Search in sources :

Example 6 with IpProtocol

use of org.batfish.datamodel.IpProtocol in project batfish by batfish.

the class CounterExample method buildFlow.

Flow buildFlow(SymbolicPacket pkt, String router) {
    Ip srcIp = ipVal(pkt.getSrcIp());
    Ip dstIp = ipVal(pkt.getDstIp());
    Integer srcPort = intVal(pkt.getSrcPort());
    Integer dstPort = intVal(pkt.getDstPort());
    IpProtocol ipProtocol = IpProtocol.fromNumber(intVal(pkt.getIpProtocol()));
    Integer icmpType = intVal(pkt.getIcmpType());
    Integer icmpCode = intVal(pkt.getIcmpCode());
    Integer tcpFlagsCwr = isTrue(pkt.getTcpCwr()) ? 0 : 1;
    Integer tcpFlagsEce = isTrue(pkt.getTcpEce()) ? 0 : 1;
    Integer tcpFlagsUrg = isTrue(pkt.getTcpUrg()) ? 0 : 1;
    Integer tcpFlagsAck = isTrue(pkt.getTcpAck()) ? 0 : 1;
    Integer tcpFlagsPsh = isTrue(pkt.getTcpPsh()) ? 0 : 1;
    Integer tcpFlagsRst = isTrue(pkt.getTcpRst()) ? 0 : 1;
    Integer tcpFlagsSyn = isTrue(pkt.getTcpSyn()) ? 0 : 1;
    Integer tcpFlagsFin = isTrue(pkt.getTcpFin()) ? 0 : 1;
    Flow.Builder b = new Flow.Builder();
    b.setIngressNode(router);
    b.setSrcIp(srcIp);
    b.setDstIp(dstIp);
    b.setSrcPort(srcPort);
    b.setDstPort(dstPort);
    b.setIpProtocol(ipProtocol);
    b.setIcmpType(icmpType);
    b.setIcmpCode(icmpCode);
    b.setTcpFlagsCwr(tcpFlagsCwr);
    b.setTcpFlagsEce(tcpFlagsEce);
    b.setTcpFlagsUrg(tcpFlagsUrg);
    b.setTcpFlagsAck(tcpFlagsAck);
    b.setTcpFlagsPsh(tcpFlagsPsh);
    b.setTcpFlagsRst(tcpFlagsRst);
    b.setTcpFlagsSyn(tcpFlagsSyn);
    b.setTcpFlagsFin(tcpFlagsFin);
    b.setTag("SMT");
    return b.build();
}
Also used : Ip(org.batfish.datamodel.Ip) IpProtocol(org.batfish.datamodel.IpProtocol) Flow(org.batfish.datamodel.Flow)

Example 7 with IpProtocol

use of org.batfish.datamodel.IpProtocol in project batfish by batfish.

the class CiscoControlPlaneExtractor method exitExtended_ipv6_access_list_tail.

@Override
public void exitExtended_ipv6_access_list_tail(Extended_ipv6_access_list_tailContext ctx) {
    LineAction action = toLineAction(ctx.ala);
    IpProtocol protocol = toIpProtocol(ctx.prot);
    Ip6 srcIp = getIp(ctx.srcipr);
    Ip6 srcWildcard = getWildcard(ctx.srcipr);
    Ip6 dstIp = getIp(ctx.dstipr);
    Ip6 dstWildcard = getWildcard(ctx.dstipr);
    String srcAddressGroup = getAddressGroup(ctx.srcipr);
    String dstAddressGroup = getAddressGroup(ctx.dstipr);
    List<SubRange> srcPortRanges = ctx.alps_src != null ? toPortRanges(ctx.alps_src) : Collections.<SubRange>emptyList();
    List<SubRange> dstPortRanges = ctx.alps_dst != null ? toPortRanges(ctx.alps_dst) : Collections.<SubRange>emptyList();
    Integer icmpType = null;
    Integer icmpCode = null;
    List<TcpFlags> tcpFlags = new ArrayList<>();
    Set<Integer> dscps = new TreeSet<>();
    Set<Integer> ecns = new TreeSet<>();
    Set<State> states = EnumSet.noneOf(State.class);
    for (Extended_access_list_additional_featureContext feature : ctx.features) {
        if (feature.ACK() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseAck(true);
            alt.setAck(true);
            tcpFlags.add(alt);
        }
        if (feature.DSCP() != null) {
            int dscpType = toDscpType(feature.dscp_type());
            dscps.add(dscpType);
        }
        if (feature.ECE() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseEce(true);
            alt.setEce(true);
            tcpFlags.add(alt);
        }
        if (feature.ECHO_REPLY() != null) {
            icmpType = IcmpType.ECHO_REPLY;
            icmpCode = IcmpCode.ECHO_REPLY;
        }
        if (feature.ECHO() != null) {
            icmpType = IcmpType.ECHO_REQUEST;
            icmpCode = IcmpCode.ECHO_REQUEST;
        }
        if (feature.ECN() != null) {
            int ecn = toInteger(feature.ecn);
            ecns.add(ecn);
        }
        if (feature.ESTABLISHED() != null) {
            // must contain ACK or RST
            TcpFlags alt1 = new TcpFlags();
            TcpFlags alt2 = new TcpFlags();
            alt1.setUseAck(true);
            alt1.setAck(true);
            alt2.setUseRst(true);
            alt2.setRst(true);
            tcpFlags.add(alt1);
            tcpFlags.add(alt2);
        }
        if (feature.FIN() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseFin(true);
            alt.setFin(true);
            tcpFlags.add(alt);
        }
        if (feature.FRAGMENTS() != null) {
            todo(ctx, F_FRAGMENTS);
        }
        if (feature.HOST_UNKNOWN() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_HOST_UNKNOWN;
        }
        if (feature.HOST_UNREACHABLE() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_HOST_UNREACHABLE;
        }
        if (feature.NETWORK_UNKNOWN() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_NETWORK_UNKNOWN;
        }
        if (feature.NET_UNREACHABLE() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_NETWORK_UNREACHABLE;
        }
        if (feature.PACKET_TOO_BIG() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.PACKET_TOO_BIG;
        }
        if (feature.PARAMETER_PROBLEM() != null) {
            icmpType = IcmpType.PARAMETER_PROBLEM;
        }
        if (feature.PORT_UNREACHABLE() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_PORT_UNREACHABLE;
        }
        if (feature.PSH() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUsePsh(true);
            alt.setPsh(true);
            tcpFlags.add(alt);
        }
        if (feature.REDIRECT() != null) {
            icmpType = IcmpType.REDIRECT_MESSAGE;
        }
        if (feature.RST() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseRst(true);
            alt.setRst(true);
            tcpFlags.add(alt);
        }
        if (feature.SOURCE_QUENCH() != null) {
            icmpType = IcmpType.SOURCE_QUENCH;
            icmpCode = IcmpCode.SOURCE_QUENCH;
        }
        if (feature.SYN() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseSyn(true);
            alt.setSyn(true);
            tcpFlags.add(alt);
        }
        if (feature.TIME_EXCEEDED() != null) {
            icmpType = IcmpType.TIME_EXCEEDED;
        }
        if (feature.TTL() != null) {
            todo(ctx, F_TTL);
        }
        if (feature.TTL_EXCEEDED() != null) {
            icmpType = IcmpType.TIME_EXCEEDED;
            icmpCode = IcmpCode.TTL_EXCEEDED;
        }
        if (feature.TRACEROUTE() != null) {
            icmpType = IcmpType.TRACEROUTE;
            icmpCode = IcmpCode.TRACEROUTE;
        }
        if (feature.TRACKED() != null) {
            states.add(State.ESTABLISHED);
        }
        if (feature.UNREACHABLE() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
        }
        if (feature.URG() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseUrg(true);
            alt.setUrg(true);
            tcpFlags.add(alt);
        }
    }
    String name = getFullText(ctx).trim();
    ExtendedIpv6AccessListLine line = new ExtendedIpv6AccessListLine(name, action, protocol, new Ip6Wildcard(srcIp, srcWildcard), srcAddressGroup, new Ip6Wildcard(dstIp, dstWildcard), dstAddressGroup, srcPortRanges, dstPortRanges, dscps, ecns, icmpType, icmpCode, states, tcpFlags);
    _currentExtendedIpv6Acl.addLine(line);
}
Also used : LineAction(org.batfish.datamodel.LineAction) ArrayList(java.util.ArrayList) ExtendedIpv6AccessListLine(org.batfish.representation.cisco.ExtendedIpv6AccessListLine) Ip6(org.batfish.datamodel.Ip6) TcpFlags(org.batfish.datamodel.TcpFlags) TreeSet(java.util.TreeSet) State(org.batfish.datamodel.State) Extended_access_list_additional_featureContext(org.batfish.grammar.cisco.CiscoParser.Extended_access_list_additional_featureContext) IpProtocol(org.batfish.datamodel.IpProtocol) SubRange(org.batfish.datamodel.SubRange) Ip6Wildcard(org.batfish.datamodel.Ip6Wildcard)

Example 8 with IpProtocol

use of org.batfish.datamodel.IpProtocol in project batfish by batfish.

the class CiscoControlPlaneExtractor method exitExtended_access_list_tail.

@Override
public void exitExtended_access_list_tail(Extended_access_list_tailContext ctx) {
    LineAction action = toLineAction(ctx.ala);
    IpProtocol protocol = toIpProtocol(ctx.prot);
    Ip srcIp = getIp(ctx.srcipr);
    Ip srcWildcard = getWildcard(ctx.srcipr);
    Ip dstIp = getIp(ctx.dstipr);
    Ip dstWildcard = getWildcard(ctx.dstipr);
    String srcAddressGroup = getAddressGroup(ctx.srcipr);
    String dstAddressGroup = getAddressGroup(ctx.dstipr);
    List<SubRange> srcPortRanges = ctx.alps_src != null ? toPortRanges(ctx.alps_src) : Collections.<SubRange>emptyList();
    List<SubRange> dstPortRanges = ctx.alps_dst != null ? toPortRanges(ctx.alps_dst) : Collections.<SubRange>emptyList();
    Integer icmpType = null;
    Integer icmpCode = null;
    List<TcpFlags> tcpFlags = new ArrayList<>();
    Set<Integer> dscps = new TreeSet<>();
    Set<Integer> ecns = new TreeSet<>();
    Set<State> states = EnumSet.noneOf(State.class);
    for (Extended_access_list_additional_featureContext feature : ctx.features) {
        if (feature.ACK() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseAck(true);
            alt.setAck(true);
            tcpFlags.add(alt);
        }
        if (feature.DSCP() != null) {
            int dscpType = toDscpType(feature.dscp_type());
            dscps.add(dscpType);
        }
        if (feature.ECE() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseEce(true);
            alt.setEce(true);
            tcpFlags.add(alt);
        }
        if (feature.ECHO_REPLY() != null) {
            icmpType = IcmpType.ECHO_REPLY;
            icmpCode = IcmpCode.ECHO_REPLY;
        }
        if (feature.ECHO() != null) {
            icmpType = IcmpType.ECHO_REQUEST;
            icmpCode = IcmpCode.ECHO_REQUEST;
        }
        if (feature.ECN() != null) {
            int ecn = toInteger(feature.ecn);
            ecns.add(ecn);
        }
        if (feature.ESTABLISHED() != null) {
            // must contain ACK or RST
            TcpFlags alt1 = new TcpFlags();
            TcpFlags alt2 = new TcpFlags();
            alt1.setUseAck(true);
            alt1.setAck(true);
            alt2.setUseRst(true);
            alt2.setRst(true);
            tcpFlags.add(alt1);
            tcpFlags.add(alt2);
        }
        if (feature.FIN() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseFin(true);
            alt.setFin(true);
            tcpFlags.add(alt);
        }
        if (feature.FRAGMENTS() != null) {
            todo(ctx, F_FRAGMENTS);
        }
        if (feature.HOST_UNKNOWN() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_HOST_UNKNOWN;
        }
        if (feature.HOST_UNREACHABLE() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_HOST_UNREACHABLE;
        }
        if (feature.NETWORK_UNKNOWN() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_NETWORK_UNKNOWN;
        }
        if (feature.NET_UNREACHABLE() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_NETWORK_UNREACHABLE;
        }
        if (feature.PACKET_TOO_BIG() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.PACKET_TOO_BIG;
        }
        if (feature.PARAMETER_PROBLEM() != null) {
            icmpType = IcmpType.PARAMETER_PROBLEM;
        }
        if (feature.PORT_UNREACHABLE() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_PORT_UNREACHABLE;
        }
        if (feature.PSH() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUsePsh(true);
            alt.setPsh(true);
            tcpFlags.add(alt);
        }
        if (feature.REDIRECT() != null) {
            icmpType = IcmpType.REDIRECT_MESSAGE;
        }
        if (feature.RST() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseRst(true);
            alt.setRst(true);
            tcpFlags.add(alt);
        }
        if (feature.SOURCE_QUENCH() != null) {
            icmpType = IcmpType.SOURCE_QUENCH;
            icmpCode = IcmpCode.SOURCE_QUENCH;
        }
        if (feature.SYN() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseSyn(true);
            alt.setSyn(true);
            tcpFlags.add(alt);
        }
        if (feature.TIME_EXCEEDED() != null) {
            icmpType = IcmpType.TIME_EXCEEDED;
        }
        if (feature.TTL() != null) {
            todo(ctx, F_TTL);
        }
        if (feature.TTL_EXCEEDED() != null) {
            icmpType = IcmpType.TIME_EXCEEDED;
            icmpCode = IcmpCode.TTL_EXCEEDED;
        }
        if (feature.TRACEROUTE() != null) {
            icmpType = IcmpType.TRACEROUTE;
            icmpCode = IcmpCode.TRACEROUTE;
        }
        if (feature.TRACKED() != null) {
            states.add(State.ESTABLISHED);
        }
        if (feature.UNREACHABLE() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
        }
        if (feature.URG() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseUrg(true);
            alt.setUrg(true);
            tcpFlags.add(alt);
        }
    }
    String name = getFullText(ctx).trim();
    ExtendedAccessListLine line = new ExtendedAccessListLine(name, action, protocol, new IpWildcard(srcIp, srcWildcard), srcAddressGroup, new IpWildcard(dstIp, dstWildcard), dstAddressGroup, srcPortRanges, dstPortRanges, dscps, ecns, icmpType, icmpCode, states, tcpFlags);
    _currentExtendedAcl.addLine(line);
}
Also used : LineAction(org.batfish.datamodel.LineAction) Ip(org.batfish.datamodel.Ip) RoutePolicyNextHopIp(org.batfish.representation.cisco.RoutePolicyNextHopIp) ExtendedAccessListLine(org.batfish.representation.cisco.ExtendedAccessListLine) ArrayList(java.util.ArrayList) IpWildcard(org.batfish.datamodel.IpWildcard) TcpFlags(org.batfish.datamodel.TcpFlags) TreeSet(java.util.TreeSet) State(org.batfish.datamodel.State) Extended_access_list_additional_featureContext(org.batfish.grammar.cisco.CiscoParser.Extended_access_list_additional_featureContext) IpProtocol(org.batfish.datamodel.IpProtocol) SubRange(org.batfish.datamodel.SubRange)

Example 9 with IpProtocol

use of org.batfish.datamodel.IpProtocol in project batfish by batfish.

the class CiscoConfiguration method toIpAccessList.

private IpAccessList toIpAccessList(ExtendedAccessList eaList) {
    String name = eaList.getName();
    List<IpAccessListLine> lines = new ArrayList<>(eaList.getLines().size());
    for (ExtendedAccessListLine fromLine : eaList.getLines()) {
        IpAccessListLine newLine = new IpAccessListLine();
        newLine.setName(fromLine.getName());
        newLine.setAction(fromLine.getAction());
        IpWildcard srcIpWildcard = fromLine.getSourceIpWildcard();
        if (srcIpWildcard != null) {
            newLine.setSrcIps(ImmutableSortedSet.of(srcIpWildcard));
        }
        IpWildcard dstIpWildcard = fromLine.getDestinationIpWildcard();
        if (dstIpWildcard != null) {
            newLine.setDstIps(ImmutableSortedSet.of(dstIpWildcard));
        }
        // TODO: src/dst address group
        IpProtocol protocol = fromLine.getProtocol();
        if (protocol != IpProtocol.IP) {
            newLine.setIpProtocols(ImmutableSortedSet.of(protocol));
        }
        newLine.setDstPorts(fromLine.getDstPorts());
        newLine.setSrcPorts(fromLine.getSrcPorts());
        Integer icmpType = fromLine.getIcmpType();
        if (icmpType != null) {
            newLine.setIcmpTypes(ImmutableSortedSet.of(new SubRange(icmpType)));
        }
        Integer icmpCode = fromLine.getIcmpCode();
        if (icmpCode != null) {
            newLine.setIcmpCodes(ImmutableSortedSet.of(new SubRange(icmpCode)));
        }
        Set<State> states = fromLine.getStates();
        newLine.setStates(states);
        List<TcpFlags> tcpFlags = fromLine.getTcpFlags();
        newLine.setTcpFlags(tcpFlags);
        Set<Integer> dscps = fromLine.getDscps();
        newLine.setDscps(dscps);
        Set<Integer> ecns = fromLine.getEcns();
        newLine.setEcns(ecns);
        lines.add(newLine);
    }
    return new IpAccessList(name, lines);
}
Also used : ArrayList(java.util.ArrayList) IpWildcard(org.batfish.datamodel.IpWildcard) BigInteger(java.math.BigInteger) TcpFlags(org.batfish.datamodel.TcpFlags) State(org.batfish.datamodel.State) IpProtocol(org.batfish.datamodel.IpProtocol) IpAccessListLine(org.batfish.datamodel.IpAccessListLine) SubRange(org.batfish.datamodel.SubRange) IpAccessList(org.batfish.datamodel.IpAccessList)

Example 10 with IpProtocol

use of org.batfish.datamodel.IpProtocol in project batfish by batfish.

the class CiscoConfiguration method toIp6AccessList.

private Ip6AccessList toIp6AccessList(ExtendedIpv6AccessList eaList) {
    String name = eaList.getName();
    List<Ip6AccessListLine> lines = new ArrayList<>();
    for (ExtendedIpv6AccessListLine fromLine : eaList.getLines()) {
        Ip6AccessListLine newLine = new Ip6AccessListLine();
        newLine.setName(fromLine.getName());
        newLine.setAction(fromLine.getAction());
        Ip6Wildcard srcIpWildcard = fromLine.getSourceIpWildcard();
        if (srcIpWildcard != null) {
            newLine.getSrcIps().add(srcIpWildcard);
        }
        Ip6Wildcard dstIpWildcard = fromLine.getDestinationIpWildcard();
        if (dstIpWildcard != null) {
            newLine.getDstIps().add(dstIpWildcard);
        }
        // TODO: src/dst address group
        IpProtocol protocol = fromLine.getProtocol();
        if (protocol != IpProtocol.IP) {
            newLine.getIpProtocols().add(protocol);
        }
        newLine.getDstPorts().addAll(fromLine.getDstPorts());
        newLine.getSrcPorts().addAll(fromLine.getSrcPorts());
        Integer icmpType = fromLine.getIcmpType();
        if (icmpType != null) {
            newLine.setIcmpTypes(new TreeSet<>(Collections.singleton(new SubRange(icmpType))));
        }
        Integer icmpCode = fromLine.getIcmpCode();
        if (icmpCode != null) {
            newLine.setIcmpCodes(new TreeSet<>(Collections.singleton(new SubRange(icmpCode))));
        }
        Set<State> states = fromLine.getStates();
        newLine.getStates().addAll(states);
        List<TcpFlags> tcpFlags = fromLine.getTcpFlags();
        newLine.getTcpFlags().addAll(tcpFlags);
        Set<Integer> dscps = fromLine.getDscps();
        newLine.getDscps().addAll(dscps);
        Set<Integer> ecns = fromLine.getEcns();
        newLine.getEcns().addAll(ecns);
        lines.add(newLine);
    }
    return new Ip6AccessList(name, lines);
}
Also used : ArrayList(java.util.ArrayList) BigInteger(java.math.BigInteger) TcpFlags(org.batfish.datamodel.TcpFlags) State(org.batfish.datamodel.State) IpProtocol(org.batfish.datamodel.IpProtocol) SubRange(org.batfish.datamodel.SubRange) Ip6Wildcard(org.batfish.datamodel.Ip6Wildcard) Ip6AccessList(org.batfish.datamodel.Ip6AccessList) Ip6AccessListLine(org.batfish.datamodel.Ip6AccessListLine)

Aggregations

IpProtocol (org.batfish.datamodel.IpProtocol)14 SubRange (org.batfish.datamodel.SubRange)8 IpWildcard (org.batfish.datamodel.IpWildcard)5 BoolExpr (com.microsoft.z3.BoolExpr)4 ArrayList (java.util.ArrayList)4 Ip (org.batfish.datamodel.Ip)4 State (org.batfish.datamodel.State)4 TcpFlags (org.batfish.datamodel.TcpFlags)4 TreeSet (java.util.TreeSet)3 IpAccessListLine (org.batfish.datamodel.IpAccessListLine)3 LineAction (org.batfish.datamodel.LineAction)3 ArithExpr (com.microsoft.z3.ArithExpr)2 BigInteger (java.math.BigInteger)2 TreeMap (java.util.TreeMap)2 Ip6Wildcard (org.batfish.datamodel.Ip6Wildcard)2 IpAccessList (org.batfish.datamodel.IpAccessList)2 Prefix (org.batfish.datamodel.Prefix)2 Extended_access_list_additional_featureContext (org.batfish.grammar.cisco.CiscoParser.Extended_access_list_additional_featureContext)2 GraphEdge (org.batfish.symbolic.GraphEdge)2 BitVecExpr (com.microsoft.z3.BitVecExpr)1