示例#1
0
 def sync_conf_to_db(self, param):
     cls = getattr(fortinet_db, const.FORTINET_PARAMS[param]['cls'])
     conf_list = self.get_range(param)
     session = db_api.get_session()
     records = fortinet_db.query_records(session, cls)
     for record in records:
         kwargs = {}
         for key in const.FORTINET_PARAMS[param]['keys']:
             _element = const.FORTINET_PARAMS[param]['type'](record[key])
             if _element not in conf_list and not record.allocated:
                 kwargs.setdefault(key, record[key])
                 fortinet_db.delete_record(session, cls, **kwargs)
     try:
         for i in range(0, len(conf_list),
                        len(const.FORTINET_PARAMS[param]['keys'])):
             kwargs = {}
             for key in const.FORTINET_PARAMS[param]['keys']:
                 kwargs.setdefault(key, str(conf_list[i]))
                 i += 1
             cls.init_records(session, **kwargs)
     except IndexError:
         LOG.error(
             _("The number of the configure range is not even,"
               "the last one of %(param)s can not be used"),
             {'param': param})
         raise IndexError
示例#2
0
def clr_ext_gw(obj, context, port):
    ip_address = port['fixed_ips'][0]['ip_address']
    subnetv2_db = fortinet_db.query_record(
        context, models_v2.Subnet, id=port['fixed_ips'][0]['subnet_id'])
    netmask = netaddr.IPNetwork(subnetv2_db.cidr).netmask
    ip = "%s %s" % (ip_address, netmask)
    delete_interface_ip(obj,
                        context,
                        name=obj._fortigate['ext_interface'],
                        vdom=const.EXT_VDOM,
                        ip=ip)
    delete_fwpolicy(obj, context, vdom=const.EXT_VDOM, poolname=ip_address)
    delete_fwippool(obj, context, vdom=const.EXT_VDOM, name=ip_address)
    router_db = fortinet_db.query_record(context,
                                         l3_db.Router,
                                         id=port['device_id'])
    tenant_id = router_db.get('tenant_id', None)
    if tenant_id:
        delete_vlink(obj, context, tenant_id=tenant_id)
        if not [ getattr(record, 'gw_port_id', None) for record in
                 fortinet_db.query_records(context, l3_db.Router,
                                           tenant_id=tenant_id)
                         if getattr(record, 'gw_port_id', None)] and \
           not fortinet_db.query_count(context, models_v2.Network,
                                       tenant_id=tenant_id):
            delete_vdom(obj, context, tenant_id=tenant_id)
示例#3
0
 def sync_conf_to_db(self, param):
     cls = getattr(fortinet_db, const.FORTINET_PARAMS[param]["cls"])
     conf_list = self.get_range(param)
     session = db_api.get_session()
     records = fortinet_db.query_records(session, cls)
     for record in records:
         kwargs = {}
         for key in const.FORTINET_PARAMS[param]["keys"]:
             _element = const.FORTINET_PARAMS[param]["type"](record[key])
             if _element not in conf_list and not record.allocated:
                 kwargs.setdefault(key, record[key])
                 fortinet_db.delete_record(session, cls, **kwargs)
     try:
         for i in range(0, len(conf_list), len(const.FORTINET_PARAMS[param]["keys"])):
             kwargs = {}
             for key in const.FORTINET_PARAMS[param]["keys"]:
                 kwargs.setdefault(key, str(conf_list[i]))
                 i += 1
             cls.init_records(session, **kwargs)
     except IndexError:
         LOG.error(
             _("The number of the configure range is not even," "the last one of %(param)s can not be used"),
             {"param": param},
         )
         raise IndexError
示例#4
0
文件: utils.py 项目: samsu/neutron
def add_secondaryip(obj, context, **kwargs):
    """
    :param obj:
    :param context:
    :param kwargs:
            'name': vl_ext_xx,
            'vdom': const.EXT_VDOM,
            'ip': 'x.x.x.x x.x.x.x'
    :return:
    """
    records = fortinet_db.query_records(context,
                                fortinet_db.Fortinet_FloatingIP_Allocation,
                                vdom=kwargs['vdom'],
                                allocated=True)
    secondaryips = []
    for record in records:
        secondaryips.append(getip(record.ip_subnet,1))

    if op(obj, context, resources.VlanInterface.set, name=kwargs['name'],
          vdom=const.EXT_VDOM, secondaryips=secondaryips):
        secondaryips.remove(kwargs['ip'])
        rollback = {
            'params': (
                obj._driver,
                {
                    'name': kwargs['name'],
                    'vdom': const.EXT_VDOM,
                    'secondaryips': secondaryips
                }
            ),
            'func': resources.VlanInterface.set
        }
        obj.task_manager.add(getid(context), **rollback)
示例#5
0
 def delete_network_postcommit(self, mech_context):
     """Delete network which translates to remove vlan interface
     and related vdom from the fortigate.
     """
     LOG.debug(_("delete_network_postcommit: called"))
     network = mech_context.current
     context = mech_context._plugin_context
     tenant_id = network["tenant_id"]
     if not fortinet_db.query_count(context, models_v2.Network, tenant_id=tenant_id):
         try:
             namespace = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=tenant_id)
             if not namespace:
                 return
             if not [
                 getattr(record, "gw_port_id", None)
                 for record in fortinet_db.query_records(context, l3_db.Router, tenant_id=namespace.tenant_id)
                 if getattr(record, "gw_port_id", None)
             ]:
                 utils.delete_vlink(self, context, tenant_id=tenant_id)
                 utils.delete_vdom(self, context, vdom=namespace.vdom)
             LOG.info(
                 _("delete network postcommit: tenant= %(tenant_id)s" " vdom= %(vdom)s"),
                 {"tenant_id": tenant_id, "vdom": namespace.vdom},
             )
         except Exception as e:
             resources.Exinfo(e)
             raise ml2_exc.MechanismDriverError(method=sys._getframe().f_code.co_name)
示例#6
0
文件: utils.py 项目: samsu/neutron
def add_interface_ip(obj, context, **kwargs):
    """
    :param context:
    :param kwargs: example format as below
        {
            "ip": "10.160.37.20 255.255.255.0",
            "name": "port37",
            "vdom": "root"
        }
    :return:
    """
    inf_db = fortinet_db.query_record(context,
                            fortinet_db.Fortinet_Interface,
                            name=kwargs.get('name'))
    if const.EXT_DEF_DST in getattr(inf_db, 'ip'):
        inf_db.update_record(context, inf_db, **kwargs)
        op(obj, context, resources.VlanInterface.set, **kwargs)
    else:
        records = fortinet_db.query_records(context,
                                  fortinet_db.Fortinet_Interface_subip,
                                  name=kwargs.get('name'))
        org_subips = [getattr(record, 'ip') for record in records]

        if kwargs.get('ip') in org_subips:
            return
        add_record(obj, context,
                   fortinet_db.Fortinet_Interface_subip, **kwargs)

        org_subips.append(kwargs.get('ip'))
        op(obj, context, resources.VlanInterface.set,
           name=kwargs.get('name'),
           vdom=kwargs.get('vdom'),
           secondaryips=org_subips)
示例#7
0
文件: utils.py 项目: samsu/neutron
def add_addrgrp(obj, context, **kwargs):
    """
    :param context:
    :param kwargs:
     {
        "name": "addrgrp_osvdm1",
        "vdom": "osvdm1",
        "members": ["192.168.33.0"]
     }
    :return:
    """
    cls = fortinet_db.Fortinet_Firewall_Address
    records = fortinet_db.query_records(context, cls, group=kwargs['name'])
    for name in kwargs['members']:
        record = fortinet_db.query_record(context, cls,
                                          name=name, vdom=kwargs['vdom'])
        if not record.group:
            cls.update_record(context, record, group=kwargs['name'])
            # TODO: need to add a rollback action to taskmanager
        else:
            LOG.debug(_("The member %(record)s already joined a group"),
                      {"record": record})
    for record in records:
        kwargs['members'].append(record.name)
    try:
        op(obj, context, resources.FirewallAddrgrp.get,
           name=kwargs['name'], vdom=kwargs['vdom'])
        # TODO: need to add a rollback action to taskmanager
        op(obj, context, resources.FirewallAddrgrp.set, **kwargs)
    except exception.ResourceNotFound:
        op(obj, context, resources.FirewallAddrgrp.add, **kwargs)
示例#8
0
def delete_secondaryip(obj, context, **kwargs):
    """
    :param obj:
    :param context:
    :param kwargs:
            'name': vl_ext_xx,
            'vdom': const.EXT_VDOM,
            'ip': 'x.x.x.x x.x.x.x'
    :return:
    """
    records = fortinet_db.query_records(
        context,
        fortinet_db.Fortinet_FloatingIP_Allocation,
        vdom=kwargs['vdom'],
        allocated=True)
    secondaryips = []
    for record in records:
        secondaryip = getip(record.ip_subnet, 1)
        if secondaryip == kwargs.get('ip'):
            continue
        secondaryips.append(secondaryip)

    op(obj,
       context,
       resources.VlanInterface.set,
       name=kwargs['name'],
       vdom=kwargs['vdom'],
       secondaryips=secondaryips)
示例#9
0
def delete_reservedip(obj, context, **kwargs):
    cls = fortinet_db.Fortinet_ML2_ReservedIP
    reserved_ip = fortinet_db.query_record(context, cls, **kwargs)

    if reserved_ip:
        db_reservedips = fortinet_db.query_records(
            context, cls, subnet_id=reserved_ip.subnet_id)
        db_reservedips.remove(reserved_ip)
        reserved_addresses = []
        for rsrvdip in db_reservedips:
            reserved_addresses.append({
                'id': rsrvdip.edit_id,
                'ip': rsrvdip.ip,
                'mac': rsrvdip.mac
            })
        db_subnet = fortinet_db.query_record(context,
                                             fortinet_db.Fortinet_ML2_Subnet,
                                             subnet_id=reserved_ip.subnet_id)
        if db_subnet:
            op(obj,
               context,
               resources.DhcpServerRsvAddr.set,
               id=db_subnet.edit_id,
               vdom=reserved_ip.vdom,
               reserved_address=json.dumps(reserved_addresses))
        fortinet_db.delete_record(context, cls, **kwargs)
示例#10
0
文件: utils.py 项目: samsu/neutron
def delete_routerstatics(obj, context, **kwargs):
    records = fortinet_db.query_records(context,
                                        fortinet_db.Fortinet_Static_Router,
                                        **kwargs)
    for record in records:
        delete_routerstatic(obj, context,
                            vdom=record.vdom,
                            edit_id=record.edit_id)
示例#11
0
文件: utils.py 项目: samsu/neutron
def delete_fwpolicies(obj, context, **kwargs):
    records = fortinet_db.query_records(context,
                                        fortinet_db.Fortinet_Firewall_Policy,
                                        **kwargs)
    for record in records:
        delete_by_id(obj, context, fortinet_db.Fortinet_Firewall_Policy,
                     resources.FirewallPolicy,
                     vdom=record.vdom, edit_id=record.edit_id)
示例#12
0
def delete_routerstatics(obj, context, **kwargs):
    records = fortinet_db.query_records(context,
                                        fortinet_db.Fortinet_Static_Router,
                                        **kwargs)
    for record in records:
        delete_routerstatic(obj,
                            context,
                            vdom=record.vdom,
                            edit_id=record.edit_id)
示例#13
0
def delete_fwpolicies(obj, context, **kwargs):
    records = fortinet_db.query_records(context,
                                        fortinet_db.Fortinet_Firewall_Policy,
                                        **kwargs)
    for record in records:
        delete_by_id(obj,
                     context,
                     fortinet_db.Fortinet_Firewall_Policy,
                     resources.FirewallPolicy,
                     vdom=record.vdom,
                     edit_id=record.edit_id)
示例#14
0
def delete_interface_ip(obj, context, **kwargs):
    """
    :param context:
    :param kwargs: example format as below
        {
            "ip": "10.160.37.20 255.255.255.0",
            "name": "port37",
            "vdom": "root"
        }
    :return:
    """
    records = fortinet_db.query_records(context,
                                        fortinet_db.Fortinet_Interface_subip,
                                        name=kwargs.get('name'))
    org_subips = [getattr(record, 'ip') for record in records]
    if kwargs.get('ip') in org_subips:
        org_subips.remove(kwargs["ip"])
        op(obj,
           context,
           resources.VlanInterface.set,
           name=kwargs.get('name'),
           vdom=kwargs.get('vdom'),
           secondaryips=org_subips)
        fortinet_db.delete_record(context,
                                  fortinet_db.Fortinet_Interface_subip,
                                  **kwargs)
    else:
        inf_db = fortinet_db.query_record(context,
                                          fortinet_db.Fortinet_Interface,
                                          **kwargs)
        if not inf_db:
            return
        if org_subips:
            kwargs['ip'] = org_subips.pop()
            op(obj,
               context,
               resources.VlanInterface.set,
               name=kwargs.get('name'),
               vdom=kwargs.get('vdom'),
               secondaryips=org_subips)
            fortinet_db.delete_record(context,
                                      fortinet_db.Fortinet_Interface_subip,
                                      **kwargs)
        else:
            kwargs['ip'] = const.EXT_DEF_DST

        op(obj, context, resources.VlanInterface.set, **kwargs)
        inf_db.update_record(context, inf_db, ip=kwargs['ip'])
示例#15
0
文件: utils.py 项目: samsu/neutron
def delete_interface_ip(obj, context, **kwargs):
    """
    :param context:
    :param kwargs: example format as below
        {
            "ip": "10.160.37.20 255.255.255.0",
            "name": "port37",
            "vdom": "root"
        }
    :return:
    """
    records = fortinet_db.query_records(context,
                                        fortinet_db.Fortinet_Interface_subip,
                                        name=kwargs.get('name'))
    org_subips = [getattr(record, 'ip') for record in records]
    if kwargs.get('ip') in org_subips:
        org_subips.remove(kwargs["ip"])
        op(obj, context, resources.VlanInterface.set,
           name=kwargs.get('name'),
           vdom=kwargs.get('vdom'),
           secondaryips=org_subips)
        fortinet_db.delete_record(context,
                                  fortinet_db.Fortinet_Interface_subip,
                                  **kwargs)
    else:
        inf_db = fortinet_db.query_record(context,
                                          fortinet_db.Fortinet_Interface,
                                          **kwargs)
        if not inf_db:
            return
        if org_subips:
            kwargs['ip'] = org_subips.pop()
            op(obj, context, resources.VlanInterface.set,
               name=kwargs.get('name'),
               vdom=kwargs.get('vdom'),
               secondaryips=org_subips)
            fortinet_db.delete_record(context,
                                  fortinet_db.Fortinet_Interface_subip,
                                  **kwargs)
        else:
            kwargs['ip'] = const.EXT_DEF_DST

        op(obj, context, resources.VlanInterface.set, **kwargs)
        inf_db.update_record(context, inf_db, ip=kwargs['ip'])
示例#16
0
文件: utils.py 项目: samsu/neutron
def add_reservedip(obj, context, **kwargs):
    cls = fortinet_db.Fortinet_ML2_ReservedIP
    reserved_ip = add_record(obj, context, cls, **kwargs)
    db_reservedips = fortinet_db.query_records(context, cls,
                                        subnet_id=kwargs.get('subnet_id'))
    db_subnet = fortinet_db.query_record(context,
                                         fortinet_db.Fortinet_ML2_Subnet,
                                         subnet_id=kwargs.get('subnet_id'))
    if db_subnet:
        reserved_addresses = []
        for rsrvdip in db_reservedips:
            reserved_addresses.append({ 'id': rsrvdip.edit_id,
                                        'ip': rsrvdip.ip,
                                        'mac': rsrvdip.mac })

        op(obj, context, resources.DhcpServerRsvAddr.set,
           id=db_subnet.edit_id,
           vdom=kwargs.get('vdom'),
           reserved_address=json.dumps(reserved_addresses))
示例#17
0
def delete_addrgrp(obj, context, **kwargs):
    """
    :param context: for database
    :param kwargs:
        example format
        {
            "name": "addrgrp_osvdm1",
            "vdom": "osvdm1",
            "members": ["192.168.10.0", "192.168.33.0"]
        }
        each member of members is the address name to be deleted in
        the specific firewall address group in FGT.
    """
    cls = fortinet_db.Fortinet_Firewall_Address
    records = fortinet_db.query_records(context, cls, group=kwargs['name'])
    if not records:
        LOG.debug(_("There is not any record in db"))
        return

    members = [
        record.name for record in records
        if record.name not in kwargs['members']
    ]
    if members:
        kwargs['members'] = members
        op(obj, context, resources.FirewallAddrgrp.set, **kwargs)
    else:
        delete_fwpolicy(obj,
                        context,
                        vdom=kwargs.get('vdom'),
                        srcintf='any',
                        srcaddr=kwargs['name'],
                        dstintf='any',
                        nat='disable')
        try:
            del kwargs['members']
            op(obj, context, resources.FirewallAddrgrp.delete, **kwargs)
        except Exception as e:
            resources.Exinfo(e)
    for record in records:
        if record.name not in members:
            record.update_record(context, record, group=None)
示例#18
0
文件: utils.py 项目: samsu/neutron
def delete_reservedip(obj, context, **kwargs):
    cls = fortinet_db.Fortinet_ML2_ReservedIP
    reserved_ip = fortinet_db.query_record(context, cls, **kwargs)

    if reserved_ip:
        db_reservedips = fortinet_db.query_records(context, cls,
                                        subnet_id=reserved_ip.subnet_id)
        db_reservedips.remove(reserved_ip)
        reserved_addresses = []
        for rsrvdip in db_reservedips:
            reserved_addresses.append({ 'id': rsrvdip.edit_id,
                                        'ip': rsrvdip.ip,
                                        'mac': rsrvdip.mac })
        db_subnet = fortinet_db.query_record(context,
                                             fortinet_db.Fortinet_ML2_Subnet,
                                             subnet_id=reserved_ip.subnet_id)
        if db_subnet:
            op(obj, context, resources.DhcpServerRsvAddr.set,
               id=db_subnet.edit_id,
               vdom=reserved_ip.vdom,
               reserved_address=json.dumps(reserved_addresses))
        fortinet_db.delete_record(context, cls, **kwargs)
示例#19
0
文件: utils.py 项目: samsu/neutron
def delete_secondaryip(obj, context, **kwargs):
    """
    :param obj:
    :param context:
    :param kwargs:
            'name': vl_ext_xx,
            'vdom': const.EXT_VDOM,
            'ip': 'x.x.x.x x.x.x.x'
    :return:
    """
    records = fortinet_db.query_records(context,
                                fortinet_db.Fortinet_FloatingIP_Allocation,
                                vdom=kwargs['vdom'],
                                allocated=True)
    secondaryips = []
    for record in records:
        secondaryip = getip(record.ip_subnet, 1)
        if secondaryip == kwargs.get('ip'):
            continue
        secondaryips.append(secondaryip)

    op(obj, context, resources.VlanInterface.set, name=kwargs['name'],
          vdom=kwargs['vdom'], secondaryips=secondaryips)
示例#20
0
def add_reservedip(obj, context, **kwargs):
    cls = fortinet_db.Fortinet_ML2_ReservedIP
    reserved_ip = add_record(obj, context, cls, **kwargs)
    db_reservedips = fortinet_db.query_records(
        context, cls, subnet_id=kwargs.get('subnet_id'))
    db_subnet = fortinet_db.query_record(context,
                                         fortinet_db.Fortinet_ML2_Subnet,
                                         subnet_id=kwargs.get('subnet_id'))
    if db_subnet:
        reserved_addresses = []
        for rsrvdip in db_reservedips:
            reserved_addresses.append({
                'id': rsrvdip.edit_id,
                'ip': rsrvdip.ip,
                'mac': rsrvdip.mac
            })

        op(obj,
           context,
           resources.DhcpServerRsvAddr.set,
           id=db_subnet.edit_id,
           vdom=kwargs.get('vdom'),
           reserved_address=json.dumps(reserved_addresses))
示例#21
0
 def delete_network_postcommit(self, mech_context):
     """Delete network which translates to remove vlan interface
     and related vdom from the fortigate.
     """
     LOG.debug(_("delete_network_postcommit: called"))
     network = mech_context.current
     context = mech_context._plugin_context
     tenant_id = network['tenant_id']
     if not fortinet_db.query_count(
             context, models_v2.Network, tenant_id=tenant_id):
         try:
             namespace = fortinet_db.query_record(
                 context,
                 fortinet_db.Fortinet_ML2_Namespace,
                 tenant_id=tenant_id)
             if not namespace:
                 return
             if not [
                     getattr(record, 'gw_port_id', None)
                     for record in fortinet_db.query_records(
                         context,
                         l3_db.Router,
                         tenant_id=namespace.tenant_id)
                     if getattr(record, 'gw_port_id', None)
             ]:
                 utils.delete_vlink(self, context, tenant_id=tenant_id)
                 utils.delete_vdom(self, context, vdom=namespace.vdom)
             LOG.info(
                 _("delete network postcommit: tenant= %(tenant_id)s"
                   " vdom= %(vdom)s"), {
                       'tenant_id': tenant_id,
                       'vdom': namespace.vdom
                   })
         except Exception as e:
             resources.Exinfo(e)
             raise ml2_exc.MechanismDriverError(
                 method=sys._getframe().f_code.co_name)
示例#22
0
文件: utils.py 项目: samsu/neutron
def clr_ext_gw(obj, context, port):
    ip_address = port['fixed_ips'][0]['ip_address']
    subnetv2_db = fortinet_db.query_record(context, models_v2.Subnet,
                                    id=port['fixed_ips'][0]['subnet_id'])
    netmask = netaddr.IPNetwork(subnetv2_db.cidr).netmask
    ip = "%s %s" % (ip_address, netmask)
    delete_interface_ip(obj, context,
                        name=obj._fortigate['ext_interface'],
                        vdom=const.EXT_VDOM,
                        ip=ip)
    delete_fwpolicy(obj, context, vdom=const.EXT_VDOM, poolname=ip_address)
    delete_fwippool(obj, context, vdom=const.EXT_VDOM, name=ip_address)
    router_db = fortinet_db.query_record(context, l3_db.Router,
                                         id=port['device_id'])
    tenant_id = router_db.get('tenant_id', None)
    if tenant_id:
        delete_vlink(obj, context, tenant_id=tenant_id)
        if not [ getattr(record, 'gw_port_id', None) for record in
                 fortinet_db.query_records(context, l3_db.Router,
                                           tenant_id=tenant_id)
                         if getattr(record, 'gw_port_id', None)] and \
           not fortinet_db.query_count(context, models_v2.Network,
                                       tenant_id=tenant_id):
            delete_vdom(obj, context, tenant_id=tenant_id)
示例#23
0
文件: utils.py 项目: samsu/neutron
def delete_addrgrp(obj, context, **kwargs):
    """
    :param context: for database
    :param kwargs:
        example format
        {
            "name": "addrgrp_osvdm1",
            "vdom": "osvdm1",
            "members": ["192.168.10.0", "192.168.33.0"]
        }
        each member of members is the address name to be deleted in
        the specific firewall address group in FGT.
    """
    cls = fortinet_db.Fortinet_Firewall_Address
    records = fortinet_db.query_records(context, cls, group=kwargs['name'])
    if not records:
        LOG.debug(_("There is not any record in db"))
        return

    members = [record.name for record in records
                           if record.name not in kwargs['members']]
    if members:
        kwargs['members'] = members
        op(obj, context, resources.FirewallAddrgrp.set, **kwargs)
    else:
        delete_fwpolicy(obj, context, vdom=kwargs.get('vdom'),
                        srcintf='any', srcaddr=kwargs['name'],
                        dstintf='any', nat='disable')
        try:
            del kwargs['members']
            op(obj, context, resources.FirewallAddrgrp.delete, **kwargs)
        except Exception as e:
            resources.Exinfo(e)
    for record in records:
        if record.name not in members:
            record.update_record(context, record, group=None)
示例#24
0
def add_addrgrp(obj, context, **kwargs):
    """
    :param context:
    :param kwargs:
     {
        "name": "addrgrp_osvdm1",
        "vdom": "osvdm1",
        "members": ["192.168.33.0"]
     }
    :return:
    """
    cls = fortinet_db.Fortinet_Firewall_Address
    records = fortinet_db.query_records(context, cls, group=kwargs['name'])
    for name in kwargs['members']:
        record = fortinet_db.query_record(context,
                                          cls,
                                          name=name,
                                          vdom=kwargs['vdom'])
        if not record.group:
            cls.update_record(context, record, group=kwargs['name'])
            # TODO: need to add a rollback action to taskmanager
        else:
            LOG.debug(_("The member %(record)s already joined a group"),
                      {"record": record})
    for record in records:
        kwargs['members'].append(record.name)
    try:
        op(obj,
           context,
           resources.FirewallAddrgrp.get,
           name=kwargs['name'],
           vdom=kwargs['vdom'])
        # TODO: need to add a rollback action to taskmanager
        op(obj, context, resources.FirewallAddrgrp.set, **kwargs)
    except exception.ResourceNotFound:
        op(obj, context, resources.FirewallAddrgrp.add, **kwargs)
示例#25
0
def add_secondaryip(obj, context, **kwargs):
    """
    :param obj:
    :param context:
    :param kwargs:
            'name': vl_ext_xx,
            'vdom': const.EXT_VDOM,
            'ip': 'x.x.x.x x.x.x.x'
    :return:
    """
    records = fortinet_db.query_records(
        context,
        fortinet_db.Fortinet_FloatingIP_Allocation,
        vdom=kwargs['vdom'],
        allocated=True)
    secondaryips = []
    for record in records:
        secondaryips.append(getip(record.ip_subnet, 1))

    if op(obj,
          context,
          resources.VlanInterface.set,
          name=kwargs['name'],
          vdom=const.EXT_VDOM,
          secondaryips=secondaryips):
        secondaryips.remove(kwargs['ip'])
        rollback = {
            'params': (obj._driver, {
                'name': kwargs['name'],
                'vdom': const.EXT_VDOM,
                'secondaryips': secondaryips
            }),
            'func':
            resources.VlanInterface.set
        }
        obj.task_manager.add(getid(context), **rollback)
示例#26
0
def add_interface_ip(obj, context, **kwargs):
    """
    :param context:
    :param kwargs: example format as below
        {
            "ip": "10.160.37.20 255.255.255.0",
            "name": "port37",
            "vdom": "root"
        }
    :return:
    """
    inf_db = fortinet_db.query_record(context,
                                      fortinet_db.Fortinet_Interface,
                                      name=kwargs.get('name'))
    if const.EXT_DEF_DST in getattr(inf_db, 'ip'):
        inf_db.update_record(context, inf_db, **kwargs)
        op(obj, context, resources.VlanInterface.set, **kwargs)
    else:
        records = fortinet_db.query_records(
            context,
            fortinet_db.Fortinet_Interface_subip,
            name=kwargs.get('name'))
        org_subips = [getattr(record, 'ip') for record in records]

        if kwargs.get('ip') in org_subips:
            return
        add_record(obj, context, fortinet_db.Fortinet_Interface_subip,
                   **kwargs)

        org_subips.append(kwargs.get('ip'))
        op(obj,
           context,
           resources.VlanInterface.set,
           name=kwargs.get('name'),
           vdom=kwargs.get('vdom'),
           secondaryips=org_subips)