cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Will Stevens" <wstev...@cloudops.com>
Subject Re: Review Request 15050: Add Palo Alto Networks Firewall Integration
Date Thu, 31 Oct 2013 20:45:13 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/15050/
-----------------------------------------------------------

(Updated Oct. 31, 2013, 8:45 p.m.)


Review request for cloudstack and Sheng Yang.


Changes
-------

Turned off the detailed unit test logging by default.  Fixed a couple issues I thought had
gotten in the original patch.


Bugs: CLOUDSTACK-1275
    https://issues.apache.org/jira/browse/CLOUDSTACK-1275


Repository: cloudstack-git


Description
-------

More information in the FS: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Palo+Alto+Firewall+Integration

This patch adds a network plugin which adds support for the Palo Alto Networks firewall (their
appliance and their VM series firewall).

Features supported are:
- List/Add/Delete Palo Alto service provider
- List/Add/Delete Palo Alto network service offering
- List/Add/Delete Palo Alto network with above service offering
- Add instance to the new network (creates the public IP and private gateway/cidr on the PA
as well as the source nat rule)
- List/Add/Delete Ingress Firewall rule
- List/Add/Delete Egress Firewall rule
- List/Add/Delete Port Forwarding rule
- List/Add/Delete Static Nat rule
- Supports Palo Alto Networks 'Log Forwarding' profile globally per device (additional docs
to come)
- Supports Palo Alto Networks 'Security Profile Groups' functionality globally per device
(additional docs to come)

Knowns limitations:
- Only supports one public IP range in CloudStack.
- Currently not verifying SSL certificates when creating a connection between CloudStack and
the Palo Alto Networks firewall.
- Currently not tracking usage on Public IPs.


Diffs (updated)
-----

  api/src/com/cloud/network/Network.java 49f380b 
  api/src/org/apache/cloudstack/api/command/admin/network/AddNetworkDeviceCmd.java 4983255

  api/src/org/apache/cloudstack/api/command/admin/network/ListNetworkDeviceCmd.java 0b7836d

  api/src/org/apache/cloudstack/network/ExternalNetworkDeviceManager.java 29ce2e3 
  client/WEB-INF/classes/resources/messages.properties c075bf8 
  client/pom.xml fd1f13a 
  client/tomcatconf/commands.properties.in 96e841a 
  client/tomcatconf/nonossComponentContext.xml.in 0502bbc 
  plugins/network-elements/palo-alto/pom.xml PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/api/commands/AddExternalFirewallCmd.java
PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/api/commands/AddPaloAltoFirewallCmd.java
PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/api/commands/ConfigurePaloAltoFirewallCmd.java
PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/api/commands/DeleteExternalFirewallCmd.java
PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/api/commands/DeletePaloAltoFirewallCmd.java
PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/api/commands/ListExternalFirewallsCmd.java
PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/api/commands/ListPaloAltoFirewallNetworksCmd.java
PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/api/commands/ListPaloAltoFirewallsCmd.java
PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/api/response/PaloAltoFirewallResponse.java
PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/network/element/PaloAltoExternalFirewallElement.java
PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/network/element/PaloAltoFirewallElementService.java
PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/network/resource/PaloAltoResource.java
PRE-CREATION 
  plugins/network-elements/palo-alto/src/com/cloud/network/utils/HttpClientWrapper.java PRE-CREATION

  plugins/network-elements/palo-alto/test/com/cloud/network/resource/MockablePaloAltoResource.java
PRE-CREATION 
  plugins/network-elements/palo-alto/test/com/cloud/network/resource/PaloAltoResourceTest.java
PRE-CREATION 
  plugins/pom.xml ca41dff 
  server/src/com/cloud/api/ApiResponseHelper.java f4ca112 
  server/src/com/cloud/configuration/ConfigurationManagerImpl.java 4fda3b1 
  ui/dictionary.jsp 80aab6f 
  ui/scripts/docs.js 3a4f8ca 
  ui/scripts/system.js 0af3952 

Diff: https://reviews.apache.org/r/15050/diff/


Testing
-------

I have tested all of the functionality listed under 'supported features'.


Thanks,

Will Stevens


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message