def validate_arguments(arguments): """ Validate argument values: <CIDRS> :param arguments: Docopt processed arguments """ # Validate CIDR cidrs = arguments.get("<CIDRS>") start_ip = arguments.get("<START_IP>") end_ip = arguments.get("<END_IP>") if cidrs: for cidr in cidrs: if not validate_cidr(cidr): print "Invalid CIDR specified %s" % cidr sys.exit(1) elif start_ip or end_ip: if not (validate_ip(start_ip, 4) or validate_ip(start_ip, 6)): print "Invalid START_IP specified." sys.exit(1) elif not (validate_ip(end_ip, 4) or validate_ip(end_ip, 6)): print "Invalid END_IP specified." sys.exit(1) elif IPAddress(start_ip).version != IPAddress(end_ip).version: print "START_IP and END_IP must be the same ip version" sys.exit(1) elif not IPAddress(start_ip) < IPAddress(end_ip): print "START_IP must be a smaller ip address than END_IP" sys.exit(1)
def validate_arguments(arguments): """ Validate argument values: <IP> Arguments not validated: <CONTAINER> <INTERFACE> :param arguments: Docopt processed arguments """ # Validate IP requested_ip = arguments.get("<IP>") if not (requested_ip is None or validate_ip(requested_ip, 4) or validate_ip(requested_ip, 6) or validate_cidr(requested_ip) or requested_ip.lower() in ('ipv4', 'ipv6')): print_paragraph("Invalid IP address specified. Argument must be a " "valid IP or CIDR.") sys.exit(1) # Validate POOL if requested_ip is not None and '/' in requested_ip: requested_pool = IPNetwork(requested_ip) try: client.get_ip_pool_config(requested_pool.version, requested_pool) except KeyError: print_paragraph("Invalid CIDR specified for desired pool. " "No pool found for {0}.".format(requested_pool)) sys.exit(1) # Validate PROFILE endpoint.validate_arguments(arguments)
def validate_arguments(arguments): """ Validate argument values: <IP> Arguments not validated: <CONTAINER> <INTERFACE> :param arguments: Docopt processed arguments """ # Validate IP requested_ip = arguments.get("<IP>") if not (requested_ip is None or validate_ip(requested_ip, 4) or validate_ip(requested_ip, 6) or validate_cidr(requested_ip) or requested_ip.lower() in ('ipv4', 'ipv6')): sys.exit('Invalid IP address specified. Argument must be an IP, ' 'a cidr, "ipv4" or "ipv6". ' '"{0}" was given'.format(requested_ip)) # Validate POOL if requested_ip is not None and '/' in requested_ip: try: requested_pool = IPNetwork(requested_ip) except TypeError: sys.exit('Invalid cidr specified for desired pool. ' '"{0}" was given."'.format(pool)) try: pool = client.get_ip_pool_config(requested_pool.version, requested_pool) except KeyError: sys.exit('Invalid cidr specified for desired pool. ' 'No pool found for "{0}"'.format(requested_pool)) # Validate PROFILE endpoint.validate_arguments(arguments)
def validate_arguments(arguments): """ Validate argument values: <PROFILE> <SRCTAG> <SRCCIDR> <DSTTAG> <DSTCIDR> <ICMPTYPE> <ICMPCODE> <SRCPORTS> <DSTPORTS> Arguments not validated: <POSITION> :param arguments: Docopt processed arguments """ # Validate Profiles profile_ok = True if arguments.get("<PROFILE>") is not None: profile = arguments.get("<PROFILE>") profile_ok = validate_characters(profile) # Validate tags tag_src_ok = (arguments.get("<SRCTAG>") is None or validate_characters(arguments["<SRCTAG>"])) tag_dst_ok = (arguments.get("<DSTTAG>") is None or validate_characters(arguments["<DSTTAG>"])) # Validate IPs cidr_ok = True cidr_list = [] for arg in ["<SRCCIDR>", "<DSTCIDR>"]: if arguments.get(arg) is not None: cidr_list.append(arguments[arg]) cidr_ok = validate_cidr(arguments[arg]) if not cidr_ok: break icmp_ok = True for arg in ["<ICMPCODE>", "<ICMPTYPE>"]: if arguments.get(arg) is not None: icmp_ok = validate_icmp_type(arguments[arg]) if not icmp_ok: break ports_ok = True for arg in ["<SRCPORTS>", "<DSTPORTS>"]: if arguments.get(arg) is not None: ports_ok = validate_ports(arguments[arg]) if not ports_ok: break cidr_versions_ok = True if cidr_list: ip_version = None if arguments.get("icmp"): ip_version = 4 elif arguments.get("icmpv6"): ip_version = 6 cidr_versions_ok = validate_cidr_versions(cidr_list, ip_version=ip_version) # Print error message if not profile_ok: print_paragraph("Profile names must be < 40 character long and can " "only contain numbers, letters, dots, dashes and " "underscores.") if not (tag_src_ok and tag_dst_ok): print_paragraph("Tags names can only contain numbers, letters, dots, " "dashes and underscores.") if not cidr_ok: print "Invalid CIDR specified." if not icmp_ok: print "Invalid ICMP type or ICMP code specified." if not ports_ok: print "Invalid SRCPORTS or DSTPORTS specified." if not cidr_versions_ok: print "Invalid or unmatching IP versions for SRCCIDR/DSTCIDR." # Exit if not valid if not (profile_ok and tag_src_ok and tag_dst_ok and cidr_ok and icmp_ok and ports_ok and cidr_versions_ok): sys.exit(1)
def validate_arguments(arguments): """ Validate argument values: <PROFILE> <SRCTAG> <SRCCIDR> <DSTTAG> <DSTCIDR> <ICMPTYPE> <ICMPCODE> <SRCPORTS> <DSTPORTS> Arguments not validated: <POSITION> :param arguments: Docopt processed arguments """ # Validate Profiles profile_ok = True if arguments.get("<PROFILE>") is not None: profile = arguments.get("<PROFILE>") profile_ok = validate_characters(profile) # Validate tags tag_src_ok = (arguments.get("<SRCTAG>") is None or validate_characters(arguments["<SRCTAG>"])) tag_dst_ok = (arguments.get("<DSTTAG>") is None or validate_characters(arguments["<DSTTAG>"])) # Validate IPs cidr_ok = True for arg in ["<SRCCIDR>", "<DSTCIDR>"]: if arguments.get(arg) is not None: cidr_ok = validate_cidr(arguments[arg]) if not cidr_ok: break icmp_ok = True for arg in ["<ICMPCODE>", "<ICMPTYPE>"]: if arguments.get(arg) is not None: icmp_ok = validate_icmp_type(arguments[arg]) if not icmp_ok: break ports_ok = True for arg in ["<SRCPORTS>", "<DSTPORTS>"]: if arguments.get(arg) is not None: ports_ok = validate_ports(arguments[arg]) if not ports_ok: break # Print error message if not profile_ok: print_paragraph("Profile names must be < 40 character long and can " "only contain numbers, letters, dots, dashes and " "underscores.") if not (tag_src_ok and tag_dst_ok): print_paragraph("Tags names can only contain numbers, letters, dots, " "dashes and underscores.") if not cidr_ok: print "Invalid CIDR specified." if not icmp_ok: print "Invalid ICMP type or ICMP code specified." if not ports_ok: print "Invalid SRCPORTS or DSTPORTS specified." # Exit if not valid if not (profile_ok and tag_src_ok and tag_dst_ok and cidr_ok and icmp_ok and ports_ok): sys.exit(1)
def validate_arguments(arguments): """ Validate argument values: <PROFILE> <SRCTAG> <SRCCIDR> <DSTTAG> <DSTCIDR> <ICMPTYPE> <ICMPCODE> Arguments not validated: <SRCPORTS> <DSTPORTS> <POSITION> :param arguments: Docopt processed arguments """ # Validate Profiles profile_ok = True if arguments.get("<PROFILE>") is not None: profile = arguments.get("<PROFILE>") profile_ok = validate_characters(profile) # Validate tags tag_src_ok = (arguments.get("<SRCTAG>") is None or validate_characters(arguments["<SRCTAG>"])) tag_dst_ok = (arguments.get("<DSTTAG>") is None or validate_characters(arguments["<DSTTAG>"])) # Validate IPs cidr_ok = True for arg in ["<SRCCIDR>", "<DSTCIDR>"]: if arguments.get(arg) is not None: cidr_ok = validate_cidr(arguments[arg]) icmp_ok = True for arg in ["<ICMPCODE>", "<ICMPTYPE>"]: if arguments.get(arg) is not None: try: value = int(arguments[arg]) if not (0 <= value < 255): # Felix doesn't support 255 raise ValueError("Invalid %s: %s" % (arg, value)) except ValueError: icmp_ok = False # Print error message if not profile_ok: print_paragraph("Profile names must be < 40 character long and can " "only contain numbers, letters, dots, dashes and " "underscores.") if not (tag_src_ok and tag_dst_ok): print_paragraph("Tags names can only contain numbers, letters, dots, " "dashes and underscores.") if not cidr_ok: print "Invalid CIDR specified." if not icmp_ok: print "Invalid ICMP type or code specified." # Exit if not valid if not (profile_ok and tag_src_ok and tag_dst_ok and cidr_ok and icmp_ok): sys.exit(1)
def subnet_create_api(): """ Implementation Notes Creates a subnet on a network. Response Class (Status 201) Subnet { subnetId (string, optional): Subnet uuid. subnetName (string, optional): Subnet name, a user readable name. networkId (string, optional): Network uuid. cidr (string, optional): The CIDR of subnet. allocation_pools (Array[inline_model], optional): The start and end addresses for the allocation pools. gatewayIp (string, required): The gateway IP address. dnsNameservers (Array[string], optional): A list of DNS name servers for the subnet. } inline_model { start (string, optional): Start IP address. , end (string, optional): End IP address. } Parameters Subnet (body, required): Subnet description """ try: req = models.Subnet(request.json) req.validate() except Exception as e: return err_return('Parameter Invalid', 'ParameterInvalid', '', HTTP_BAD_REQUEST) try: if not req.network_id: return err_return('networkid is required', 'ParameterInvalid', '', HTTP_BAD_REQUEST) if not req.subnet_id: req_id = str(uuid.uuid4()) else: req_id = req.subnet_id sb_name = subnet_db_get_one('name', id=req_id) if sb_name: return err_return('id(%s) in use by %s' % (req_id, sb_name), 'ParameterInvalid', '', HTTP_BAD_REQUEST) if req.subnet_name: if len(req.subnet_name) > NAME_MAX_LEN: return err_return('Length of name must be less than 255', 'ParameterInvalid', '', HTTP_BAD_REQUEST) else: req.subnet_name = '' external = network_db_get_one('external', id=req.network_id) if external is None: return err_return("networkid does not exist", "ParameterInvalid", "", HTTP_BAD_REQUEST) if not req.dns_nameservers: req.dns_nameservers = [] if not req.allocation_pools: req.allocation_pools = [] allocation_pools = [] for all_pool in req.allocation_pools: allocation_pools.append(all_pool.to_primitive()) req.allocation_pools = allocation_pools for pool in req.allocation_pools: if ip_to_bin(pool['start']) > ip_to_bin(pool['end']): return err_return("end_ip must be more than start_ip", "IPRangeError", "", HTTP_BAD_REQUEST) if external == 0: if not req.cidr: return err_return('cidr is required', 'ParameterInvalid', '', HTTP_BAD_REQUEST) if not validate_cidr(req.cidr): return err_return('cidr invalid', 'ParameterInvalid', '', HTTP_BAD_REQUEST) if not req.gateway_ip: return err_return('gateway ip is required', 'ParameterInvalid', '', HTTP_BAD_REQUEST) vl2lcid = yynetworkid_to_lcvl2id(req.network_id) log.debug('vl2lcid=%s' % vl2lcid) nets = [{ "prefix": VFW_TOR_LINK_NET_PRE, "netmask": VFW_TOR_LINK_NET_MASK }] cidr = str(req.cidr).split('/') new_prf = cidr[0] new_mask = int(cidr[1]) subnets = get_subnets_by_network(req.network_id) for subnet in subnets: cidr = subnet['cidr'].split('/') old_prf = cidr[0] old_mask = int(cidr[1]) if subnet_equ(new_prf, old_prf, new_mask, old_mask): log.error('cidr is the same') return err_return('subnet already exist', 'ParameterInvalid', '', HTTP_BAD_REQUEST) nets.append({"prefix": old_prf, "netmask": old_mask}) nets.append({"prefix": new_prf, "netmask": new_mask}) log.debug('nets=%s' % nets) nw_name = network_db_get_one('name', id=req.network_id) payload = json.dumps({"name": nw_name, "nets": nets}) r = lcapi.patch(conf.livecloud_url + '/v1/vl2s/%s' % vl2lcid, data=payload) if r.status_code != HTTP_OK: return Response(json.dumps(NEUTRON_400)), HTTP_NOT_FOUND nets = r.json()['DATA']['NETS'] for net in nets: if subnet_equ(net['PREFIX'], new_prf, net['NETMASK'], new_mask): sb_lcuuid = net['LCUUID'] sb_idx = net['NET_INDEX'] break else: log.error('sb_lcuuid no found') sb_lcuuid = 'sb_lcuuid no found' sb_idx = -1 else: subnetid = subnet_db_get_one('id', network_id=req.network_id) if subnetid: return err_return('subnet(%s) already exists' % subnetid, 'Fail', '', HTTP_BAD_REQUEST) # ISP if not req.allocation_pools: return err_return('allocation_pools can not be empty', 'ParameterInvalid', '', HTTP_BAD_REQUEST) id = subnet_db_get_one('id', network_id=req.network_id) if id: return subnet_get(subnetid=id) lcuuid = network_db_get_one('lcuuid', id=req.network_id) isp = lc_vl2_db_get_one('isp', lcuuid=lcuuid) items = lc_ip_res_db_get_all(req='ip, netmask, gateway, userid', isp=isp) if not items: return err_return("No ISP IP found", "BadRequest", "Please add ISP IP to system first", HTTP_BAD_REQUEST) req.gateway_ip = items[0]['gateway'] req.cidr = ip_mask_to_cidr(items[0]['ip'], items[0]['netmask']) isp_all_ips = [] ip_to_userid = {} for it in items: isp_all_ips.append(it['ip']) ip_to_userid[it['ip']] = it['userid'] req_ips = alloc_pools_to_ip_list(req.allocation_pools) for req_ip in req_ips: if req_ip not in isp_all_ips: return err_return("%s does not exist" % req_ip, "IPInvalid", "", HTTP_BAD_REQUEST) if ip_to_userid[req_ip] != 0: return err_return("%s in use" % req_ip, "IPInUse", "", HTTP_BAD_REQUEST) sb_lcuuid = str(uuid.uuid4()) sb_idx = -1 sql = ("INSERT INTO neutron_subnets " "VALUES('%s','%s','%s','%s','%s','%s','%s','%s',%d)" % (req_id, req.subnet_name, req.network_id, req.cidr, json.dumps(req.allocation_pools), req.gateway_ip, json.dumps(req.dns_nameservers), sb_lcuuid, sb_idx)) log.debug('add subnet sql=%s' % sql) with MySQLdb.connect(**DB_INFO) as cursor: cursor.execute(sql) if external: sql = "UPDATE ip_resource_v2_2 SET userid=%s WHERE ip in ('-1'," for req_ip in req_ips: sql += "'%s'," % req_ip sql = sql[:-1] sql += ")" log.debug('sql=%s' % sql) with MySQLdb.connect(**LCDB_INFO) as cursor: cursor.execute(sql, conf.livecloud_userid) resp, code = subnet_get(subnetid=req_id) return resp, HTTP_CREATED except Exception as e: log.error(e) return Response(json.dumps(NEUTRON_500)), HTTP_INTERNAL_SERVER_ERROR
def validate_arguments(arguments): """ Validate argument values: <PROFILE> <SRCTAG> <SRCCIDR> <DSTTAG> <DSTCIDR> <ICMPTYPE> <ICMPCODE> Arguments not validated: <SRCPORTS> <DSTPORTS> <POSITION> :param arguments: Docopt processed arguments """ # Validate Profiles profile_ok = True if arguments.get("<PROFILE>") is not None: profile = arguments.get("<PROFILE>") profile_ok = validate_characters(profile) # Validate tags tag_src_ok = arguments.get("<SRCTAG>") is None or validate_characters(arguments["<SRCTAG>"]) tag_dst_ok = arguments.get("<DSTTAG>") is None or validate_characters(arguments["<DSTTAG>"]) # Validate IPs cidr_ok = True for arg in ["<SRCCIDR>", "<DSTCIDR>"]: if arguments.get(arg) is not None: cidr_ok = validate_cidr(arguments[arg]) icmp_ok = True for arg in ["<ICMPCODE>", "<ICMPTYPE>"]: if arguments.get(arg) is not None: try: value = int(arguments[arg]) if not (0 <= value < 255): # Felix doesn't support 255 raise ValueError("Invalid %s: %s" % (arg, value)) except ValueError: icmp_ok = False # Print error message if not profile_ok: print_paragraph( "Profile names must be < 40 character long and can " "only contain numbers, letters, dots, dashes and " "underscores." ) if not (tag_src_ok and tag_dst_ok): print_paragraph("Tags names can only contain numbers, letters, dots, " "dashes and underscores.") if not cidr_ok: print "Invalid CIDR specified." if not icmp_ok: print "Invalid ICMP type or code specified." # Exit if not valid if not (profile_ok and tag_src_ok and tag_dst_ok and cidr_ok and icmp_ok): sys.exit(1)