icontrol 0.3.1 → 0.3.2
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/icontrol/arx.rb +38 -8
- data/lib/icontrol/arx/api.rb +1 -0
- data/lib/icontrol/arx/chassis.rb +11 -0
- data/lib/icontrol/arx/export.rb +4 -1
- data/lib/icontrol/arx/file_change_notification.rb +25 -4
- data/lib/icontrol/arx/file_server.rb +2 -0
- data/lib/icontrol/arx/namespace.rb +2 -0
- data/lib/icontrol/arx/network.rb +3 -0
- data/lib/icontrol/arx/policy.rb +3 -0
- data/lib/icontrol/arx/share.rb +2 -0
- data/lib/icontrol/arx/virtual_service.rb +3 -0
- data/lib/icontrol/arx/volume.rb +2 -0
- data/lib/icontrol/asm.rb +18 -3
- data/lib/icontrol/asm/object_params.rb +12 -6
- data/lib/icontrol/asm/policy.rb +118 -79
- data/lib/icontrol/asm/system_configuration.rb +27 -19
- data/lib/icontrol/asm/web_application.rb +74 -52
- data/lib/icontrol/asm/web_application_group.rb +33 -24
- data/lib/icontrol/base.rb +1 -0
- data/lib/icontrol/base/exception.rb +1 -0
- data/lib/icontrol/base/icontrol/local_lb/pool.rb +7 -0
- data/lib/icontrol/base/icontrol_overlay.rb +6 -0
- data/lib/icontrol/base/predeclarations.rb +5 -4
- data/lib/icontrol/base/struct.rb +6 -2
- data/lib/icontrol/common.rb +55 -4
- data/lib/icontrol/global_lb.rb +22 -3
- data/lib/icontrol/global_lb/application.rb +63 -44
- data/lib/icontrol/global_lb/data_center.rb +82 -58
- data/lib/icontrol/global_lb/dnssec_key.rb +152 -90
- data/lib/icontrol/global_lb/dnssec_zone.rb +55 -35
- data/lib/icontrol/global_lb/globals.rb +662 -430
- data/lib/icontrol/global_lb/link.rb +181 -131
- data/lib/icontrol/global_lb/monitor.rb +174 -104
- data/lib/icontrol/global_lb/pool.rb +290 -203
- data/lib/icontrol/global_lb/pool_member.rb +118 -71
- data/lib/icontrol/global_lb/region.rb +37 -25
- data/lib/icontrol/global_lb/rule.rb +53 -37
- data/lib/icontrol/global_lb/server.rb +176 -124
- data/lib/icontrol/global_lb/topology.rb +41 -27
- data/lib/icontrol/global_lb/virtual_server.rb +118 -84
- data/lib/icontrol/global_lb/wide_ip.rb +168 -117
- data/lib/icontrol/local_lb.rb +81 -10
- data/lib/icontrol/local_lb/klass.rb +233 -153
- data/lib/icontrol/local_lb/monitor.rb +158 -96
- data/lib/icontrol/local_lb/nat.rb +74 -52
- data/lib/icontrol/local_lb/node_address.rb +123 -86
- data/lib/icontrol/local_lb/pool.rb +229 -164
- data/lib/icontrol/local_lb/pool_member.rb +134 -76
- data/lib/icontrol/local_lb/profile_auth.rb +103 -75
- data/lib/icontrol/local_lb/profile_client_ssl.rb +284 -201
- data/lib/icontrol/local_lb/profile_diameter.rb +113 -71
- data/lib/icontrol/local_lb/profile_dns.rb +65 -46
- data/lib/icontrol/local_lb/profile_fast_http.rb +265 -178
- data/lib/icontrol/local_lb/profile_fast_l4.rb +283 -194
- data/lib/icontrol/local_lb/profile_ftp.rb +81 -58
- data/lib/icontrol/local_lb/profile_http.rb +701 -433
- data/lib/icontrol/local_lb/profile_http_class.rb +169 -121
- data/lib/icontrol/local_lb/profile_iiop.rb +87 -63
- data/lib/icontrol/local_lb/profile_one_connect.rb +99 -71
- data/lib/icontrol/local_lb/profile_persistence.rb +326 -203
- data/lib/icontrol/local_lb/profile_radius.rb +94 -62
- data/lib/icontrol/local_lb/profile_rtsp.rb +207 -129
- data/lib/icontrol/local_lb/profile_sctp.rb +231 -167
- data/lib/icontrol/local_lb/profile_server_ssl.rb +268 -189
- data/lib/icontrol/local_lb/profile_sip.rb +145 -99
- data/lib/icontrol/local_lb/profile_stream.rb +71 -51
- data/lib/icontrol/local_lb/profile_tcp.rb +455 -296
- data/lib/icontrol/local_lb/profile_udp.rb +109 -78
- data/lib/icontrol/local_lb/profile_user_statistic.rb +77 -46
- data/lib/icontrol/local_lb/profile_xml.rb +116 -79
- data/lib/icontrol/local_lb/ram_cache_information.rb +43 -20
- data/lib/icontrol/local_lb/rate_class.rb +523 -318
- data/lib/icontrol/local_lb/rule.rb +53 -37
- data/lib/icontrol/local_lb/snat.rb +96 -65
- data/lib/icontrol/local_lb/snat_pool.rb +54 -39
- data/lib/icontrol/local_lb/snat_pool_member.rb +22 -15
- data/lib/icontrol/local_lb/snat_translation_address.rb +94 -69
- data/lib/icontrol/local_lb/virtual_address.rb +99 -70
- data/lib/icontrol/local_lb/virtual_server.rb +358 -243
- data/lib/icontrol/lt_config.rb +8 -1
- data/lib/icontrol/lt_config/field.rb +87 -53
- data/lib/icontrol/lt_config/klass.rb +59 -43
- data/lib/icontrol/management.rb +80 -38
- data/lib/icontrol/management/ccldap_configuration.rb +218 -144
- data/lib/icontrol/management/change_control.rb +67 -41
- data/lib/icontrol/management/crldp_configuration.rb +73 -52
- data/lib/icontrol/management/crldp_server.rb +55 -39
- data/lib/icontrol/management/db_variable.rb +32 -21
- data/lib/icontrol/management/event_notification.rb +19 -8
- data/lib/icontrol/management/event_subscription.rb +121 -74
- data/lib/icontrol/management/key_certificate.rb +235 -138
- data/lib/icontrol/management/ldap_configuration.rb +249 -179
- data/lib/icontrol/management/license_administration.rb +97 -56
- data/lib/icontrol/management/named.rb +103 -67
- data/lib/icontrol/management/ocsp_configuration.rb +33 -24
- data/lib/icontrol/management/ocsp_responder.rb +294 -165
- data/lib/icontrol/management/partition.rb +42 -23
- data/lib/icontrol/management/provision.rb +73 -39
- data/lib/icontrol/management/radius_configuration.rb +85 -57
- data/lib/icontrol/management/radius_server.rb +51 -37
- data/lib/icontrol/management/resource_record.rb +163 -121
- data/lib/icontrol/management/snmp_configuration.rb +675 -390
- data/lib/icontrol/management/tacacs_configuration.rb +99 -67
- data/lib/icontrol/management/tmos_module.rb +20 -8
- data/lib/icontrol/management/user_management.rb +198 -124
- data/lib/icontrol/management/view.rb +33 -24
- data/lib/icontrol/management/zone.rb +49 -34
- data/lib/icontrol/management/zone_runner.rb +11 -7
- data/lib/icontrol/networking.rb +31 -4
- data/lib/icontrol/networking/admin_ip.rb +92 -71
- data/lib/icontrol/networking/arp.rb +41 -28
- data/lib/icontrol/networking/i_session_advertised_route.rb +47 -32
- data/lib/icontrol/networking/i_session_local_interface.rb +72 -52
- data/lib/icontrol/networking/i_session_peer_discovery.rb +105 -68
- data/lib/icontrol/networking/i_session_remote_interface.rb +105 -76
- data/lib/icontrol/networking/interfaces.rb +241 -142
- data/lib/icontrol/networking/packet_filter.rb +111 -69
- data/lib/icontrol/networking/packet_filter_globals.rb +39 -28
- data/lib/icontrol/networking/port_mirror.rb +39 -27
- data/lib/icontrol/networking/profile_gre.rb +63 -41
- data/lib/icontrol/networking/profile_ipip.rb +38 -25
- data/lib/icontrol/networking/profile_wccpgre.rb +85 -55
- data/lib/icontrol/networking/route_domain.rb +70 -44
- data/lib/icontrol/networking/route_table.rb +128 -91
- data/lib/icontrol/networking/self_ip.rb +57 -39
- data/lib/icontrol/networking/self_ip_port_lockdown.rb +34 -22
- data/lib/icontrol/networking/stp_globals.rb +115 -63
- data/lib/icontrol/networking/stp_instance.rb +166 -68
- data/lib/icontrol/networking/trunk.rb +165 -101
- data/lib/icontrol/networking/tunnel.rb +77 -52
- data/lib/icontrol/networking/vlan.rb +140 -98
- data/lib/icontrol/networking/vlan_group.rb +145 -101
- data/lib/icontrol/system.rb +70 -33
- data/lib/icontrol/system/cluster.rb +103 -81
- data/lib/icontrol/system/config_sync.rb +128 -72
- data/lib/icontrol/system/connections.rb +27 -17
- data/lib/icontrol/system/disk.rb +134 -67
- data/lib/icontrol/system/failover.rb +44 -27
- data/lib/icontrol/system/geo_ip.rb +16 -5
- data/lib/icontrol/system/inet.rb +47 -30
- data/lib/icontrol/system/internal.rb +13 -9
- data/lib/icontrol/system/services.rb +75 -42
- data/lib/icontrol/system/software_management.rb +132 -83
- data/lib/icontrol/system/statistics.rb +443 -298
- data/lib/icontrol/system/system_info.rb +137 -95
- data/lib/icontrol/web_accelerator/applications.rb +17 -10
- data/lib/icontrol/web_accelerator/policies.rb +13 -9
- data/lib/icontrol/web_accelerator/proxy_message.rb +11 -7
- data/spec/icontrol/local_lb/pool_member_spec.rb +495 -0
- data/spec/icontrol/local_lb/profile_http_class_spec.rb +514 -0
- metadata +10 -4
@@ -1,16 +1,21 @@
|
|
1
1
|
module IControl::Networking
|
2
2
|
##
|
3
|
-
# The PacketFilter interface enables you to work with the definitions and attributes
|
3
|
+
# The PacketFilter interface enables you to work with the definitions and attributes
|
4
|
+
# of packet filter rules. The goal of the packet filter is to provide a flexible and
|
5
|
+
# integrated perimeter security mechanism to explicitly block as well as accept traffic
|
6
|
+
# using complex expressions similar to those used by libpcap (e.g. tcpdump).
|
4
7
|
class PacketFilter < IControl::Base
|
5
8
|
|
6
9
|
set_id_name "filters"
|
7
10
|
|
8
11
|
class PacketFilterStatisticEntry < IControl::Base::Struct; end
|
9
|
-
class PacketFilterStatistics < IControl::Base::Struct; end
|
12
|
+
class PacketFilterStatistics < IControl::Base::Struct; end
|
13
|
+
class PacketFilterStatisticEntrySequence < IControl::Base::Sequence ; end ##
|
10
14
|
# Creates this packet filter rules.
|
11
|
-
# @
|
12
|
-
# @raise [IControl::Common::
|
13
|
-
# @raise [IControl::Common::
|
15
|
+
# @rspec_example
|
16
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
17
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
18
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
14
19
|
# @param [Hash] opts
|
15
20
|
# @option opts [long] :sort_orders The sort-order part of the rule is an integer value used to assign a relative "weight" to the rule. The sort-order may be any number between 0 and 999, but no two rules may have the same value. The specific value of the sort-order is not important, only its position relative to the other rules' sort-orders. Rule evaluation order is determined by starting with the lowest numbered rule and moving up through to the highest.
|
16
21
|
# @option opts [IControl::Networking::FilterAction] :actions The list of action of what to do with the traffic should it match each rule.
|
@@ -22,104 +27,124 @@ module IControl::Networking
|
|
22
27
|
|
23
28
|
##
|
24
29
|
# Deletes all packet filter.
|
25
|
-
# @
|
26
|
-
# @raise [IControl::Common::
|
27
|
-
# @raise [IControl::Common::
|
30
|
+
# @rspec_example
|
31
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
32
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
33
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
28
34
|
def delete_all_packet_filters
|
29
35
|
super
|
30
36
|
end
|
31
37
|
|
32
38
|
##
|
33
39
|
# Deletes this packet filter rules.
|
34
|
-
# @
|
35
|
-
# @raise [IControl::Common::
|
36
|
-
# @raise [IControl::Common::
|
40
|
+
# @rspec_example
|
41
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
42
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
43
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
37
44
|
def delete_packet_filter
|
38
45
|
super
|
39
46
|
end
|
40
47
|
|
41
48
|
##
|
42
49
|
# Gets the actions of what to do if the ingress traffic matches the filter rules.
|
50
|
+
# @rspec_example
|
43
51
|
# @return [FilterAction]
|
44
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
45
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
46
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
52
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
53
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
54
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
47
55
|
def action
|
48
56
|
super
|
49
57
|
end
|
50
58
|
|
51
59
|
##
|
52
60
|
# Gets the statistics for all the packet filter rules.
|
61
|
+
# @rspec_example
|
53
62
|
# @return [PacketFilterStatistics]
|
54
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
55
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
56
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
63
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
64
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
65
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
57
66
|
def all_statistics
|
58
67
|
super
|
59
68
|
end
|
60
69
|
|
61
70
|
##
|
62
|
-
# Gets the expressions used to match ingress traffic. Each expression is defined by
|
71
|
+
# Gets the expressions used to match ingress traffic. Each expression is defined by
|
72
|
+
# the pcap library, which is used to implement tcpdump, and is compiled into a Berkeley
|
73
|
+
# Packet Filter program. The man page for tcpdump describes the format and valid syntax
|
74
|
+
# of the filter rule expression.
|
75
|
+
# @rspec_example
|
63
76
|
# @return [String]
|
64
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
65
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
66
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
77
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
78
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
79
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
67
80
|
def expression
|
68
81
|
super
|
69
82
|
end
|
70
83
|
|
71
84
|
##
|
72
85
|
# Gets a list of all packet filter rules.
|
86
|
+
# @rspec_example
|
73
87
|
# @return [String]
|
74
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
75
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
76
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
88
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
89
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
90
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
77
91
|
def list
|
78
92
|
super
|
79
93
|
end
|
80
94
|
|
81
95
|
##
|
82
|
-
# Gets the states that specify whether an entry will be created in the system log each
|
96
|
+
# Gets the states that specify whether an entry will be created in the system log each
|
97
|
+
# time the rule is matched.
|
98
|
+
# @rspec_example
|
83
99
|
# @return [EnabledState]
|
84
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
85
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
86
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
100
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
101
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
102
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
87
103
|
def log_state
|
88
104
|
super
|
89
105
|
end
|
90
106
|
|
91
107
|
##
|
92
|
-
# Gets the rate classes that will be used to rate limit the traffic. If the rule has
|
108
|
+
# Gets the rate classes that will be used to rate limit the traffic. If the rule has
|
109
|
+
# an associated Rate Class name, then any traffic allowed by the rule will also be
|
110
|
+
# rate limited according to the behavior of this rate class. It is meaningless to associate
|
111
|
+
# a rate class with a rule that has a discard or reject action. Likewise, the rate
|
112
|
+
# class will only take effect when the traffic actually leaves the system. If the traffic
|
113
|
+
# does not leave the system, the rate class has no effect.
|
114
|
+
# @rspec_example
|
93
115
|
# @return [String]
|
94
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
95
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
96
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
116
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
117
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
118
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
97
119
|
def rate_class
|
98
120
|
super
|
99
121
|
end
|
100
122
|
|
101
123
|
##
|
102
124
|
# Gets the sort orders of this filter rules.
|
125
|
+
# @rspec_example
|
103
126
|
# @return [long]
|
104
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
105
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
106
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
127
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
128
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
129
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
107
130
|
def sort_order
|
108
131
|
super
|
109
132
|
end
|
110
133
|
|
111
134
|
##
|
112
135
|
# Gets the statistics for this packet filter.
|
136
|
+
# @rspec_example
|
113
137
|
# @return [PacketFilterStatistics]
|
114
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
115
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
116
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
138
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
139
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
140
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
117
141
|
def statistics
|
118
142
|
super
|
119
143
|
end
|
120
144
|
|
121
145
|
##
|
122
146
|
# Gets the version information for this interface.
|
147
|
+
# @rspec_example
|
123
148
|
# @return [String]
|
124
149
|
def version
|
125
150
|
super
|
@@ -127,28 +152,31 @@ module IControl::Networking
|
|
127
152
|
|
128
153
|
##
|
129
154
|
# Gets the optional ingress VLANs to match on.
|
155
|
+
# @rspec_example
|
130
156
|
# @return [String]
|
131
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
132
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
133
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
157
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
158
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
159
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
134
160
|
def vlan
|
135
161
|
super
|
136
162
|
end
|
137
163
|
|
138
164
|
##
|
139
165
|
# Resets the statistics for this pools.
|
140
|
-
# @
|
141
|
-
# @raise [IControl::Common::
|
142
|
-
# @raise [IControl::Common::
|
166
|
+
# @rspec_example
|
167
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
168
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
169
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
143
170
|
def reset_statistics
|
144
171
|
super
|
145
172
|
end
|
146
173
|
|
147
174
|
##
|
148
175
|
# Sets the actions of what to do if the ingress traffic matches the filter rules.
|
149
|
-
# @
|
150
|
-
# @raise [IControl::Common::
|
151
|
-
# @raise [IControl::Common::
|
176
|
+
# @rspec_example
|
177
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
178
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
179
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
152
180
|
# @param [Hash] opts
|
153
181
|
# @option opts [IControl::Networking::FilterAction] :actions The action of what the filter should do when there is a match.
|
154
182
|
def set_action(opts)
|
@@ -157,10 +185,14 @@ module IControl::Networking
|
|
157
185
|
end
|
158
186
|
|
159
187
|
##
|
160
|
-
# Sets the expressions used to match ingress traffic. Each expression is defined by
|
161
|
-
#
|
162
|
-
#
|
163
|
-
#
|
188
|
+
# Sets the expressions used to match ingress traffic. Each expression is defined by
|
189
|
+
# the pcap library, which is used to implement tcpdump, and is compiled into a Berkeley
|
190
|
+
# Packet Filter program. The man page for tcpdump describes the format and valid syntax
|
191
|
+
# of the filter rule expression.
|
192
|
+
# @rspec_example
|
193
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
194
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
195
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
164
196
|
# @param [Hash] opts
|
165
197
|
# @option opts [String] :expressions The expressions used to match ingress traffic.
|
166
198
|
def set_expression(opts)
|
@@ -169,10 +201,12 @@ module IControl::Networking
|
|
169
201
|
end
|
170
202
|
|
171
203
|
##
|
172
|
-
# Sets the states that specify whether an entry will be created in the system log each
|
173
|
-
#
|
174
|
-
# @
|
175
|
-
# @raise [IControl::Common::
|
204
|
+
# Sets the states that specify whether an entry will be created in the system log each
|
205
|
+
# time the rule is matched.
|
206
|
+
# @rspec_example
|
207
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
208
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
209
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
176
210
|
# @param [Hash] opts
|
177
211
|
# @option opts [IControl::Common::EnabledState] :states The logging states.
|
178
212
|
def set_log_state(opts)
|
@@ -181,10 +215,16 @@ module IControl::Networking
|
|
181
215
|
end
|
182
216
|
|
183
217
|
##
|
184
|
-
# Sets the rate classes that will be used to rate limit the traffic. If the rule has
|
185
|
-
#
|
186
|
-
#
|
187
|
-
#
|
218
|
+
# Sets the rate classes that will be used to rate limit the traffic. If the rule has
|
219
|
+
# an associated Rate Class name, then any traffic allowed by the rule will also be
|
220
|
+
# rate limited according to the behavior of this rate class. It is meaningless to associate
|
221
|
+
# a rate class with a rule that has a discard or reject action. Likewise, the rate
|
222
|
+
# class will only take effect when the traffic actually leaves the system. If the traffic
|
223
|
+
# does not leave the system, the rate class has no effect.
|
224
|
+
# @rspec_example
|
225
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
226
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
227
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
188
228
|
# @param [Hash] opts
|
189
229
|
# @option opts [String] :rate_classes The rate classes used to rate limit the traffic.
|
190
230
|
def set_rate_class(opts)
|
@@ -194,9 +234,10 @@ module IControl::Networking
|
|
194
234
|
|
195
235
|
##
|
196
236
|
# Sets the sort orders of this filter rules.
|
197
|
-
# @
|
198
|
-
# @raise [IControl::Common::
|
199
|
-
# @raise [IControl::Common::
|
237
|
+
# @rspec_example
|
238
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
239
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
240
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
200
241
|
# @param [Hash] opts
|
201
242
|
# @option opts [long] :orders The sort order values of the associated filter rules. Legal values for sort-order are all integers between 0 and 999, inclusive. No two rules may have the same sort-order value.
|
202
243
|
def set_sort_order(opts)
|
@@ -206,9 +247,10 @@ module IControl::Networking
|
|
206
247
|
|
207
248
|
##
|
208
249
|
# Sets the optional ingress VLANs to match on.
|
209
|
-
# @
|
210
|
-
# @raise [IControl::Common::
|
211
|
-
# @raise [IControl::Common::
|
250
|
+
# @rspec_example
|
251
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
252
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
253
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
212
254
|
# @param [Hash] opts
|
213
255
|
# @option opts [String] :vlan_names The ingress VLANs to match on. If present, each entry must be a specific VLAN name currently in existence. If omitted, the rule matches all VLANs .
|
214
256
|
def set_vlan(opts)
|
@@ -219,18 +261,18 @@ module IControl::Networking
|
|
219
261
|
##
|
220
262
|
# A struct that describes statistics for a particular packet filter rule.
|
221
263
|
# @attr [String] filter The packet filter rule name.
|
222
|
-
# @attr [IControl::Common::
|
264
|
+
# @attr [IControl::Common::StatisticSequence] statistics The statistics for the filter.
|
223
265
|
class PacketFilterStatisticEntry < IControl::Base::Struct
|
224
266
|
icontrol_attribute :filter, String
|
225
|
-
icontrol_attribute :statistics, IControl::Common::
|
267
|
+
icontrol_attribute :statistics, IControl::Common::StatisticSequence
|
226
268
|
end
|
227
269
|
|
228
270
|
##
|
229
271
|
# A struct that describes packet filter rule statistics and timestamp.
|
230
|
-
# @attr [IControl::Networking::PacketFilter::
|
272
|
+
# @attr [IControl::Networking::PacketFilter::PacketFilterStatisticEntrySequence] statistics The statistics for a sequence of packet filter rules.
|
231
273
|
# @attr [IControl::Common::TimeStamp] time_stamp The time stamp at the time the statistics are gathered.
|
232
274
|
class PacketFilterStatistics < IControl::Base::Struct
|
233
|
-
icontrol_attribute :statistics, IControl::Networking::PacketFilter::
|
275
|
+
icontrol_attribute :statistics, IControl::Networking::PacketFilter::PacketFilterStatisticEntrySequence
|
234
276
|
icontrol_attribute :time_stamp, IControl::Common::TimeStamp
|
235
277
|
end
|
236
278
|
|
@@ -1,24 +1,27 @@
|
|
1
1
|
module IControl::Networking
|
2
2
|
##
|
3
|
-
# The PacketFilterGlobals interface enables you to work with the global lists of trusted
|
3
|
+
# The PacketFilterGlobals interface enables you to work with the global lists of trusted
|
4
|
+
# source addresses and ingress VLANs used in packet filtering.
|
4
5
|
class PacketFilterGlobals < IControl::Base
|
5
6
|
|
6
7
|
set_id_name "addresses"
|
7
8
|
|
8
9
|
##
|
9
10
|
# Adds this addresse to the list of trusted source addresse.
|
10
|
-
# @
|
11
|
-
# @raise [IControl::Common::
|
12
|
-
# @raise [IControl::Common::
|
11
|
+
# @rspec_example
|
12
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
13
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
14
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
13
15
|
def add_trusted_address
|
14
16
|
super
|
15
17
|
end
|
16
18
|
|
17
19
|
##
|
18
20
|
# Adds this MAC addresse to the list of trusted MAC addresse.
|
19
|
-
# @
|
20
|
-
# @raise [IControl::Common::
|
21
|
-
# @raise [IControl::Common::
|
21
|
+
# @rspec_example
|
22
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
23
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
24
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
22
25
|
# @param [Hash] opts
|
23
26
|
# @option opts [String] :mac_addresses The MAC addresses.
|
24
27
|
def add_trusted_mac_address(opts)
|
@@ -28,9 +31,10 @@ module IControl::Networking
|
|
28
31
|
|
29
32
|
##
|
30
33
|
# Adds this ingress VLANs to the list of trusted VLANs.
|
31
|
-
# @
|
32
|
-
# @raise [IControl::Common::
|
33
|
-
# @raise [IControl::Common::
|
34
|
+
# @rspec_example
|
35
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
36
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
37
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
34
38
|
# @param [Hash] opts
|
35
39
|
# @option opts [String] :vlans The VLAN names.
|
36
40
|
def add_trusted_vlan(opts)
|
@@ -40,36 +44,40 @@ module IControl::Networking
|
|
40
44
|
|
41
45
|
##
|
42
46
|
# Gets a list of all trusted source addresse used in packet filtering on this device.
|
47
|
+
# @rspec_example
|
43
48
|
# @return [String]
|
44
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
45
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
46
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
49
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
50
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
51
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
47
52
|
def trusted_address
|
48
53
|
super
|
49
54
|
end
|
50
55
|
|
51
56
|
##
|
52
57
|
# Gets a list of all trusted MAC addresse used in packet filtering on this device.
|
58
|
+
# @rspec_example
|
53
59
|
# @return [String]
|
54
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
55
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
56
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
60
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
61
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
62
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
57
63
|
def trusted_mac_address
|
58
64
|
super
|
59
65
|
end
|
60
66
|
|
61
67
|
##
|
62
68
|
# Gets a list of all trusted ingress VLANs used in packet filtering on this device.
|
69
|
+
# @rspec_example
|
63
70
|
# @return [String]
|
64
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
65
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
66
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
71
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
72
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
73
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
67
74
|
def trusted_vlan
|
68
75
|
super
|
69
76
|
end
|
70
77
|
|
71
78
|
##
|
72
79
|
# Gets the version information for this interface.
|
80
|
+
# @rspec_example
|
73
81
|
# @return [String]
|
74
82
|
def version
|
75
83
|
super
|
@@ -77,18 +85,20 @@ module IControl::Networking
|
|
77
85
|
|
78
86
|
##
|
79
87
|
# Removes this addresse from the list of trusted source addresse.
|
80
|
-
# @
|
81
|
-
# @raise [IControl::Common::
|
82
|
-
# @raise [IControl::Common::
|
88
|
+
# @rspec_example
|
89
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
90
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
91
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
83
92
|
def remove_trusted_address
|
84
93
|
super
|
85
94
|
end
|
86
95
|
|
87
96
|
##
|
88
97
|
# Removes this MAC addresse from the list of trusted MAC addresse.
|
89
|
-
# @
|
90
|
-
# @raise [IControl::Common::
|
91
|
-
# @raise [IControl::Common::
|
98
|
+
# @rspec_example
|
99
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
100
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
101
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
92
102
|
# @param [Hash] opts
|
93
103
|
# @option opts [String] :mac_addresses The MAC addresses.
|
94
104
|
def remove_trusted_mac_address(opts)
|
@@ -98,9 +108,10 @@ module IControl::Networking
|
|
98
108
|
|
99
109
|
##
|
100
110
|
# Removes this ingress VLANs from the list of trusted VLANs.
|
101
|
-
# @
|
102
|
-
# @raise [IControl::Common::
|
103
|
-
# @raise [IControl::Common::
|
111
|
+
# @rspec_example
|
112
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
113
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
114
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
104
115
|
# @param [Hash] opts
|
105
116
|
# @option opts [String] :vlans The VLAN names.
|
106
117
|
def remove_trusted_vlan(opts)
|