Support for inline SRX/F5.

scripts/network/juniper/access-profile-add.xml

@@ -0,0 +1,20 @@
+<rpc>
+<load-configuration>
+<configuration>
+<access>
+<profile>
+<name>%access-profile-name%</name>
+<client>
+<name>%username%</name>
+<firewall-user>
+<password>%password%</password>
+</firewall-user>
+</client>
+<address-assignment>
+<pool>%address-pool-name%</pool>
+</address-assignment>
+</profile>
+</access>
+</configuration>
+</load-configuration>
+</rpc>

scripts/network/juniper/access-profile-getall.xml

@@ -0,0 +1,10 @@
+<rpc>
+<get-configuration>
+<configuration>
+<access>
+<profile>
+</profile>
+</access>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/access-profile-getone.xml

@@ -0,0 +1,11 @@
+<rpc>
+<get-configuration>
+<configuration>
+<access>
+<profile %delete%>
+<name>%access-profile-name%</name>
+</profile>
+</access>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/address-book-entry-getall.xml

@@ -0,0 +1,15 @@
+<rpc>
+<get-configuration>
+<configuration>
+<security>
+<zones>
+<security-zone>
+<name>%zone%</name>
+<address-book>
+</address-book>
+</security-zone>
+</zones>
+</security>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/address-pool-add.xml

@@ -0,0 +1,26 @@
+<rpc>
+<load-configuration>
+<configuration>
+<access>
+<address-assignment>
+<pool>
+<name>%address-pool-name%</name>
+<family>
+<inet>
+<network>%guest-network-cidr%</network>
+<range>
+<name>%address-range-name%</name>
+<low>%low-address%</low>
+<high>%high-address%</high>
+</range>
+<xauth-attributes>
+<primary-dns>%primary-dns-address%</primary-dns>
+</xauth-attributes>
+</inet>
+</family>
+</pool>
+</address-assignment>
+</access>
+</configuration>
+</load-configuration>
+</rpc>

scripts/network/juniper/address-pool-getall.xml

@@ -0,0 +1,12 @@
+<rpc>
+<get-configuration>
+<configuration>
+<access>
+<address-assignment>
+<pool>
+</pool>
+</address-assignment>
+</access>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/address-pool-getone.xml

@@ -0,0 +1,13 @@
+<rpc>
+<get-configuration>
+<configuration>
+<access>
+<address-assignment>
+<pool %delete%>
+<name>%address-pool-name%</name>
+</pool>
+</address-assignment>
+</access>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/dynamic-vpn-client-add.xml

@@ -0,0 +1,29 @@
+<rpc>
+<load-configuration>
+<configuration>
+<security>
+<dynamic-vpn>
+<clients>
+<name>%client-name%</name>
+<remote-protected-resources>
+<name>%guest-network-cidr%</name>
+</remote-protected-resources>
+<remote-exceptions>
+<name>0.0.0.0/0</name>
+</remote-exceptions>
+<remote-exceptions>
+<name>0.0.0.0/32</name>
+</remote-exceptions>
+<remote-exceptions>
+<name>1.1.1.1/24</name>
+</remote-exceptions>
+<ipsec-vpn>%ipsec-vpn-name%</ipsec-vpn>
+<user>
+<name>%username%</name>
+</user>
+</clients>
+</dynamic-vpn>
+</security>
+</configuration>
+</load-configuration>
+</rpc>

scripts/network/juniper/dynamic-vpn-client-getall.xml

@@ -0,0 +1,12 @@
+<rpc>
+<get-configuration>
+<configuration>
+<security>
+<dynamic-vpn>
+<clients>
+</clients>
+</dynamic-vpn>
+</security>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/dynamic-vpn-client-getone.xml

@@ -0,0 +1,13 @@
+<rpc>
+<get-configuration>
+<configuration>
+<security>
+<dynamic-vpn>
+<clients %delete%>
+<name>%client-name%</name>
+</clients>
+</dynamic-vpn>
+</security>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/ike-gateway-add.xml

@@ -0,0 +1,21 @@
+<rpc>
+<load-configuration>
+<configuration>
+<security>
+<ike>
+<gateway>
+<name>%gateway-name%</name>
+<ike-policy>%ike-policy-name%</ike-policy>
+<dynamic>
+<hostname>%ike-gateway-hostname%</hostname>
+</dynamic>
+<external-interface>%public-interface-name%</external-interface>
+<xauth>
+<access-profile>%access-profile-name%</access-profile>
+</xauth>
+</gateway>
+</ike>
+</security>
+</configuration>
+</load-configuration>
+</rpc>

scripts/network/juniper/ike-gateway-getall.xml

@@ -0,0 +1,12 @@
+<rpc>
+<get-configuration>
+<configuration>
+<security>
+<ike>
+<gateway>
+</gateway>
+</ike>
+</security>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/ike-gateway-getone.xml

@@ -0,0 +1,13 @@
+<rpc>
+<get-configuration>
+<configuration>
+<security>
+<ike>
+<gateway %delete%>
+<name>%gateway-name%</name>
+</gateway>
+</ike>
+</security>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/ike-policy-add.xml

@@ -0,0 +1,18 @@
+<rpc>
+<load-configuration>
+<configuration>
+<security>
+<ike>
+<policy>
+<name>%policy-name%</name>
+<mode>aggressive</mode>
+<proposals>%proposal-name%</proposals>
+<pre-shared-key>
+<ascii-text>%pre-shared-key%</ascii-text>
+</pre-shared-key>
+</policy>
+</ike>
+</security>
+</configuration>
+</load-configuration>
+</rpc>

scripts/network/juniper/ike-policy-getall.xml

@@ -0,0 +1,12 @@
+<rpc>
+<get-configuration>
+<configuration>
+<security>
+<ike>
+<policy>
+</policy>
+</ike>
+</security>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/ike-policy-getone.xml

@@ -0,0 +1,13 @@
+<rpc>
+<get-configuration>
+<configuration>
+<security>
+<ike>
+<policy %delete%>
+<name>%policy-name%</name>
+</policy>
+</ike>
+</security>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/ipsec-vpn-add.xml

@@ -0,0 +1,18 @@
+<rpc>
+<load-configuration>
+<configuration>
+<security>
+<ipsec>
+<vpn>
+<name>%ipsec-vpn-name%</name>
+<ike>
+<gateway>%ike-gateway%</gateway>
+<ipsec-policy>%ipsec-policy-name%</ipsec-policy>
+</ike>
+<establish-tunnels>on-traffic</establish-tunnels>
+</vpn>
+</ipsec>
+</security>
+</configuration>
+</load-configuration>
+</rpc>

scripts/network/juniper/ipsec-vpn-getall.xml

@@ -0,0 +1,12 @@
+<rpc>
+<get-configuration>
+<configuration>
+<security>
+<ipsec>
+<vpn>
+</vpn>
+</ipsec>
+</security>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/ipsec-vpn-getone.xml

@@ -0,0 +1,13 @@
+<rpc>
+<get-configuration>
+<configuration>
+<security>
+<ipsec>
+<vpn %delete%>
+<name>%ipsec-vpn-name%</name>
+</vpn>
+</ipsec>
+</security>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/private-interface-getall.xml

@@ -0,0 +1,11 @@
+<rpc>
+<get-configuration>
+<configuration>
+<interfaces>
+<interface>
+<name>%private-interface-name%</name>
+</interface>
+</interfaces>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/proxy-arp-getall.xml

@@ -0,0 +1,13 @@
+<rpc>
+<get-configuration>
+<configuration>
+<security>        
+<nat>            
+<proxy-arp>           
+%interface-name%               
+</proxy-arp>        
+</nat>    
+</security>
+</configuration>
+</get-configuration>
+</rpc>

scripts/network/juniper/security-policy-rename.xml

@@ -0,0 +1,17 @@
+<rpc>
+<load-configuration>
+<configuration>
+<security>
+<policies>
+<policy>
+<from-zone-name>%from-zone%</from-zone-name>
+<to-zone-name>%to-zone%</to-zone-name>
+<policy rename="rename" name="%new-policy-name%">
+<name>%policy-name%</name>
+</policy>
+</policy>
+</policies>
+</security>
+</configuration>
+</load-configuration>
+</rpc>

server/src/com/cloud/network/InlineLoadBalancerNicMapVO.java

@@ -0,0 +1,68 @@
+/**
+ *  Copyright (C) 2010 Cloud.com, Inc.  All rights reserved.
+ * 
+ * This software is licensed under the GNU General Public License v3 or later.
+ * 
+ * It is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ * 
+ */
+
+package com.cloud.network;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.Table;
+
+@Entity
+@Table(name=("inline_load_balancer_nic_map"))
+public class InlineLoadBalancerNicMapVO {
+    @Id
+    @GeneratedValue(strategy=GenerationType.IDENTITY)
+    @Column(name="id")
+    private long id;
+
+    @Column(name="load_balancer_id")
+    private long loadBalancerId;
+    
+    @Column(name="public_ip_address")
+    private String publicIpAddress;
+
+    @Column(name="nic_id")
+    private long nicId;
+
+    public InlineLoadBalancerNicMapVO() { }
+
+    public InlineLoadBalancerNicMapVO(long loadBalancerId, String publicIpAddress, long nicId) {
+        this.loadBalancerId = loadBalancerId;
+        this.publicIpAddress = publicIpAddress;
+        this.nicId = nicId;
+    }
+
+    public long getId() {
+        return id;
+    }
+
+    public long getLoadBalancerId() {
+        return loadBalancerId;
+    }
+    
+    public String getPublicIpAddress() {
+    	return publicIpAddress;
+    }
+
+    public long getNicId() {
+    	return nicId;
+    }
+}

server/src/com/cloud/network/dao/InlineLoadBalancerNicMapDao.java

@@ -0,0 +1,27 @@
+/**
+ *  Copyright (C) 2010 Cloud.com, Inc.  All rights reserved.
+ * 
+ * This software is licensed under the GNU General Public License v3 or later.
+ * 
+ * It is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ * 
+ */
+
+package com.cloud.network.dao;
+
+import com.cloud.network.InlineLoadBalancerNicMapVO;
+import com.cloud.utils.db.GenericDao;
+
+public interface InlineLoadBalancerNicMapDao extends GenericDao<InlineLoadBalancerNicMapVO, Long> {
+	InlineLoadBalancerNicMapVO findByPublicIpAddress(String publicIpAddress);
+	InlineLoadBalancerNicMapVO findByNicId(long nicId);
+}

server/src/com/cloud/network/dao/InlineLoadBalancerNicMapDaoImpl.java

@@ -0,0 +1,46 @@
+/**
+ *  Copyright (C) 2010 Cloud.com, Inc.  All rights reserved.
+ * 
+ * This software is licensed under the GNU General Public License v3 or later.
+ * 
+ * It is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ * 
+ */
+
+package com.cloud.network.dao;
+
+import javax.ejb.Local;
+
+import com.cloud.network.InlineLoadBalancerNicMapVO;
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchCriteria;
+
+@Local(value={InlineLoadBalancerNicMapDao.class})
+public class InlineLoadBalancerNicMapDaoImpl extends GenericDaoBase<InlineLoadBalancerNicMapVO, Long> implements InlineLoadBalancerNicMapDao {
+
+    @Override
+    public InlineLoadBalancerNicMapVO findByPublicIpAddress(String publicIpAddress) {
+        SearchCriteria<InlineLoadBalancerNicMapVO> sc = createSearchCriteria();
+        sc.addAnd("publicIpAddress", SearchCriteria.Op.EQ, publicIpAddress);
+
+        return findOneBy(sc);
+    }
+    
+    @Override
+    public InlineLoadBalancerNicMapVO findByNicId(long nicId) {
+    	SearchCriteria<InlineLoadBalancerNicMapVO> sc = createSearchCriteria();
+    	sc.addAnd("nicId", SearchCriteria.Op.EQ, nicId);
+    	
+    	return findOneBy(sc);
+    }
+    
+}