def Trigger(tc):
ret = netagent_api.DeleteBaseConfig(kinds=['SecurityProfile'])
if ret != api.types.status.SUCCESS:
api.Logger.error("Failed to delete the security profile.")
return ret
print("\t\t\t########################################################################")
print("\t\t\t# TRANSPARENT, FLOWAWARE => TRANSPARENT, ENFORCE #")
print("\t\t\t########################################################################")
# Change mode from TRANSPARENT, FLOWAWARE => TRANSPARENT, ENFORCE
ret = netagent_api.switch_profile(fwd_mode="TRANSPARENT", policy_mode="ENFORCED")
if ret != api.types.status.SUCCESS:
api.Logger.error("Failed to switch profile")
return ret
#profile_json = api.GetTopologyDirectory() + "/" + "security_profile.json"
profile_objs = netagent_api.QueryConfigs(kind='SecurityProfile')
ret = netagent_api.PushConfigObjects(profile_objs)
if ret != api.types.status.SUCCESS:
api.Logger.error("Failed to push nwsec profile")
return ret
#Push the default policy
policy_objs = netagent_api.QueryConfigs(kind='NetworkSecurityPolicy')
ret = netagent_api.PushConfigObjects(policy_objs)
if ret != api.types.status.SUCCESS:
api.Logger.error("Failed to push nwsec policy")
return ret
api.Logger.info("Successfully changed the mode TRANSPARENT, FLOWAWARE => TRANSPARENT, ENFORCE")
return api.types.status.SUCCESS
def Setup(tc):
tc.nwObjects = agent_api.QueryConfigs(kind='Network')
tc.epObjects = agent_api.QueryConfigs(kind='Endpoint')
if not agent_api.__config_pushed:
api.Logger.info("Config objects are not pushed")
agent_api.UpdateNodeUuidEndpoints(tc.epObjects)
api.Testbed_ResetVlanAlloc()
vlan = api.Testbed_AllocateVlan()
agent_api.UpdateTestBedVlans(tc.nwObjects)
tc.iters = getattr(tc.args, 'iters', 10)
return api.types.status.SUCCESS
def __update_endpoint_info(tc):
for dest_host, workloads in tc.vmotion_cntxt.MoveRequest.items():
api.Logger.debug(
"Creating endpoint info at %s for workloads being moved" %
dest_host)
if not api.IsNaplesNode(dest_host):
continue
for wl in workloads:
api.Logger.debug("Updating ep-info for %s" % wl.workload_name)
ep_filter = "meta.name=" + wl.workload_name + ";"
objects = agent_api.QueryConfigs("Endpoint", filter=ep_filter)
assert (len(objects) == 1)
obj = copy.deepcopy(objects[0])
# update to indicate completion of vmotion
obj.spec.migration = "DONE"
obj.spec.node_uuid = tc.vmotion_cntxt.UUIDMap[dest_host]
resp = agent_api.UpdateConfigObjects([obj], [dest_host],
ignore_error=True)
if resp != api.types.status.SUCCESS:
api.Logger.error(
"Update migr status done failed for %s for %s" %
(wl.workload_name, dest_host))
# update to keep new node happy, only in iota
obj.spec.migration = None
obj.spec.node_uuid = tc.vmotion_cntxt.UUIDMap[dest_host]
resp = agent_api.UpdateConfigObjects([obj], [dest_host],
ignore_error=True)
if resp != api.types.status.SUCCESS:
api.Logger.error(
"Update migr state to None failed for %s for %s" %
(wl.workload_name, dest_host))
api.Logger.debug("Completed endpoint update at NewHome")
return
def get_timeout_val(timeout):
#Query will get the reference of objects on store
store_profile_objects = netagent_cfg_api.QueryConfigs(
kind='SecurityProfile')
val = ""
if len(store_profile_objects) == 0:
api.Logger.error("No security profile objects in store")
return val
for object in store_profile_objects:
if (timeout == 'tcp-timeout'):
val = object.spec.timeouts.tcp
if (timeout == 'udp-timeout'):
val = object.spec.timeouts.udp
if (timeout == 'icmp-timeout'):
val = object.spec.timeouts.icmp
if (timeout == 'tcp-half-close'):
val = object.spec.timeouts.tcp_half_close
if (timeout == 'tcp-close'):
val = object.spec.timeouts.tcp_close
if (timeout == 'tcp-connection-setup'):
val = object.spec.timeouts.tcp_connection_setup
if (timeout == 'tcp-drop'):
val = object.spec.timeouts.tcp_drop
if (timeout == 'udp-drop'):
val = object.spec.timeouts.udp_drop
if (timeout == 'icmp-drop'):
val = object.spec.timeouts.icmp_drop
return val
def Teardown(tc):
api.Logger.info("Tearing down ...")
newObjects = newObjects = agent_api.QueryConfigs(
kind='NetworkSecurityPolicy')
agent_api.PushConfigObjects(newObjects)
return api.types.status.SUCCESS
def get_timeout(timeout):
#Query will get the reference of objects on store
store_profile_objects = netagent_cfg_api.QueryConfigs(
kind='SecurityProfile')
if len(store_profile_objects) == 0:
api.Logger.error("No security profile objects in store")
return api.types.status.FAILURE
for object in store_profile_objects:
if (timeout == 'tcp-timeout'):
return timetoseconds(object.spec.timeouts.tcp)
if (timeout == 'udp-timeout'):
return timetoseconds(object.spec.timeouts.udp)
if (timeout == 'icmp-timeout'):
return timetoseconds(object.spec.timeouts.icmp)
if (timeout == 'tcp-half-close'):
return timetoseconds(object.spec.timeouts.tcp_half_close)
if (timeout == 'tcp-close'):
return timetoseconds(object.spec.timeouts.tcp_close)
if (timeout == 'tcp-connection-setup'):
return timetoseconds(object.spec.timeouts.tcp_connection_setup)
if (timeout == 'tcp-drop'):
return timetoseconds(object.spec.timeouts.tcp_drop)
if (timeout == 'udp-drop'):
return timetoseconds(object.spec.timeouts.udp_drop)
if (timeout == 'icmp-drop'):
return timetoseconds(object.spec.timeouts.icmp_drop)
return 0
def SetSessionLimit(session, limit):
#Query will get the reference of objects on store
store_profile_objects = netagent_cfg_api.QueryConfigs(
kind='SecurityProfile')
if len(store_profile_objects) == 0:
api.Logger.error("No security profile objects in store")
return api.types.status.FAILURE
for object in store_profile_objects:
if (session == 'tcp'):
object.spec.rate_limits.tcp_half_open_session_limit = limit
elif (session == 'udp'):
object.spec.rate_limits.udp_active_session_limit = limit
elif (session == 'icmp'):
object.spec.rate_limits.icmp_active_session_limit = limit
elif (session == 'other'):
object.spec.rate_limits.other_session_limit = limit
elif (session == 'all'):
object.spec.rate_limits.tcp_half_open_session_limit = limit
object.spec.rate_limits.udp_active_session_limit = limit
object.spec.rate_limits.icmp_active_session_limit = limit
object.spec.rate_limits.other_session_limit = limit
else:
api.Logger.error("unsupported security profile session type %s" %
session)
return api.types.status.FAILURE
#Now push the update as we modified.
netagent_cfg_api.UpdateConfigObjects(store_profile_objects)
time.sleep(5)
return api.types.status.SUCCESS
def update_timeout(timeout, val):
#Query will get the reference of objects on store
store_profile_objects = netagent_cfg_api.QueryConfigs(
kind='SecurityProfile')
if len(store_profile_objects) == 0:
api.Logger.error("No security profile objects in store")
return api.types.status.FAILURE
for object in store_profile_objects:
if (timeout == 'tcp-timeout'):
object.spec.timeouts.tcp = val
if (timeout == 'udp-timeout'):
object.spec.timeouts.udp = val
if (timeout == 'icmp-timeout'):
object.spec.timeouts.icmp = val
if (timeout == 'tcp-half-close'):
object.spec.timeouts.tcp_half_close = val
if (timeout == 'tcp-close'):
object.spec.timeouts.tcp_close = val
if (timeout == 'tcp-connection-setup'):
object.spec.timeouts.tcp_connection_setup = val
if (timeout == 'tcp-drop'):
object.spec.timeouts.tcp_drop = val
if (timeout == 'udp-drop'):
object.spec.timeouts.udp_drop = val
if (timeout == 'icmp-drop'):
object.spec.timeouts.icmp_drop = val
#Now push the update as we modified.
netagent_cfg_api.UpdateConfigObjects(store_profile_objects)
return api.types.status.SUCCESS
def create_ep_info(tc, wl, dest_node, migr_state, src_node):
# get a naples handle to move to
ep_filter = "meta.name=" + wl.workload_name + ";"
if not hasattr(tc, 'dsc_conn_type'):
api.Logger.info(" seeing dsc_conn_type to oob")
tc.dsc_conn_type = 'oob'
objects = agent_api.QueryConfigs("Endpoint", filter=ep_filter)
assert(len(objects) == 1)
object = copy.deepcopy(objects[0])
# delete endpoint being moved on new host, TEMP
agent_api.DeleteConfigObjects([object], [dest_node], ignore_error=True)
# sleep to let delete cleanup all sessions/handles
time.sleep(1)
object.spec.node_uuid = tc.uuidMap[dest_node]
object.spec.migration = migr_state
if (api.IsNaplesNode(src_node)):
object.status.node_uuid = tc.uuidMap[src_node]
if (tc.dsc_conn_type == "oob"):
object.spec.homing_host_address = api.GetNicMgmtIP(src_node)
else:
object.spec.homing_host_address = api.GetBondIp(src_node)
else:
object.status.node_uuid = "0011.2233.4455" # TEMP
object.spec.homing_host_address = "169.169.169.169" # TEMP
# this triggers endpoint on new host(naples) to setup flows
agent_api.PushConfigObjects([object], [dest_node], ignore_error=True)
def update_sgpolicy(app_name, allowDefault=False):
#Query will get the reference of objects on store
store_policy_objects = netagent_cfg_api.QueryConfigs(
kind='NetworkSecurityPolicy')
if len(store_policy_objects) == 0:
api.Logger.error("No SG Policy objects in store")
return api.types.status.FAILURE
for object in store_policy_objects:
rules = len(object.spec.policy_rules)
if (rules == 0):
continue
#We dont want to keep updating the same policy
defaultRule = object.spec.policy_rules.pop()
if app_name != None:
if (hasattr(object.spec.policy_rules[rules-2], 'app_name') and \
object.spec.policy_rules[rules-2].app_name == app_name):
continue
newRule = copy.deepcopy(object.spec.policy_rules[0])
newRule.source.addresses = ['any']
newRule.destination.addresses = ['any']
newRule.app_name = app_name
newRule.destination.app_configs = None
newRule.destination.proto_ports = None
newRule.action = 'PERMIT'
object.spec.policy_rules.append(newRule)
if allowDefault == False:
defaultRule.action = 'DENY'
else:
defaultRule.action = 'PERMIT'
object.spec.policy_rules.append(defaultRule)
#Now push the update as we modified.
netagent_cfg_api.UpdateConfigObjects(store_policy_objects)
def Teardown(tc):
api.Logger.info("Tearing down ...")
#policy_json = "{}/sgpolicy.json".format(api.GetTopologyDirectory())
#sg_json_obj = utils.ReadJson(policy_json)
newObjects = agent_api.QueryConfigs(kind='NetworkSecurityPolicy')
agent_api.PushConfigObjects(newObjects)
addPktFltrRuleOnEp(tc, enable=False)
return api.types.status.SUCCESS
def __recover_workloads(target_node=None):
objects = netagent_api.QueryConfigs(kind='Endpoint')
netagent_api.UpdateNodeUuidEndpoints(objects)
req = topo_svc.WorkloadMsg()
resp = api.RestoreWorkloads(req)
if resp is None:
return api.types.status.FAILURE
return api.types.status.SUCCESS
def __prepare_ip_address_str_for_endpoint(ep):
nw_filter = "meta.name=" + ep.spec.network_name + ";"
objects = netagent_api.QueryConfigs(kind='Network', filter=nw_filter)
assert (len(objects) == 1)
nw_obj = objects[0]
ep_spec_ip = ep.spec.ipv4_addresses[0]
nw_spec_subnet = nw_obj.spec.ipv4_subnet
ip_str = ep_spec_ip.split('/')[0] + '/' + nw_spec_subnet.split('/')[1]
return ip_str
def UpdateNetworkAndEnpointObject():
nwObj = netagent_api.QueryConfigs(kind='Network')
if not nwObj:
api.Logger.error("Failed to get network object")
return api.types.status.FAILURE
api.Testbed_ResetVlanAlloc()
vlan = api.Testbed_AllocateVlan()
api.Logger.info("Ignoring first vlan as it is native ", vlan)
netagent_api.UpdateTestBedVlans(nwObj)
epObj = netagent_api.QueryConfigs(kind='Endpoint')
if not epObj:
api.Logger.error("Failed to get endpoint object")
return api.types.status.FAILURE
netagent_api.UpdateNodeUuidEndpoints(epObj)
return api.types.status.SUCCESS
def deleteEpTrigger(tc, node, wl):
api.Logger.info("Running delete ep %s on node %s" %
(wl.workload_name, node))
ep_filter = "meta.name=" + wl.workload_name + ";"
objects = agent_api.QueryConfigs("Endpoint", filter=ep_filter)
assert (len(objects) == 1)
object = copy.deepcopy(objects[0])
delete_ep_info(tc, wl, node)
time.sleep(5)
agent_api.PushConfigObjects([object], [node], True)
def __modify_security_profile(tc):
sp_objects = netagent_api.QueryConfigs(kind='SecurityProfile')
tc.cloned_sp_objects = netagent_api.CloneConfigObjects(sp_objects)
for obj in sp_objects:
obj.spec.timeouts.tcp = "1s"
obj.spec.timeouts.udp = "1s"
obj.spec.timeouts.tcp_half_close = "1s"
obj.spec.timeouts.tcp_close = "1s"
obj.spec.timeouts.tcp_connection_setup = "10s"
return netagent_api.UpdateConfigObjects(sp_objects)
def Trigger(tc):
nwsec_objs = agent_api.QueryConfigs(kind="NetworkSecurityPolicy")
agent_api.DeleteConfigObjects(nwsec_objs)
agent_api.RemoveConfigObjects(nwsec_objs)
nwsec_json = api.GetTopologyDirectory() + "/" + "sgpolicy.json"
nwsec_objs = agent_api.AddOneConfig(nwsec_json)
ret = agent_api.PushConfigObjects(nwsec_objs)
if ret != api.types.status.SUCCESS:
api.Logger.error("Failed to push nwsec policy")
return ret
return api.types.status.SUCCESS
def update_ep_migr_status(tc, wl, node, migr_state):
ep_filter = "meta.name=" + wl.workload_name + ";"
objects = agent_api.QueryConfigs("Endpoint", filter=ep_filter)
assert(len(objects) == 1)
# update to indicate completion of vmotion
object = copy.deepcopy(objects[0])
object.spec.migration = migr_state
object.spec.node_uuid = tc.uuidMap[node]
agent_api.UpdateConfigObjects([object], [node], ignore_error=True)
# update to keep new node happy, only in iota
object.spec.migration = None
object.spec.node_uuid = tc.uuidMap[node]
agent_api.UpdateConfigObjects([object], [node], ignore_error=True)
def __delete_endpoint_info(tc):
api.Logger.debug(
"Deleting endpoint info from CurrentHome of moved workloads")
for wload, host in tc.vmotion_cntxt.CurrentHome.items():
if not api.IsNaplesNode(host):
continue
api.Logger.debug("Deleting ep-info at %s for wload: %s" %
(host, wload.workload_name))
ep_filter = "meta.name=" + wload.workload_name + ";"
objects = agent_api.QueryConfigs("Endpoint", filter=ep_filter)
assert (len(objects) == 1)
agent_api.DeleteConfigObjects(objects[:1], [host], ignore_error=True)
return
def Trigger(tc):
newObjects = agent_api.QueryConfigs(kind='NetworkSecurityPolicy')
ret = api.types.status.SUCCESS
for i in range(0, 100):
ret = agent_api.PushConfigObjects(newObjects)
agent_api.DeleteConfigObjects(newObjects)
if ret != api.types.status.SUCCESS:
break
agent_api.RemoveConfigObjects(newObjects)
tc.ret = ret
return ret
def configurationChangeEvent(tc):
if tc.cancel:
api.Logger.info("Canceling configurationChangeEvent...")
sys.exit(0)
api.Logger.info("Running configurationChangeEvent...")
for proto in ["tcp", "udp"]:
policies = utils.GetTargetJsons(proto)
for policy_json in policies:
# Delete allow-all policy
agent_api.DeleteSgPolicies()
api.Logger.info("Pushing Security policy: %s " % (policy_json))
newObjects = agent_api.AddOneConfig(policy_json)
ret = agent_api.PushConfigObjects(newObjects)
if ret != api.types.status.SUCCESS:
api.Logger.error("Failed to push policies for %s" %
policy_json)
if agent_api.DeleteConfigObjects(newObjects):
api.Logger.error("Failed to delete config object for %s" %
policy_json)
if agent_api.RemoveConfigObjects(newObjects):
api.Logger.error("Failed to remove config object for %s" %
policy_json)
# Restore allow-all policy
agent_api.PushConfigObjects(
agent_api.QueryConfigs(kind='NetworkSecurityPolicy'))
if tc.cancel:
return api.types.status.SUCCESS
for proto in ['tcp', 'udp', 'icmp', 'mixed', 'scale']:
mirrorPolicies = GetTargetJsons('mirror', proto)
flowmonPolicies = GetTargetJsons('flowmon', proto)
for mp_json, fp_json in zip(mirrorPolicies, flowmonPolicies):
mpObjs = agent_api.AddOneConfig(mp_json)
fpObjs = agent_api.AddOneConfig(fp_json)
ret = agent_api.PushConfigObjects(mpObjs + fpObjs)
if ret != api.types.status.SUCCESS:
api.Logger.error("Failed to push the telemetry objects")
ret = agent_api.DeleteConfigObjects(fpObjs + mpObjs)
if ret != api.types.status.SUCCESS:
api.Logger.error("Failed to delete the telemetry objects")
ret = agent_api.RemoveConfigObjects(mpObjs + fpObjs)
if ret != api.types.status.SUCCESS:
api.Logger.error("Failed to remove the telemetry objects")
if tc.cancel:
return api.types.status.SUCCESS
return api.types.status.SUCCESS
def Trigger(tc):
store_policy_objects = netagent_api.QueryConfigs(
kind='NetworkSecurityPolicy')
wait = getattr(tc.args, "wait", 30)
time.sleep(int(wait))
action = str(getattr(tc.args, "action"))
__update_policy_actions(store_policy_objects, action)
ret = netagent_api.UpdateConfigObjects(store_policy_objects)
if ret != api.types.status.SUCCESS:
return api.types.status.FAILURE
return api.types.status.SUCCESS
def update_field(field, val):
#Query will get the reference of objects on store
store_profile_objects = netagent_cfg_api.QueryConfigs(
kind='SecurityProfile')
if len(store_profile_objects) == 0:
api.Logger.error("No security profile objects in store")
return api.types.status.FAILURE
for object in store_profile_objects:
if (field == 'enable-connection-tracking'):
object.spec.enable_connection_tracking = val
#Now push the update as we modified.
netagent_cfg_api.UpdateConfigObjects(store_profile_objects)
return api.types.status.SUCCESS
def GetSessionLimit(session):
#Query will get the reference of objects on store
store_profile_objects = netagent_cfg_api.QueryConfigs(
kind='SecurityProfile')
if len(store_profile_objects) == 0:
api.Logger.error("No security profile objects in store")
return api.types.status.FAILURE
for object in store_profile_objects:
if (session == 'tcp'):
return object.spec.rate_limits.tcp_half_open_session_limit
elif (session == 'udp'):
return object.spec.rate_limits.udp_active_session_limit
elif (session == 'icmp'):
return object.spec.rate_limits.icmp_active_session_limit
elif (session == 'other'):
return object.spec.rate_limits.other_session_limit
return api.types.status.FAILURE
def create_ep_info(tc, wl, new_node, migr_state, old_node):
# get a naples handle to move to
ep_filter = "meta.name=" + wl.workload_name + ";"
objects = agent_api.QueryConfigs("Endpoint", filter=ep_filter)
assert (len(objects) == 1)
object = copy.deepcopy(objects[0])
# delete endpoint being moved on new host, TEMP
agent_api.DeleteConfigObjects([object], [new_node], ignore_error=True)
object.spec.node_uuid = tc.uuidMap[new_node]
object.spec.migration = migr_state
if (api.IsNaplesNode(old_node)):
object.status.node_uuid = tc.uuidMap[old_node]
object.spec.homing_host_address = api.GetNicMgmtIP(old_node)
else:
object.status.node_uuid = "0011.2233.4455" # TEMP
object.spec.homing_host_address = "169.169.169.169" # TEMP
# this triggers endpoint on new host(naples) to setup flows
agent_api.PushConfigObjects([object], [new_node], ignore_error=True)
def update_sgpolicy(src, dst, proto, dport, action="DENY"):
#Query will get the reference of objects on store
store_policy_objects = netagent_cfg_api.QueryConfigs(
kind='NetworkSecurityPolicy')
if len(store_policy_objects) == 0:
api.Logger.error("No security profile objects in store")
return api.types.status.FAILURE
for object in store_policy_objects:
for rule in object.spec.policy_rules:
if (rule.action == action
and rule.destination.proto_ports != None):
for app_config in rule.destination.proto_ports:
if app_config.protocol == proto:
app_config.port = str(dport)
#Now push the update as we modified.
netagent_cfg_api.UpdateConfigObjects(store_policy_objects)
return api.types.status.SUCCESS
def __add_workloads():
ep_objs = netagent_api.QueryConfigs(kind='Endpoint')
for ep in ep_objs.endpoints:
req = topo_svc.WorkloadMsg()
req.workload_op = topo_svc.ADD
wl_msg = req.workloads.add()
wl_msg.workload_name = ep.meta.name
wl_msg.node_name = getattr(ep.spec, "node-uuid", None)
wl_msg.encap_vlan = getattr(ep.spec, 'useg-vlan')
wl_msg.ip_prefix = __prepare_ip_address_str_for_endpoint(ep)
wl_msg.mac_address = getattr(ep.spec, 'mac-address')
lif_uplink = __alloc_lif(wl_msg.node_name)
wl_msg.interface = lif_uplink[0]
wl_msg.parent_interface = lif_uplink[0]
wl_msg.pinned_port = lif_uplink[1]
wl_msg.interface_type = topo_svc.INTERFACE_TYPE_SRIOV
wl_msg.uplink_vlan = __get_l2segment_vlan_for_endpoint(ep)
wl_msg.workload_type = api.GetWorkloadTypeForNode(wl_msg.node_name)
wl_msg.workload_image = api.GetWorkloadImageForNode(wl_msg.node_name)
resp = api.AddWorkloads(req)
def __delete_workloads(target_node=None):
ep_objs = netagent_api.QueryConfigs(kind='Endpoint')
req = topo_svc.WorkloadMsg()
for ep in ep_objs:
node_name = getattr(ep.spec, "_node_name", None)
if not node_name:
node_name = ep.spec.node_uuid
if target_node and target_node != node_name:
api.Logger.info("Skipping delete workload for node %s" % node_name)
continue
req.workload_op = topo_svc.DELETE
wl_msg = req.workloads.add()
wl_msg.workload_name = ep.meta.name
wl_msg.node_name = node_name
if len(req.workloads):
resp = api.DeleteWorkloads(req)
if resp is None:
return api.types.status.FAILURE
return api.types.status.SUCCESS
def update_app(app, timeout, field=None, val=None, isstring=False):
#Query will get the reference of objects on store
store_app_objects = netagent_cfg_api.QueryConfigs(kind='App')
if len(store_app_objects) == 0:
api.Logger.error("No App objects in store")
return api.types.status.FAILURE
for object in store_app_objects:
if object.meta.name == app:
object.spec.app_idle_timeout = timeout
if field != None:
obj = 'object.spec.alg' + '.' + app + '.' + field
if isstring == True:
exec(obj + "=" + "\'%s\'" % (val))
else:
exec(obj + "=" + val)
#Now push the update as we modified.
netagent_cfg_api.UpdateConfigObjects(store_app_objects)
return api.types.status.SUCCESS
def increase_timeout():
#Query will get the reference of objects on store
store_profile_objects = agent_api.QueryConfigs(kind='SecurityProfile')
if len(store_profile_objects) == 0:
api.Logger.error("No security profile objects in store")
return api.types.status.FAILURE
for object in store_profile_objects:
object.spec.timeouts.session_idle = "360s"
object.spec.timeouts.tcp = "360s"
object.spec.timeouts.udp = "360s"
object.spec.timeouts.icmp = "120s"
object.spec.timeouts.tcp_half_close = "360s"
object.spec.timeouts.tcp_close = "360s"
object.spec.timeouts.tcp_connection_setup = "60s"
object.spec.timeouts.tcp_drop = "360s"
object.spec.timeouts.udp_drop = "60s"
object.spec.timeouts.icmp_drop = "300s"
#Now push the update as we modified.
agent_api.UpdateConfigObjects(store_profile_objects)
return api.types.status.SUCCESS
