Class: Fog::Compute::OracleCloud::SecurityList

Inherits:
Model
  • Object
show all
Defined in:
lib/fog/oraclecloud/models/compute/security_list.rb

Instance Method Summary collapse

Instance Method Details

#add_rule(port, list, rule_name = nil) ⇒ Object 



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
 
# File 'lib/fog/oraclecloud/models/compute/security_list.rb', line 37

def add_rule (port, list, rule_name=nil) 
  if !rule_name then rule_name = "#{name}_#{port}_#{list}" end
  if port.is_a? Numeric then
    # See if it's a public port
    secapps = Fog::Compute[:oraclecloud].security_applications.all_public
    public_app = secapps.detect { |app| 
      Float(app.dport || 0) == port }
    if public_app then
      secapp = public_app.name
    else
      begin
        custom_app = Fog::Compute[:oraclecloud].security_applications.get("#{name}_#{port}")
      rescue Fog::Compute::OracleCloud::NotFound   

      # Create custom security application
      custom_app = Fog::Compute[:oraclecloud].security_applications.create(
        :name => "#{name}_#{port}",
        :protocol => 'tcp',
        :dport => port
      )
    end
      secapp = custom_app.name
    end
  else
    # They want to use a named security application
    # TODO: Add support for user created security apps
    secapp = '/oracle/public/' + port
  end
  block = /\d{,2}|1\d{2}|2[0-4]\d|25[0-5]/
          re = /\A#{block}\.#{block}\.#{block}\.#{block}\z/

  if re =~ list then 
    # They sent an ip address. Create new security ip list
    # Check if it exists already (assume this has been run before)
    begin
      seclist = Fog::Compute[:oraclecloud].security_ip_lists.get("#{name}_#{list}")
    rescue Fog::Compute::OracleCloud::NotFound    
    Fog::Logger.debug "Creating Security IP List for #{list}"
    seclist = Fog::Compute[:oraclecloud].security_ip_lists.create(
      :name => "#{name}_#{list}",
      :secipentries => [list]
    )
  end
            list_name = "seciplist:#{name}_#{list}"           
  else
    list_name = list
  end
  begin
    rule = Fog::Compute[:oraclecloud].security_rules.get(rule_name)
  rescue Fog::Compute::OracleCloud::NotFound   
  Fog::Logger.debug "Creating Security Rule for #{list_name} to #{name} (app:#{port})"
  rule = Fog::Compute[:oraclecloud].security_rules.create(
    :application => secapp,
    :name => rule_name,
    :src_list => list_name,
    :dst_list => "seclist:#{name}" 
  ) 
 end
 rule
end

#createObject 



24
25
26
27
28
29
30
 
# File 'lib/fog/oraclecloud/models/compute/security_list.rb', line 24

def create
  requires :name
  
  data = service.create_security_list(name, description, policy, outbound_cidr_policy)
  merge_attributes(data.body)

end

#destroyObject 



32
33
34
35
 
# File 'lib/fog/oraclecloud/models/compute/security_list.rb', line 32

def destroy
  requires :name
  service.delete_security_list(name)
end

#saveObject 



19
20
21
22
 
# File 'lib/fog/oraclecloud/models/compute/security_list.rb', line 19

def save
  #identity ? update : create
  create
end