Author: arkurth
Date: Thu Mar 30 21:16:27 2017
New Revision: 1789585
URL: http://svn.apache.org/viewvc?rev=1789585&view=rev
Log:
VCL-1031
Added subroutines:
DataStructure.pm::get_connect_method_protocol_port_array
Removed subroutines and all calls to them:
Linux.pm::grant_management_node_access
Linux.pm::
Linux.pm::
Linux.pm::
Linux.pm::
Linux.pm::
Linux.pm::
Linux.pm::
Renamed subroutines:
iptables.pm::configure_nat --> nat_configure_host
iptables.pm::configure_nat_reservation --> nat_configure_reservation
add_nat_port_forward --> nat_add_port_forward
Added calls to firewall module subroutines if the object implements it:
OS.pm::firewall_compare_update --> firewall/process_inuse
Linux.pm::pre_capture --> firewall/process_pre_capture
Linux.pm::post_load --> firewall/process_post_load
Linux.pm::grant_access --> firewall/process_reserved
Modified:
vcl/trunk/managementnode/lib/VCL/DataStructure.pm
vcl/trunk/managementnode/lib/VCL/Module/OS.pm
Modified: vcl/trunk/managementnode/lib/VCL/DataStructure.pm
URL:
http://svn.apache.org/viewvc/vcl/trunk/managementnode/lib/VCL/DataStructure.pm?rev=1789585&r1=1789584&r2=1789585&view=diff
==============================================================================
--- vcl/trunk/managementnode/lib/VCL/DataStructure.pm (original)
+++ vcl/trunk/managementnode/lib/VCL/DataStructure.pm Thu Mar 30 21:16:27 2017
@@ -2388,6 +2388,44 @@ sub get_connect_method_info_matching_nam
#/////////////////////////////////////////////////////////////////////////////
+=head2 get_connect_method_protocol_port_array
+
+ Parameters : none
+ Returns : array
+ Description : Processes all of the connect methods assigned to the image
+ revision and constructs an simpler array for easier processing.
+ An array is returned. Each array element is an array reference
+ with exactly 2 elements, a protocol name and port number:
+ (
+ ["tcp", 22],
+ ["tcp", 3389],
+ ["udp", 3389],
+ )
+
+=cut
+
+sub get_connect_method_protocol_port_array {
+ my $self = shift;
+ if (ref($self) !~ /VCL::/i) {
+ notify($ERRORS{'CRITICAL'}, 0, "subroutine was called as a
function, it must be called as a class method");
+ return 0;
+ }
+
+ my @protocol_port_array;
+
+ my $connect_method_info = $self->get_connect_methods();
+ for my $connect_method_id (sort keys %{$connect_method_info}) {
+ for my $connect_method_port_id (keys
%{$connect_method_info->{$connect_method_id}{connectmethodport}}) {
+ my $protocol =
$connect_method_info->{$connect_method_id}{connectmethodport}{$connect_method_port_id}{protocol};
+ my $port =
$connect_method_info->{$connect_method_id}{connectmethodport}{$connect_method_port_id}{port};
+ push @protocol_port_array, [lc($protocol), $port],
+ }
+ }
+ return @protocol_port_array;
+}
+
+#/////////////////////////////////////////////////////////////////////////////
+
1;
__END__
Modified: vcl/trunk/managementnode/lib/VCL/Module/OS.pm
URL:
http://svn.apache.org/viewvc/vcl/trunk/managementnode/lib/VCL/Module/OS.pm?rev=1789585&r1=1789584&r2=1789585&view=diff
==============================================================================
--- vcl/trunk/managementnode/lib/VCL/Module/OS.pm (original)
+++ vcl/trunk/managementnode/lib/VCL/Module/OS.pm Thu Mar 30 21:16:27 2017
@@ -3585,14 +3585,14 @@ sub process_connect_methods {
# Perform general NAT configuration
if ($nathost_internal_ip_address) {
- if ($self->nathost_os->firewall->can('configure_nat')) {
- if
(!$self->nathost_os->firewall->configure_nat($nathost_public_ip_address,
$nathost_internal_ip_address)) {
+ if
($self->nathost_os->firewall->can('nat_configure_host')) {
+ if
(!$self->nathost_os->firewall->nat_configure_host($nathost_public_ip_address,
$nathost_internal_ip_address)) {
notify($ERRORS{'WARNING'}, 0, "unable
to process connect methods, failed to configure NAT on $nathost_hostname");
return;
}
}
else {
- notify($ERRORS{'DEBUG'}, 0, "NAT not configured
on $nathost_hostname, " . ref($self->nathost_os->firewall) . " does not
implement a 'configure_nat' subroutine");
+ notify($ERRORS{'DEBUG'}, 0, "NAT not configured
on $nathost_hostname, " . ref($self->nathost_os->firewall) . " does not
implement a 'nat_configure_host' subroutine");
}
}
else {
@@ -3600,14 +3600,14 @@ sub process_connect_methods {
}
# Perform reservation-specific NAT configuration
- if
($self->nathost_os->firewall->can('configure_nat_reservation')) {
- if
(!$self->nathost_os->firewall->configure_nat_reservation()) {
+ if
($self->nathost_os->firewall->can('nat_configure_reservation')) {
+ if
(!$self->nathost_os->firewall->nat_configure_reservation()) {
notify($ERRORS{'WARNING'}, 0, "unable to
process connect methods, failed to configure NAT on $nathost_hostname for this
reservation");
return;
}
}
else {
- notify($ERRORS{'DEBUG'}, 0, "NAT not configured on
$nathost_hostname for this reservation, " . ref($self->nathost_os->firewall) .
" does not implement a 'configure_nat_reservation' subroutine");
+ notify($ERRORS{'DEBUG'}, 0, "NAT not configured on
$nathost_hostname for this reservation, " . ref($self->nathost_os->firewall) .
" does not implement a 'nat_configure_reservation' subroutine");
}
}
@@ -3698,7 +3698,7 @@ sub process_connect_methods {
return;
}
- if
($self->nathost_os->firewall->add_nat_port_forward($protocol, $nat_public_port,
$computer_ip_address, $port)) {
+ if
($self->nathost_os->firewall->nat_add_port_forward($protocol, $nat_public_port,
$computer_ip_address, $port)) {
notify($ERRORS{'OK'}, 0, "NAT
port forwarding configured on $nathost_hostname for '$name' connect method:
$nathost_public_ip_address:$nat_public_port --> $computer_ip_address:$port
($protocol)");
}
else {
@@ -4590,10 +4590,6 @@ sub firewall_compare_update {
return;
}
- # Make sure the OS module implements get_firewall_configuration and
enable_firewall_port subroutine
- return 1 unless $self->can('enable_firewall_port');
- return 1 unless $self->can('get_firewall_configuration');
-
my $computer_node_name = $self->data->get_computer_node_name();
my $remote_ip = $self->data->get_reservation_remote_ip();
@@ -4602,6 +4598,15 @@ sub firewall_compare_update {
return;
}
+ if ($self->can('firewall') && $self->firewall->can('process_inuse')) {
+ return $self->firewall->process_inuse($remote_ip);
+ }
+
+ # Make sure the OS module implements get_firewall_configuration and
enable_firewall_port subroutine
+ unless ($self->can('enable_firewall_port') &&
$self->can('get_firewall_configuration')) {
+ return 1;
+ }
+
# Retrieve the connect method info
my $connect_method_info = $self->data->get_connect_methods();
if (!$connect_method_info) {
