def remove_external_address_block(self, context, cidr): LOG.audit(_('Removing ip block from %s'), cidr, context=context) cidr = urllib.unquote(cidr).decode() # Catch the exception and LOG for improper or malicious inputs. # Also return a proper status and message in that case failed = {'status': 'Failed', 'message': ' 0 rules deleted'} if not utils.is_valid_cidr(cidr): msg = 'Improper input. Please provide a valid cidr: ' \ 'e.g. 121.12.10.11/24.' failed['message'] = msg + failed['message'] return failed #Normalizing cidr. e.g. '20.20.20.11/24' -> '20.20.20.0/24', so that #db values stay in sync with filters' values (e.g. in iptables) cidr = str(netaddr.IPNetwork(cidr).cidr) rules = db.provider_fw_rule_get_all_by_cidr(context, cidr) if not rules: msg = 'No such CIDR currently blocked.' failed['message'] = msg + failed['message'] return failed else: for rule in rules: db.provider_fw_rule_destroy(context, rule['id']) self.compute_api.trigger_provider_fw_rules_refresh(context) return {'status': 'OK', 'message': 'Deleted %s rules' % len(rules)}
def remove_external_address_block(self, context, cidr): LOG.audit(_('Removing ip block from %s'), cidr, context=context) cidr = urllib.unquote(cidr).decode() # raise if invalid netaddr.IPNetwork(cidr) rules = db.provider_fw_rule_get_all_by_cidr(context, cidr) for rule in rules: db.provider_fw_rule_destroy(context, rule['id']) if rules: self.compute_api.trigger_provider_fw_rules_refresh(context) return {'status': 'OK', 'message': 'Deleted %s rules' % len(rules)}