Add ESX VNC firewall rules VIB package and build info.

.gitignore

@@ -26,3 +26,6 @@ src/sunstone/public/css/app.min.css
 src/sunstone/public/dist/
 src/sunstone/public/locale/languages/*.js
 .tx/config
+
+share/esx-fw-vnc/*.rpm
+share/esx-fw-vnc/.vagrant*

share/esx-fw-vnc/Makefile

@@ -0,0 +1,14 @@
+.PHONY: fw-vnc.vib clean
+
+fw-vnc.vib: vmware-esx-vib-author-5.0.0-0.0.847598.i386.rpm
+	vagrant plugin install vagrant-sshfs
+	vagrant up
+	vagrant destroy -f
+	@echo "Package successfully $@ built"
+
+vmware-esx-vib-author-5.0.0-0.0.847598.i386.rpm:
+	wget -O $@ https://download3.vmware.com/software/vmw-tools/vibauthor/vmware-esx-vib-author-5.0.0-0.0.847598.i386.rpm
+
+clean:
+	-rm -rf fw-vnc.vib fw-vnc.zip vmware-esx-vib-author*.rpm
+	-vagrant destroy -f

share/esx-fw-vnc/README.md

@@ -0,0 +1,44 @@
+# Building ESX VIB package
+
+Requirements:
+
+1. [Vagrant](https://www.vagrantup.com/)
+2. [VirtualBox](https://www.virtualbox.org/)
+
+Other requirements (automatically get by `Makefile`):
+
+3. Vagrant plugin vagrant-sshfs
+4. [VIB Author](https://labs.vmware.com/flings/vib-author) tool RPM in current directory
+
+# Build
+
+VIB package build is based on a deprecated, but still working, *VIB Author* tool.
+This tool works fine on old EL/CentOS 6, that's why the build process
+(unfortunately) requires the Vagrant+VirtualBox to provide the build
+environment with the CentOS 6.
+
+There are two possible approaches to building the VIB package.
+
+### 1. Makefile
+
+Just start the `make` and required Vagrant plugin and latest known
+VIB Author tool will be automatically downloaded and new VIB
+packages built.
+
+```
+$ make
+```
+
+You can find the fresh packages in `fw-vnc.vib` and `fw-vnc.zip`.
+
+### 2. Manual
+
+1. download [VIB Author](https://labs.vmware.com/flings/vib-author) tool RPM into the current directory
+2. start Vagrant
+
+```
+$ vagrant plugin install vagrant-sshfs
+$ vagrant up && vagrant destroy -f
+```
+
+You can find the fresh packages in `fw-vnc.vib` and `fw-vnc.zip`.

share/esx-fw-vnc/Vagrantfile

@@ -0,0 +1,35 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+#
+if Dir.glob('vmware-esx-vib-author*.rpm').size != 1
+    STDERR.puts <<EOT
+Missing vmware-esx-vib-author RPM, please download and put in current dir.:
+https://labs.vmware.com/flings/vib-author
+
+EOT
+end
+
+# Vagrant configurations
+ENV['VAGRANT_DEFAULT_PROVIDER'] = 'virtualbox'
+
+Vagrant.configure("2") do |config|
+    config.vm.box = "centos/6"
+
+    config.vm.provider :virtualbox do |v|
+        v.name = "VIB Vagrant Build"
+    end
+
+    config.vm.synced_folder ".", "/vagrant", type: "sshfs"
+
+    # install VIB author
+    config.vm.provision "shell", inline: <<-SCRIPT
+        yum -y install /vagrant/*.rpm
+    SCRIPT
+
+    # (always) generate VIB/ZIP
+    config.vm.provision "shell",  run: "always", inline: <<-SCRIPT
+        set -e
+        cd /vagrant/
+        vibauthor -C -t vib/ -v fw-vnc.vib -O fw-vnc.zip --force
+    SCRIPT
+end

share/esx-fw-vnc/vib/descriptor.xml

@@ -0,0 +1,33 @@
+<?xml version="1.0"?>
+<vib version="5.0">
+  <type>bootbank</type>
+  <name>fw-vnc</name>
+  <version>1.0.0-1</version>
+  <vendor>OpenNebulaSystems</vendor>
+  <summary>Firewall rules to enable VNC traffic</summary>
+  <description>Firewall rules to enable VNC traffic</description>
+  <urls/>
+  <relationships>
+    <depends/>
+    <conflicts/>
+    <replaces/>
+    <provides/>
+    <compatibleWith/>
+  </relationships>
+  <software-tags/>
+  <system-requires>
+    <maintenance-mode>false</maintenance-mode>
+  </system-requires>
+  <file-list>
+    <file>etc/vmware/firewall/vnc.xml</file>
+  </file-list>
+  <acceptance-level>community</acceptance-level>
+  <live-install-allowed>true</live-install-allowed>
+  <live-remove-allowed>true</live-remove-allowed>
+  <cimom-restart>false</cimom-restart>
+  <stateless-ready>true</stateless-ready>
+  <overlay>false</overlay>
+  <payloads>
+    <payload name="fw-vnc" type="vgz"/>
+  </payloads>
+</vib>

share/esx-fw-vnc/vib/payloads/fw-vnc/etc/vmware/firewall/vnc.xml

@@ -0,0 +1,16 @@
+<ConfigRoot>
+  <service>
+    <id>VNC</id>
+    <rule>
+      <direction>inbound</direction>
+      <protocol>tcp</protocol>
+      <porttype>dst</porttype>
+      <port>
+        <begin>5900</begin>
+        <end>65535</end>
+      </port>
+    </rule>
+    <enabled>true</enabled>
+    <required>false</required>
+  </service>
+</ConfigRoot>