本文整理汇总了Python中dm_utils.DMUtils.make_sg_firewall_name方法的典型用法代码示例。如果您正苦于以下问题:Python DMUtils.make_sg_firewall_name方法的具体用法?Python DMUtils.make_sg_firewall_name怎么用?Python DMUtils.make_sg_firewall_name使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类dm_utils.DMUtils的用法示例。
在下文中一共展示了DMUtils.make_sg_firewall_name方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: get_firewall_filters
# 需要导入模块: from dm_utils import DMUtils [as 别名]
# 或者: from dm_utils.DMUtils import make_sg_firewall_name [as 别名]
def get_firewall_filters(self, sg, acl, is_egress=False):
acl_rule_present = False
if not sg or not acl or not acl.vnc_obj:
return []
acl = acl.vnc_obj
entries = acl.get_access_control_list_entries()
if not entries:
return []
rules = entries.get_acl_rule() or []
if not rules:
return []
filter_names = []
for rule in rules:
if not self.has_terms(rule):
continue
match = rule.get_match_condition()
if not match:
continue
rule_uuid = rule.get_rule_uuid()
ether_type_match = match.get_ethertype()
if not ether_type_match:
continue
if 'ipv6' in ether_type_match.lower():
continue
acl_rule_present = True
break
if acl_rule_present:
filter_name = DMUtils.make_sg_firewall_name(sg.name, acl.uuid)
filter_names.append(filter_name)
return filter_names示例2: build_firewall_filters
# 需要导入模块: from dm_utils import DMUtils [as 别名]
# 或者: from dm_utils.DMUtils import make_sg_firewall_name [as 别名]
def build_firewall_filters(self, sg, acl, is_egress=False):
acl_rule_present = False
if not sg or not acl or not acl.vnc_obj:
return
acl = acl.vnc_obj
entries = acl.get_access_control_list_entries()
if not entries:
return
rules = entries.get_acl_rule() or []
if not rules:
return
self.firewall_config = self.firewall_config or\
Firewall(DMUtils.firewall_comment())
for rule in rules:
if not self.has_terms(rule):
continue
match = rule.get_match_condition()
if not match:
continue
acl_rule_present = True
break
if acl_rule_present:
filter_name = DMUtils.make_sg_firewall_name(sg.name, acl.uuid)
f = FirewallFilter(name=filter_name)
f.set_comment(DMUtils.make_sg_firewall_comment(sg.name, acl.uuid))
# allow arp ether type always
self.add_ether_type_term(f, 'arp')
# allow dhcp/dns always
self.add_dns_dhcp_terms(f)
for rule in rules:
if not self.has_terms(rule):
continue
match = rule.get_match_condition()
if not match:
continue
rule_uuid = rule.get_rule_uuid()
dst_addr_match = match.get_dst_address()
dst_port_match = match.get_dst_port()
ether_type_match = match.get_ethertype()
protocol_match = match.get_protocol()
src_addr_match = match.get_src_address()
src_port_match = match.get_src_port()
term = self.add_filter_term(f, rule_uuid)
self.add_addr_term(term, dst_addr_match, False)
self.add_addr_term(term, src_addr_match, True)
self.add_port_term(term, dst_port_match, False)
# source port match is not needed for now (BMS source port)
#self.add_port_term(term, src_port_match, True)
self.add_protocol_term(term, protocol_match)
self.firewall_config.add_firewall_filters(f)