def delete_namespace_security_policy(self, ns_name): """ Delete firwall rule created to enforce default behavior on this namespace. """ if VncSecurityPolicy.allow_all_fw_policy_uuid: rule_name = self._get_namespace_firewall_rule_name(ns_name) # Dis-associate the rule from namespace policy. rule_uuid = VncSecurityPolicy.get_firewall_rule_uuid(rule_name) # Delete the rule. VncSecurityPolicy.delete_firewall_rule( VncSecurityPolicy.allow_all_fw_policy_uuid, rule_uuid)
def delete_ingress_to_service_rule(cls, ns_name, ingress_name, service_name): """ Delete the ingress-to-service allow rule added to ingress firewall policy. """ rule_uuid = None if VncSecurityPolicy.ingress_svc_fw_policy_uuid: rule_name = VncIngress._get_ingress_firewall_rule_name( ns_name, ingress_name, service_name) # Get the rule id of the rule to be deleted. rule_uuid = VncSecurityPolicy.get_firewall_rule_uuid(rule_name) if rule_uuid: # Delete the rule. VncSecurityPolicy.delete_firewall_rule( VncSecurityPolicy.ingress_svc_fw_policy_uuid, rule_uuid) return rule_uuid
def delete_namespace_security_policy(self, ns_name): """ Delete firwall rule created to enforce default behavior on this namespace. """ if VncSecurityPolicy.allow_all_fw_policy_uuid: # Dis-associate and delete the ingress rule from namespace policy. rule_name = self._get_namespace_firewall_ingress_rule_name(ns_name) rule_uuid = VncSecurityPolicy.get_firewall_rule_uuid(rule_name) VncSecurityPolicy.delete_firewall_rule( VncSecurityPolicy.allow_all_fw_policy_uuid, rule_uuid) # Dis-associate and delete egress rule from namespace policy. egress_rule_name = self._get_namespace_firewall_egress_rule_name( ns_name) egress_rule_uuid = VncSecurityPolicy.get_firewall_rule_uuid( egress_rule_name) VncSecurityPolicy.delete_firewall_rule( VncSecurityPolicy.allow_all_fw_policy_uuid, egress_rule_uuid)
def delete_ingress_to_service_rule_by_id(cls, rule_uuid): if VncSecurityPolicy.ingress_svc_fw_policy_uuid: # Delete the rule. VncSecurityPolicy.delete_firewall_rule( VncSecurityPolicy.ingress_svc_fw_policy_uuid, rule_uuid)