Example 6 with SubRange
use of org.batfish.datamodel.SubRange in project batfish by batfish.
the class ConfigurationBuilder method exitFftf_icmp_type.
@Override
public void exitFftf_icmp_type(Fftf_icmp_typeContext ctx) {
if (_currentFirewallFamily == Family.INET6) {
// TODO: support icmpv6
return;
}
SubRange icmpTypeRange;
if (ctx.subrange() != null) {
icmpTypeRange = toSubRange(ctx.subrange());
} else if (ctx.icmp_type() != null) {
int icmpType = toIcmpType(ctx.icmp_type());
icmpTypeRange = new SubRange(icmpType, icmpType);
} else {
throw new BatfishException("Invalid icmp-type");
}
FwFrom from = new FwFromIcmpType(icmpTypeRange);
_currentFwTerm.getFroms().add(from);
}
Also used :
BatfishException(org.batfish.common.BatfishException)
FwFromIcmpType(org.batfish.representation.juniper.FwFromIcmpType)
FwFrom(org.batfish.representation.juniper.FwFrom)
SubRange(org.batfish.datamodel.SubRange)
Example 7 with SubRange
use of org.batfish.datamodel.SubRange in project batfish by batfish.
the class Batfish method disableUnusableVlanInterfaces.
private void disableUnusableVlanInterfaces(Map<String, Configuration> configurations) {
for (Configuration c : configurations.values()) {
Map<Integer, Interface> vlanInterfaces = new HashMap<>();
Map<Integer, Integer> vlanMemberCounts = new HashMap<>();
Set<Interface> nonVlanInterfaces = new HashSet<>();
Integer vlanNumber = null;
// vlanMemberCounts:
for (Interface iface : c.getInterfaces().values()) {
if ((iface.getInterfaceType() == InterfaceType.VLAN) && ((vlanNumber = CommonUtil.getInterfaceVlanNumber(iface.getName())) != null)) {
vlanInterfaces.put(vlanNumber, iface);
vlanMemberCounts.put(vlanNumber, 0);
} else {
nonVlanInterfaces.add(iface);
}
}
// Update vlanMemberCounts:
for (Interface iface : nonVlanInterfaces) {
List<SubRange> vlans = new ArrayList<>();
vlanNumber = iface.getAccessVlan();
if (vlanNumber == 0) {
// vlan trunked interface
vlans.addAll(iface.getAllowedVlans());
vlanNumber = iface.getNativeVlan();
}
vlans.add(new SubRange(vlanNumber, vlanNumber));
for (SubRange sr : vlans) {
for (int vlanId = sr.getStart(); vlanId <= sr.getEnd(); ++vlanId) {
vlanMemberCounts.compute(vlanId, (k, v) -> (v == null) ? 1 : (v + 1));
}
}
}
// Disable all "normal" vlan interfaces with zero member counts:
String hostname = c.getHostname();
SubRange normalVlanRange = c.getNormalVlanRange();
for (Map.Entry<Integer, Integer> entry : vlanMemberCounts.entrySet()) {
if (entry.getValue() == 0) {
vlanNumber = entry.getKey();
if ((vlanNumber >= normalVlanRange.getStart()) && (vlanNumber <= normalVlanRange.getEnd())) {
Interface iface = vlanInterfaces.get(vlanNumber);
if ((iface != null) && iface.getAutoState()) {
_logger.warnf("WARNING: Disabling unusable vlan interface because no switch port is assigned " + "to it: \"%s:%d\"\n", hostname, vlanNumber);
iface.setActive(false);
iface.setBlacklisted(true);
}
}
}
}
}
}
Also used :
HostConfiguration(org.batfish.representation.host.HostConfiguration)
Configuration(org.batfish.datamodel.Configuration)
ImmutableConfiguration(org.apache.commons.configuration2.ImmutableConfiguration)
AwsConfiguration(org.batfish.representation.aws.AwsConfiguration)
IptablesVendorConfiguration(org.batfish.representation.iptables.IptablesVendorConfiguration)
VendorConfiguration(org.batfish.vendor.VendorConfiguration)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
AtomicInteger(java.util.concurrent.atomic.AtomicInteger)
SubRange(org.batfish.datamodel.SubRange)
Map(java.util.Map)
TreeMap(java.util.TreeMap)
Collectors.toMap(java.util.stream.Collectors.toMap)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
NavigableMap(java.util.NavigableMap)
ConcurrentMap(java.util.concurrent.ConcurrentMap)
ImmutableSortedMap(com.google.common.collect.ImmutableSortedMap)
ImmutableMap(com.google.common.collect.ImmutableMap)
SortedMap(java.util.SortedMap)
HashMap(java.util.HashMap)
Interface(org.batfish.datamodel.Interface)
HashSet(java.util.HashSet)
LinkedHashSet(java.util.LinkedHashSet)
Example 8 with SubRange
use of org.batfish.datamodel.SubRange in project batfish by batfish.
the class ConfigurationBuilder method exitFftf_destination_port.
@Override
public void exitFftf_destination_port(Fftf_destination_portContext ctx) {
if (ctx.port() != null) {
int port = getPortNumber(ctx.port());
SubRange subrange = new SubRange(port, port);
FwFrom from = new FwFromDestinationPort(subrange);
_currentFwTerm.getFroms().add(from);
} else if (ctx.range() != null) {
for (SubrangeContext subrangeContext : ctx.range().range_list) {
SubRange subrange = toSubRange(subrangeContext);
FwFrom from = new FwFromDestinationPort(subrange);
_currentFwTerm.getFroms().add(from);
}
}
}
Also used :
FwFromDestinationPort(org.batfish.representation.juniper.FwFromDestinationPort)
SubrangeContext(org.batfish.grammar.flatjuniper.FlatJuniperParser.SubrangeContext)
FwFrom(org.batfish.representation.juniper.FwFrom)
SubRange(org.batfish.datamodel.SubRange)
Example 9 with SubRange
use of org.batfish.datamodel.SubRange in project batfish by batfish.
the class ConfigurationBuilder method exitFftf_port.
@Override
public void exitFftf_port(Fftf_portContext ctx) {
if (ctx.port() != null) {
int port = getPortNumber(ctx.port());
SubRange subrange = new SubRange(port, port);
FwFrom from = new FwFromPort(subrange);
_currentFwTerm.getFroms().add(from);
} else if (ctx.range() != null) {
for (SubrangeContext subrangeContext : ctx.range().range_list) {
SubRange subrange = toSubRange(subrangeContext);
FwFrom from = new FwFromPort(subrange);
_currentFwTerm.getFroms().add(from);
}
}
}
Also used :
FwFromPort(org.batfish.representation.juniper.FwFromPort)
SubrangeContext(org.batfish.grammar.flatjuniper.FlatJuniperParser.SubrangeContext)
FwFrom(org.batfish.representation.juniper.FwFrom)
SubRange(org.batfish.datamodel.SubRange)
Example 10 with SubRange
use of org.batfish.datamodel.SubRange in project batfish by batfish.
the class CiscoControlPlaneExtractor method toRoutePolicyPrefixSet.
private RoutePolicyPrefixSet toRoutePolicyPrefixSet(Rp_prefix_setContext ctx) {
if (ctx.name != null) {
// named
String name = ctx.name.getText();
int expressionLine = ctx.name.getStart().getLine();
return new RoutePolicyPrefixSetName(name, expressionLine);
} else {
// inline
PrefixSpace prefixSpace = new PrefixSpace();
Prefix6Space prefix6Space = new Prefix6Space();
boolean ipv6 = false;
for (Prefix_set_elemContext pctxt : ctx.elems) {
int lower;
int upper;
Prefix prefix = null;
Prefix6 prefix6 = null;
if (pctxt.prefix != null) {
prefix = Prefix.parse(pctxt.prefix.getText());
lower = prefix.getPrefixLength();
upper = Prefix.MAX_PREFIX_LENGTH;
} else if (pctxt.ipa != null) {
prefix = new Prefix(toIp(pctxt.ipa), Prefix.MAX_PREFIX_LENGTH);
lower = prefix.getPrefixLength();
upper = Prefix.MAX_PREFIX_LENGTH;
} else if (pctxt.ipv6a != null) {
prefix6 = new Prefix6(toIp6(pctxt.ipv6a), Prefix6.MAX_PREFIX_LENGTH);
lower = prefix6.getPrefixLength();
upper = Prefix6.MAX_PREFIX_LENGTH;
} else if (pctxt.ipv6_prefix != null) {
prefix6 = new Prefix6(pctxt.ipv6_prefix.getText());
lower = prefix6.getPrefixLength();
upper = Prefix6.MAX_PREFIX_LENGTH;
} else {
throw new BatfishException("Unhandled alternative");
}
if (pctxt.minpl != null) {
lower = toInteger(pctxt.minpl);
}
if (pctxt.maxpl != null) {
upper = toInteger(pctxt.maxpl);
}
if (pctxt.eqpl != null) {
lower = toInteger(pctxt.eqpl);
upper = lower;
}
if (prefix != null) {
prefixSpace.addPrefixRange(new PrefixRange(prefix, new SubRange(lower, upper)));
} else {
prefix6Space.addPrefix6Range(new Prefix6Range(prefix6, new SubRange(lower, upper)));
ipv6 = true;
}
}
if (ipv6) {
return new RoutePolicyInlinePrefix6Set(prefix6Space);
} else {
return new RoutePolicyInlinePrefixSet(prefixSpace);
}
}
}
Also used :
BatfishException(org.batfish.common.BatfishException)
RedFlagBatfishException(org.batfish.common.RedFlagBatfishException)
PrefixRange(org.batfish.datamodel.PrefixRange)
RoutePolicyInlinePrefixSet(org.batfish.representation.cisco.RoutePolicyInlinePrefixSet)
RoutePolicyPrefixSetName(org.batfish.representation.cisco.RoutePolicyPrefixSetName)
PrefixSpace(org.batfish.datamodel.PrefixSpace)
Prefix_set_elemContext(org.batfish.grammar.cisco.CiscoParser.Prefix_set_elemContext)
Prefix(org.batfish.datamodel.Prefix)
Prefix6Space(org.batfish.datamodel.Prefix6Space)
Prefix6Range(org.batfish.datamodel.Prefix6Range)
RoutePolicyInlinePrefix6Set(org.batfish.representation.cisco.RoutePolicyInlinePrefix6Set)
SubRange(org.batfish.datamodel.SubRange)
Prefix6(org.batfish.datamodel.Prefix6)
Aggregations
SubRange (org.batfish.datamodel.SubRange)74
Prefix (org.batfish.datamodel.Prefix)18
IpWildcard (org.batfish.datamodel.IpWildcard)16
ArrayList (java.util.ArrayList)15
IpAccessListLine (org.batfish.datamodel.IpAccessListLine)13
Ip (org.batfish.datamodel.Ip)11
FwFrom (org.batfish.representation.juniper.FwFrom)11
Test (org.junit.Test)11
BatfishException (org.batfish.common.BatfishException)9
LineAction (org.batfish.datamodel.LineAction)9
RouteFilterLine (org.batfish.datamodel.RouteFilterLine)9
LinkedList (java.util.LinkedList)8
IpProtocol (org.batfish.datamodel.IpProtocol)8
RouteFilterList (org.batfish.datamodel.RouteFilterList)8
BoolExpr (com.microsoft.z3.BoolExpr)7
RoutingPolicy (org.batfish.datamodel.routing_policy.RoutingPolicy)7
DestinationNetwork (org.batfish.datamodel.routing_policy.expr.DestinationNetwork)7
MatchPrefixSet (org.batfish.datamodel.routing_policy.expr.MatchPrefixSet)7
IpAccessList (org.batfish.datamodel.IpAccessList)6
PrefixRange (org.batfish.datamodel.PrefixRange)6
