Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

automatic configure juniper srx nat loopback #2183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
ming416 wants to merge 1 commit into from
Closed

automatic configure juniper srx nat loopback #2183

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
71 changes: 70 additions & 1 deletion 71 plugins/network-elements/juniper-srx/src/com/cloud/network/resource/JuniperSrxResource.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -303,7 +303,7 @@ public String getCountName() {
}

private enum SrxCommand {
LOGIN, OPEN_CONFIGURATION, CLOSE_CONFIGURATION, COMMIT, ROLLBACK, CHECK_IF_EXISTS, CHECK_IF_IN_USE, ADD, DELETE, GET_ALL;
LOGIN, OPEN_CONFIGURATION, CLOSE_CONFIGURATION, COMMIT, ROLLBACK, CHECK_IF_EXISTS, CHECK_IF_IN_USE, ADD, DELETE, GET_ALL, CHECK_PRIVATE_IF_EXISTS;
}

private enum Protocol {
Expand Down Expand Up @@ -2011,6 +2011,7 @@ private String genStaticNatRuleName(String publicIp, String privateIp) {

private boolean manageStaticNatRule(SrxCommand command, String publicIp, String privateIp) throws ExecutionException {
String ruleName = genStaticNatRuleName(publicIp, privateIp);
String ruleName_private = genStaticNatRuleName(privateIp, publicIp);
String xml;

switch (command) {
Expand All @@ -2023,6 +2024,14 @@ private boolean manageStaticNatRule(SrxCommand command, String publicIp, String
xml = replaceXmlValue(xml, "rule-name", ruleName);
return sendRequestAndCheckResponse(command, xml, "name", ruleName);

case CHECK_PRIVATE_IF_EXISTS:
xml = SrxXml.STATIC_NAT_RULE_GETONE.getXml();
xml = setDelete(xml, false);
xml = replaceXmlValue(xml, "rule-set", _privateZone);
xml = replaceXmlValue(xml, "from-zone", _privateZone);
xml = replaceXmlValue(xml, "rule-name", ruleName_private);
return sendRequestAndCheckResponse(command, xml, "name", ruleName_private);

case ADD:
if (manageStaticNatRule(SrxCommand.CHECK_IF_EXISTS, publicIp, privateIp)) {
return true;
Expand All @@ -2038,6 +2047,17 @@ private boolean manageStaticNatRule(SrxCommand command, String publicIp, String
if (!sendRequestAndCheckResponse(command, xml)) {
throw new ExecutionException("Failed to add static NAT rule from public IP " + publicIp + " to private IP " + privateIp);
} else {
xml = SrxXml.STATIC_NAT_RULE_ADD.getXml();
xml = replaceXmlValue(xml, "rule-set", _privateZone);
xml = replaceXmlValue(xml, "from-zone", _privateZone);
xml = replaceXmlValue(xml, "rule-name", ruleName_private);
xml = replaceXmlValue(xml, "original-ip", publicIp);
xml = replaceXmlValue(xml, "translated-ip", privateIp);
if (!sendRequestAndCheckResponse(command, xml))
{
throw new ExecutionException("Failed to add trust static NAT rule from public IP " + publicIp + " to private IP " + privateIp);
}

return true;
}

Expand All @@ -2055,6 +2075,18 @@ private boolean manageStaticNatRule(SrxCommand command, String publicIp, String
if (!sendRequestAndCheckResponse(command, xml, "name", ruleName)) {
throw new ExecutionException("Failed to delete static NAT rule from public IP " + publicIp + " to private IP " + privateIp);
} else {
if (manageStaticNatRule(SrxCommand.CHECK_PRIVATE_IF_EXISTS, publicIp, privateIp)){
xml = SrxXml.STATIC_NAT_RULE_GETONE.getXml();
xml = setDelete(xml, true);
xml = replaceXmlValue(xml, "rule-set", _privateZone);
xml = replaceXmlValue(xml, "from-zone", _privateZone);
xml = replaceXmlValue(xml, "rule-name", ruleName_private);
}

if (!sendRequestAndCheckResponse(command, xml, "name", ruleName_private))
{
throw new ExecutionException("Failed to delete trust static NAT rule from public IP " + publicIp + " to private IP " + privateIp);
}
return true;
}

Expand Down Expand Up @@ -2184,6 +2216,7 @@ private String genDestinationNatRuleName(String publicIp, String privateIp, long

private boolean manageDestinationNatRule(SrxCommand command, String publicIp, String privateIp, long srcPort, long destPort) throws ExecutionException {
String ruleName = genDestinationNatRuleName(publicIp, privateIp, srcPort, destPort);
String ruleName_private = ruleName + "p";
String poolName = genDestinationNatPoolName(privateIp, destPort);
String xml;

Expand All @@ -2197,6 +2230,14 @@ private boolean manageDestinationNatRule(SrxCommand command, String publicIp, St
xml = replaceXmlValue(xml, "rule-name", ruleName);
return sendRequestAndCheckResponse(command, xml, "name", ruleName);

case CHECK_PRIVATE_IF_EXISTS:
xml = SrxXml.DEST_NAT_RULE_GETONE.getXml();
xml = setDelete(xml, false);
xml = replaceXmlValue(xml, "rule-set", _privateZone);
xml = replaceXmlValue(xml, "from-zone", _privateZone);
xml = replaceXmlValue(xml, "rule-name", ruleName_private);
return sendRequestAndCheckResponse(command, xml, "name", ruleName_private);

case ADD:
if (manageDestinationNatRule(SrxCommand.CHECK_IF_EXISTS, publicIp, privateIp, srcPort, destPort)) {
return true;
Expand All @@ -2219,6 +2260,20 @@ private boolean manageDestinationNatRule(SrxCommand command, String publicIp, St
throw new ExecutionException("Failed to add destination NAT rule from public IP " + publicIp + ", public port " + srcPort + ", private IP " +
privateIp + ", and private port " + destPort);
} else {
xml = SrxXml.DEST_NAT_RULE_ADD.getXml();
xml = replaceXmlValue(xml, "rule-set", _privateZone);
xml = replaceXmlValue(xml, "from-zone", _privateZone);
xml = replaceXmlValue(xml, "rule-name", ruleName_private);
xml = replaceXmlValue(xml, "public-address", publicIp);
xml = replaceXmlValue(xml, "src-port", String.valueOf(srcPort));
xml = replaceXmlValue(xml, "pool-name", poolName);

if (!sendRequestAndCheckResponse(command, xml))
{
s_logger.debug("Purple: loopback Failed to add " + _privateZone + " destination NAT rule from public IP " + publicIp + ", public port " + srcPort + ", private IP " +
privateIp + ", and private port " + destPort);
}

return true;
}

Expand All @@ -2237,6 +2292,20 @@ private boolean manageDestinationNatRule(SrxCommand command, String publicIp, St
throw new ExecutionException("Failed to delete destination NAT rule from public IP " + publicIp + ", public port " + srcPort + ", private IP " +
privateIp + ", and private port " + destPort);
} else {
if (manageDestinationNatRule(SrxCommand.CHECK_PRIVATE_IF_EXISTS, publicIp, privateIp, srcPort, destPort))
{
xml = SrxXml.DEST_NAT_RULE_GETONE.getXml();
xml = setDelete(xml, true);
xml = replaceXmlValue(xml, "rule-set", _privateZone);
xml = replaceXmlValue(xml, "from-zone", _privateZone);
xml = replaceXmlValue(xml, "rule-name", ruleName_private);

if (!sendRequestAndCheckResponse(command, xml))
{
s_logger.debug("Purple: Failed to delete " + _privateZone + " destination NAT rule from public IP " + publicIp + ", public port " + srcPort + ", private IP " +
privateIp + ", and private port " + destPort);
}
}
return true;
}

Expand Down
Morty Proxy This is a proxified and sanitized view of the page, visit original site.