CdZddlmZddlmZddlmZddlmZddlm Z ddlm Z ddl m Zddlm ZddlmZddlmZdd lmZdd lZGd d ej.ZGd dej.ZGddej.ZGddej.ZdZdZdZdZGdde Z!dZ"dZ#dZ$dZ%dZ&dZ'dZ(d Z)y )!z4Code that's shared between multiple NAT subcommands.)absolute_import)division)unicode_literals) exceptions)flags)scope)yaml)filesNc"eZdZdZfdZxZS)NatNotFoundErrorzRaised when a NAT is not found.c\||_dj|}tt||y)NzNAT `{0}` not found)nameformatsuperr __init__)selfrmsg __class__s Alib/googlecloudsdk/command_lib/compute/routers/nats/nats_utils.pyrzNatNotFoundError.__init__#s*DI  & &t ,C D*3/__name__ __module__ __qualname____doc__r __classcell__rs@rr r s'00rr c"eZdZdZfdZxZS))IpAllocateOptionShouldNotBeSpecifiedErrorz>Raised when IP Allocation option is specified for private NAT.c0d}tt| |y)Nz`--nat-external-ip-pool and --auto-allocate-nat-external-ips cannot be specified for Private NAT.)rrrrrrs rrz2IpAllocateOptionShouldNotBeSpecifiedError.__init__,s 2C 3TCCHrrrs@rrr)sFIIrrc"eZdZdZfdZxZS)IpAllocationUnspecifiedErrorzARaised when IP Allocation option is not specified for public NAT.c0d}tt| |y)NzcEither --nat-external-ip-pool or --auto-allocate-nat-external-ips must be specified for Public NAT.)rr#rr!s rrz%IpAllocationUnspecifiedError.__init__5s /C &6s;rrrs@rr#r#2sI<s   7GLrrrs@rr&r&;sAMMrr&c`|jD]}||jk(s|cSt|)z8Returns the nat with the given name in the given router.)natsrr )routernat_namenats rFindNatOrRaiser-Hs. [[c388 j ""rctd|ji}t||||j<|jjj j |j|d<|jdk(}|jxs |j}|r |r/t|s tt||\}}||d<||d<|j<|jjj j|j|d<|jJ|jDcgc]1}|jjj j|3c}|d<|j |d<|j"|d <|j$|d <|j&|d <|j(|d <|j*|d <|j,|d<|j.|d<|j0 |j2a|jjj5}|j0|_|j2t9|j2||_||d<|j<|j<|d<|j>rtA|j>||d<|jjj di|Scc}w)z3Creates a NAT message from the specified arguments.rtypePRIVATEnatIpAllocateOptionnatIpsautoNetworkTier endpointTypesudpIdleTimeoutSecicmpIdleTimeoutSectcpEstablishedIdleTimeoutSectcpTransitoryIdleTimeoutSectcpTimeWaitTimeoutSec minPortsPerVm maxPortsPerVmenableDynamicPortAllocation logConfig enableEndpointIndependentMappingrules)!r_AddSubnetOptionsToParamsr/clientmessages RouterNatTypeValueValuesEnumauto_allocate_nat_external_ipsnat_external_ip_poolrr#_ParseNatIpFieldsauto_network_tierAutoNetworkTierValueValuesEnumendpoint_types%EndpointTypesValueListEntryValuesEnumudp_idle_timeouticmp_idle_timeouttcp_established_idle_timeouttcp_transitory_idle_timeouttcp_time_wait_timeoutmin_ports_per_vmmax_ports_per_vmenable_dynamic_port_allocationenable_logging log_filterRouterNatLogConfigenable_TranslateLogFilterfilter#enable_endpoint_independent_mappingr?_ParseRulesFromYamlFile) argscompute_holderparams is_privateis_ip_allocation_specifiedoptionnat_ips endpoint_type log_configs rCreateNatMessagerfPs DII &D.&9 YY&&00DDTYYO 6NyyI%* ))FT-F-F! 5 77 % ( **'n=OFG$*F !F8 '&&00OO  " " $  $ "00 1M &&00VV  1 F?!% 5 5& !%!7!7& +/+L+L& '(*.*J*J& &'$($>$>& ! 11& 11&*.*M*M& &' $(C&&//BBDJ++J "-doo~Nj$F; --9 00 -. ZZ-djj.IF7O 1   ' ' 1 1 ;F ;;As"6J5ct||\}}t||\}}|s |s t|r||d<|r||d<|r||d<|r||d<yy)z'Adds subnet options to the params dict.sourceSubnetworkIpRangesToNat subnetworkssourceSubnetworkIpRangesToNat64nat64SubnetworksN)_ParseIpv4SubnetFields_ParseIpv6SubnetFieldsr&)r]r^r_source_ipv4_subnets_to_nat ipv4_subnetssource_ipv6_subnets_to_nat ipv6_subnetss rrArAs|-C N.*l.D N.*l $,F 7 99.HF *+(F=0JF ,-!-F rc |jtjjtjjfvs |j rt ||\}}||_||_|jtjjus |jrt||\}}||_||_|j rd|_g|_|j"rd|_g|_|j$rtj&j)||j*}|Dcgc]}t-j.|c}|_|j2s,|j4Dcgc]}t7||r|c}|_|j8rg|_|j:s |j2rt=||\}}||_||_|j@>|jBjDjFjI|j@|_%|jL|jL|_'n|jPrd|_'|jR|jR|_*n|jVrd|_*|jX|jX|_-n|j\rd|_-|j^|j^|_0n|jbrd|_0|jd|jd|_3n|jhrd|_3|jj|jj|_6n|jnrd|_6|jp|jp|_9n|jtrd|_9|jv|jv|_<|jz |j|7|j~xs$|jBjDj|_?|jz|jz|j~_A|j|%t|j|||j~_C|j|j|_E|jrt|j||_F|Scc}wcc}w)z3Updates a NAT message with the specified arguments.N)H subnet_option nat_flags SubnetOption ALL_RANGESPRIMARY_RANGESnat_custom_subnet_ip_ranges_ParseSubnetFieldsrhrisubnet_ipv6_optionSubnetIpv6OptionALL_IPV6_SUBNETS nat64_custom_v6_subnet_ip_rangesrmrjrkclear_nat_subnet_ip_rangesclear_nat64_subnet_ip_rangesnat_external_drain_ip_poolDRAIN_NAT_IP_ADDRESSES_ARGResolveAsResource resourcessix text_type drainNatIpsrGr2 _ContainIp clear_nat_external_drain_ip_poolrFrHr1rIrBrCrDrJr3rMr5clear_udp_idle_timeoutrNr6clear_icmp_idle_timeoutrOr7"clear_tcp_established_idle_timeoutrPr8!clear_tcp_transitory_idle_timeoutrQr9clear_tcp_time_wait_timeoutrRr:clear_min_ports_per_vmrSr;clear_max_ports_per_vmrTr<rUrVr=rWrXrYrZr[r>r?r\) r,r]r^ ranges_to_natri drain_nat_ipsiprbrcs rUpdateNatMessagers   + +  / /   ) )!3D.!IM;(5C%!CO !;!;!L!LL . .!7n!MM;*7C'&C $$(,C%CO &&*.C'C $$88JJ n&&(M3@A=Rs}}R(=ACO  $ $zz!M2)F"zcj **CO ((D,E,E'n=OFG$CCJ '&&00OO  " " $ & 11C "" C '!33C ##!C &&2'+'H'HC$ ..'+C$ %%1&*&F&FC# --&*C# + $ : :C '' $C &--C ""C &--C ""C ((4&*&I&IC# $(C L..77JJLM $..CMM __ .tOCMM --9 00( ZZ' NCCI *UBs'Q6%Q;7Q;ceZdZdZdZy) SubnetUsagezDHelper object to store what ranges of a subnetwork are used for NAT.c>d|_d|_t|_y)NF) using_primary using_alllistsecondary_ranges)rs rrzSubnetUsage.__init__sDDN FDrN)rrrrrr@rrrrs L#rrc t}|jj}|jtj j k(r"|jjj}n|jtj jk(r"|jjj}n9|jjj}t}|jD]}|jd}d}|dkDrt!j"dd|dk(r|j%d\} }n|} | |vr t'|| <|/|dk(r d|| _p|| j*j-|d|| _|D]b} t1j2j5| gt6j8j:|j<|j>tAjB|j} || } g} | j(r/| j-|jDjFjH| j.r/| j-|jDjFjJ| j*r/| j-|jDjFjL|j-tOjP| d | | j*d e|tS|d fS) z3Parses arguments related to subnets to use for NAT.:Nz--nat-custom-subnet-ip-rangeszMEach specified subnet must be of the form SUBNETWORK or SUBNETWORK:RANGE_NAMEALLT scope_listerr)rsourceIpRangesToNatsecondaryIpRangeNamesc |dSNrr@subnets rz$_ParseSubnetFields..hsvrkey)*rrBrCrsrtrurvrD,SourceSubnetworkIpRangesToNatValueValuesEnumALL_SUBNETWORKS_ALL_IP_RANGESrw%ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGESLIST_OF_SUBNETWORKSdictrxcountcalliope_exceptionsInvalidArgumentExceptionsplitrrrappendr subnet_flagsSubnetworkResolverResolveResources compute_scope ScopeEnumREGIONregionr compute_flagsGetDefaultScopeListerRouterNatSubnetworkToNat+SourceIpRangesToNatValueListEntryValuesEnum ALL_IP_RANGESPRIMARY_IP_RANGELIST_OF_SECONDARY_IP_RANGESrrsorted) r]r^rirCr subnet_usagescustom_subnet_argcolons range_option subnet_name subnet_ref subnet_usageoptionss rryrys+  " " + +( 911<<<GG & & Y33BBBGG . . GG   FM!== &&s+fl !!:: +(* * Q;$5$;$;C$@! \' M )%0] k"  ! 5 15- $ .  $ 5 5 < <\ J37 k"0->0% 224EE -  ! ! ( ( ++  " "$::##% F&j#;/lg     - - 8 8 H  # #  - - 8 89I9I K  & &x88CC33 5-- 1 .!(#/#@#@ 3%>  1NO PPrc|jtjjur|jsdgfSt ||S)z8Parses arguments related to ipv4 subnets to use for NAT.N)rsrtru CUSTOM_RANGESrxry)r]r^s rrlrlks= I22@@@.. 8O D. 11rc |jtjjur|jsdgfSg}|j j }|jtjjur"|jjjgfS|jD]}tjj|gtjj |j"|j$t'j(|j }|j+dt-j.|di|jjj0t3|dfS)z8Parses arguments related to ipv6 subnets to use for NAT.Nrrrc |dSrr@rs rrz(_ParseIpv6SubnetFields..srr)rzrtr{LIST_OF_IPV6_SUBNETSr}rBrCr|rD.SourceSubnetworkIpRangesToNat64ValueValuesEnumALL_IPV6_SUBNETWORKSrrrrrrrrrrrrrLIST_OF_IPV6_SUBNETWORKSr)r]r^subnetsrCrrs rrmrmus7 !;!;!P!PP33 8O '  " " + +(  : : K KKII^^   ::k002CC  &&   "889N9NO DJ NNFCMM*Q-89:;GG`` W78 rcz|jj}|jr*|jjj t fS|jjjtjj||jDcgc]}tj|c}fScc}w)N)rBrCrFrD"NatIpAllocateOptionValueValuesEnum AUTO_ONLYr MANUAL_ONLYrtIP_ADDRESSES_ARGrrrr)r]r^rCaddresss rrHrHs  " " + +( ((    A A K K F     ? ? K K//AA ((*N*' mmG*N NsB8c|dk(r4|jjjjjS|dk(r4|jjjjj S|dk(r4|jjjjj Stjdd)z6Translates the specified log filter to the enum value.rTRANSLATIONS_ONLY ERRORS_ONLYz --log-filterz:--log-filter must be ALL, TRANSLATIONS_ONLY or ERRORS_ONLY) rBrCrWFilterValueValuesEnumrrrrr) filter_strr^s rrYrYs5  ! ! * * = = " "33(&&  ! ! * * = = " "#4#46=  ! ! * * = = " ";;0 44( **rc:|D]}|j|vsyy)z)Returns true if target ip is in the list.TF) RelativeName)ip_list target_iprs rrrs# b I%   rctj|5}tj|}d|vrt j dd|dDcgc]}t ||c}cdddScc}w#1swYyxYw)z*Parses NAT Rules from the given YAML file.r?z--rulesz0The YAML file must contain the 'rules' attributeN)r FileReaderr loadrr _CreateRule) file_pathr^ import_file rules_yaml rule_yamls rr\r\s  "k;'Jj  8 8 I KK$G, ,I I~.,  #"   #"s7A1 A, A1,A11A:c|jjj}d|vr |d|_d|vr |d|_d|vr|d}|jjj |_d|vr|d|j _d|vr|d|j _d|vr|d|j _ d|vr|d|j _ |S)z1Creates a Rule object from the given parsed YAML. ruleNumbermatchactionsourceNatActiveIpssourceNatDrainIpssourceNatActiveRangessourceNatDrainRanges) rBrC RouterNatRulerrRouterNatRuleActionrrrrr)rr^rule action_yamls rrrs    ' ' 5 5 7$Y -DO 7#DJ H%K ''00DDFDK{*'23G'Hdkk$k)&12E&Fdkk#+-*56M*Ndkk',)45K)Ldkk& +r)*r __future__rrrgooglecloudsdk.callioperr"googlecloudsdk.command_lib.computerrrr3googlecloudsdk.command_lib.compute.networks.subnetsr/googlecloudsdk.command_lib.compute.routers.natsrtgooglecloudsdk.corecore_exceptionsr googlecloudsdk.core.utilr rErrorr rr#r&r-rfrArobjectrryrlrmrHrYrr\rr@rrrs;&'EEEUN=$* 0,,0I0E0EI