Add match_ports argument while adding NAT rule

While adding NAT rules, if match_ports argument is set, add a match_service parameter in the the request body to match the service type, protocol and port for the corresponding rule. Also add support to delete nat rules by using internal IP only. Change-Id: I7c3f37bfea6c9f348d966e3f97e9f3b141bdfad3
2017-01-08 21:30:45 -08:00 · 2017-01-08 21:30:45 -08:00 · 6b99e7693a
commit 6b99e7693a
parent 4ce55c8608
2 changed files with 23 additions and 3 deletions
--- a/vmware_nsxlib/v3/init.py
+++ b/vmware_nsxlib/v3/init.py
@ -353,7 +353,9 @@ class NsxLibLogicalRouter(utils.NsxLibApiBase):

    def add_nat_rule(self, logical_router_id, action, translated_network,
                     source_net=None, dest_net=None,
-                     enabled=True, rule_priority=None):
+                     enabled=True, rule_priority=None,
+                     match_ports=None, match_protocol=None,
+                     match_resource_type=None):
        resource = 'logical-routers/%s/nat/rules' % logical_router_id
        body = {'action': action,
                'enabled': enabled,
@ -364,6 +366,12 @@ class NsxLibLogicalRouter(utils.NsxLibApiBase):
            body['match_destination_network'] = dest_net
        if rule_priority:
            body['rule_priority'] = rule_priority
+        if match_ports is not None:
+            body['match_service'] = {
+                'resource_type': (match_resource_type or
+                                  nsx_constants.L4_PORT_SET_NSSERVICE),
+                'destination_ports': match_ports,
+                'l4_protocol': match_protocol or nsx_constants.TCP}
        return self.client.create(resource, body)

    def add_static_route(self, logical_router_id, dest_cidr, nexthop):
--- a/vmware_nsxlib/v3/router.py
+++ b/vmware_nsxlib/v3/router.py
@ -158,7 +158,8 @@ class RouterLib(object):
            return self._router_port_client.update(
                port['id'], subnets=address_groups)

-    def add_fip_nat_rules(self, logical_router_id, ext_ip, int_ip):
+    def add_fip_nat_rules(self, logical_router_id, ext_ip, int_ip,
+                          match_ports=None):
        self.nsxlib.logical_router.add_nat_rule(
            logical_router_id, action="SNAT",
            translated_network=ext_ip,
@ -168,7 +169,18 @@ class RouterLib(object):
            logical_router_id, action="DNAT",
            translated_network=int_ip,
            dest_net=ext_ip,
-            rule_priority=FIP_NAT_PRI)
+            rule_priority=FIP_NAT_PRI,
+            match_ports=match_ports or [])
+
+    def delete_fip_nat_rules_by_internal_ip(self, logical_router_id, int_ip):
+        self.nsxlib.logical_router.delete_nat_rule_by_values(
+            logical_router_id,
+            action="SNAT",
+            match_source_network=int_ip)
+        self.nsxlib.logical_router.delete_nat_rule_by_values(
+            logical_router_id,
+            action="DNAT",
+            translated_network=int_ip)

    def delete_fip_nat_rules(self, logical_router_id, ext_ip, int_ip):
        self.nsxlib.logical_router.delete_nat_rule_by_values(