use of org.batfish.datamodel.IpWildcard in project batfish by batfish.
the class Encoder method initSlices.
/*
* Initialize each encoding slice.
* For iBGP, we also add reachability information for each pair of neighbors,
* to determine if messages sent to/from a neighbor will arrive.
*/
private void initSlices(HeaderSpace h, Graph g) {
if (g.getIbgpNeighbors().isEmpty() || !_modelIgp) {
_slices.put(MAIN_SLICE_NAME, new EncoderSlice(this, h, g, ""));
} else {
_slices.put(MAIN_SLICE_NAME, new EncoderSlice(this, h, g, MAIN_SLICE_NAME));
}
if (_modelIgp) {
SortedSet<Pair<String, Ip>> ibgpRouters = new TreeSet<>();
for (Entry<GraphEdge, BgpNeighbor> entry : g.getIbgpNeighbors().entrySet()) {
GraphEdge ge = entry.getKey();
BgpNeighbor n = entry.getValue();
String router = ge.getRouter();
Ip ip = n.getLocalIp();
Pair<String, Ip> pair = new Pair<>(router, ip);
// Add one slice per (router, source ip) pair
if (!ibgpRouters.contains(pair)) {
ibgpRouters.add(pair);
// Create a control plane slice only for this ip
HeaderSpace hs = new HeaderSpace();
// Make sure messages are sent to this destination IP
SortedSet<IpWildcard> ips = new TreeSet<>();
ips.add(new IpWildcard(n.getLocalIp()));
hs.setDstIps(ips);
// Make sure messages use TCP port 179
SortedSet<SubRange> dstPorts = new TreeSet<>();
dstPorts.add(new SubRange(179, 179));
hs.setDstPorts(dstPorts);
// Make sure messages use the TCP protocol
SortedSet<IpProtocol> protocols = new TreeSet<>();
protocols.add(IpProtocol.TCP);
hs.setIpProtocols(protocols);
// TODO: create domains once
Graph gNew = new Graph(g.getBatfish(), null, g.getDomain(router));
String sliceName = "SLICE-" + router + "_";
EncoderSlice slice = new EncoderSlice(this, hs, gNew, sliceName);
_slices.put(sliceName, slice);
PropertyAdder pa = new PropertyAdder(slice);
Map<String, BoolExpr> reachVars = pa.instrumentReachability(router);
_sliceReachability.put(router, reachVars);
}
}
}
}
use of org.batfish.datamodel.IpWildcard in project batfish by batfish.
the class EncoderSlice method computeWildcardMatch.
/*
* Convert a set of wildcards and a packet field to a symbolic boolean expression
*/
private BoolExpr computeWildcardMatch(Set<IpWildcard> wcs, BitVecExpr field) {
BoolExpr acc = mkFalse();
for (IpWildcard wc : wcs) {
ipWildCardBound(field, wc);
acc = mkOr(acc, ipWildCardBound(field, wc));
}
return (BoolExpr) acc.simplify();
}
use of org.batfish.datamodel.IpWildcard in project batfish by batfish.
the class DestinationClasses method createHeaderSpace.
/*
* Convert a collection of prefixes over destination IP in to a headerspace
*/
private HeaderSpace createHeaderSpace(List<Prefix> prefixes) {
HeaderSpace h = new HeaderSpace();
h.setDstIps(prefixes.stream().map(IpWildcard::new).collect(Collectors.toSet()));
return h;
}
use of org.batfish.datamodel.IpWildcard in project batfish by batfish.
the class FwFromSourceAddressExcept method applyTo.
@Override
public void applyTo(IpAccessListLine line, JuniperConfiguration jc, Warnings w, Configuration c) {
IpWildcard wildcard = new IpWildcard(_prefix);
line.setNotSrcIps(Iterables.concat(line.getNotSrcIps(), Collections.singleton(wildcard)));
}
use of org.batfish.datamodel.IpWildcard in project batfish by batfish.
the class FwFromSourcePrefixList method applyTo.
@Override
public void applyTo(IpAccessListLine line, JuniperConfiguration jc, Warnings w, Configuration c) {
PrefixList pl = jc.getPrefixLists().get(_name);
if (pl != null) {
pl.getReferers().put(this, "firewall from source-prefix-list");
if (pl.getIpv6()) {
return;
}
RouteFilterList sourcePrefixList = c.getRouteFilterLists().get(_name);
List<IpWildcard> wildcards = sourcePrefixList.getMatchingIps();
line.setSrcIps(Iterables.concat(line.getSrcIps(), wildcards));
} else {
w.redFlag("Reference to undefined source prefix-list: \"" + _name + "\"");
}
}
Aggregations