Commit ae7da55a authored by Sigmund Augdal's avatar Sigmund Augdal

Allow ranges of ports for destination port

parent 16eb478b
......@@ -68,6 +68,11 @@ def get_group_rules(etcd_client, group_id):
return rules
def check_port(port):
if port <= 0 or port > 0xffff:
raise ValueError("invalid destination port: {}".format(port))
def add_rule(etcd_client, group_id, params):
rule_id = uuid.uuid4()
rule_key = security_group_rule_key(group_id, rule_id)
......@@ -79,9 +84,20 @@ def add_rule(etcd_client, group_id, params):
source_type = params["source_type"]
if source_type not in ("any", "cidr", "security_group"):
raise ValueError("invalid source type: " + source_type)
destination_port = int(params["destination_port"])
if destination_port <= 0 or destination_port > 0xffff:
raise ValueError("invalid destination port: {}".format(destination_port))
destination_port = params["destination_port"]
if "-" in destination_port:
port_range = destination_port.split("-")
if len(port_range) != 2:
raise ValueError("Invalid destination port specification. At most one - allowed")
port_range = [int(a) for a in port_range]
for port in port_range:
check_port(port)
if port_range[0] > port_range[1]:
raise ValueError("Backwards destination port range")
destination_port = "{}-{}".format(*port_range)
else:
destination_port = int(destination_port)
check_port(destination_port)
if source_type == "cidr":
source_net = params["source_net"]
source_mask = int(params["source_mask"])
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment