cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sheng Yang" <sh...@yasker.org>
Subject Re: Review Request 15050: Add Palo Alto Networks Firewall Integration
Date Mon, 04 Nov 2013 22:44:22 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/15050/#review28146
-----------------------------------------------------------


Hi Will,

I think you need to rebase the patch to the latest MASTER, the current patch cannot apply
to MASTER now.

Also, you can add description to the patch(e.g. the description you added in the review board)

- Sheng Yang


On Nov. 1, 2013, 9:10 p.m., Will Stevens wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/15050/
> -----------------------------------------------------------
> 
> (Updated Nov. 1, 2013, 9:10 p.m.)
> 
> 
> Review request for cloudstack and Sheng Yang.
> 
> 
> Bugs: CLOUDSTACK-1275
>     https://issues.apache.org/jira/browse/CLOUDSTACK-1275
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> -------
> 
> More information in the FS: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Palo+Alto+Firewall+Integration
> 
> This patch adds a network plugin which adds support for the Palo Alto Networks firewall
(their appliance and their VM series firewall).
> 
> Features supported are:
> - List/Add/Delete Palo Alto service provider
> - List/Add/Delete Palo Alto network service offering
> - List/Add/Delete Palo Alto network with above service offering
> - Add instance to the new network (creates the public IP and private gateway/cidr on
the PA as well as the source nat rule)
> - List/Add/Delete Ingress Firewall rule
> - List/Add/Delete Egress Firewall rule
> - List/Add/Delete Port Forwarding rule
> - List/Add/Delete Static Nat rule
> - Supports Palo Alto Networks 'Log Forwarding' profile globally per device (additional
docs to come)
> - Supports Palo Alto Networks 'Security Profile Groups' functionality globally per device
(additional docs to come)
> 
> Knowns limitations:
> - Only supports one public IP range in CloudStack.
> - Currently not verifying SSL certificates when creating a connection between CloudStack
and the Palo Alto Networks firewall.
> - Currently not tracking usage on Public IPs.
> 
> 
> Diffs
> -----
> 
>   api/src/com/cloud/network/Network.java 49f380b 
>   api/src/org/apache/cloudstack/api/command/admin/network/AddNetworkDeviceCmd.java 4983255

>   api/src/org/apache/cloudstack/api/command/admin/network/ListNetworkDeviceCmd.java 0b7836d

>   api/src/org/apache/cloudstack/network/ExternalNetworkDeviceManager.java 29ce2e3 
>   client/WEB-INF/classes/resources/messages.properties c075bf8 
>   client/pom.xml fd1f13a 
>   client/tomcatconf/commands.properties.in 96e841a 
>   client/tomcatconf/nonossComponentContext.xml.in 0502bbc 
>   plugins/network-elements/palo-alto/pom.xml PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/AddExternalFirewallCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/AddPaloAltoFirewallCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/ConfigurePaloAltoFirewallCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/DeleteExternalFirewallCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/DeletePaloAltoFirewallCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/ListExternalFirewallsCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/ListPaloAltoFirewallNetworksCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/ListPaloAltoFirewallsCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/response/PaloAltoFirewallResponse.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/network/element/PaloAltoExternalFirewallElement.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/network/element/PaloAltoFirewallElementService.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/network/resource/PaloAltoResource.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/network/utils/HttpClientWrapper.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/test/com/cloud/network/resource/MockablePaloAltoResource.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/test/com/cloud/network/resource/PaloAltoResourceTest.java
PRE-CREATION 
>   plugins/pom.xml ca41dff 
>   server/src/com/cloud/api/ApiResponseHelper.java f4ca112 
>   server/src/com/cloud/configuration/ConfigurationManagerImpl.java 4fda3b1 
>   ui/dictionary.jsp 80aab6f 
>   ui/scripts/docs.js 3a4f8ca 
>   ui/scripts/system.js 0af3952 
> 
> Diff: https://reviews.apache.org/r/15050/diff/
> 
> 
> Testing
> -------
> 
> I have tested all of the functionality listed under 'supported features'.
> 
> Unit tests are in file 24 and 25 of this patch.  The details of the tests can be found
in the functional spec.
> 
> 
> Thanks,
> 
> Will Stevens
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message