Search in sources :

Example 6 with Route6FilterList

use of org.batfish.datamodel.Route6FilterList in project batfish by batfish.

the class RouteMapMatchIpv6AccessListLine method toBooleanExpr.

@Override
public BooleanExpr toBooleanExpr(Configuration c, CiscoConfiguration cc, Warnings w) {
    Disjunction d = new Disjunction();
    List<BooleanExpr> disjuncts = d.getDisjuncts();
    for (String listName : _listNames) {
        Object list;
        Ip6AccessList ipAccessList = null;
        Route6FilterList routeFilterList = null;
        if (_routing) {
            routeFilterList = c.getRoute6FilterLists().get(listName);
            list = routeFilterList;
        } else {
            ipAccessList = c.getIp6AccessLists().get(listName);
            list = ipAccessList;
        }
        if (list == null) {
            cc.undefined(CiscoStructureType.IPV6_ACCESS_LIST, listName, CiscoStructureUsage.ROUTE_MAP_MATCH_IPV6_ACCESS_LIST, _statementLine);
        } else {
            String msg = "route-map match ipv6 access-list line";
            ExtendedIpv6AccessList extendedAccessList = cc.getExtendedIpv6Acls().get(listName);
            if (extendedAccessList != null) {
                extendedAccessList.getReferers().put(this, msg);
            }
            StandardIpv6AccessList standardAccessList = cc.getStandardIpv6Acls().get(listName);
            if (standardAccessList != null) {
                standardAccessList.getReferers().put(this, msg);
            }
            if (_routing) {
                disjuncts.add(new MatchPrefix6Set(new DestinationNetwork6(), new NamedPrefix6Set(listName)));
            } else {
                disjuncts.add(new MatchIp6AccessList(listName));
            }
        }
    }
    return d.simplify();
}
Also used : MatchPrefix6Set(org.batfish.datamodel.routing_policy.expr.MatchPrefix6Set) Route6FilterList(org.batfish.datamodel.Route6FilterList) NamedPrefix6Set(org.batfish.datamodel.routing_policy.expr.NamedPrefix6Set) DestinationNetwork6(org.batfish.datamodel.routing_policy.expr.DestinationNetwork6) Disjunction(org.batfish.datamodel.routing_policy.expr.Disjunction) MatchIp6AccessList(org.batfish.datamodel.routing_policy.expr.MatchIp6AccessList) BooleanExpr(org.batfish.datamodel.routing_policy.expr.BooleanExpr) Ip6AccessList(org.batfish.datamodel.Ip6AccessList) MatchIp6AccessList(org.batfish.datamodel.routing_policy.expr.MatchIp6AccessList)

Example 7 with Route6FilterList

use of org.batfish.datamodel.Route6FilterList in project batfish by batfish.

the class JuniperConfiguration method toVendorIndependentConfiguration.

@Override
public Configuration toVendorIndependentConfiguration() throws VendorConversionException {
    String hostname = getHostname();
    _c = new Configuration(hostname, _vendor);
    _c.setAuthenticationKeyChains(convertAuthenticationKeyChains(_authenticationKeyChains));
    _c.setRoles(_roles);
    _c.setDnsServers(_dnsServers);
    _c.setDomainName(_defaultRoutingInstance.getDomainName());
    _c.setLoggingServers(_syslogHosts);
    _c.setNtpServers(_ntpServers);
    _c.setTacacsServers(_tacplusServers);
    _c.getVendorFamily().setJuniper(_jf);
    for (String riName : _routingInstances.keySet()) {
        _c.getVrfs().put(riName, new Vrf(riName));
    }
    // convert prefix lists to route filter lists
    for (Entry<String, PrefixList> e : _prefixLists.entrySet()) {
        String name = e.getKey();
        PrefixList pl = e.getValue();
        RouteFilterList rfl = new RouteFilterList(name);
        for (Prefix prefix : pl.getPrefixes()) {
            int prefixLength = prefix.getPrefixLength();
            org.batfish.datamodel.RouteFilterLine line = new org.batfish.datamodel.RouteFilterLine(LineAction.ACCEPT, prefix, new SubRange(prefixLength, prefixLength));
            rfl.addLine(line);
        }
        _c.getRouteFilterLists().put(name, rfl);
    }
    // remove ipv6 lines from firewall filters
    for (FirewallFilter filter : _filters.values()) {
        Set<String> toRemove = new HashSet<>();
        for (Entry<String, FwTerm> e2 : filter.getTerms().entrySet()) {
            String termName = e2.getKey();
            FwTerm term = e2.getValue();
            if (term.getIpv6()) {
                toRemove.add(termName);
            }
        }
        for (String termName : toRemove) {
            filter.getTerms().remove(termName);
        }
    }
    // remove empty firewall filters (ipv6-only filters)
    Map<String, FirewallFilter> allFilters = new LinkedHashMap<>();
    allFilters.putAll(_filters);
    for (Entry<String, FirewallFilter> e : allFilters.entrySet()) {
        String name = e.getKey();
        FirewallFilter filter = e.getValue();
        if (filter.getTerms().size() == 0) {
            _filters.remove(name);
        }
    }
    // convert firewall filters to ipaccesslists
    for (Entry<String, FirewallFilter> e : _filters.entrySet()) {
        String name = e.getKey();
        FirewallFilter filter = e.getValue();
        // TODO: support other filter families
        if (filter.getFamily() != Family.INET) {
            continue;
        }
        IpAccessList list = toIpAccessList(filter);
        _c.getIpAccessLists().put(name, list);
    }
    // objects
    for (Entry<String, FirewallFilter> e : _filters.entrySet()) {
        String name = e.getKey();
        FirewallFilter filter = e.getValue();
        if (filter.getRoutingPolicy()) {
            // TODO: support other filter families
            if (filter.getFamily() != Family.INET) {
                continue;
            }
            RoutingPolicy routingPolicy = toRoutingPolicy(filter);
            _c.getRoutingPolicies().put(name, routingPolicy);
        }
    }
    // convert route filters to route filter lists
    for (Entry<String, RouteFilter> e : _routeFilters.entrySet()) {
        String name = e.getKey();
        RouteFilter rf = e.getValue();
        if (rf.getIpv4()) {
            RouteFilterList rfl = new RouteFilterList(name);
            for (RouteFilterLine line : rf.getLines()) {
                if (line.getThens().size() == 0) {
                    line.applyTo(rfl);
                }
            }
            _c.getRouteFilterLists().put(name, rfl);
        }
        if (rf.getIpv6()) {
            Route6FilterList rfl = new Route6FilterList(name);
            for (RouteFilterLine line : rf.getLines()) {
                if (line.getThens().size() == 0) {
                    line.applyTo(rfl);
                }
            }
            _c.getRoute6FilterLists().put(name, rfl);
        }
    }
    // convert community lists
    for (Entry<String, CommunityList> e : _communityLists.entrySet()) {
        String name = e.getKey();
        CommunityList cl = e.getValue();
        org.batfish.datamodel.CommunityList newCl = toCommunityList(cl);
        _c.getCommunityLists().put(name, newCl);
    }
    // convert policy-statements to RoutingPolicy objects
    for (Entry<String, PolicyStatement> e : _policyStatements.entrySet()) {
        String name = e.getKey();
        PolicyStatement ps = e.getValue();
        RoutingPolicy routingPolicy = toRoutingPolicy(ps);
        _c.getRoutingPolicies().put(name, routingPolicy);
    }
    // convert interfaces
    Map<String, Interface> allInterfaces = new LinkedHashMap<>();
    for (Interface iface : _interfaces.values()) {
        allInterfaces.putAll(iface.getUnits());
    }
    for (NodeDevice nd : _nodeDevices.values()) {
        for (Interface iface : nd.getInterfaces().values()) {
            allInterfaces.putAll(iface.getUnits());
        }
    }
    for (Entry<String, Interface> eUnit : allInterfaces.entrySet()) {
        String unitName = eUnit.getKey();
        Interface unitIface = eUnit.getValue();
        unitIface.inheritUnsetFields();
        org.batfish.datamodel.Interface newUnitIface = toInterface(unitIface);
        _c.getInterfaces().put(unitName, newUnitIface);
        Vrf vrf = newUnitIface.getVrf();
        String vrfName = vrf.getName();
        vrf.getInterfaces().put(unitName, newUnitIface);
        _routingInstances.get(vrfName).getInterfaces().put(unitName, unitIface);
    }
    // set router-id
    if (_defaultRoutingInstance.getRouterId() == null) {
        Interface loopback0 = _defaultRoutingInstance.getInterfaces().get(FIRST_LOOPBACK_INTERFACE_NAME);
        if (loopback0 != null) {
            Interface loopback0unit0 = loopback0.getUnits().get(FIRST_LOOPBACK_INTERFACE_NAME + ".0");
            if (loopback0unit0 != null) {
                InterfaceAddress address = loopback0unit0.getPrimaryAddress();
                if (address != null) {
                    // now we should set router-id
                    Ip routerId = address.getIp();
                    _defaultRoutingInstance.setRouterId(routerId);
                }
            }
        }
    }
    // copy ike proposals
    _c.getIkeProposals().putAll(_ikeProposals);
    // convert ike policies
    for (Entry<String, IkePolicy> e : _ikePolicies.entrySet()) {
        String name = e.getKey();
        IkePolicy oldIkePolicy = e.getValue();
        org.batfish.datamodel.IkePolicy newPolicy = toIkePolicy(oldIkePolicy);
        _c.getIkePolicies().put(name, newPolicy);
    }
    // convert ike gateways
    for (Entry<String, IkeGateway> e : _ikeGateways.entrySet()) {
        String name = e.getKey();
        IkeGateway oldIkeGateway = e.getValue();
        org.batfish.datamodel.IkeGateway newIkeGateway = toIkeGateway(oldIkeGateway);
        _c.getIkeGateways().put(name, newIkeGateway);
    }
    // copy ipsec proposals
    _c.getIpsecProposals().putAll(_ipsecProposals);
    // convert ipsec policies
    for (Entry<String, IpsecPolicy> e : _ipsecPolicies.entrySet()) {
        String name = e.getKey();
        IpsecPolicy oldIpsecPolicy = e.getValue();
        org.batfish.datamodel.IpsecPolicy newPolicy = toIpsecPolicy(oldIpsecPolicy);
        _c.getIpsecPolicies().put(name, newPolicy);
    }
    // convert ipsec vpns
    for (Entry<String, IpsecVpn> e : _ipsecVpns.entrySet()) {
        String name = e.getKey();
        IpsecVpn oldIpsecVpn = e.getValue();
        org.batfish.datamodel.IpsecVpn newIpsecVpn = toIpsecVpn(oldIpsecVpn);
        _c.getIpsecVpns().put(name, newIpsecVpn);
    }
    // zones
    for (Zone zone : _zones.values()) {
        org.batfish.datamodel.Zone newZone = toZone(zone);
        _c.getZones().put(zone.getName(), newZone);
    }
    // default zone behavior
    _c.setDefaultCrossZoneAction(_defaultCrossZoneAction);
    _c.setDefaultInboundAction(_defaultInboundAction);
    for (Entry<String, RoutingInstance> e : _routingInstances.entrySet()) {
        String riName = e.getKey();
        RoutingInstance ri = e.getValue();
        Vrf vrf = _c.getVrfs().get(riName);
        // dhcp relay
        for (Entry<String, DhcpRelayGroup> e2 : ri.getDhcpRelayGroups().entrySet()) {
            DhcpRelayGroup rg = e2.getValue();
            List<org.batfish.datamodel.Interface> interfaces = new ArrayList<>();
            if (rg.getAllInterfaces()) {
                interfaces.addAll(_c.getInterfaces().values());
            } else {
                for (String ifaceName : rg.getInterfaces()) {
                    org.batfish.datamodel.Interface iface = _c.getInterfaces().get(ifaceName);
                    interfaces.add(iface);
                }
            }
            String asgName = rg.getActiveServerGroup();
            if (asgName != null) {
                DhcpRelayServerGroup asg = ri.getDhcpRelayServerGroups().get(asgName);
                if (asg == null) {
                    int asgLine = rg.getActiveServerGroupLine();
                    undefined(JuniperStructureType.DHCP_RELAY_SERVER_GROUP, asgName, JuniperStructureUsage.DHCP_RELAY_GROUP_ACTIVE_SERVER_GROUP, asgLine);
                } else {
                    for (org.batfish.datamodel.Interface iface : interfaces) {
                        iface.getDhcpRelayAddresses().addAll(asg.getServers());
                    }
                }
            }
        }
        // snmp
        SnmpServer snmpServer = ri.getSnmpServer();
        vrf.setSnmpServer(snmpServer);
        if (snmpServer != null) {
            for (SnmpCommunity community : snmpServer.getCommunities().values()) {
                String listName = community.getAccessList();
                if (listName != null) {
                    int listLine = community.getAccessListLine();
                    PrefixList prefixList = _prefixLists.get(listName);
                    if (prefixList != null) {
                        prefixList.getReferers().put(community, "prefix-list for community: " + community.getName());
                    } else {
                        undefined(JuniperStructureType.PREFIX_LIST, listName, JuniperStructureUsage.SNMP_COMMUNITY_PREFIX_LIST, listLine);
                    }
                }
            }
        }
        // static routes
        for (StaticRoute route : _defaultRoutingInstance.getRibs().get(RoutingInformationBase.RIB_IPV4_UNICAST).getStaticRoutes().values()) {
            org.batfish.datamodel.StaticRoute newStaticRoute = toStaticRoute(route);
            vrf.getStaticRoutes().add(newStaticRoute);
        }
        // aggregate routes
        for (AggregateRoute route : _defaultRoutingInstance.getRibs().get(RoutingInformationBase.RIB_IPV4_UNICAST).getAggregateRoutes().values()) {
            org.batfish.datamodel.GeneratedRoute newAggregateRoute = toAggregateRoute(route);
            vrf.getGeneratedRoutes().add(newAggregateRoute);
        }
        // generated routes
        for (GeneratedRoute route : _defaultRoutingInstance.getRibs().get(RoutingInformationBase.RIB_IPV4_UNICAST).getGeneratedRoutes().values()) {
            org.batfish.datamodel.GeneratedRoute newGeneratedRoute = toGeneratedRoute(route);
            vrf.getGeneratedRoutes().add(newGeneratedRoute);
        }
        // create ospf process
        if (ri.getOspfAreas().size() > 0) {
            OspfProcess oproc = createOspfProcess(ri);
            vrf.setOspfProcess(oproc);
        }
        // create is-is process
        // is-is runs only if iso address is configured on lo0 unit 0
        Interface loopback0 = _defaultRoutingInstance.getInterfaces().get(FIRST_LOOPBACK_INTERFACE_NAME);
        if (loopback0 != null) {
            Interface loopback0unit0 = loopback0.getUnits().get(FIRST_LOOPBACK_INTERFACE_NAME + ".0");
            if (loopback0unit0 != null) {
                IsoAddress isisNet = loopback0unit0.getIsoAddress();
                if (isisNet != null) {
                    // now we should create is-is process
                    IsisProcess proc = createIsisProcess(ri, isisNet);
                    vrf.setIsisProcess(proc);
                }
            }
        }
        // create bgp process
        if (ri.getNamedBgpGroups().size() > 0 || ri.getIpBgpGroups().size() > 0) {
            BgpProcess proc = createBgpProcess(ri);
            vrf.setBgpProcess(proc);
        }
    }
    // mark forwarding table export policy if it exists
    String forwardingTableExportPolicyName = _defaultRoutingInstance.getForwardingTableExportPolicy();
    if (forwardingTableExportPolicyName != null) {
        int forwardingTableExportPolicyLine = _defaultRoutingInstance.getForwardingTableExportPolicyLine();
        PolicyStatement forwardingTableExportPolicy = _policyStatements.get(forwardingTableExportPolicyName);
        if (forwardingTableExportPolicy != null) {
            setPolicyStatementReferent(forwardingTableExportPolicyName, _defaultRoutingInstance, "Forwarding-table export policy");
        } else {
            undefined(JuniperStructureType.POLICY_STATEMENT, forwardingTableExportPolicyName, JuniperStructureUsage.FORWARDING_TABLE_EXPORT_POLICY, forwardingTableExportPolicyLine);
        }
    }
    // mark references to authentication key chain that may not appear in data model
    markAuthenticationKeyChains(JuniperStructureUsage.AUTHENTICATION_KEY_CHAINS_POLICY, _c);
    markStructure(JuniperStructureType.FIREWALL_FILTER, JuniperStructureUsage.INTERFACE_FILTER, _filters);
    // warn about unreferenced data structures
    warnUnreferencedAuthenticationKeyChains();
    warnUnreferencedBgpGroups();
    warnUnreferencedDhcpRelayServerGroups();
    warnUnreferencedPolicyStatements();
    warnUnreferencedFirewallFilters();
    warnUnreferencedIkeProposals();
    warnUnreferencedIkePolicies();
    warnUnreferencedIkeGateways();
    warnUnreferencedIpsecProposals();
    warnUnreferencedIpsecPolicies();
    warnUnusedPrefixLists();
    warnEmptyPrefixLists();
    warnAndDisableUnreferencedStInterfaces();
    _c.computeRoutingPolicySources(_w);
    return _c;
}
Also used : VendorConfiguration(org.batfish.vendor.VendorConfiguration) Configuration(org.batfish.datamodel.Configuration) BgpProcess(org.batfish.datamodel.BgpProcess) ArrayList(java.util.ArrayList) Vrf(org.batfish.datamodel.Vrf) LinkedHashMap(java.util.LinkedHashMap) HashSet(java.util.HashSet) SnmpCommunity(org.batfish.datamodel.SnmpCommunity) InterfaceAddress(org.batfish.datamodel.InterfaceAddress) IpAccessList(org.batfish.datamodel.IpAccessList) Ip(org.batfish.datamodel.Ip) Prefix(org.batfish.datamodel.Prefix) SubRange(org.batfish.datamodel.SubRange) IsisProcess(org.batfish.datamodel.IsisProcess) RoutingPolicy(org.batfish.datamodel.routing_policy.RoutingPolicy) OspfProcess(org.batfish.datamodel.OspfProcess) Route6FilterList(org.batfish.datamodel.Route6FilterList) IsoAddress(org.batfish.datamodel.IsoAddress) RouteFilterList(org.batfish.datamodel.RouteFilterList) SnmpServer(org.batfish.datamodel.SnmpServer)

Aggregations

Route6FilterList (org.batfish.datamodel.Route6FilterList)7 ArrayList (java.util.ArrayList)4 Route6FilterLine (org.batfish.datamodel.Route6FilterLine)4 RouteFilterList (org.batfish.datamodel.RouteFilterList)4 Ip (org.batfish.datamodel.Ip)3 SubRange (org.batfish.datamodel.SubRange)3 RoutingPolicy (org.batfish.datamodel.routing_policy.RoutingPolicy)3 BooleanExpr (org.batfish.datamodel.routing_policy.expr.BooleanExpr)3 DestinationNetwork6 (org.batfish.datamodel.routing_policy.expr.DestinationNetwork6)3 Disjunction (org.batfish.datamodel.routing_policy.expr.Disjunction)3 MatchPrefix6Set (org.batfish.datamodel.routing_policy.expr.MatchPrefix6Set)3 BigInteger (java.math.BigInteger)2 HashSet (java.util.HashSet)2 VendorConversionException (org.batfish.common.VendorConversionException)2 Configuration (org.batfish.datamodel.Configuration)2 Ip6AccessList (org.batfish.datamodel.Ip6AccessList)2 IpAccessList (org.batfish.datamodel.IpAccessList)2 Prefix (org.batfish.datamodel.Prefix)2 RouteFilterLine (org.batfish.datamodel.RouteFilterLine)2 LinkedHashMap (java.util.LinkedHashMap)1