one,firewall: public ip support added

2d520ecb · Bach Dániel · 6065b04f · 2d520ecb · 2d520ecb · 2d520ecb
Commit 2d520ecb authored Feb 25, 2013 by Bach Dániel
Hide whitespace changes
Inline Side-by-side

Showing with 44 additions and 27 deletions

firewall/models.py
+21 -12

one/models.py
+12 -10

one/templates/show.html
+4 -2

one/templates/vm-credentials.html
+1 -1

one/views.py
+6 -2

No files found.
--- a/firewall/models.py
+++ b/firewall/models.py
@@ -179,28 +179,37 @@ class Host(models.Model):
    def enable_net(self):
        self.groups.add(Group.objects.get(name="netezhet"))

-    def add_port(self, proto, public, private):
+    def add_port(self, proto, public, private = 0):
        proto = "tcp" if (proto == "tcp") else "udp"
-        if public < 1024:
-            raise ValidationError(_("Only ports above 1024 can be used."))
-        for host in Host.objects.filter(pub_ipv4=self.pub_ipv4):
-            if host.rules.filter(nat=True, proto=proto, dport=public):
+        if self.shared_ip:
+            if public < 1024:
+                raise ValidationError(_("Only ports above 1024 can be used."))
+            for host in Host.objects.filter(pub_ipv4=self.pub_ipv4):
+                if host.rules.filter(nat=True, proto=proto, dport=public):
+                    raise ValidationError(_("Port %s %s is already in use.") %
+                            (proto, public))
+            rule = Rule(direction='1', owner=self.owner, dport=public,
+                    proto=proto, nat=True, accept=True, r_type="host",
+                    nat_dport=private, host=self, foreign_network=VlanGroup.
+                        objects.get(name=settings["default_vlangroup"]))
+        else:
+            if self.rules.filter(proto=proto, dport=public):
                raise ValidationError(_("Port %s %s is already in use.") %
-                        (proto, public))
-        rule = Rule(direction='1', owner=self.owner, dport=public,
-                proto=proto, nat=True, accept=True, r_type="host",
-                nat_dport=private, host=self, foreign_network=VlanGroup.
-                    objects.get(name=settings["default_vlangroup"]))
+                    (proto, public))
+            rule = Rule(direction='1', owner=self.owner, dport=public,
+                    proto=proto, nat=False, accept=True, r_type="host", host=self,
+                    foreign_network=VlanGroup.objects.get(name=settings["default_vlangroup"]))
+
        rule.full_clean()
        rule.save()

    def del_port(self, proto, public):
-        self.rules.filter(owner=self.owner, proto=proto, nat=True,
+        self.rules.filter(owner=self.owner, proto=proto, host=self,
                dport=public).delete()

    def list_ports(self):
        retval = []
-        for rule in self.rules.filter(owner=self.owner, nat=True):
+        for rule in self.rules.filter(owner=self.owner):
            retval.append({'proto': rule.proto, 'public': rule.dport,
                'private': rule.nat_dport})
        return retval

--- a/one/models.py
+++ b/one/models.py
@@ -224,7 +224,7 @@ class Disk(models.Model):
        return u"%s (#%d)" % (self.name, self.id)

    @staticmethod
-    def update():
+    def update(delete=True):
        """Get and register virtual disks from OpenNebula."""
        import subprocess
        proc = subprocess.Popen(["/opt/occi.sh", "storage", "list"],
@@ -244,7 +244,8 @@ class Disk(models.Model):
                except:
                    Disk(id=id, name=name).save()
                l.append(id)
-            Disk.objects.exclude(id__in=l).delete()
+            if delete:
+                Disk.objects.exclude(id__in=l).delete()

 class Network(models.Model):
    """Virtual networks automatically synchronized with OpenNebula."""
@@ -262,7 +263,7 @@ class Network(models.Model):
        return self.name

    @staticmethod
-    def update(delete=True):
+    def update():
        """Get and register virtual networks from OpenNebula."""
        import subprocess
        proc = subprocess.Popen(["/opt/occi.sh", "network", "list"],
@@ -282,8 +283,7 @@ class Network(models.Model):
                except:
                    Network(id=id, name=name).save()
                l.append(id)
-            if delete:
-                Network.objects.exclude(id__in=l).delete()
+            Network.objects.exclude(id__in=l).delete()


 class InstanceType(models.Model):
@@ -413,9 +413,9 @@ class Instance(models.Model):
    def get_connect_host(self):
        """Get public hostname."""
        if self.template.network.nat:
-            return 'cloud'
+            return self.firewall_host.pub_ipv4
        else:
-            return self.ip
+            return self.firewall_host.ipv4

    def get_connect_uri(self):
        """Get access parameters in URI format."""
@@ -428,7 +428,7 @@ class Instance(models.Model):
            pw = self.pw
            return ("%(proto)s:cloud:%(pw)s:%(host)s:%(port)d" %
                    {"port": port, "proto": proto, "pw": pw,
-                     "host": self.firewall_host.pub_ipv4})
+                     "host": host})
        except:
            return

@@ -541,11 +541,13 @@ class Instance(models.Model):
        inst.save()
        inst.update_state()
        host = Host(vlan=Vlan.objects.get(name=template.network.name),
-                owner=owner, shared_ip=True)
+                owner=owner)
        host.hostname = hostname
        host.mac = x.getElementsByTagName("MAC")[0].childNodes[0].nodeValue
        host.ipv4 = inst.ip
-        host.pub_ipv4 = Vlan.objects.get(name=template.network.name).snat_ip
+        if inst.template.network.nat:
+            host.pub_ipv4 = Vlan.objects.get(name=template.network.name).snat_ip
+            host.shared_ip = True
        host.ipv6 = "auto"
        try:
            host.save()

--- a/one/templates/show.html
+++ b/one/templates/show.html
@@ -113,13 +113,13 @@
                    <tr>
                        <th>{% trans "Protocol" %}</th>
                        <th>{% trans "Public port" %}</th>
-                        <th colspan="2">{% trans "Private port" %}</th>
+                        {% if i.template.network.nat %}<th colspan="2">{% trans "Private port" %}</th>{%endif%}
                    </tr>
                    {% for port in ports %}
                    <tr>
                        <td>{{port.proto}}</td>
                        <td>{{port.public}}</td>
-                        <td>{{port.private}}</td>
+                        {% if i.template.network.nat %}<td>{{port.private}}</td>{%endif%}
                        <td>
                            <a href="/vm/port_del/{{i.id}}/{{port.proto}}/{{port.public}}/">{% trans "Delete" %}</a>
                        </td>
@@ -135,9 +135,11 @@
                        <td>
                            <input style="min-width:70px;width:70px;" type="text" name="public"/>
                        </td>
+                        {% if i.template.network.nat %}
                        <td>
                            <input style="min-width:70px;width:70px;" type="text" name="private"/>
                        </td>
+                        {% endif %}
                        <td>
                            <input type="submit" style="min-width:3em" value="{% trans "Add" %}" />
                        </td>

--- a/one/templates/vm-credentials.html
+++ b/one/templates/vm-credentials.html
@@ -35,7 +35,7 @@
        </tr>
        <tr>
            <th>{% trans "IP" %}:</th>
-            <td>{{ i.firewall_host.pub_ipv4 }}</td>
+            <td>{{ i.get_connect_host }}</td>
        </tr>
        <tr>
            <th>{% trans "Port" %}:</th>

--- a/one/views.py
+++ b/one/views.py
@@ -342,7 +342,11 @@ class VmPortAddView(View):
            if public >= 22000 and public < 24000:
                raise ValidationError(_("Port number is in a restricted domain (22000 to 24000)."))
            inst = get_object_or_404(Instance, id=iid, owner=request.user)
-            inst.firewall_host.add_port(proto=request.POST['proto'], public=public, private=int(request.POST['private']))
+            if inst.template.network.nat:
+                private = private=int(request.POST['private'])
+            else:
+                private = 0
+            inst.firewall_host.add_port(proto=request.POST['proto'], public=public, private=private)
            messages.success(request, _(u"Port %d successfully added.") % public)
        except:
            messages.error(request, _(u"Adding port failed."))
@@ -361,7 +365,7 @@ def vm_port_del(request, iid, proto, public):
    inst = get_object_or_404(Instance, id=iid, owner=request.user)
    try:
        inst.firewall_host.del_port(proto=proto, public=public)
-        messages.success(request, _(u"Port %d successfully removed.") % public)
+        messages.success(request, _(u"Port %s successfully removed.") % public)
    except:
        messages.error(request, _(u"Removing port failed."))
    return redirect('/vm/show/%d/' % int(iid))