Updated Protocol named constants
The L3 protocol name constants should be removed from
neutron/plugins/common/constants.py because for instance, there
exists a constant already in neutron/common/constants.py for
tcp - PROTO_NAME_TCP.
Moved out FWaaS specific constants from
neutron.plugins.common.constants to here.
Reference:
https://review.openstack.org/#/c/166879/
(cherry picked from commit d6559ddcd0
)
Change-Id: Ic9dc026f4165c3ea00d472bfb7bd8edaf89ce7c0
This commit is contained in:
parent
96dc29350d
commit
f2da3940a4
|
@ -13,17 +13,17 @@
|
||||||
# License for the specific language governing permissions and limitations
|
# License for the specific language governing permissions and limitations
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
|
|
||||||
from neutron.callbacks import events
|
from neutron.callbacks import events
|
||||||
from neutron.callbacks import registry
|
from neutron.callbacks import registry
|
||||||
from neutron.callbacks import resources
|
from neutron.callbacks import resources
|
||||||
|
from neutron.common import constants
|
||||||
from neutron.db import common_db_mixin as base_db
|
from neutron.db import common_db_mixin as base_db
|
||||||
from neutron.db import model_base
|
from neutron.db import model_base
|
||||||
from neutron.db import models_v2
|
from neutron.db import models_v2
|
||||||
from neutron.extensions import l3
|
from neutron.extensions import l3
|
||||||
from neutron import manager
|
from neutron import manager
|
||||||
from neutron.openstack.common import uuidutils
|
from neutron.openstack.common import uuidutils
|
||||||
from neutron.plugins.common import constants as const
|
from neutron.plugins.common import constants as p_const
|
||||||
from oslo_config import cfg
|
from oslo_config import cfg
|
||||||
from oslo_log import log as logging
|
from oslo_log import log as logging
|
||||||
import sqlalchemy as sa
|
import sqlalchemy as sa
|
||||||
|
@ -277,7 +277,8 @@ class Firewall_db_mixin(fw_ext.FirewallPluginBase, base_db.CommonDbMixin):
|
||||||
|
|
||||||
def _validate_fwr_protocol_parameters(self, fwr):
|
def _validate_fwr_protocol_parameters(self, fwr):
|
||||||
protocol = fwr['protocol']
|
protocol = fwr['protocol']
|
||||||
if protocol not in (const.TCP, const.UDP):
|
if protocol not in (constants.PROTO_NAME_TCP,
|
||||||
|
constants.PROTO_NAME_UDP):
|
||||||
if fwr['source_port'] or fwr['destination_port']:
|
if fwr['source_port'] or fwr['destination_port']:
|
||||||
raise fw_ext.FirewallRuleInvalidICMPParameter(
|
raise fw_ext.FirewallRuleInvalidICMPParameter(
|
||||||
param="Source, destination port")
|
param="Source, destination port")
|
||||||
|
@ -290,8 +291,8 @@ class Firewall_db_mixin(fw_ext.FirewallPluginBase, base_db.CommonDbMixin):
|
||||||
# the introduction of a new 'CREATED' state allows this, whilst
|
# the introduction of a new 'CREATED' state allows this, whilst
|
||||||
# keeping a backward compatible behavior of the logical resource.
|
# keeping a backward compatible behavior of the logical resource.
|
||||||
if not status:
|
if not status:
|
||||||
status = (const.CREATED if cfg.CONF.router_distributed
|
status = (p_const.CREATED if cfg.CONF.router_distributed
|
||||||
else const.PENDING_CREATE)
|
else p_const.PENDING_CREATE)
|
||||||
with context.session.begin(subtransactions=True):
|
with context.session.begin(subtransactions=True):
|
||||||
firewall_db = Firewall(
|
firewall_db = Firewall(
|
||||||
id=uuidutils.generate_uuid(),
|
id=uuidutils.generate_uuid(),
|
||||||
|
@ -564,7 +565,7 @@ def migration_callback(resource, event, trigger, **kwargs):
|
||||||
context = kwargs['context']
|
context = kwargs['context']
|
||||||
router = kwargs['router']
|
router = kwargs['router']
|
||||||
fw_plugin = manager.NeutronManager.get_service_plugins().get(
|
fw_plugin = manager.NeutronManager.get_service_plugins().get(
|
||||||
const.FIREWALL)
|
p_const.FIREWALL)
|
||||||
if fw_plugin:
|
if fw_plugin:
|
||||||
tenant_firewalls = fw_plugin.get_firewalls(
|
tenant_firewalls = fw_plugin.get_firewalls(
|
||||||
context, filters={'tenant_id': [router['tenant_id']]})
|
context, filters={'tenant_id': [router['tenant_id']]})
|
||||||
|
|
|
@ -18,8 +18,9 @@ import abc
|
||||||
from neutron.api import extensions
|
from neutron.api import extensions
|
||||||
from neutron.api.v2 import attributes as attr
|
from neutron.api.v2 import attributes as attr
|
||||||
from neutron.api.v2 import resource_helper
|
from neutron.api.v2 import resource_helper
|
||||||
|
from neutron.common import constants
|
||||||
from neutron.common import exceptions as nexception
|
from neutron.common import exceptions as nexception
|
||||||
from neutron.plugins.common import constants
|
from neutron.plugins.common import constants as p_const
|
||||||
from neutron.services import service_base
|
from neutron.services import service_base
|
||||||
from oslo_config import cfg
|
from oslo_config import cfg
|
||||||
from oslo_log import log as logging
|
from oslo_log import log as logging
|
||||||
|
@ -28,6 +29,10 @@ import six
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
# Firewall rule action
|
||||||
|
FWAAS_ALLOW = "allow"
|
||||||
|
FWAAS_DENY = "deny"
|
||||||
|
|
||||||
|
|
||||||
# Firewall Exceptions
|
# Firewall Exceptions
|
||||||
class FirewallNotFound(nexception.NotFound):
|
class FirewallNotFound(nexception.NotFound):
|
||||||
|
@ -141,8 +146,10 @@ class FirewallRuleConflict(nexception.Conflict):
|
||||||
"another tenant %(tenant_id)s")
|
"another tenant %(tenant_id)s")
|
||||||
|
|
||||||
|
|
||||||
fw_valid_protocol_values = [None, constants.TCP, constants.UDP, constants.ICMP]
|
fw_valid_protocol_values = [None, constants.PROTO_NAME_TCP,
|
||||||
fw_valid_action_values = [constants.FWAAS_ALLOW, constants.FWAAS_DENY]
|
constants.PROTO_NAME_UDP,
|
||||||
|
constants.PROTO_NAME_ICMP]
|
||||||
|
fw_valid_action_values = [FWAAS_ALLOW, FWAAS_DENY]
|
||||||
|
|
||||||
|
|
||||||
def convert_protocol(value):
|
def convert_protocol(value):
|
||||||
|
@ -372,7 +379,7 @@ class Firewall(extensions.ExtensionDescriptor):
|
||||||
'remove_rule': 'PUT'}}
|
'remove_rule': 'PUT'}}
|
||||||
return resource_helper.build_resource_info(plural_mappings,
|
return resource_helper.build_resource_info(plural_mappings,
|
||||||
RESOURCE_ATTRIBUTE_MAP,
|
RESOURCE_ATTRIBUTE_MAP,
|
||||||
constants.FIREWALL,
|
p_const.FIREWALL,
|
||||||
action_map=action_map)
|
action_map=action_map)
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
|
@ -394,10 +401,10 @@ class Firewall(extensions.ExtensionDescriptor):
|
||||||
class FirewallPluginBase(service_base.ServicePluginBase):
|
class FirewallPluginBase(service_base.ServicePluginBase):
|
||||||
|
|
||||||
def get_plugin_name(self):
|
def get_plugin_name(self):
|
||||||
return constants.FIREWALL
|
return p_const.FIREWALL
|
||||||
|
|
||||||
def get_plugin_type(self):
|
def get_plugin_type(self):
|
||||||
return constants.FIREWALL
|
return p_const.FIREWALL
|
||||||
|
|
||||||
def get_plugin_description(self):
|
def get_plugin_description(self):
|
||||||
return 'Firewall service plugin'
|
return 'Firewall service plugin'
|
||||||
|
|
Loading…
Reference in New Issue