def create_rules_generator_for_port(self, port): for sec_group in port.sec_groups: for rule in sec_group.raw_rules: yield rule for rule in sec_group.remote_rules: remote_group = self.sg_port_map.sec_groups[rule["remote_group_id"]] for ip_addr in remote_group.get_ethertype_filtered_addresses(rule["ethertype"], port.fixed_ips): yield rules.create_rule_for_ip_address(ip_addr, rule)
def test_create_rule_for_ip_address(self): sg_rule = {"remote_group_id": "remote_id", "direction": firewall.INGRESS_DIRECTION, "some_settings": "foo"} expected_rule = { "direction": firewall.INGRESS_DIRECTION, "source_ip_prefix": "192.168.0.1/32", "some_settings": "foo", } translated_rule = rules.create_rule_for_ip_address("192.168.0.1", sg_rule) self.assertEqual(expected_rule, translated_rule)
def create_rules_generator_for_port(self, port): for sec_group in port.sec_groups: for rule in sec_group.raw_rules: yield rule for rule in sec_group.remote_rules: remote_group = self.sg_port_map.sec_groups[ rule['remote_group_id']] for ip_addr in remote_group.get_ethertype_filtered_addresses( rule['ethertype'], port.fixed_ips): yield rules.create_rule_for_ip_address(ip_addr, rule)
def test_create_rule_for_ip_address(self): sg_rule = { 'remote_group_id': 'remote_id', 'direction': firewall.INGRESS_DIRECTION, 'some_settings': 'foo', } expected_rule = { 'direction': firewall.INGRESS_DIRECTION, 'source_ip_prefix': '192.168.0.1/32', 'some_settings': 'foo', } translated_rule = rules.create_rule_for_ip_address( '192.168.0.1', sg_rule) self.assertEqual(expected_rule, translated_rule)