Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add distributed firewall for NSX-V VDC #521

Merged
merged 36 commits into from
Mar 14, 2023
Merged

Add distributed firewall for NSX-V VDC #521

merged 36 commits into from
Mar 14, 2023

Conversation

dataclouder
Copy link
Contributor

@dataclouder dataclouder commented Nov 20, 2022
edited
Loading

Functionalities added:

  • Check whether the Distributed Firewall service is enabled;
  • Enable Distributed Firewall service;
  • Remove Distributed Firewall service
  • Retrieve firewall rules
  • Retrieve firewall services and service groups
  • Add and update firewall rules
  • Test for the above

Note 1: as per product specification, this PR only deals with layer 3 firewall rules.

Note 2: Adding and updating rules is the same operation:

  • Both are added using a single PUT operation
  • Every PUT rewrites the whole rule set
  • Rule IDs are not considered when updating. The new rules, as indicated by the user, replace the old ones.
  • The ID of the rules section (a section is either a "level2" or "level3" collection of rules) stays unchanged, unless the firewall is created again.

Giuseppe Maxia added 6 commits November 20, 2022 22:17
@dataclouder dataclouder self-assigned this Nov 28, 2022
Giuseppe Maxia added 21 commits November 30, 2022 08:44
Add update function ( WIP )
51ca090 
Signed-off-by: Giuseppe Maxia <[email protected]>
Merge branch 'main' into distributed-firewall-1
80ce526 
Signed-off-by: Giuseppe Maxia <[email protected]>
Merge branch 'main' into distributed-firewall-1
e7d3bd7 
Signed-off-by: Giuseppe Maxia <[email protected]>
Merge branch 'main' into distributed-firewall-1
c0c735f 
Signed-off-by: Giuseppe Maxia <[email protected]>
Update GetConfiguration
d19c123 
Signed-off-by: Giuseppe Maxia <[email protected]>
Fix definition of source/destination ports
eb20a65 
Each port field can hold either a single number or a range

Signed-off-by: Giuseppe Maxia <[email protected]>
Add a skip for custom API versions
cdba312 
Signed-off-by: Giuseppe Maxia <[email protected]>
Improve check on DFW enablement
68fecc8 
Signed-off-by: Giuseppe Maxia <[email protected]>
Implement IsNsxv for AdminVdc
439e513 
Signed-off-by: Giuseppe Maxia <[email protected]>
Merge branch 'main' into distributed-firewall-1
a39ce55 
Signed-off-by: Giuseppe Maxia <[email protected]>
Add test for AdminVdc.IsNsxt
ce478f4 
Signed-off-by: Giuseppe Maxia <[email protected]>
Finalize function dfw.UpdateConfiguration
4913de6 
Signed-off-by: Giuseppe Maxia <[email protected]>
Add test for firewall update
1a78682 
Signed-off-by: Giuseppe Maxia <[email protected]>
Merge branch 'main' into distributed-firewall-1
87d0981 
Signed-off-by: Giuseppe Maxia <[email protected]>
Fix NsxvDistributedFirewallRule definition
dc025de 
Signed-off-by: Giuseppe Maxia <[email protected]>
Fix intermittent error during removal
1ab4713 
Signed-off-by: Giuseppe Maxia <[email protected]>
Merge branch 'main' into distributed-firewall-1
59dd8a5 
Signed-off-by: Giuseppe Maxia <[email protected]>
Update rule elements constants
e3be1dd 
Signed-off-by: Giuseppe Maxia <[email protected]>
Remove unused code
f51f73f 
Signed-off-by: Giuseppe Maxia <[email protected]>
Add CHANGELOG entry
0eba073 
Signed-off-by: Giuseppe Maxia <[email protected]>
Update Test_NsxvDistributedFirewall
a928e57 
Signed-off-by: Giuseppe Maxia <[email protected]>
@dataclouder dataclouder marked this pull request as ready for review March 5, 2023 17:36
@adambarreiro adambarreiro requested a review from adezxc March 6, 2023 08:38
lvirbalas
lvirbalas approved these changes Mar 6, 2023
View reviewed changes
@dataclouder dataclouder marked this pull request as draft March 6, 2023 12:38
@dataclouder dataclouder marked this pull request as ready for review March 6, 2023 14:09
adezxc
adezxc suggested changes Mar 7, 2023
View reviewed changes
Giuseppe Maxia added 2 commits March 7, 2023 19:42
Fix documentation
6b12c20 
Signed-off-by: Giuseppe Maxia <[email protected]>
Move function buildUrl to api.go
d85560e 
Signed-off-by: Giuseppe Maxia <[email protected]>
Didainius
Didainius reviewed Mar 8, 2023
View reviewed changes
Copy link
Collaborator

@Didainius Didainius left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

First scan

Giuseppe Maxia added 3 commits March 8, 2023 11:25
adambarreiro
adambarreiro approved these changes Mar 9, 2023
View reviewed changes
Copy link
Collaborator

@adambarreiro adambarreiro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Giuseppe Maxia added 2 commits March 10, 2023 12:53
@dataclouder dataclouder merged commit aea05c4 into vmware:main Mar 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adambarreiro adambarreiro adambarreiro approved these changes

@lvirbalas lvirbalas lvirbalas approved these changes

@Didainius Didainius Didainius approved these changes

@adezxc adezxc adezxc approved these changes

Assignees

@dataclouder dataclouder

Labels
cla-not-required
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@dataclouder @adambarreiro @lvirbalas @Didainius @adezxc @vmwclabot