def rest_api(self, method, url, body=None, headers=None, device_ip=None): if method.lower() == 'get': #first get totalnum result = {"status": 500, "body":""} body_store = '' if '?' in url: flag = '&' else: flag = '?' uri = url + flag + 'pageindex=1&pagesize=1' resp = self._rest_api(method, uri, body, headers, device_ip) if resp['status'] >= 400: return resp total_num_list = ngfw_utils.parse_xml_name(json.dumps(resp), TOTALNUM_KEY_BEGIN, TOTALNUM_KEY_END) if not total_num_list: return resp times = int(total_num_list[0]) / NGFW_PAGESIZE left = int(total_num_list[0]) % NGFW_PAGESIZE for i in range(times): uri = url + flag + 'pageindex=%d&pagesize=%d' % (1+i, NGFW_PAGESIZE) temp = self._rest_api(method, uri, body, headers, device_ip) if temp['status'] >= 400: return temp body_store = body_store + temp['body'] if left: uri = url + flag + 'pageindex=%d&pagesize=%d' % (1+times, NGFW_PAGESIZE) temp = self._rest_api(method, uri, body, headers, device_ip) if temp['status'] >= 400: return temp body_store = body_store + temp['body'] result['status'] = 200 result['body'] = body_store else: result = self._rest_api(method, url, body, headers, device_ip) return result
def rest_api(self, method, url, body=None, headers=None, device_ip=None): if method.lower() == 'get': #first get totalnum result = {"status": 500, "body": ""} body_store = '' if '?' in url: flag = '&' else: flag = '?' uri = url + flag + 'pageindex=1&pagesize=1' resp = self._rest_api(method, uri, body, headers, device_ip) if resp['status'] >= 400: return resp total_num_list = ngfw_utils.parse_xml_name(json.dumps(resp), TOTALNUM_KEY_BEGIN, TOTALNUM_KEY_END) if not total_num_list: return resp times = int(total_num_list[0]) / NGFW_PAGESIZE left = int(total_num_list[0]) % NGFW_PAGESIZE for i in range(times): uri = url + flag + 'pageindex=%d&pagesize=%d' % (1 + i, NGFW_PAGESIZE) temp = self._rest_api(method, uri, body, headers, device_ip) if temp['status'] >= 400: return temp body_store = body_store + temp['body'] if left: uri = url + flag + 'pageindex=%d&pagesize=%d' % (1 + times, NGFW_PAGESIZE) temp = self._rest_api(method, uri, body, headers, device_ip) if temp['status'] >= 400: return temp body_store = body_store + temp['body'] result['status'] = 200 result['body'] = body_store else: result = self._rest_api(method, url, body, headers, device_ip) return result
def _compare_floatingip_list(self, ri): collect_fip = {} floating_ips = self.get_ngfw_floating_ips(ri) for floating_ip in floating_ips: collect_fip.update({ngfw_utils.get_floatingip_name(floating_ip['id']): floating_ip['id']}) nat_fip = {} floating_ips_list = self._get_all_floating_ips_list() nat_name_list = ngfw_utils.parse_xml_name(floating_ips_list, NAT_NAME_KEY_BEGIN, NAT_NAME_KEY_END) for nat_name in nat_name_list: prefix = ngfw_utils.get_dnat_rule_name(ri) if nat_name.startswith(prefix): nat_fip.update({nat_name.split('_')[-1]:nat_name}) collect_fip_keys = collect_fip.keys() nat_name_list_keys = nat_fip.keys() need_add = set(collect_fip_keys) - set(nat_name_list_keys) need_del = set(nat_name_list_keys) - set(collect_fip_keys) return (need_add, need_del, collect_fip, nat_fip)
def _get_all_nat_name(self, floating_ips_list): global_ip_list = ngfw_utils.parse_xml_name(floating_ips_list, NAT_NAME_KEY_BEGIN, NAT_NAME_KEY_END) return global_ip_list
def _get_all_global_ip(self, floating_ips_list): global_ip_list = ngfw_utils.parse_xml_name(floating_ips_list, GLOBAL_IP_KEY_BEGIN, GLOBAL_IP_KEY_END) return global_ip_list
def _get_all_inside_ip(self, floating_ips_list): inside_ip_list = ngfw_utils.parse_xml_name(floating_ips_list, INSIDE_IP_KEY_BEGIN, INSIDE_IP_KEY_END) return inside_ip_list
index = bodyinfo.find('</addr-object>') bodyinfo = bodyinfo[index + len('</addr-object>'):] if bodyinfo.startswith('<addr-group>'): addr_group_info = ngfw_utils.get_value_from_xml( 'addr-group', bodyinfo) addr_group = ngfw_utils.analysis_addr_group(addr_group_info) address_set['addr-group'].append(addr_group) index = bodyinfo.find('</addr-group>') bodyinfo = bodyinfo[index + len('</addr-group>'):] return address_set def _get_director_for_acl(self): try: director_for_acl = cfg.CONF.ngfw.director_for_acl ip_list = director_for_acl.split(',') except: LOG.error(_('get director ip for acl failed, invalid format')) return None ip = ip_list[0] if self.plugutil.is_ip(ip): return ip return None if __name__ == '__main__': ngfwDriver = ngfwFwaasDriver() result, test = ngfwDriver._get_security_policy_list() rule_name_list = ngfw_utils.parse_xml_name(test, RULE_NAME_KEY_BEGIN, RULE_NAME_KEY_END) print rule_name_list
index = bodyinfo.find('</addr-object>') bodyinfo = bodyinfo[index+len('</addr-object>'):] if bodyinfo.startswith('<addr-group>'): addr_group_info = ngfw_utils.get_value_from_xml('addr-group', bodyinfo) addr_group = ngfw_utils.analysis_addr_group(addr_group_info) address_set['addr-group'].append(addr_group) index = bodyinfo.find('</addr-group>') bodyinfo = bodyinfo[index+len('</addr-group>'):] return address_set def _get_director_for_acl(self): try: director_for_acl = cfg.CONF.ngfw.director_for_acl ip_list = director_for_acl.split(',') except: LOG.error(_('get director ip for acl failed, invalid format')) return None ip = ip_list[0] if self.plugutil.is_ip(ip): return ip return None if __name__ == '__main__': ngfwDriver = ngfwFwaasDriver() result, test = ngfwDriver._get_security_policy_list() rule_name_list = ngfw_utils.parse_xml_name(test, RULE_NAME_KEY_BEGIN, RULE_NAME_KEY_END) print rule_name_list