cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sheng Yang" <sh...@yasker.org>
Subject Re: Review Request 15050: Add Palo Alto Networks Firewall Integration
Date Wed, 06 Nov 2013 18:09:17 GMT


> On Nov. 6, 2013, 6:08 p.m., Sheng Yang wrote:
> > Ship It!

Committed to MASTER.

Thank you Will!


- Sheng


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/15050/#review28280
-----------------------------------------------------------


On Nov. 6, 2013, 3:42 a.m., Will Stevens wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/15050/
> -----------------------------------------------------------
> 
> (Updated Nov. 6, 2013, 3:42 a.m.)
> 
> 
> Review request for cloudstack and Sheng Yang.
> 
> 
> Bugs: CLOUDSTACK-1275
>     https://issues.apache.org/jira/browse/CLOUDSTACK-1275
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> -------
> 
> More information in the FS: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Palo+Alto+Firewall+Integration
> 
> This patch adds a network plugin which adds support for the Palo Alto Networks firewall
(their appliance and their VM series firewall).
> 
> Features supported are:
> - List/Add/Delete Palo Alto service provider
> - List/Add/Delete Palo Alto network service offering
> - List/Add/Delete Palo Alto network with above service offering
> - Add instance to the new network (creates the public IP and private gateway/cidr on
the PA as well as the source nat rule)
> - List/Add/Delete Ingress Firewall rule
> - List/Add/Delete Egress Firewall rule
> - List/Add/Delete Port Forwarding rule
> - List/Add/Delete Static Nat rule
> - Supports Palo Alto Networks 'Log Forwarding' profile globally per device (additional
docs to come)
> - Supports Palo Alto Networks 'Security Profile Groups' functionality globally per device
(additional docs to come)
> 
> Knowns limitations:
> - Only supports one public IP range in CloudStack.
> - Currently not verifying SSL certificates when creating a connection between CloudStack
and the Palo Alto Networks firewall.
> - Currently not tracking usage on Public IPs.
> 
> 
> Diffs
> -----
> 
>   api/src/com/cloud/network/Network.java bda3326 
>   api/src/org/apache/cloudstack/api/command/admin/network/AddNetworkDeviceCmd.java 4983255

>   api/src/org/apache/cloudstack/api/command/admin/network/ListNetworkDeviceCmd.java 0b7836d

>   api/src/org/apache/cloudstack/network/ExternalNetworkDeviceManager.java 29ce2e3 
>   client/WEB-INF/classes/resources/messages.properties d548527 
>   client/pom.xml 54cb667 
>   client/tomcatconf/commands.properties.in 8cbe972 
>   plugins/network-elements/palo-alto/pom.xml PRE-CREATION 
>   plugins/network-elements/palo-alto/resources/META-INF/cloudstack/paloalto/module.properties
PRE-CREATION 
>   plugins/network-elements/palo-alto/resources/META-INF/cloudstack/paloalto/spring-paloalto-context.xml
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/AddExternalFirewallCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/AddPaloAltoFirewallCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/ConfigurePaloAltoFirewallCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/DeleteExternalFirewallCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/DeletePaloAltoFirewallCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/ListExternalFirewallsCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/ListPaloAltoFirewallNetworksCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/commands/ListPaloAltoFirewallsCmd.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/api/response/PaloAltoFirewallResponse.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/network/element/PaloAltoExternalFirewallElement.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/network/element/PaloAltoFirewallElementService.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/network/resource/PaloAltoResource.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/src/com/cloud/network/utils/HttpClientWrapper.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/test/com/cloud/network/resource/MockablePaloAltoResource.java
PRE-CREATION 
>   plugins/network-elements/palo-alto/test/com/cloud/network/resource/PaloAltoResourceTest.java
PRE-CREATION 
>   plugins/pom.xml 4f193bc 
>   server/src/com/cloud/api/ApiResponseHelper.java 769d345 
>   server/src/com/cloud/configuration/ConfigurationManagerImpl.java e3aa4fa 
>   ui/dictionary.jsp 85f24c6 
>   ui/scripts/docs.js 3a4f8ca 
>   ui/scripts/system.js 1579d16 
> 
> Diff: https://reviews.apache.org/r/15050/diff/
> 
> 
> Testing
> -------
> 
> I have tested all of the functionality listed under 'supported features'.
> 
> Unit tests are in file 24 and 25 of this patch.  The details of the tests can be found
in the functional spec.
> 
> 
> Thanks,
> 
> Will Stevens
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message