def connection_down(parsed_args):
ipsec_connection = load_ipsec_connection(parsed_args)
connection_name = ipsec_connection['name']
ip_route = IPRoute()
if is_connection_up(ip_route, ipsec_connection):
ipsec_result = ipsec('down', connection_name)
if ipsec_result.status != 0:
raise DockerIPSecError('Failed to disconnect VPN: {0}\n{1}'.format(connection_name, ipsec_result.output))
filter_func = functools.partial(comment_matches_ipsec_connection, connection_name)
remove_iptables_rules(filter_func)
def remove_docker_networks(parsed_args):
docker_networks = parsed_args.dockerNetworks
docker_client = docker.Client()
docker_network_to_ip_network = functools.partial(ip_network_for_docker_network, docker_client)
docker_ip_networks = set(map(docker_network_to_ip_network, docker_networks))
def filter_func(comment):
src_cidr = comment.get('srcCIDR', None)
if src_cidr is None:
return False
src_network = netaddr.IPNetwork(src_cidr)
return src_network in docker_ip_networks
remove_iptables_rules(filter_func=filter_func)
def connection_down(parsed_args):
ipsec_connection = load_ipsec_connection(parsed_args)
connection_name = ipsec_connection['name']
ip_route = IPRoute()
if is_connection_up(ip_route, ipsec_connection):
ipsec_result = ipsec('down', connection_name)
if ipsec_result.status != 0:
raise DockerIPSecError('Failed to disconnect VPN: {0}\n{1}'.format(
connection_name, ipsec_result.output))
filter_func = functools.partial(comment_matches_ipsec_connection,
connection_name)
remove_iptables_rules(filter_func)
def remove_docker_networks(parsed_args):
docker_networks = parsed_args.dockerNetworks
docker_client = docker.DockerClient()
docker_network_to_ip_network = functools.partial(
ip_network_for_docker_network, docker_client)
docker_ip_networks = set(map(docker_network_to_ip_network,
docker_networks))
def filter_func(comment):
src_cidr = comment.get('srcCIDR', None)
if src_cidr is None:
return False
src_network = netaddr.IPNetwork(src_cidr)
return src_network in docker_ip_networks
remove_iptables_rules(filter_func=filter_func)
