Solved: NSXNatRule Orchestrator Plugin API

ghman · ‎11-22-2017

I have recently upgraded to NSX 6.3.5 and the NSX plugin 1.2. In previous versions of the I have created NA rules using the NSXNatManager.addNatRules(). I upgraded because VMWare added the ability to add dnatSourceAddress previously not available. In trying to use the new functionality I found that my code does not work. The issue is that I have no information as to the order of the parameters required when creating the NSXNatRule. The order listed in Orchestrator is simply alphabetical.

Previous creation used the following which clearly shows the order in which the parameters are expected.

The new list which is different by the “s” on the Rules (NSX:NatRulesDto) does not show the order. I am constantly getting a NARulesDto[10].action accepted values are DNAT|SNAT.

I looked at the Orchestrator API list and the NARulesDto does not show up.

var rules = NSXNatManager.getNatRules(connection, edge);
var natRulesArr = new Array();
//natRule is a property array
tempProp = new Properties();
tempProp.put("action", "DNAT");
tempProp.put("description", “Test Rule”);
tempProp.put("dnatSourceAddress",”192.168.2.1”);
tempProp.put("dnatSourcePort", "any");
tempProp.put("enabled", "true");
tempProp.put("icmpSubType", "");
tempProp.put("loggingEnabled", "false");
tempProp.put("originalAddress", "192.168.1.1”);
tempProp.put("originalPort", “5555”);
tempProp.put("protocol", "any");
tempProp.put("ruleId", "");  
tempProp.put("ruleTag", "");
tempProp.put("ruleType", "user");
tempProp.put("snatDestinationAddress", "");
tempProp.put("snatDestinationPort", "");   
tempProp.put("translatedAddress", “192.168.3.1”);
tempProp.put("translatedPort", "any");
tempProp.put("vnicIndex", "0");
natRule.push(tempProp);
var rule = new NSXNatRule(natRule[i].description, natRule[i].dnatSourceAddress, natRule[i].dnatSourcePort, natRule[i].enabled,
natRule[i].icmpSubType,natRule[i].loggingEnabled, natRule[i].originalAddress, natRule[i].originalPort, natRule[i].protocol, 
natRule[i].action, natRule[i].ruleId, natRule[i].ruleTag, natRule[i].ruleType, natRule[i].snatDestinationAddress, natRule[i].
snatDestiantionPort,natRule[i].translatedAddress, natRule[i].translatedPort, natRule[i].vnicIndex);
natRulesArr.push(rule);
var refreshedRules = NSXNatManager.addNatRules(connection, edgeId, natRulesArr);

My code is below. I copied this code from multiple workflows so hopefully I got the gist of what I’m doing.

Needless to say the rules are not being created correctly.

Any help would be appreciated.

Thank you.

jasnyder · ‎11-24-2017

Here is the signature on the constructor from the NatRule class. You aren't going to be able to set all properties of the object from calling the constructor:

NatRule(String action, String nicIndex, String originalAddress, String translatedAddress, String originalPort, String translatedPort, String protocol)

So, you may as well just do it this way:

tempProp = new Properties();

tempProp.put("action", "DNAT");

tempProp.put("description", "Test Rule");

tempProp.put("dnatSourceAddress","192.168.2.1");

tempProp.put("dnatSourcePort", "any");

tempProp.put("enabled", "true");

tempProp.put("icmpSubType", "");

tempProp.put("loggingEnabled", "false");

tempProp.put("originalAddress", "192.168.1.1");

tempProp.put("originalPort", "5555");

tempProp.put("protocol", "any");

tempProp.put("ruleId", "");

tempProp.put("ruleTag", "");

tempProp.put("ruleType", "user");

tempProp.put("snatDestinationAddress", "");

tempProp.put("snatDestinationPort", "");

tempProp.put("translatedAddress", "192.168.3.1");

tempProp.put("translatedPort", "any");

tempProp.put("vnicIndex", "0");

natRule.push(tempProp);

var rule = new NSXNatRule();

rule.description = natRule[i].description;

rule.dnatSourceAddress = natRule[i].dnatSourceAddress;

rule.dnatSourcePort = natRule[i].dnatSourcePort;

rule.enabled = natRule[i].enabled;

rule.icmpSubType = natRule[i].icmpSubType;

rule.loggingEnabled = natRule[i].loggingEnabled;

rule.originalAddress = natRule[i].originalAddress;

rule.originalPort = natRule[i].originalPort;

rule.protocol = natRule[i].protocol;

rule.action = natRule[i].action;

rule.ruleId = natRule[i].ruleId;

rule.ruleTag = natRule[i].ruleTag;

rule.ruleType = natRule[i].ruleType;

rule.snatDestinationAddress = natRule[i].snatDestinationAddress;

rule.snatDestinationPort = natRule[i].snatDestiantionPort;

rule.translatedAddress = natRule[i].translatedAddress;

rule.translatedPort = natRule[i].translatedPort;

rule.vnicIndex = natRule[i].vnicIndex;

Or if you prefer you can use the set methods - these are not documented in the API, but they are there, so use 'em if you like 'em. They are functionally equivalent to what I put in the first block (i.e. rule.translatedPort = "5555" is the same as rule.setTranslatedPort("5555"))

var rule = new NSXNatRule();

rule.setDescription(natRule[i].description);

rule.setDnatSourceAddress(natRule[i].dnatSourceAddress);

rule.setDnatSourcePort(natRule[i].dnatSourcePort);

rule.setEnabled(natRule[i].enabled);

rule.setIcmpSubType(natRule[i].icmpSubType);

rule.setLoggingEnabled(natRule[i].loggingEnabled);

rule.setOriginalAddress(natRule[i].originalAddress);

rule.setOriginalPort(natRule[i].originalPort);

rule.setProtocol(natRule[i].protocol);

rule.setAction(natRule[i].action);

rule.setRuleId(natRule[i].ruleId);

rule.setRuleTag(natRule[i].ruleTag);

rule.setRuleType(natRule[i].ruleType);

rule.setSnatDestinationAddress(natRule[i].snatDestinationAddress);

rule.setSnatDestinationPort(natRule[i].snatDestiantionPort);

rule.setTranslatedAddress(natRule[i].translatedAddress);

rule.setTranslatedPort(natRule[i].translatedPort);

rule.setVnicIndex(natRule[i].vnicIndex);

View solution in original post

jasnyder · ‎11-24-2017

Here is the signature on the constructor from the NatRule class. You aren't going to be able to set all properties of the object from calling the constructor:

NatRule(String action, String nicIndex, String originalAddress, String translatedAddress, String originalPort, String translatedPort, String protocol)

So, you may as well just do it this way:

tempProp = new Properties();

tempProp.put("action", "DNAT");

tempProp.put("description", "Test Rule");

tempProp.put("dnatSourceAddress","192.168.2.1");

tempProp.put("dnatSourcePort", "any");

tempProp.put("enabled", "true");

tempProp.put("icmpSubType", "");

tempProp.put("loggingEnabled", "false");

tempProp.put("originalAddress", "192.168.1.1");

tempProp.put("originalPort", "5555");

tempProp.put("protocol", "any");

tempProp.put("ruleId", "");

tempProp.put("ruleTag", "");

tempProp.put("ruleType", "user");

tempProp.put("snatDestinationAddress", "");

tempProp.put("snatDestinationPort", "");

tempProp.put("translatedAddress", "192.168.3.1");

tempProp.put("translatedPort", "any");

tempProp.put("vnicIndex", "0");

natRule.push(tempProp);

var rule = new NSXNatRule();

rule.description = natRule[i].description;

rule.dnatSourceAddress = natRule[i].dnatSourceAddress;

rule.dnatSourcePort = natRule[i].dnatSourcePort;

rule.enabled = natRule[i].enabled;

rule.icmpSubType = natRule[i].icmpSubType;

rule.loggingEnabled = natRule[i].loggingEnabled;

rule.originalAddress = natRule[i].originalAddress;

rule.originalPort = natRule[i].originalPort;

rule.protocol = natRule[i].protocol;

rule.action = natRule[i].action;

rule.ruleId = natRule[i].ruleId;

rule.ruleTag = natRule[i].ruleTag;

rule.ruleType = natRule[i].ruleType;

rule.snatDestinationAddress = natRule[i].snatDestinationAddress;

rule.snatDestinationPort = natRule[i].snatDestiantionPort;

rule.translatedAddress = natRule[i].translatedAddress;

rule.translatedPort = natRule[i].translatedPort;

rule.vnicIndex = natRule[i].vnicIndex;

Or if you prefer you can use the set methods - these are not documented in the API, but they are there, so use 'em if you like 'em. They are functionally equivalent to what I put in the first block (i.e. rule.translatedPort = "5555" is the same as rule.setTranslatedPort("5555"))

var rule = new NSXNatRule();

rule.setDescription(natRule[i].description);

rule.setDnatSourceAddress(natRule[i].dnatSourceAddress);

rule.setDnatSourcePort(natRule[i].dnatSourcePort);

rule.setEnabled(natRule[i].enabled);

rule.setIcmpSubType(natRule[i].icmpSubType);

rule.setLoggingEnabled(natRule[i].loggingEnabled);

rule.setOriginalAddress(natRule[i].originalAddress);

rule.setOriginalPort(natRule[i].originalPort);

rule.setProtocol(natRule[i].protocol);

rule.setAction(natRule[i].action);

rule.setRuleId(natRule[i].ruleId);

rule.setRuleTag(natRule[i].ruleTag);

rule.setRuleType(natRule[i].ruleType);

rule.setSnatDestinationAddress(natRule[i].snatDestinationAddress);

rule.setSnatDestinationPort(natRule[i].snatDestiantionPort);

rule.setTranslatedAddress(natRule[i].translatedAddress);

rule.setTranslatedPort(natRule[i].translatedPort);

rule.setVnicIndex(natRule[i].vnicIndex);

All

NSXNatRule Orchestrator Plugin API