def init_firewall_for_all_csep(self):
LOGGER.info("Applying firewall rules for all csep and Data Center...")
print "Applying firewall rules for all CSEP and Data Center..."
sites = DBSession.query(Site)
if sites[0]:
LOGGER.info("Got the site. Site name is " + to_str(sites[0].name))
site_id = sites[0].id
site_name = sites[0].name
nw_service_host = get_cms_network_service_node()
if nw_service_host:
fw = IptablesManager(site_name)
self.fw_map[site_id] = fw
self.set_nw_service_host(fw, nw_service_host)
self.dump(fw)
csep_list = DBSession.query(CSEP)
for each_csep in csep_list:
csep_id = each_csep.id
LOGGER.info("Got the CSEP. CSEP name is " + to_str(each_csep.name))
nw_service_host = each_csep.get_nw_service_host()
fw = None
if nw_service_host:
fw = IptablesManager(each_csep.name)
self.fw_map[csep_id] = fw
self.set_nw_service_host(fw, nw_service_host)
nw_def_list = DBSession.query(CSEPDefLink).filter_by(csep_id=csep_id)
for each_def in nw_def_list:
nw_def_id = each_def.def_id
self.set_firewall_for_network(csep_id, nw_def_id)
ip_list = self.get_associated_public_ips(csep_id)
for ip in ip_list:
public_ip = IPManager().remove_cidr_format_from_ip(ip.ip)
nw_vm_rel = DBSession.query(NetworkVMRelation).filter_by(public_ip_id=ip.id).first()
if nw_vm_rel:
ip_rec = IPS.get_ip_by_id(nw_vm_rel.private_ip_id)
if ip_rec:
private_ip = IPManager().remove_cidr_format_from_ip(ip_rec.ip)
self.set_firewall_for_public_ip_mapping(csep_id, public_ip, private_ip)
if fw:
self.dump(fw)
def get_ip_by_id(self, ip_id):
return IPS.get_ip_by_id(ip_id)
