Example 11 with IpProtocol
use of org.batfish.datamodel.IpProtocol in project batfish by batfish.
the class IpPermissions method toIpAccessListLine.
private IpAccessListLine toIpAccessListLine() {
IpAccessListLine line = new IpAccessListLine();
line.setAction(LineAction.ACCEPT);
IpProtocol protocol = toIpProtocol(_ipProtocol);
if (protocol != null) {
line.setIpProtocols(Collections.singleton(protocol));
}
// if the range isn't all ports, set it in ACL
if (_fromPort != 0 || _toPort != 65535) {
line.setDstPorts(Collections.singleton(new SubRange(_fromPort, _toPort)));
}
return line;
}
Also used :
IpProtocol(org.batfish.datamodel.IpProtocol)
IpAccessListLine(org.batfish.datamodel.IpAccessListLine)
SubRange(org.batfish.datamodel.SubRange)
Example 12 with IpProtocol
use of org.batfish.datamodel.IpProtocol in project batfish by batfish.
the class Encoder method initSlices.
/*
* Initialize each encoding slice.
* For iBGP, we also add reachability information for each pair of neighbors,
* to determine if messages sent to/from a neighbor will arrive.
*/
private void initSlices(HeaderSpace h, Graph g) {
if (g.getIbgpNeighbors().isEmpty() || !_modelIgp) {
_slices.put(MAIN_SLICE_NAME, new EncoderSlice(this, h, g, ""));
} else {
_slices.put(MAIN_SLICE_NAME, new EncoderSlice(this, h, g, MAIN_SLICE_NAME));
}
if (_modelIgp) {
SortedSet<Pair<String, Ip>> ibgpRouters = new TreeSet<>();
for (Entry<GraphEdge, BgpNeighbor> entry : g.getIbgpNeighbors().entrySet()) {
GraphEdge ge = entry.getKey();
BgpNeighbor n = entry.getValue();
String router = ge.getRouter();
Ip ip = n.getLocalIp();
Pair<String, Ip> pair = new Pair<>(router, ip);
// Add one slice per (router, source ip) pair
if (!ibgpRouters.contains(pair)) {
ibgpRouters.add(pair);
// Create a control plane slice only for this ip
HeaderSpace hs = new HeaderSpace();
// Make sure messages are sent to this destination IP
SortedSet<IpWildcard> ips = new TreeSet<>();
ips.add(new IpWildcard(n.getLocalIp()));
hs.setDstIps(ips);
// Make sure messages use TCP port 179
SortedSet<SubRange> dstPorts = new TreeSet<>();
dstPorts.add(new SubRange(179, 179));
hs.setDstPorts(dstPorts);
// Make sure messages use the TCP protocol
SortedSet<IpProtocol> protocols = new TreeSet<>();
protocols.add(IpProtocol.TCP);
hs.setIpProtocols(protocols);
// TODO: create domains once
Graph gNew = new Graph(g.getBatfish(), null, g.getDomain(router));
String sliceName = "SLICE-" + router + "_";
EncoderSlice slice = new EncoderSlice(this, hs, gNew, sliceName);
_slices.put(sliceName, slice);
PropertyAdder pa = new PropertyAdder(slice);
Map<String, BoolExpr> reachVars = pa.instrumentReachability(router);
_sliceReachability.put(router, reachVars);
}
}
}
}
Also used :
BoolExpr(com.microsoft.z3.BoolExpr)
Ip(org.batfish.datamodel.Ip)
HeaderSpace(org.batfish.datamodel.HeaderSpace)
BgpNeighbor(org.batfish.datamodel.BgpNeighbor)
IpWildcard(org.batfish.datamodel.IpWildcard)
Graph(org.batfish.symbolic.Graph)
TreeSet(java.util.TreeSet)
IpProtocol(org.batfish.datamodel.IpProtocol)
SubRange(org.batfish.datamodel.SubRange)
GraphEdge(org.batfish.symbolic.GraphEdge)
Pair(org.batfish.common.Pair)
Example 13 with IpProtocol
use of org.batfish.datamodel.IpProtocol in project batfish by batfish.
the class Encoder method buildCounterExample.
/*
* Add the relevant variables in the counterexample to
* display to the user in a human-readable fashion
*/
private void buildCounterExample(Encoder enc, Model m, SortedMap<String, String> model, SortedMap<String, String> packetModel, SortedSet<String> fwdModel, SortedMap<String, SortedMap<String, String>> envModel, SortedSet<String> failures) {
SortedMap<Expr, String> valuation = new TreeMap<>();
// If user asks for the full model
for (Entry<String, Expr> entry : _allVariables.entrySet()) {
String name = entry.getKey();
Expr e = entry.getValue();
Expr val = m.evaluate(e, true);
if (!val.equals(e)) {
String s = val.toString();
if (_question.getFullModel()) {
model.put(name, s);
}
valuation.put(e, s);
}
}
// Packet model
SymbolicPacket p = enc.getMainSlice().getSymbolicPacket();
String dstIp = valuation.get(p.getDstIp());
String srcIp = valuation.get(p.getSrcIp());
String dstPt = valuation.get(p.getDstPort());
String srcPt = valuation.get(p.getSrcPort());
String icmpCode = valuation.get(p.getIcmpCode());
String icmpType = valuation.get(p.getIcmpType());
String ipProtocol = valuation.get(p.getIpProtocol());
String tcpAck = valuation.get(p.getTcpAck());
String tcpCwr = valuation.get(p.getTcpCwr());
String tcpEce = valuation.get(p.getTcpEce());
String tcpFin = valuation.get(p.getTcpFin());
String tcpPsh = valuation.get(p.getTcpPsh());
String tcpRst = valuation.get(p.getTcpRst());
String tcpSyn = valuation.get(p.getTcpSyn());
String tcpUrg = valuation.get(p.getTcpUrg());
Ip dip = new Ip(Long.parseLong(dstIp));
Ip sip = new Ip(Long.parseLong(srcIp));
packetModel.put("dstIp", dip.toString());
if (sip.asLong() != 0) {
packetModel.put("srcIp", sip.toString());
}
if (dstPt != null && !dstPt.equals("0")) {
packetModel.put("dstPort", dstPt);
}
if (srcPt != null && !srcPt.equals("0")) {
packetModel.put("srcPort", srcPt);
}
if (icmpCode != null && !icmpCode.equals("0")) {
packetModel.put("icmpCode", icmpCode);
}
if (icmpType != null && !icmpType.equals("0")) {
packetModel.put("icmpType", icmpType);
}
if (ipProtocol != null && !ipProtocol.equals("0")) {
Integer number = Integer.parseInt(ipProtocol);
IpProtocol proto = IpProtocol.fromNumber(number);
packetModel.put("protocol", proto.toString());
}
if ("true".equals(tcpAck)) {
packetModel.put("tcpAck", "set");
}
if ("true".equals(tcpCwr)) {
packetModel.put("tcpCwr", "set");
}
if ("true".equals(tcpEce)) {
packetModel.put("tcpEce", "set");
}
if ("true".equals(tcpFin)) {
packetModel.put("tcpFin", "set");
}
if ("true".equals(tcpPsh)) {
packetModel.put("tcpPsh", "set");
}
if ("true".equals(tcpRst)) {
packetModel.put("tcpRst", "set");
}
if ("true".equals(tcpSyn)) {
packetModel.put("tcpSyn", "set");
}
if ("true".equals(tcpUrg)) {
packetModel.put("tcpUrg", "set");
}
for (EncoderSlice slice : enc.getSlices().values()) {
for (Entry<LogicalEdge, SymbolicRoute> entry2 : slice.getLogicalGraph().getEnvironmentVars().entrySet()) {
LogicalEdge lge = entry2.getKey();
SymbolicRoute r = entry2.getValue();
if ("true".equals(valuation.get(r.getPermitted()))) {
SortedMap<String, String> recordMap = new TreeMap<>();
GraphEdge ge = lge.getEdge();
String nodeIface = ge.getRouter() + "," + ge.getStart().getName() + " (BGP)";
envModel.put(nodeIface, recordMap);
if (r.getPrefixLength() != null) {
String x = valuation.get(r.getPrefixLength());
if (x != null) {
int len = Integer.parseInt(x);
Prefix p1 = new Prefix(dip, len);
recordMap.put("prefix", p1.toString());
}
}
if (r.getAdminDist() != null) {
String x = valuation.get(r.getAdminDist());
if (x != null) {
recordMap.put("admin distance", x);
}
}
if (r.getLocalPref() != null) {
String x = valuation.get(r.getLocalPref());
if (x != null) {
recordMap.put("local preference", x);
}
}
if (r.getMetric() != null) {
String x = valuation.get(r.getMetric());
if (x != null) {
recordMap.put("protocol metric", x);
}
}
if (r.getMed() != null) {
String x = valuation.get(r.getMed());
if (x != null) {
recordMap.put("multi-exit disc.", valuation.get(r.getMed()));
}
}
if (r.getOspfArea() != null && r.getOspfArea().getBitVec() != null) {
String x = valuation.get(r.getOspfArea().getBitVec());
if (x != null) {
Integer i = Integer.parseInt(x);
Long area = r.getOspfArea().value(i);
recordMap.put("OSPF Area", area.toString());
}
}
if (r.getOspfType() != null && r.getOspfType().getBitVec() != null) {
String x = valuation.get(r.getOspfType().getBitVec());
if (x != null) {
Integer i = Integer.parseInt(x);
OspfType type = r.getOspfType().value(i);
recordMap.put("OSPF Type", type.toString());
}
}
for (Entry<CommunityVar, BoolExpr> entry3 : r.getCommunities().entrySet()) {
CommunityVar cvar = entry3.getKey();
BoolExpr e = entry3.getValue();
String c = valuation.get(e);
// TODO: what about OTHER type?
if ("true".equals(c) && displayCommunity(cvar)) {
String s = cvar.getValue();
String t = slice.getNamedCommunities().get(cvar.getValue());
s = (t == null ? s : t);
recordMap.put("community " + s, "");
}
}
}
}
}
// Forwarding Model
enc.getMainSlice().getSymbolicDecisions().getDataForwarding().forEach((router, edge, e) -> {
String s = valuation.get(e);
if ("true".equals(s)) {
SymbolicRoute r = enc.getMainSlice().getSymbolicDecisions().getBestNeighbor().get(router);
if (r.getProtocolHistory() != null) {
Protocol proto;
List<Protocol> allProtocols = enc.getMainSlice().getProtocols().get(router);
if (allProtocols.size() == 1) {
proto = allProtocols.get(0);
} else {
s = valuation.get(r.getProtocolHistory().getBitVec());
int i = Integer.parseInt(s);
proto = r.getProtocolHistory().value(i);
}
fwdModel.add(edge + " (" + proto.name() + ")");
} else {
fwdModel.add(edge.toString());
}
}
});
_symbolicFailures.getFailedInternalLinks().forEach((x, y, e) -> {
String s = valuation.get(e);
if ("1".equals(s)) {
String pair = (x.compareTo(y) < 0 ? x + "," + y : y + "," + x);
failures.add("link(" + pair + ")");
}
});
_symbolicFailures.getFailedEdgeLinks().forEach((ge, e) -> {
String s = valuation.get(e);
if ("1".equals(s)) {
failures.add("link(" + ge.getRouter() + "," + ge.getStart().getName() + ")");
}
});
}
Also used :
BoolExpr(com.microsoft.z3.BoolExpr)
Ip(org.batfish.datamodel.Ip)
Prefix(org.batfish.datamodel.Prefix)
TreeMap(java.util.TreeMap)
CommunityVar(org.batfish.symbolic.CommunityVar)
BoolExpr(com.microsoft.z3.BoolExpr)
ArithExpr(com.microsoft.z3.ArithExpr)
BitVecExpr(com.microsoft.z3.BitVecExpr)
Expr(com.microsoft.z3.Expr)
IpProtocol(org.batfish.datamodel.IpProtocol)
OspfType(org.batfish.symbolic.OspfType)
IpProtocol(org.batfish.datamodel.IpProtocol)
Protocol(org.batfish.symbolic.Protocol)
GraphEdge(org.batfish.symbolic.GraphEdge)
Example 14 with IpProtocol
use of org.batfish.datamodel.IpProtocol in project batfish by batfish.
the class BDDAcl method computeIpProtocols.
/*
* Convert a set of ip protocols to a boolean expression on the symbolic packet
*/
private BDD computeIpProtocols(Set<IpProtocol> ipProtos) {
BDD acc = _factory.zero();
for (IpProtocol proto : ipProtos) {
BDD isValue = _pkt.getIpProtocol().value(proto.number());
acc = acc.or(isValue);
}
return acc;
}
Also used :
BDD(net.sf.javabdd.BDD)
IpProtocol(org.batfish.datamodel.IpProtocol)
Aggregations
IpProtocol (org.batfish.datamodel.IpProtocol)14
SubRange (org.batfish.datamodel.SubRange)8
IpWildcard (org.batfish.datamodel.IpWildcard)5
BoolExpr (com.microsoft.z3.BoolExpr)4
ArrayList (java.util.ArrayList)4
Ip (org.batfish.datamodel.Ip)4
State (org.batfish.datamodel.State)4
TcpFlags (org.batfish.datamodel.TcpFlags)4
TreeSet (java.util.TreeSet)3
IpAccessListLine (org.batfish.datamodel.IpAccessListLine)3
LineAction (org.batfish.datamodel.LineAction)3
ArithExpr (com.microsoft.z3.ArithExpr)2
BigInteger (java.math.BigInteger)2
TreeMap (java.util.TreeMap)2
Ip6Wildcard (org.batfish.datamodel.Ip6Wildcard)2
IpAccessList (org.batfish.datamodel.IpAccessList)2
Prefix (org.batfish.datamodel.Prefix)2
Extended_access_list_additional_featureContext (org.batfish.grammar.cisco.CiscoParser.Extended_access_list_additional_featureContext)2
GraphEdge (org.batfish.symbolic.GraphEdge)2
BitVecExpr (com.microsoft.z3.BitVecExpr)1
