NSXv3: Add support for firewall exclude list API

Change-Id: I49935f818b8425d9e146daf5db0d26cc057d3385
2016-12-01 06:25:53 -08:00 · 2016-12-01 06:25:53 -08:00 · 69bd8f3158
parent 1471251c67
commit 69bd8f3158
2 changed files with 19 additions and 0 deletions
--- a/vmware_nsxlib/v3/nsx_constants.py
+++ b/vmware_nsxlib/v3/nsx_constants.py
@ -48,6 +48,7 @@ SERVICE_DHCP = "dhcp"
 NSGROUP = 'NSGroup'
 NSGROUP_SIMPLE_EXP = 'NSGroupSimpleExpression'
 NSGROUP_TAG_EXP = 'NSGroupTagExpression'
+EXCLUDE_PORT = 'Exclude-Port'

 # Firewall rule position
 FW_INSERT_BEFORE = 'insert_before'
--- a/vmware_nsxlib/v3/security.py
+++ b/vmware_nsxlib/v3/security.py
@ -201,9 +201,27 @@ class NsxLibNsGroup(utils.NsxLibApiBase):
            LOG.debug("NSGroup %s does not exists for delete request.",
                      nsgroup_id)

+    def find_by_display_name(self, display_name):
+        found = []
+        for resource in self.list():
+            if resource['display_name'] == display_name:
+                found.append(resource)
+        return found
+

 class NsxLibFirewallSection(utils.NsxLibApiBase):

+    def add_member_to_fw_exclude_list(self, target_id):
+        resource = 'firewall/excludelist?action=add_member'
+        body = {"target_id": target_id,
+                "target_type": consts.TARGET_TYPE_LOGICAL_PORT}
+        self.client.create(resource, body)
+
+    def remove_member_from_fw_exclude_list(self, target_id, target_type):
+        resource = ('firewall/excludelist?action=remove_member&object_id='
+                    + target_id)
+        self.client.create(resource)
+
    def _get_direction(self, sg_rule):
        return (
            consts.IN if sg_rule['direction'] == 'ingress'