VPN policy rules update

The NSX policy rules changed on the nSX.
The session rules will always be 'protect' rules,
and bypass rules were added to the vpn service.

Change-Id: I2dbf54544e7b49b828c5372f792e55fb1bd19d7c

vmware_nsxlib/v3/vpn_ipsec.py

@@ -109,11 +109,6 @@ class IkeLogLevelTypes(object):
     LOG_LEVEL_ERROR = 'ERROR'
 
 
-class PolicyRuleActionTypes(object):
-    POLICY_RULE_ACTION_BYPASS = 'BYPASS'
-    POLICY_RULE_ACTION_PROTECT = 'PROTECT'
-
-
 class IkeProfile(utils.NsxLibApiBase):
 
     @property
@@ -386,14 +381,12 @@ class Session(utils.NsxLibApiBase):
             body['tags'] = tags
         return self.client.create(self.get_path(), body=body)
 
-    def get_rule_obj(self, sources, destinations,
+    def get_rule_obj(self, sources, destinations):
-                     action=PolicyRuleActionTypes.POLICY_RULE_ACTION_PROTECT):
         src_subnets = [{'subnet': src} for src in sources]
         dst_subnets = [{'subnet': dst} for dst in destinations]
         return {
             'sources': src_subnets,
-            'destinations': dst_subnets,
+            'destinations': dst_subnets
-            'action': action
         }
 
     def update(self, uuid, name=None, description=None, policy_rules=None,
@@ -422,7 +415,7 @@ class Service(utils.NsxLibApiBase):
 
     def create(self, name, logical_router_id,
                enabled=True, ike_log_level="ERROR",
-               tags=None):
+               tags=None, bypass_rules=None):
 
         # mandatory parameters
         body = {'display_name': name,
@@ -434,6 +427,8 @@ class Service(utils.NsxLibApiBase):
             body['enabled'] = enabled
         if tags:
             body['tags'] = tags
+        if bypass_rules:
+            body['bypass_rules'] = bypass_rules
         return self.client.create(self.get_path(), body=body)