engine_type=None, node_type="firewall_node", **kw): """ Create a single layer 3 firewall with only a single DHCP interface. Useful when creating virtualized engine's such as in Microsoft Azure. :param str name: name of engine :param str,int interface_id: interface ID used for dynamic interface and management :param bool reverse_connection: specifies the dynamic interface should initiate connections to management (default: True) :param bool automatic_default_route: allow SMC to create a dynamic netlink for the default route (default: True) :param list domain_server_address: list of IP addresses for engine DNS :param str loopback_ndi: IP address for a loopback NDI. When creating a dynamic engine, the `auth_request` must be set to a different interface, so loopback is created :param str location_ref: location by name for the engine :param str log_server_ref: log server reference, will use the default or first retrieved if not specified :param dict extra_opts: extra options as a dict to be passed to the top level engine :raises CreateElementFailed: failed to create engine :return: :py:class:`smc.core.engine.Engine` """ interfaces = kw.pop("interfaces", []) # Add the primary interface to the interface list interface = { "interface_id": interface_id, "interface": "single_node_interface", "zone_ref": zone_ref, "interfaces": [{ "nodes": [{ "dynamic": True, "dynamic_index": dynamic_index, "nodeid": 1, "reverse_connection": reverse_connection, "automatic_default_route": automatic_default_route, }] }], } interfaces.append(interface) loopback = LoopbackInterface.create(address=loopback_ndi, nodeid=1, auth_request=True, rank=1) return Layer3Firewall.create_bulk( name=name, node_type=node_type, primary_mgt=interface_id, interfaces=interfaces, loopback_ndi=[loopback.data], domain_server_address=domain_server_address, log_server_ref=log_server_ref, enable_gti=enable_gti, nodes=1, enable_antivirus=enable_antivirus, sidewinder_proxy_enabled=sidewinder_proxy_enabled, default_nat=default_nat, location_ref=location_ref, comment=comment, engine_type=engine_type, extra_opts=extra_opts, )
def create_dynamic(cls, name, interface_id, dynamic_index=1, reverse_connection=True, automatic_default_route=True, domain_server_address=None, loopback_ndi='127.0.0.1', location_ref=None, log_server_ref=None, zone_ref=None, enable_gti=False, enable_antivirus=False, sidewinder_proxy_enabled=False, default_nat=False, comment=None, **kw): """ Create a single layer 3 firewall with only a single DHCP interface. Useful when creating virtualized FW's such as in Microsoft Azure. :param str name: name of engine :param str,int interface_id: interface ID used for dynamic interface and management :param bool reverse_connection: specifies the dynamic interface should initiate connections to management (default: True) :param bool automatic_default_route: allow SMC to create a dynamic netlink for the default route (default: True) :param list domain_server_address: list of IP addresses for engine DNS :param str loopback_ndi: IP address for a loopback NDI. When creating a dynamic engine, the `auth_request` must be set to a different interface, so loopback is created :param str location_ref: location by name for the engine :param str log_server_ref: log server reference, will use the """ interfaces = kw.pop('interfaces', []) # Add the primary interface to the interface list interface = {'interface_id': interface_id, 'interface': 'single_node_interface', 'zone_ref': zone_ref, 'interfaces': [{ 'nodes': [{'dynamic': True, 'dynamic_index': dynamic_index, 'nodeid': 1, 'reverse_connection': reverse_connection, 'automatic_default_route': automatic_default_route}] }] } interfaces.append(interface) loopback = LoopbackInterface.create( address=loopback_ndi, nodeid=1, auth_request=True, rank=1) return Layer3Firewall.create_bulk( name=name, node_type='firewall_node', primary_mgt=interface_id, interfaces=interfaces, loopback_ndi=[loopback.data], domain_server_address=domain_server_address, log_server_ref=log_server_ref, nodes=1, enable_gti=enable_gti, enable_antivirus=enable_antivirus, sidewinder_proxy_enabled=sidewinder_proxy_enabled, default_nat=default_nat, location_ref=location_ref, comment=comment, **kw)
def create_dynamic(cls, name, interface_id, dynamic_index=1, reverse_connection=True, automatic_default_route=True, domain_server_address=None, loopback_ndi='127.0.0.1', location_ref=None, log_server_ref=None, zone_ref=None, enable_gti=False, enable_antivirus=False, sidewinder_proxy_enabled=False, default_nat=False, comment=None, **kw): """ Create a single layer 3 firewall with only a single DHCP interface. Useful when creating virtualized FW's such as in Microsoft Azure. :param str name: name of engine :param str,int interface_id: interface ID used for dynamic interface and management :param bool reverse_connection: specifies the dynamic interface should initiate connections to management (default: True) :param bool automatic_default_route: allow SMC to create a dynamic netlink for the default route (default: True) :param list domain_server_address: list of IP addresses for engine DNS :param str loopback_ndi: IP address for a loopback NDI. When creating a dynamic engine, the `auth_request` must be set to a different interface, so loopback is created :param str location_ref: location by name for the engine :param str log_server_ref: log server reference, will use the """ interfaces = kw.pop('interfaces', []) # Add the primary interface to the interface list interface = { 'interface_id': interface_id, 'interface': 'single_node_interface', 'zone_ref': zone_ref, 'interfaces': [{ 'nodes': [{ 'dynamic': True, 'dynamic_index': dynamic_index, 'nodeid': 1, 'reverse_connection': reverse_connection, 'automatic_default_route': automatic_default_route }] }] } interfaces.append(interface) loopback = LoopbackInterface.create(address=loopback_ndi, nodeid=1, auth_request=True, rank=1) return Layer3Firewall.create_bulk( name=name, node_type='firewall_node', primary_mgt=interface_id, interfaces=interfaces, loopback_ndi=[loopback.data], domain_server_address=domain_server_address, log_server_ref=log_server_ref, nodes=1, enable_gti=enable_gti, enable_antivirus=enable_antivirus, sidewinder_proxy_enabled=sidewinder_proxy_enabled, default_nat=default_nat, location_ref=location_ref, comment=comment, **kw)