Feature #3175: Add support for IPSEC

2025-03-21 14:50:08 +03:00 · 2014-11-03 18:52:07 +01:00 · 2014-11-03 18:52:07 +01:00 · 86be6b2764
commit 86be6b2764
parent 05fa0053d8
1 changed files with 13 additions and 2 deletions
--- a/src/vnm_mad/remotes/security_groups/SecurityGroups.rb
+++ b/src/vnm_mad/remotes/security_groups/SecurityGroups.rb
@ -259,7 +259,13 @@ class Rule

    # Getters
    def protocol
-        @rule[:protocol].downcase.to_sym rescue nil
+        p = @rule[:protocol].downcase.to_sym rescue nil
+
+        if p == :ipsec
+            :esp
+        else
+            p
+        end
    end

    def rule_type
@ -283,7 +289,7 @@ class Rule
        valid = true
        error_message = []

-        if !protocol || ![:tcp, :udp, :icmp].include?(protocol)
+        if !protocol || ![:tcp, :udp, :icmp, :esp].include?(protocol)
            error_message << "Invalid protocol: #{protocol}"
            valid = false
        end
@ -298,6 +304,11 @@ class Rule
            valid = false
        end

+        if range && protocol == :esp
+            error_message << "IPSEC does not support port ranges"
+            valid = false
+        end
+
        if net && !valid_net?
            error_message << "Invalid net: IP:'#{@rule[:ip]}' SIZE:'#{@rule[:size]}'"
            valid = false