def print_error(self, message, cmd_proc=None): msg = message if cmd_proc is not None and \ cmd_proc.vca is not None and \ cmd_proc.vca.response is not None and \ cmd_proc.vca.response.content is not None: if '<Error xmlns=' in cmd_proc.vca.response.content: error = parseString(cmd_proc.vca.response.content, True) msg = message + ': ' + error.get_message() elif 'message' in cmd_proc.vca.response.content: json_message = json.loads(cmd_proc.vca.response.content) msg = message + ': ' + json_message.get('message') if cmd_proc is not None and \ cmd_proc.vca is not None and \ cmd_proc.vca.vcloud_session is not None and \ cmd_proc.vca.vcloud_session.response is not None and \ cmd_proc.vca.vcloud_session.response.content is not None: if '<Error xmlns=' in cmd_proc.vca.vcloud_session.response.content: error = parseString(cmd_proc.vca.vcloud_session.response. content, True) msg = message + ': ' + error.get_message() elif 'message' in cmd_proc.vca.vcloud_session.response.content: json_message = json.loads(cmd_proc.vca.vcloud_session.response. content) msg = message + ': ' + json_message.get('message') if cmd_proc is not None and \ cmd_proc.error_message is not None: msg = message + ': ' + cmd_proc.error_message self._print(msg, cmd_proc, fg='red')
def display_progress(self, task, cmd_proc=None, headers=None): progress = task.get_Progress() status = task.get_status() rnd = 0 response = None while status != "success": if status == "error": error = task.get_Error() sys.stdout.write('\r' + ' ' * 120 + '\r') sys.stdout.flush() self.print_error(CommonUtils.convertPythonObjToStr( error, name="Error"), cmd_proc=cmd_proc) return None else: # some task doesn't not report progress if progress: sys.stdout.write("\rprogress : [" + "*" * int(progress) + " " * (100 - int(progress - 1)) + "] " + str(progress) + " %") else: sys.stdout.write("\rprogress : ") if rnd % 4 == 0: sys.stdout.write( "[" + "*" * 25 + " " * 75 + "]") elif rnd % 4 == 1: sys.stdout.write( "[" + " " * 25 + "*" * 25 + " " * 50 + "]") elif rnd % 4 == 2: sys.stdout.write( "[" + " " * 50 + "*" * 25 + " " * 25 + "]") elif rnd % 4 == 3: sys.stdout.write( "[" + " " * 75 + "*" * 25 + "]") rnd += 1 sys.stdout.flush() time.sleep(1) response = Http.get(task.get_href(), headers=headers, verify=cmd_proc.verify, logger=cmd_proc.logger) if response.status_code == requests.codes.ok: task = parseString(response.content, True) progress = task.get_Progress() status = task.get_status() else: Log.error(cmd_proc.logger, "can't get task") return sys.stdout.write("\r" + " " * 120) sys.stdout.flush() if response is not None: if cmd_proc is not None and cmd_proc.json_output: sys.stdout.write("\r" + self.task_to_json(response.content) + '\n') else: sys.stdout.write("\r" + self.task_to_table(response.content) + '\n') sys.stdout.flush()
def print_error(self, message, cmd_proc=None, module=None): msg = message if cmd_proc is not None and \ cmd_proc.vca is not None and \ cmd_proc.vca.response is not None and \ cmd_proc.vca.response.content is not None: if '<Error xmlns=' in cmd_proc.vca.response.content: error = parseString(cmd_proc.vca.response.content, True) msg = message + ': ' + error.get_message() elif 'message' in cmd_proc.vca.response.content and \ '<Error' not in cmd_proc.vca.response.content: json_message = json.loads(cmd_proc.vca.response.content) msg = message + ': ' + json_message.get('message') if cmd_proc is not None and \ cmd_proc.vca is not None and \ cmd_proc.vca.vcloud_session is not None and \ cmd_proc.vca.vcloud_session.response is not None and \ cmd_proc.vca.vcloud_session.response.content is not None: if '<Error xmlns=' in cmd_proc.vca.vcloud_session.response.content: error = parseString(cmd_proc.vca.vcloud_session.response. content, True) msg = message + ': ' + error.get_message() elif 'message' in cmd_proc.vca.vcloud_session.response.content \ and '<Error' not in \ cmd_proc.vca.vcloud_session.response.content: json_message = json.loads(cmd_proc.vca.vcloud_session.response. content) msg = message + ': ' + json_message.get('message') if cmd_proc is not None and \ cmd_proc.error_message is not None: msg = message + ': ' + cmd_proc.error_message if module is not None and \ module.response is not None and \ 'message' in module.response.json(): msg = message + ': ' + module.response.json().get('message') if (msg == 'Not logged in'): msg += ', try the --insecure flag when using self-signed ' \ 'certificates.' self._print(msg, cmd_proc, fg='red')
def firewall(cmd_proc, operation, vdc, gateway): """Operations with Edge Gateway Firewall Service""" result = cmd_proc.re_login() if not result: utils.print_error('Not logged in', cmd_proc) sys.exit(1) if vdc is None: vdc = cmd_proc.vdc_name the_vdc = cmd_proc.vca.get_vdc(vdc) if the_vdc is None: utils.print_error("VDC not found '%s'" % vdc, cmd_proc) sys.exit(1) if gateway is None: gateway = cmd_proc.gateway the_gateway = cmd_proc.vca.get_gateway(vdc, gateway) if the_gateway is None: utils.print_error("gateway not found '%s'" % gateway, cmd_proc) sys.exit(1) if 'list' == operation: headers = [ 'Source IP', 'Source Port', 'Destination IP', 'Destination Port', 'Protocol', 'Enabled' ] table = cmd_proc.firewall_rules_to_table(the_gateway) if cmd_proc.json_output: json_object = {'fw-rules': utils.table_to_json(headers, table)} utils.print_json(json_object, cmd_proc=cmd_proc) else: utils.print_table( "Firewall rules in gateway '%s', " "VDC '%s', profile '%s':" % (gateway, vdc, cmd_proc.profile), headers, table, cmd_proc) elif 'enable' == operation or 'disable' == operation: utils.print_message("%s firewall" % operation) the_gateway.enable_fw('enable' == operation) task = the_gateway.save_services_configuration() if task: utils.display_progress( task, cmd_proc, cmd_proc.vca.vcloud_session.get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error( "can't '%s' the firewall: " % operation + error.get_message(), cmd_proc) sys.exit(1) cmd_proc.save_current_config()
def firewall(cmd_proc, operation, vdc, gateway): """Operations with Edge Gateway Firewall Service""" result = cmd_proc.re_login() if not result: utils.print_error('Not logged in', cmd_proc) sys.exit(1) if vdc is None: vdc = cmd_proc.vdc_name the_vdc = cmd_proc.vca.get_vdc(vdc) if the_vdc is None: utils.print_error("VDC not found '%s'" % vdc, cmd_proc) sys.exit(1) if gateway is None: gateway = cmd_proc.gateway the_gateway = cmd_proc.vca.get_gateway(vdc, gateway) if the_gateway is None: utils.print_error("gateway not found '%s'" % gateway, cmd_proc) sys.exit(1) if 'list' == operation: headers = ['Source IP', 'Source Port', 'Destination IP', 'Destination Port', 'Protocol', 'Enabled'] table = cmd_proc.firewall_rules_to_table(the_gateway) if cmd_proc.json_output: json_object = {'fw-rules': utils.table_to_json(headers, table)} utils.print_json(json_object, cmd_proc=cmd_proc) else: utils.print_table("Firewall rules in gateway '%s', " "VDC '%s', profile '%s':" % (gateway, vdc, cmd_proc.profile), headers, table, cmd_proc) elif 'enable' == operation or 'disable' == operation: utils.print_message("%s firewall" % operation) the_gateway.enable_fw('enable' == operation) task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't '%s' the firewall: " % operation + error.get_message(), cmd_proc) sys.exit(1) cmd_proc.save_current_config()
def vpn(cmd_proc, operation, vdc, gateway, network_name, public_ip, local_ip, local_network, peer_ip, peer_network, tunnel, secret): """Operations with Edge Gateway VPN""" result = cmd_proc.re_login() if not result: utils.print_error('Not logged in', cmd_proc) sys.exit(1) if vdc is None: vdc = cmd_proc.vdc_name the_vdc = cmd_proc.vca.get_vdc(vdc) if the_vdc is None: utils.print_error("VDC not found '%s'" % vdc, cmd_proc) sys.exit(1) if gateway is None: gateway = cmd_proc.gateway the_gateway = cmd_proc.vca.get_gateway(vdc, gateway) if the_gateway is None: utils.print_error("gateway not found '%s'" % gateway, cmd_proc) sys.exit(1) if 'list' == operation: headers1 = ['EndPoint', 'Public IP'] table1 = cmd_proc.vpn_endpoints_to_table(the_gateway) headers2 = ['Tunnel', 'Local IP', 'Local Networks', 'Peer IP', 'Peer Networks', 'Enabled', 'Operational'] table2 = cmd_proc.vpn_tunnels_to_table(the_gateway) if cmd_proc.json_output: json_object = {'endpoints': table1, 'tunnels': table2} utils.print_json(json_object, 'VPN config', cmd_proc) else: utils.print_table("VPN endpoints in gateway '%s', " "VDC '%s', profile '%s':" % (gateway, vdc, cmd_proc.profile), headers1, table1, cmd_proc) utils.print_table("VPN tunnels in gateway '%s', " "VDC '%s', profile '%s':" % (gateway, vdc, cmd_proc.profile), headers2, table2, cmd_proc) else: if 'enable' == operation or 'disable' == operation: utils.print_message("%s VPN service" % operation) the_gateway.enable_vpn('enable' == operation) elif 'add-endpoint' == operation: utils.print_message("add VPN endpoint") the_gateway.add_vpn_endpoint(network_name, public_ip) elif 'del-endpoint' == operation: utils.print_message("delete VPN endpoint") the_gateway.del_vpn_endpoint(network_name, public_ip) elif 'add-tunnel' == operation: utils.print_message("add VPN tunnel") the_gateway.add_vpn_tunnel(tunnel, local_ip, local_network, peer_ip, peer_network, secret) elif 'del-tunnel' == operation: utils.print_message("delete VPN tunnel") the_gateway.delete_vpn_tunnel(tunnel) elif 'add-network' == operation: utils.print_message("add network to VPN tunnel") the_gateway.add_network_to_vpn_tunnel(tunnel, local_network, peer_network) elif 'del-network' == operation: utils.print_message("delete network from VPN tunnel") the_gateway.delete_network_from_vpn_tunnel(tunnel, local_network, peer_network) task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't update VPN configuration: " + error.get_message(), cmd_proc) sys.exit(1) cmd_proc.save_current_config()
def nat(cmd_proc, operation, vdc, gateway, rule_type, original_ip, original_port, translated_ip, translated_port, protocol, network_name, nat_rules_file, all_rules): """Operations with Edge Gateway NAT Rules""" result = cmd_proc.re_login() if not result: utils.print_error('Not logged in', cmd_proc) sys.exit(1) if vdc is None: vdc = cmd_proc.vdc_name the_vdc = cmd_proc.vca.get_vdc(vdc) if the_vdc is None: utils.print_error("VDC not found '%s'" % vdc, cmd_proc) sys.exit(1) if gateway is None: gateway = cmd_proc.gateway the_gateway = cmd_proc.vca.get_gateway(vdc, gateway) if the_gateway is None: utils.print_error("gateway not found '%s'" % gateway, cmd_proc) sys.exit(1) if 'list' == operation: headers = ["Rule Id", "Enabled", "Type", "Original IP", "Original Port", "Translated IP", "Translated Port", "Protocol", "Applied On"] table = cmd_proc.nat_rules_to_table(the_gateway) if cmd_proc.json_output: json_object = {'nat-rules': utils.table_to_json(headers, table)} utils.print_json(json_object, cmd_proc=cmd_proc) else: utils.print_table("NAT rules in gateway '%s', " "VDC '%s', profile '%s':" % (gateway, vdc, cmd_proc.profile), headers, table, cmd_proc) elif 'add' == operation: utils.print_message("add NAT rule") if nat_rules_file: rules = yaml.load(nat_rules_file) if rules and rules[0]: nat_rules = rules[0].get('NAT_rules') for rule in nat_rules: the_gateway.add_nat_rule(rule.get('type').upper(), rule.get('original_ip'), rule.get('original_port'), rule.get('translated_ip'), rule.get('translated_port'), rule.get('protocol'), rule.get('network_name')) else: the_gateway.add_nat_rule(rule_type.upper(), original_ip, original_port, translated_ip, translated_port, protocol, network_name) task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't add NAT rule: " + error.get_message(), cmd_proc) sys.exit(1) elif 'delete' == operation: utils.print_message("delete NAT rule") found_rule = False if all_rules: the_gateway.del_all_nat_rules() found_rule = True else: found_rule = the_gateway.del_nat_rule(rule_type.upper(), original_ip, original_port, translated_ip, translated_port, protocol, network_name) if found_rule: task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't delete NAT rule: " + error.get_message(), cmd_proc) sys.exit(1) else: utils.print_error("rule doesn't exist in edge gateway", cmd_proc) sys.exit(1) cmd_proc.save_current_config()
def dhcp(cmd_proc, operation, vdc, gateway, network_name, pool): """Operations with Edge Gateway DHCP Service""" result = cmd_proc.re_login() if not result: utils.print_error('Not logged in', cmd_proc) sys.exit(1) if vdc is None: vdc = cmd_proc.vdc_name the_vdc = cmd_proc.vca.get_vdc(vdc) if the_vdc is None: utils.print_error("VDC not found '%s'" % vdc, cmd_proc) sys.exit(1) if gateway is None: gateway = cmd_proc.gateway the_gateway = cmd_proc.vca.get_gateway(vdc, gateway) if the_gateway is None: utils.print_error("gateway not found '%s'" % gateway, cmd_proc) sys.exit(1) if 'list' == operation: headers = ['Network', 'IP Range From', 'To', 'Enabled', 'Default lease', 'Max Lease'] table = cmd_proc.dhcp_to_table(the_gateway) if cmd_proc.json_output: json_object = {'dhcp-pools': utils.table_to_json(headers, table)} utils.print_json(json_object, cmd_proc=cmd_proc) else: utils.print_table("DHCP pools in gateway '%s', " "VDC '%s', profile '%s':" % (gateway, vdc, cmd_proc.profile), headers, table, cmd_proc) elif 'add' == operation: utils.print_message("adding DHCP pool to network '%s'" % network_name, cmd_proc) the_gateway.add_dhcp_pool(network_name, pool.split('-')[0], pool.split('-')[1], default_lease=None, max_lease=None) task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't add DHCP pool: " + error.get_message(), cmd_proc) sys.exit(1) elif 'delete' == operation: utils.print_message("deleting all DHCP pools in network '%s'" % network_name) the_gateway.delete_dhcp_pool(network_name) task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: utils.print_error("can't delete DHCP pool", cmd_proc) sys.exit(1) elif 'enable' == operation or 'disable' == operation: utils.print_message("%s DHCP service" % operation) the_gateway.enable_dhcp('enable' == operation) task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't '%s' the DHCP service: " % operation + error.get_message(), cmd_proc) cmd_proc.save_current_config()
def gateway(cmd_proc, operation, vdc, gateway, ip): """Operations with Edge Gateway""" result = cmd_proc.re_login() if not result: utils.print_error('Not logged in', cmd_proc) sys.exit(1) if vdc is None: vdc = cmd_proc.vdc_name the_vdc = cmd_proc.vca.get_vdc(vdc) if the_vdc is None: utils.print_error("VDC not found '%s'" % vdc, cmd_proc) sys.exit(1) if gateway is None: gateway = cmd_proc.gateway the_gateway = cmd_proc.vca.get_gateway(vdc, gateway) if the_gateway is None: utils.print_error("gateway not found '%s'" % gateway, cmd_proc) sys.exit(1) if 'list' == operation: headers = ['Name', 'External IPs', 'DHCP', 'Firewall', 'NAT', 'VPN', 'Routed Networks', 'Syslog', 'Uplinks', 'Selected'] gateways = cmd_proc.vca.get_gateways(vdc) table = cmd_proc.gateways_to_table(gateways) if cmd_proc.json_output: json_object = {'gateways': utils.table_to_json(headers, table)} utils.print_json(json_object, cmd_proc=cmd_proc) else: utils.print_table("Available gateways in '%s', profile '%s':" % (vdc, cmd_proc.profile), headers, table, cmd_proc) elif ('use' == operation or 'info' == operation or 'set-syslog' == operation or 'add-ip' == operation or 'del-ip' == operation): if 'set-syslog' == operation: task = the_gateway.set_syslog_conf(ip) if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't set syslog server: " + error.get_message(), cmd_proc) sys.exit(1) elif 'add-ip' == operation: utils.print_message("allocating public IP for gateway '%s' " "in VDC '%s'" % (gateway, vdc), cmd_proc) task = the_gateway.allocate_public_ip() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't allocate public IP: " + error.get_message(), cmd_proc) sys.exit(1) elif 'del-ip' == operation: utils.print_message("deallocating public IP '%s' from gateway " "'%s' in VDC '%s'" % (ip, gateway, vdc), cmd_proc) task = the_gateway.deallocate_public_ip(ip) if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't deallocate public IP: " + error.get_message(), cmd_proc) sys.exit(1) elif 'use' == operation: cmd_proc.gateway = gateway utils.print_message("Selected gateway '%s'" % gateway, cmd_proc) elif 'info' == operation: headers = ['Property', 'Value'] table = cmd_proc.gateway_to_table(the_gateway) if cmd_proc.json_output: json_object = {'gateway': utils.table_to_json(headers, table)} utils.print_json(json_object, cmd_proc=cmd_proc) else: utils.print_table("Details of gateway '%s' in VDC '%s', " "profile '%s':" % (gateway, vdc, cmd_proc.profile), headers, table, cmd_proc) else: utils.print_error('not implemented', cmd_proc) sys.exit(1) cmd_proc.save_current_config()
def firewall(cmd_proc, operation, vdc, gateway, is_enable, description, policy, protocol, dest_port, dest_ip, source_port, source_ip, enable_logging, fw_rules_file): """Operations with Edge Gateway Firewall Service""" def proto(name): return name[0].upper() + name[1:].lower() result = cmd_proc.re_login() if not result: utils.print_error('Not logged in', cmd_proc) sys.exit(1) if vdc is None: vdc = cmd_proc.vdc_name the_vdc = cmd_proc.vca.get_vdc(vdc) if the_vdc is None: utils.print_error("VDC not found '%s'" % vdc, cmd_proc) sys.exit(1) if gateway is None: gateway = cmd_proc.gateway the_gateway = cmd_proc.vca.get_gateway(vdc, gateway) if the_gateway is None: utils.print_error("gateway not found '%s'" % gateway, cmd_proc) sys.exit(1) if 'list' == operation: headers = ['Description', 'Source IP', 'Source Port', 'Destination IP', 'Destination Port', 'Protocol', 'Enabled'] table = cmd_proc.firewall_rules_to_table(the_gateway) if cmd_proc.json_output: json_object = {'fw-rules': utils.table_to_json(headers, table)} utils.print_json(json_object, cmd_proc=cmd_proc) else: utils.print_table("Firewall rules in gateway '%s', " "VDC '%s', profile '%s' (firewall is %s):" % (gateway, vdc, cmd_proc.profile, 'On' if the_gateway.is_fw_enabled() else 'Off'), headers, table, cmd_proc) elif 'enable' == operation or 'disable' == operation: utils.print_message("%s firewall" % operation) the_gateway.enable_fw('enable' == operation) task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't '%s' the firewall: " % operation + error.get_message(), cmd_proc) sys.exit(1) elif 'add' == operation: utils.print_message("add firewall rule") if fw_rules_file: rules = yaml.load(fw_rules_file) if rules and rules[0]: fw_rules = rules[0].get('Firewall_rules') for rule in fw_rules: # Take defaults for is_enable, policy, protocol and # enable_logging from cmdline switches (or their defaults) the_gateway.add_fw_rule(rule.get('is_enable', is_enable), rule.get('description', None), rule.get('policy', policy), proto( rule.get('protocol', protocol) ), rule.get('dest_port'), rule.get('dest_ip'), rule.get('source_port'), rule.get('source_ip'), rule.get('enable_logging', enable_logging)) else: the_gateway.add_fw_rule(is_enable, description, policy, proto(protocol), dest_port, dest_ip, source_port, source_ip, enable_logging) task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't add firewall rule: " + error.get_message(), cmd_proc) sys.exit(1) elif 'delete' == operation: utils.print_message("delete firewall rule") if fw_rules_file: rules = yaml.load(fw_rules_file) if rules and rules[0]: fw_rules = rules[0].get('Firewall_rules') for rule in fw_rules: # Take default for protocol cmdline switch (or its default) the_gateway.delete_fw_rule(proto( rule.get('protocol', protocol) ), str(rule.get('dest_port')), rule.get('dest_ip'), str(rule.get('source_port')), rule.get('source_ip')) else: the_gateway.delete_fw_rule(proto(protocol), dest_port, dest_ip, source_port, source_ip) task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't delete firewall rule: " + error.get_message(), cmd_proc) sys.exit(1) cmd_proc.save_current_config()
def firewall(cmd_proc, operation, vdc, gateway, is_enable, description, policy, protocol, dest_port, dest_ip, source_port, source_ip, enable_logging, fw_rules_file): """Operations with Edge Gateway Firewall Service""" def proto(name): return name[0].upper() + name[1:].lower() result = cmd_proc.re_login() if not result: utils.print_error('Not logged in', cmd_proc) sys.exit(1) if vdc is None: vdc = cmd_proc.vdc_name the_vdc = cmd_proc.vca.get_vdc(vdc) if the_vdc is None: utils.print_error("VDC not found '%s'" % vdc, cmd_proc) sys.exit(1) if gateway is None: gateway = cmd_proc.gateway the_gateway = cmd_proc.vca.get_gateway(vdc, gateway) if the_gateway is None: utils.print_error("gateway not found '%s'" % gateway, cmd_proc) sys.exit(1) if 'list' == operation: headers = ['Source IP', 'Source Port', 'Destination IP', 'Destination Port', 'Protocol', 'Enabled'] table = cmd_proc.firewall_rules_to_table(the_gateway) if cmd_proc.json_output: json_object = {'fw-rules': utils.table_to_json(headers, table)} utils.print_json(json_object, cmd_proc=cmd_proc) else: utils.print_table("Firewall rules in gateway '%s', " "VDC '%s', profile '%s':" % (gateway, vdc, cmd_proc.profile), headers, table, cmd_proc) elif 'enable' == operation or 'disable' == operation: utils.print_message("%s firewall" % operation) the_gateway.enable_fw('enable' == operation) task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't '%s' the firewall: " % operation + error.get_message(), cmd_proc) sys.exit(1) elif 'add' == operation: utils.print_message("add firewall rule") if fw_rules_file: rules = yaml.load(fw_rules_file) if rules and rules[0]: fw_rules = rules[0].get('Firewall_rules') for rule in fw_rules: # Take defaults for is_enable, policy, protocol and # enable_logging from cmdline switches (or their defaults) the_gateway.add_fw_rule(rule.get('is_enable', is_enable), rule.get('description', None), rule.get('policy', policy), proto( rule.get('protocol', protocol) ), rule.get('dest_port'), rule.get('dest_ip'), rule.get('source_port'), rule.get('source_ip'), rule.get('enable_logging', enable_logging)) else: the_gateway.add_fw_rule(is_enable, description, policy, proto(protocol), dest_port, dest_ip, source_port, source_ip, enable_logging) task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't add firewall rule: " + error.get_message(), cmd_proc) sys.exit(1) elif 'delete' == operation: utils.print_message("delete firewall rule") if fw_rules_file: rules = yaml.load(fw_rules_file) if rules and rules[0]: fw_rules = rules[0].get('Firewall_rules') for rule in fw_rules: # Take default for protocol cmdline switch (or its default) the_gateway.delete_fw_rule(proto( rule.get('protocol', protocol) ), str(rule.get('dest_port')), rule.get('dest_ip'), str(rule.get('source_port')), rule.get('source_ip')) else: the_gateway.delete_fw_rule(proto(protocol), dest_port, dest_ip, source_port, source_ip) task = the_gateway.save_services_configuration() if task: utils.display_progress(task, cmd_proc, cmd_proc.vca.vcloud_session. get_vcloud_headers()) else: error = parseString(the_gateway.response.content, True) utils.print_error("can't delete firewall rule: " + error.get_message(), cmd_proc) sys.exit(1) cmd_proc.save_current_config()