def update_firewall_rule(self, context, id, firewall_rule): LOG.debug(_("update_firewall_rule() called")) fwr = firewall_rule['firewall_rule'] if 'source_port' in fwr: src_port_min, src_port_max = self._get_min_max_ports_from_range( fwr['source_port']) fwr['source_port_range_min'] = src_port_min fwr['source_port_range_max'] = src_port_max del fwr['source_port'] if 'destination_port' in fwr: dst_port_min, dst_port_max = self._get_min_max_ports_from_range( fwr['destination_port']) fwr['destination_port_range_min'] = dst_port_min fwr['destination_port_range_max'] = dst_port_max del fwr['destination_port'] with context.session.begin(subtransactions=True): fwr_db = self._get_firewall_rule(context, id) protocol = fwr.get('protocol', fwr_db['protocol']) if not protocol: sport = fwr.get('source_port_range_min', fwr_db['source_port_range_min']) dport = fwr.get('destination_port_range_min', fwr_db['destination_port_range_min']) if sport or dport: raise firewall.FirewallRuleWithPortWithoutProtocolInvalid() fwr_db.update(fwr) if fwr_db.firewall_policy_id: fwp_db = self._get_firewall_policy(context, fwr_db.firewall_policy_id) fwp_db.audited = False return self._make_firewall_rule_dict(fwr_db)
def create_firewall_rule(self, context, firewall_rule): LOG.debug(_("create_firewall_rule() called")) fwr = firewall_rule['firewall_rule'] tenant_id = self._get_tenant_id_for_create(context, fwr) if not fwr['protocol'] and (fwr['source_port'] or fwr['destination_port']): raise firewall.FirewallRuleWithPortWithoutProtocolInvalid() src_port_min, src_port_max = self._get_min_max_ports_from_range( fwr['source_port']) dst_port_min, dst_port_max = self._get_min_max_ports_from_range( fwr['destination_port']) with context.session.begin(subtransactions=True): fwr_db = FirewallRule(id=uuidutils.generate_uuid(), tenant_id=tenant_id, name=fwr['name'], description=fwr['description'], shared=fwr['shared'], protocol=fwr['protocol'], ip_version=fwr['ip_version'], source_ip_address=fwr['source_ip_address'], destination_ip_address= fwr['destination_ip_address'], source_port_range_min=src_port_min, source_port_range_max=src_port_max, destination_port_range_min=dst_port_min, destination_port_range_max=dst_port_max, action=fwr['action'], enabled=fwr['enabled']) context.session.add(fwr_db) return self._make_firewall_rule_dict(fwr_db)