Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gyuricska Milán
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
2d520ecb
authored
Feb 25, 2013
by
Bach Dániel
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
one,firewall: public ip support added
parent
6065b04f
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
44 additions
and
27 deletions
+44
-27
firewall/models.py
+21
-12
one/models.py
+12
-10
one/templates/show.html
+4
-2
one/templates/vm-credentials.html
+1
-1
one/views.py
+6
-2
No files found.
firewall/models.py
View file @
2d520ecb
...
@@ -179,28 +179,37 @@ class Host(models.Model):
...
@@ -179,28 +179,37 @@ class Host(models.Model):
def
enable_net
(
self
):
def
enable_net
(
self
):
self
.
groups
.
add
(
Group
.
objects
.
get
(
name
=
"netezhet"
))
self
.
groups
.
add
(
Group
.
objects
.
get
(
name
=
"netezhet"
))
def
add_port
(
self
,
proto
,
public
,
private
):
def
add_port
(
self
,
proto
,
public
,
private
=
0
):
proto
=
"tcp"
if
(
proto
==
"tcp"
)
else
"udp"
proto
=
"tcp"
if
(
proto
==
"tcp"
)
else
"udp"
if
public
<
1024
:
if
self
.
shared_ip
:
raise
ValidationError
(
_
(
"Only ports above 1024 can be used."
))
if
public
<
1024
:
for
host
in
Host
.
objects
.
filter
(
pub_ipv4
=
self
.
pub_ipv4
):
raise
ValidationError
(
_
(
"Only ports above 1024 can be used."
))
if
host
.
rules
.
filter
(
nat
=
True
,
proto
=
proto
,
dport
=
public
):
for
host
in
Host
.
objects
.
filter
(
pub_ipv4
=
self
.
pub_ipv4
):
if
host
.
rules
.
filter
(
nat
=
True
,
proto
=
proto
,
dport
=
public
):
raise
ValidationError
(
_
(
"Port
%
s
%
s is already in use."
)
%
(
proto
,
public
))
rule
=
Rule
(
direction
=
'1'
,
owner
=
self
.
owner
,
dport
=
public
,
proto
=
proto
,
nat
=
True
,
accept
=
True
,
r_type
=
"host"
,
nat_dport
=
private
,
host
=
self
,
foreign_network
=
VlanGroup
.
objects
.
get
(
name
=
settings
[
"default_vlangroup"
]))
else
:
if
self
.
rules
.
filter
(
proto
=
proto
,
dport
=
public
):
raise
ValidationError
(
_
(
"Port
%
s
%
s is already in use."
)
%
raise
ValidationError
(
_
(
"Port
%
s
%
s is already in use."
)
%
(
proto
,
public
))
(
proto
,
public
))
rule
=
Rule
(
direction
=
'1'
,
owner
=
self
.
owner
,
dport
=
public
,
rule
=
Rule
(
direction
=
'1'
,
owner
=
self
.
owner
,
dport
=
public
,
proto
=
proto
,
nat
=
True
,
accept
=
True
,
r_type
=
"host"
,
proto
=
proto
,
nat
=
False
,
accept
=
True
,
r_type
=
"host"
,
host
=
self
,
nat_dport
=
private
,
host
=
self
,
foreign_network
=
VlanGroup
.
foreign_network
=
VlanGroup
.
objects
.
get
(
name
=
settings
[
"default_vlangroup"
]))
objects
.
get
(
name
=
settings
[
"default_vlangroup"
]))
rule
.
full_clean
()
rule
.
full_clean
()
rule
.
save
()
rule
.
save
()
def
del_port
(
self
,
proto
,
public
):
def
del_port
(
self
,
proto
,
public
):
self
.
rules
.
filter
(
owner
=
self
.
owner
,
proto
=
proto
,
nat
=
True
,
self
.
rules
.
filter
(
owner
=
self
.
owner
,
proto
=
proto
,
host
=
self
,
dport
=
public
)
.
delete
()
dport
=
public
)
.
delete
()
def
list_ports
(
self
):
def
list_ports
(
self
):
retval
=
[]
retval
=
[]
for
rule
in
self
.
rules
.
filter
(
owner
=
self
.
owner
,
nat
=
True
):
for
rule
in
self
.
rules
.
filter
(
owner
=
self
.
owner
):
retval
.
append
({
'proto'
:
rule
.
proto
,
'public'
:
rule
.
dport
,
retval
.
append
({
'proto'
:
rule
.
proto
,
'public'
:
rule
.
dport
,
'private'
:
rule
.
nat_dport
})
'private'
:
rule
.
nat_dport
})
return
retval
return
retval
...
...
one/models.py
View file @
2d520ecb
...
@@ -224,7 +224,7 @@ class Disk(models.Model):
...
@@ -224,7 +224,7 @@ class Disk(models.Model):
return
u"
%
s (#
%
d)"
%
(
self
.
name
,
self
.
id
)
return
u"
%
s (#
%
d)"
%
(
self
.
name
,
self
.
id
)
@staticmethod
@staticmethod
def
update
():
def
update
(
delete
=
True
):
"""Get and register virtual disks from OpenNebula."""
"""Get and register virtual disks from OpenNebula."""
import
subprocess
import
subprocess
proc
=
subprocess
.
Popen
([
"/opt/occi.sh"
,
"storage"
,
"list"
],
proc
=
subprocess
.
Popen
([
"/opt/occi.sh"
,
"storage"
,
"list"
],
...
@@ -244,7 +244,8 @@ class Disk(models.Model):
...
@@ -244,7 +244,8 @@ class Disk(models.Model):
except
:
except
:
Disk
(
id
=
id
,
name
=
name
)
.
save
()
Disk
(
id
=
id
,
name
=
name
)
.
save
()
l
.
append
(
id
)
l
.
append
(
id
)
Disk
.
objects
.
exclude
(
id__in
=
l
)
.
delete
()
if
delete
:
Disk
.
objects
.
exclude
(
id__in
=
l
)
.
delete
()
class
Network
(
models
.
Model
):
class
Network
(
models
.
Model
):
"""Virtual networks automatically synchronized with OpenNebula."""
"""Virtual networks automatically synchronized with OpenNebula."""
...
@@ -262,7 +263,7 @@ class Network(models.Model):
...
@@ -262,7 +263,7 @@ class Network(models.Model):
return
self
.
name
return
self
.
name
@staticmethod
@staticmethod
def
update
(
delete
=
True
):
def
update
():
"""Get and register virtual networks from OpenNebula."""
"""Get and register virtual networks from OpenNebula."""
import
subprocess
import
subprocess
proc
=
subprocess
.
Popen
([
"/opt/occi.sh"
,
"network"
,
"list"
],
proc
=
subprocess
.
Popen
([
"/opt/occi.sh"
,
"network"
,
"list"
],
...
@@ -282,8 +283,7 @@ class Network(models.Model):
...
@@ -282,8 +283,7 @@ class Network(models.Model):
except
:
except
:
Network
(
id
=
id
,
name
=
name
)
.
save
()
Network
(
id
=
id
,
name
=
name
)
.
save
()
l
.
append
(
id
)
l
.
append
(
id
)
if
delete
:
Network
.
objects
.
exclude
(
id__in
=
l
)
.
delete
()
Network
.
objects
.
exclude
(
id__in
=
l
)
.
delete
()
class
InstanceType
(
models
.
Model
):
class
InstanceType
(
models
.
Model
):
...
@@ -413,9 +413,9 @@ class Instance(models.Model):
...
@@ -413,9 +413,9 @@ class Instance(models.Model):
def
get_connect_host
(
self
):
def
get_connect_host
(
self
):
"""Get public hostname."""
"""Get public hostname."""
if
self
.
template
.
network
.
nat
:
if
self
.
template
.
network
.
nat
:
return
'cloud'
return
self
.
firewall_host
.
pub_ipv4
else
:
else
:
return
self
.
ip
return
self
.
firewall_host
.
ipv4
def
get_connect_uri
(
self
):
def
get_connect_uri
(
self
):
"""Get access parameters in URI format."""
"""Get access parameters in URI format."""
...
@@ -428,7 +428,7 @@ class Instance(models.Model):
...
@@ -428,7 +428,7 @@ class Instance(models.Model):
pw
=
self
.
pw
pw
=
self
.
pw
return
(
"
%(proto)
s:cloud:
%(pw)
s:
%(host)
s:
%(port)
d"
%
return
(
"
%(proto)
s:cloud:
%(pw)
s:
%(host)
s:
%(port)
d"
%
{
"port"
:
port
,
"proto"
:
proto
,
"pw"
:
pw
,
{
"port"
:
port
,
"proto"
:
proto
,
"pw"
:
pw
,
"host"
:
self
.
firewall_host
.
pub_ipv4
})
"host"
:
host
})
except
:
except
:
return
return
...
@@ -541,11 +541,13 @@ class Instance(models.Model):
...
@@ -541,11 +541,13 @@ class Instance(models.Model):
inst
.
save
()
inst
.
save
()
inst
.
update_state
()
inst
.
update_state
()
host
=
Host
(
vlan
=
Vlan
.
objects
.
get
(
name
=
template
.
network
.
name
),
host
=
Host
(
vlan
=
Vlan
.
objects
.
get
(
name
=
template
.
network
.
name
),
owner
=
owner
,
shared_ip
=
True
)
owner
=
owner
)
host
.
hostname
=
hostname
host
.
hostname
=
hostname
host
.
mac
=
x
.
getElementsByTagName
(
"MAC"
)[
0
]
.
childNodes
[
0
]
.
nodeValue
host
.
mac
=
x
.
getElementsByTagName
(
"MAC"
)[
0
]
.
childNodes
[
0
]
.
nodeValue
host
.
ipv4
=
inst
.
ip
host
.
ipv4
=
inst
.
ip
host
.
pub_ipv4
=
Vlan
.
objects
.
get
(
name
=
template
.
network
.
name
)
.
snat_ip
if
inst
.
template
.
network
.
nat
:
host
.
pub_ipv4
=
Vlan
.
objects
.
get
(
name
=
template
.
network
.
name
)
.
snat_ip
host
.
shared_ip
=
True
host
.
ipv6
=
"auto"
host
.
ipv6
=
"auto"
try
:
try
:
host
.
save
()
host
.
save
()
...
...
one/templates/show.html
View file @
2d520ecb
...
@@ -113,13 +113,13 @@
...
@@ -113,13 +113,13 @@
<tr>
<tr>
<th>
{% trans "Protocol" %}
</th>
<th>
{% trans "Protocol" %}
</th>
<th>
{% trans "Public port" %}
</th>
<th>
{% trans "Public port" %}
</th>
<th
colspan=
"2"
>
{% trans "Private port" %}
</th>
{% if i.template.network.nat %}
<th
colspan=
"2"
>
{% trans "Private port" %}
</th>
{%endif%}
</tr>
</tr>
{% for port in ports %}
{% for port in ports %}
<tr>
<tr>
<td>
{{port.proto}}
</td>
<td>
{{port.proto}}
</td>
<td>
{{port.public}}
</td>
<td>
{{port.public}}
</td>
<td>
{{port.private}}
</td>
{% if i.template.network.nat %}
<td>
{{port.private}}
</td>
{%endif%}
<td>
<td>
<a
href=
"/vm/port_del/{{i.id}}/{{port.proto}}/{{port.public}}/"
>
{% trans "Delete" %}
</a>
<a
href=
"/vm/port_del/{{i.id}}/{{port.proto}}/{{port.public}}/"
>
{% trans "Delete" %}
</a>
</td>
</td>
...
@@ -135,9 +135,11 @@
...
@@ -135,9 +135,11 @@
<td>
<td>
<input
style=
"min-width:70px;width:70px;"
type=
"text"
name=
"public"
/>
<input
style=
"min-width:70px;width:70px;"
type=
"text"
name=
"public"
/>
</td>
</td>
{% if i.template.network.nat %}
<td>
<td>
<input
style=
"min-width:70px;width:70px;"
type=
"text"
name=
"private"
/>
<input
style=
"min-width:70px;width:70px;"
type=
"text"
name=
"private"
/>
</td>
</td>
{% endif %}
<td>
<td>
<input
type=
"submit"
style=
"min-width:3em"
value=
"{% trans "
Add
"
%}"
/>
<input
type=
"submit"
style=
"min-width:3em"
value=
"{% trans "
Add
"
%}"
/>
</td>
</td>
...
...
one/templates/vm-credentials.html
View file @
2d520ecb
...
@@ -35,7 +35,7 @@
...
@@ -35,7 +35,7 @@
</tr>
</tr>
<tr>
<tr>
<th>
{% trans "IP" %}:
</th>
<th>
{% trans "IP" %}:
</th>
<td>
{{ i.
firewall_host.pub_ipv4
}}
</td>
<td>
{{ i.
get_connect_host
}}
</td>
</tr>
</tr>
<tr>
<tr>
<th>
{% trans "Port" %}:
</th>
<th>
{% trans "Port" %}:
</th>
...
...
one/views.py
View file @
2d520ecb
...
@@ -342,7 +342,11 @@ class VmPortAddView(View):
...
@@ -342,7 +342,11 @@ class VmPortAddView(View):
if
public
>=
22000
and
public
<
24000
:
if
public
>=
22000
and
public
<
24000
:
raise
ValidationError
(
_
(
"Port number is in a restricted domain (22000 to 24000)."
))
raise
ValidationError
(
_
(
"Port number is in a restricted domain (22000 to 24000)."
))
inst
=
get_object_or_404
(
Instance
,
id
=
iid
,
owner
=
request
.
user
)
inst
=
get_object_or_404
(
Instance
,
id
=
iid
,
owner
=
request
.
user
)
inst
.
firewall_host
.
add_port
(
proto
=
request
.
POST
[
'proto'
],
public
=
public
,
private
=
int
(
request
.
POST
[
'private'
]))
if
inst
.
template
.
network
.
nat
:
private
=
private
=
int
(
request
.
POST
[
'private'
])
else
:
private
=
0
inst
.
firewall_host
.
add_port
(
proto
=
request
.
POST
[
'proto'
],
public
=
public
,
private
=
private
)
messages
.
success
(
request
,
_
(
u"Port
%
d successfully added."
)
%
public
)
messages
.
success
(
request
,
_
(
u"Port
%
d successfully added."
)
%
public
)
except
:
except
:
messages
.
error
(
request
,
_
(
u"Adding port failed."
))
messages
.
error
(
request
,
_
(
u"Adding port failed."
))
...
@@ -361,7 +365,7 @@ def vm_port_del(request, iid, proto, public):
...
@@ -361,7 +365,7 @@ def vm_port_del(request, iid, proto, public):
inst
=
get_object_or_404
(
Instance
,
id
=
iid
,
owner
=
request
.
user
)
inst
=
get_object_or_404
(
Instance
,
id
=
iid
,
owner
=
request
.
user
)
try
:
try
:
inst
.
firewall_host
.
del_port
(
proto
=
proto
,
public
=
public
)
inst
.
firewall_host
.
del_port
(
proto
=
proto
,
public
=
public
)
messages
.
success
(
request
,
_
(
u"Port
%
d
successfully removed."
)
%
public
)
messages
.
success
(
request
,
_
(
u"Port
%
s
successfully removed."
)
%
public
)
except
:
except
:
messages
.
error
(
request
,
_
(
u"Removing port failed."
))
messages
.
error
(
request
,
_
(
u"Removing port failed."
))
return
redirect
(
'/vm/show/
%
d/'
%
int
(
iid
))
return
redirect
(
'/vm/show/
%
d/'
%
int
(
iid
))
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment