def _validate_vpn_cidr(self, context, router_id, vpn_cidr):
"""Validate the CIDR for a vpn.
Verifies the specified CIDR does not overlap with the ones defined
for the other subnets specified for the router and othr pptp vpn.
"""
cidrs = set()
core_plugin = manager.NeutronManager.get_plugin()
try:
rport_qry = context.session.query(models_v2.Port)
rports = rport_qry.filter_by(device_id=router_id)
for p in rports:
for ip in p['fixed_ips']:
sub_id = ip['subnet_id']
cidr = core_plugin._get_subnet(context.elevated(),
sub_id)['cidr']
cidrs.add(cidr)
break
except exc.NoResultFound:
pass
pptps = self.get_pptpconnections(context, {'router_id': [router_id]})
for pptp in pptps:
cidrs.add(pptp['vpn_cidr'])
openvpns = self.get_openvpnconnections(context,
{'router_id': [router_id]})
for openvpn in openvpns:
cidrs.add(openvpn['peer_cidr'])
vpn_cidr_ipset = netaddr.IPSet([vpn_cidr])
for cidr in cidrs:
if (netaddr.IPSet([cidr]) & vpn_cidr_ipset):
# don't give out details of the overlapping subnet
err_msg = (_("Requested vpn with cidr: %(cidr)s overlaps with"
" another subnet or vpn") % {
'cidr': vpn_cidr
})
LOG.info(
_("Validation for CIDR: %(new_cidr)s failed - "
"overlaps with CIDR %(cidr)s "
"(CIDR: %(cidr)s)"), {
'new_cidr': vpn_cidr,
'cidr': cidr
})
raise n_exc.InvalidInput(error_message=err_msg)
def _validate_vpn_cidr(self, context, router_id, vpn_cidr):
"""Validate the CIDR for a vpn.
Verifies the specified CIDR does not overlap with the ones defined
for the other subnets specified for the router and othr pptp vpn.
"""
cidrs = set()
core_plugin = manager.NeutronManager.get_plugin()
try:
rport_qry = context.session.query(models_v2.Port)
rports = rport_qry.filter_by(device_id=router_id)
for p in rports:
for ip in p['fixed_ips']:
sub_id = ip['subnet_id']
cidr = core_plugin._get_subnet(context.elevated(),
sub_id)['cidr']
cidrs.add(cidr)
break
except exc.NoResultFound:
pass
pptps = self.get_pptpconnections(context, {'router_id': [router_id]})
for pptp in pptps:
cidrs.add(pptp['vpn_cidr'])
openvpns = self.get_openvpnconnections(context, {'router_id': [router_id]})
for openvpn in openvpns:
cidrs.add(openvpn['peer_cidr'])
vpn_cidr_ipset = netaddr.IPSet([vpn_cidr])
for cidr in cidrs:
if (netaddr.IPSet([cidr]) & vpn_cidr_ipset):
# don't give out details of the overlapping subnet
err_msg = (_("Requested vpn with cidr: %(cidr)s overlaps with"
" another subnet or vpn") %
{'cidr': vpn_cidr})
LOG.info(_("Validation for CIDR: %(new_cidr)s failed - "
"overlaps with CIDR %(cidr)s "
"(CIDR: %(cidr)s)"),
{'new_cidr': vpn_cidr,
'cidr': cidr})
raise n_exc.InvalidInput(error_message=err_msg)
def get_router_cidrs(self, context, router_id):
"""get all cidr of this router to push cidrs to the openvpn's client
"""
cidrs = set()
core_plugin = manager.NeutronManager.get_plugin()
try:
rport_qry = context.session.query(models_v2.Port)
rports = rport_qry.filter_by(device_id=router_id)
for p in rports:
if p['device_owner'] == l3_constants.DEVICE_OWNER_ROUTER_GW:
continue
for ip in p['fixed_ips']:
sub_id = ip['subnet_id']
cidr = core_plugin._get_subnet(context.elevated(),
sub_id)['cidr']
cidrs.add(cidr)
break
except exc.NoResultFound:
pass
return cidrs
def get_router_cidrs(self, context, router_id):
"""get all cidr of this router to push cidrs to the openvpn's client
"""
cidrs = set()
core_plugin = manager.NeutronManager.get_plugin()
try:
rport_qry = context.session.query(models_v2.Port)
rports = rport_qry.filter_by(device_id=router_id)
for p in rports:
if p['device_owner'] == l3_constants.DEVICE_OWNER_ROUTER_GW:
continue
for ip in p['fixed_ips']:
sub_id = ip['subnet_id']
cidr = core_plugin._get_subnet(context.elevated(),
sub_id)['cidr']
cidrs.add(cidr)
break
except exc.NoResultFound:
pass
return cidrs
