-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/15050/
-----------------------------------------------------------
Review request for cloudstack and Sheng Yang.
Bugs: CLOUDSTACK-1275
https://issues.apache.org/jira/browse/CLOUDSTACK-1275
Repository: cloudstack-git
Description
-------
More information in the FS:
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Palo+Alto+Firewall+Integration
This patch adds a network plugin which adds support for the Palo Alto Networks
firewall (their appliance and their VM series firewall).
Features supported are:
- List/Add/Delete Palo Alto service provider
- List/Add/Delete Palo Alto network service offering
- List/Add/Delete Palo Alto network with above service offering
- Add instance to the new network (creates the public IP and private
gateway/cidr on the PA as well as the source nat rule)
- List/Add/Delete Ingress Firewall rule
- List/Add/Delete Egress Firewall rule
- List/Add/Delete Port Forwarding rule
- List/Add/Delete Static Nat rule
- Supports Palo Alto Networks 'Log Forwarding' profile globally per device
(additional docs to come)
- Supports Palo Alto Networks 'Security Profile Groups' functionality globally
per device (additional docs to come)
Knowns limitations:
- Only supports one public IP range in CloudStack.
- Currently not verifying SSL certificates when creating a connection between
CloudStack and the Palo Alto Networks firewall.
- Currently not tracking usage on Public IPs.
Diffs
-----
api/src/com/cloud/network/Network.java 49f380b
api/src/org/apache/cloudstack/api/command/admin/network/AddNetworkDeviceCmd.java
4983255
api/src/org/apache/cloudstack/api/command/admin/network/ListNetworkDeviceCmd.java
0b7836d
api/src/org/apache/cloudstack/network/ExternalNetworkDeviceManager.java
29ce2e3
client/WEB-INF/classes/resources/messages.properties c075bf8
client/pom.xml fd1f13a
client/tomcatconf/commands.properties.in 96e841a
client/tomcatconf/nonossComponentContext.xml.in 0502bbc
plugins/network-elements/palo-alto/pom.xml PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/api/commands/AddExternalFirewallCmd.java
PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/api/commands/AddPaloAltoFirewallCmd.java
PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/api/commands/ConfigurePaloAltoFirewallCmd.java
PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/api/commands/DeleteExternalFirewallCmd.java
PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/api/commands/DeletePaloAltoFirewallCmd.java
PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/api/commands/ListExternalFirewallsCmd.java
PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/api/commands/ListPaloAltoFirewallNetworksCmd.java
PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/api/commands/ListPaloAltoFirewallsCmd.java
PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/api/response/PaloAltoFirewallResponse.java
PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/network/element/PaloAltoExternalFirewallElement.java
PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/network/element/PaloAltoFirewallElementService.java
PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/network/resource/PaloAltoResource.java
PRE-CREATION
plugins/network-elements/palo-alto/src/com/cloud/network/utils/HttpClientWrapper.java
PRE-CREATION
plugins/network-elements/palo-alto/test/com/cloud/network/resource/MockablePaloAltoResource.java
PRE-CREATION
plugins/network-elements/palo-alto/test/com/cloud/network/resource/PaloAltoResourceTest.java
PRE-CREATION
plugins/pom.xml ca41dff
server/src/com/cloud/api/ApiResponseHelper.java f4ca112
server/src/com/cloud/configuration/ConfigurationManagerImpl.java 4fda3b1
ui/dictionary.jsp 80aab6f
ui/scripts/docs.js 3a4f8ca
ui/scripts/system.js 0af3952
Diff: https://reviews.apache.org/r/15050/diff/
Testing
-------
I have tested all of the functionality listed under 'supported features'.
Thanks,
Will Stevens
