func (*PortRangeSuite) TestParsePortRangeRoundTrip(c *gc.C) {
portRange, err := network.ParsePortRange("8000-8099/tcp")
c.Assert(err, jc.ErrorIsNil)
portRangeStr := portRange.String()
c.Check(portRangeStr, gc.Equals, "8000-8099/tcp")
}
func (s *PortSetSuite) SetUpTest(c *gc.C) {
s.BaseSuite.SetUpTest(c)
portRange1, err := network.ParsePortRange("8000-8099/tcp")
c.Assert(err, jc.ErrorIsNil)
portRange2, err := network.ParsePortRange("80/tcp")
c.Assert(err, jc.ErrorIsNil)
portRange3, err := network.ParsePortRange("79-81/tcp")
c.Assert(err, jc.ErrorIsNil)
portRange4, err := network.ParsePortRange("5000-5123/udp")
c.Assert(err, jc.ErrorIsNil)
s.portRange1 = portRange1
s.portRange2 = portRange2
s.portRange3 = portRange3
s.portRange4 = portRange4
}
func (*PortRangeSuite) TestParsePortRangeDefaultProtocol(c *gc.C) {
portRange, err := network.ParsePortRange("80")
c.Assert(err, jc.ErrorIsNil)
c.Check(portRange.Protocol, gc.Equals, "tcp")
c.Check(portRange.FromPort, gc.Equals, 80)
c.Check(portRange.ToPort, gc.Equals, 80)
}
// Ports build a list of all open port ranges for a given firewall name
// (within the Connection's project) and returns it. If the firewall
// does not exist then the list will be empty and no error is returned.
func (gce Connection) Ports(fwname string) ([]network.PortRange, error) {
firewall, err := gce.raw.GetFirewall(gce.projectID, fwname)
if errors.IsNotFound(err) {
return nil, nil
}
if err != nil {
return nil, errors.Annotate(err, "while getting ports from GCE")
}
var ports []network.PortRange
for _, allowed := range firewall.Allowed {
for _, portRangeStr := range allowed.Ports {
portRange, err := network.ParsePortRange(portRangeStr)
if err != nil {
return ports, errors.Annotate(err, "bad ports from GCE")
}
portRange.Protocol = allowed.IPProtocol
ports = append(ports, portRange)
}
}
return ports, nil
}
func (*PortRangeSuite) TestParsePortRangeNonIntPort(c *gc.C) {
_, err := network.ParsePortRange("spam-100")
c.Check(err, gc.ErrorMatches, `invalid port "spam".*`)
}
func (*PortRangeSuite) TestParsePortRangeMultiRange(c *gc.C) {
_, err := network.ParsePortRange("10-55-100")
c.Check(err, gc.ErrorMatches, `invalid port range "10-55-100".*`)
}
// Ports is specified in the Instance interface.
func (inst *azureInstance) Ports(machineId string) (ports []jujunetwork.PortRange, err error) {
inst.env.mu.Lock()
nsgClient := network.SecurityGroupsClient{inst.env.network}
inst.env.mu.Unlock()
securityGroupName := internalSecurityGroupName
nsg, err := nsgClient.Get(inst.env.resourceGroup, securityGroupName)
if err != nil {
return nil, errors.Annotate(err, "querying network security group")
}
if nsg.Properties.SecurityRules == nil {
return nil, nil
}
vmName := resourceName(names.NewMachineTag(machineId))
prefix := instanceNetworkSecurityRulePrefix(instance.Id(vmName))
for _, rule := range *nsg.Properties.SecurityRules {
if rule.Properties.Direction != network.Inbound {
continue
}
if rule.Properties.Access != network.Allow {
continue
}
if to.Int(rule.Properties.Priority) <= securityRuleInternalMax {
continue
}
if !strings.HasPrefix(to.String(rule.Name), prefix) {
continue
}
var portRange jujunetwork.PortRange
if *rule.Properties.DestinationPortRange == "*" {
portRange.FromPort = 0
portRange.ToPort = 65535
} else {
portRange, err = jujunetwork.ParsePortRange(
*rule.Properties.DestinationPortRange,
)
if err != nil {
return nil, errors.Annotatef(
err, "parsing port range for security rule %q",
to.String(rule.Name),
)
}
}
var protocols []string
switch rule.Properties.Protocol {
case network.SecurityRuleProtocolTCP:
protocols = []string{"tcp"}
case network.SecurityRuleProtocolUDP:
protocols = []string{"udp"}
default:
protocols = []string{"tcp", "udp"}
}
for _, protocol := range protocols {
portRange.Protocol = protocol
ports = append(ports, portRange)
}
}
return ports, nil
}