def delete_namespace_security_policy(self, ns_name):
"""
Delete firwall rule created to enforce default behavior on this
namespace.
"""
if VncSecurityPolicy.allow_all_fw_policy_uuid:
# Dis-associate and delete the ingress rule from namespace policy.
rule_name = self._get_namespace_firewall_ingress_rule_name(ns_name)
rule_uuid = VncSecurityPolicy.get_firewall_rule_uuid(rule_name)
VncSecurityPolicy.delete_firewall_rule(
VncSecurityPolicy.allow_all_fw_policy_uuid, rule_uuid)
# Dis-associate and delete egress rule from namespace policy.
egress_rule_name = self._get_namespace_firewall_egress_rule_name(
ns_name)
egress_rule_uuid = VncSecurityPolicy.get_firewall_rule_uuid(
egress_rule_name)
VncSecurityPolicy.delete_firewall_rule(
VncSecurityPolicy.allow_all_fw_policy_uuid, egress_rule_uuid)
def delete_namespace_security_policy(self, ns_name):
"""
Delete firwall rule created to enforce default behavior on this
namespace.
"""
if VncSecurityPolicy.allow_all_fw_policy_uuid:
# Dis-associate and delete the ingress rule from namespace policy.
rule_name = self._get_namespace_firewall_ingress_rule_name(ns_name)
rule_uuid = VncSecurityPolicy.get_firewall_rule_uuid(rule_name)
VncSecurityPolicy.delete_firewall_rule(
VncSecurityPolicy.allow_all_fw_policy_uuid, rule_uuid)
# Dis-associate and delete egress rule from namespace policy.
egress_rule_name = self._get_namespace_firewall_egress_rule_name(
ns_name)
egress_rule_uuid = VncSecurityPolicy.get_firewall_rule_uuid(
egress_rule_name)
VncSecurityPolicy.delete_firewall_rule(
VncSecurityPolicy.allow_all_fw_policy_uuid, egress_rule_uuid)
def delete_ingress_to_service_rule(cls, ns_name, ingress_name,
service_name):
"""
Delete the ingress-to-service allow rule added to ingress firewall
policy.
"""
rule_uuid = None
if VncSecurityPolicy.ingress_svc_fw_policy_uuid:
rule_name = VncIngress._get_ingress_firewall_rule_name(
ns_name, ingress_name, service_name)
# Get the rule id of the rule to be deleted.
rule_uuid = VncSecurityPolicy.get_firewall_rule_uuid(rule_name)
if rule_uuid:
# Delete the rule.
VncSecurityPolicy.delete_firewall_rule(
VncSecurityPolicy.ingress_svc_fw_policy_uuid, rule_uuid)
return rule_uuid