Search in sources :

Example 6 with TcpFlags

use of org.batfish.datamodel.TcpFlags in project batfish by batfish.

the class CiscoControlPlaneExtractor method exitExtended_access_list_tail.

@Override
public void exitExtended_access_list_tail(Extended_access_list_tailContext ctx) {
    LineAction action = toLineAction(ctx.ala);
    IpProtocol protocol = toIpProtocol(ctx.prot);
    Ip srcIp = getIp(ctx.srcipr);
    Ip srcWildcard = getWildcard(ctx.srcipr);
    Ip dstIp = getIp(ctx.dstipr);
    Ip dstWildcard = getWildcard(ctx.dstipr);
    String srcAddressGroup = getAddressGroup(ctx.srcipr);
    String dstAddressGroup = getAddressGroup(ctx.dstipr);
    List<SubRange> srcPortRanges = ctx.alps_src != null ? toPortRanges(ctx.alps_src) : Collections.<SubRange>emptyList();
    List<SubRange> dstPortRanges = ctx.alps_dst != null ? toPortRanges(ctx.alps_dst) : Collections.<SubRange>emptyList();
    Integer icmpType = null;
    Integer icmpCode = null;
    List<TcpFlags> tcpFlags = new ArrayList<>();
    Set<Integer> dscps = new TreeSet<>();
    Set<Integer> ecns = new TreeSet<>();
    Set<State> states = EnumSet.noneOf(State.class);
    for (Extended_access_list_additional_featureContext feature : ctx.features) {
        if (feature.ACK() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseAck(true);
            alt.setAck(true);
            tcpFlags.add(alt);
        }
        if (feature.DSCP() != null) {
            int dscpType = toDscpType(feature.dscp_type());
            dscps.add(dscpType);
        }
        if (feature.ECE() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseEce(true);
            alt.setEce(true);
            tcpFlags.add(alt);
        }
        if (feature.ECHO_REPLY() != null) {
            icmpType = IcmpType.ECHO_REPLY;
            icmpCode = IcmpCode.ECHO_REPLY;
        }
        if (feature.ECHO() != null) {
            icmpType = IcmpType.ECHO_REQUEST;
            icmpCode = IcmpCode.ECHO_REQUEST;
        }
        if (feature.ECN() != null) {
            int ecn = toInteger(feature.ecn);
            ecns.add(ecn);
        }
        if (feature.ESTABLISHED() != null) {
            // must contain ACK or RST
            TcpFlags alt1 = new TcpFlags();
            TcpFlags alt2 = new TcpFlags();
            alt1.setUseAck(true);
            alt1.setAck(true);
            alt2.setUseRst(true);
            alt2.setRst(true);
            tcpFlags.add(alt1);
            tcpFlags.add(alt2);
        }
        if (feature.FIN() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseFin(true);
            alt.setFin(true);
            tcpFlags.add(alt);
        }
        if (feature.FRAGMENTS() != null) {
            todo(ctx, F_FRAGMENTS);
        }
        if (feature.HOST_UNKNOWN() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_HOST_UNKNOWN;
        }
        if (feature.HOST_UNREACHABLE() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_HOST_UNREACHABLE;
        }
        if (feature.NETWORK_UNKNOWN() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_NETWORK_UNKNOWN;
        }
        if (feature.NET_UNREACHABLE() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_NETWORK_UNREACHABLE;
        }
        if (feature.PACKET_TOO_BIG() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.PACKET_TOO_BIG;
        }
        if (feature.PARAMETER_PROBLEM() != null) {
            icmpType = IcmpType.PARAMETER_PROBLEM;
        }
        if (feature.PORT_UNREACHABLE() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
            icmpCode = IcmpCode.DESTINATION_PORT_UNREACHABLE;
        }
        if (feature.PSH() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUsePsh(true);
            alt.setPsh(true);
            tcpFlags.add(alt);
        }
        if (feature.REDIRECT() != null) {
            icmpType = IcmpType.REDIRECT_MESSAGE;
        }
        if (feature.RST() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseRst(true);
            alt.setRst(true);
            tcpFlags.add(alt);
        }
        if (feature.SOURCE_QUENCH() != null) {
            icmpType = IcmpType.SOURCE_QUENCH;
            icmpCode = IcmpCode.SOURCE_QUENCH;
        }
        if (feature.SYN() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseSyn(true);
            alt.setSyn(true);
            tcpFlags.add(alt);
        }
        if (feature.TIME_EXCEEDED() != null) {
            icmpType = IcmpType.TIME_EXCEEDED;
        }
        if (feature.TTL() != null) {
            todo(ctx, F_TTL);
        }
        if (feature.TTL_EXCEEDED() != null) {
            icmpType = IcmpType.TIME_EXCEEDED;
            icmpCode = IcmpCode.TTL_EXCEEDED;
        }
        if (feature.TRACEROUTE() != null) {
            icmpType = IcmpType.TRACEROUTE;
            icmpCode = IcmpCode.TRACEROUTE;
        }
        if (feature.TRACKED() != null) {
            states.add(State.ESTABLISHED);
        }
        if (feature.UNREACHABLE() != null) {
            icmpType = IcmpType.DESTINATION_UNREACHABLE;
        }
        if (feature.URG() != null) {
            TcpFlags alt = new TcpFlags();
            alt.setUseUrg(true);
            alt.setUrg(true);
            tcpFlags.add(alt);
        }
    }
    String name = getFullText(ctx).trim();
    ExtendedAccessListLine line = new ExtendedAccessListLine(name, action, protocol, new IpWildcard(srcIp, srcWildcard), srcAddressGroup, new IpWildcard(dstIp, dstWildcard), dstAddressGroup, srcPortRanges, dstPortRanges, dscps, ecns, icmpType, icmpCode, states, tcpFlags);
    _currentExtendedAcl.addLine(line);
}
Also used : LineAction(org.batfish.datamodel.LineAction) Ip(org.batfish.datamodel.Ip) RoutePolicyNextHopIp(org.batfish.representation.cisco.RoutePolicyNextHopIp) ExtendedAccessListLine(org.batfish.representation.cisco.ExtendedAccessListLine) ArrayList(java.util.ArrayList) IpWildcard(org.batfish.datamodel.IpWildcard) TcpFlags(org.batfish.datamodel.TcpFlags) TreeSet(java.util.TreeSet) State(org.batfish.datamodel.State) Extended_access_list_additional_featureContext(org.batfish.grammar.cisco.CiscoParser.Extended_access_list_additional_featureContext) IpProtocol(org.batfish.datamodel.IpProtocol) SubRange(org.batfish.datamodel.SubRange)

Example 7 with TcpFlags

use of org.batfish.datamodel.TcpFlags in project batfish by batfish.

the class ConfigurationBuilder method exitFftf_tcp_flags.

@Override
public void exitFftf_tcp_flags(Fftf_tcp_flagsContext ctx) {
    List<TcpFlags> tcpFlags = toTcpFlags(ctx.tcp_flags());
    FwFrom from = new FwFromTcpFlags(tcpFlags);
    _currentFwTerm.getFroms().add(from);
}
Also used : TcpFlags(org.batfish.datamodel.TcpFlags) FwFromTcpFlags(org.batfish.representation.juniper.FwFromTcpFlags) FwFrom(org.batfish.representation.juniper.FwFrom) FwFromTcpFlags(org.batfish.representation.juniper.FwFromTcpFlags)

Example 8 with TcpFlags

use of org.batfish.datamodel.TcpFlags in project batfish by batfish.

the class CiscoConfiguration method toIpAccessList.

private IpAccessList toIpAccessList(ExtendedAccessList eaList) {
    String name = eaList.getName();
    List<IpAccessListLine> lines = new ArrayList<>(eaList.getLines().size());
    for (ExtendedAccessListLine fromLine : eaList.getLines()) {
        IpAccessListLine newLine = new IpAccessListLine();
        newLine.setName(fromLine.getName());
        newLine.setAction(fromLine.getAction());
        IpWildcard srcIpWildcard = fromLine.getSourceIpWildcard();
        if (srcIpWildcard != null) {
            newLine.setSrcIps(ImmutableSortedSet.of(srcIpWildcard));
        }
        IpWildcard dstIpWildcard = fromLine.getDestinationIpWildcard();
        if (dstIpWildcard != null) {
            newLine.setDstIps(ImmutableSortedSet.of(dstIpWildcard));
        }
        // TODO: src/dst address group
        IpProtocol protocol = fromLine.getProtocol();
        if (protocol != IpProtocol.IP) {
            newLine.setIpProtocols(ImmutableSortedSet.of(protocol));
        }
        newLine.setDstPorts(fromLine.getDstPorts());
        newLine.setSrcPorts(fromLine.getSrcPorts());
        Integer icmpType = fromLine.getIcmpType();
        if (icmpType != null) {
            newLine.setIcmpTypes(ImmutableSortedSet.of(new SubRange(icmpType)));
        }
        Integer icmpCode = fromLine.getIcmpCode();
        if (icmpCode != null) {
            newLine.setIcmpCodes(ImmutableSortedSet.of(new SubRange(icmpCode)));
        }
        Set<State> states = fromLine.getStates();
        newLine.setStates(states);
        List<TcpFlags> tcpFlags = fromLine.getTcpFlags();
        newLine.setTcpFlags(tcpFlags);
        Set<Integer> dscps = fromLine.getDscps();
        newLine.setDscps(dscps);
        Set<Integer> ecns = fromLine.getEcns();
        newLine.setEcns(ecns);
        lines.add(newLine);
    }
    return new IpAccessList(name, lines);
}
Also used : ArrayList(java.util.ArrayList) IpWildcard(org.batfish.datamodel.IpWildcard) BigInteger(java.math.BigInteger) TcpFlags(org.batfish.datamodel.TcpFlags) State(org.batfish.datamodel.State) IpProtocol(org.batfish.datamodel.IpProtocol) IpAccessListLine(org.batfish.datamodel.IpAccessListLine) SubRange(org.batfish.datamodel.SubRange) IpAccessList(org.batfish.datamodel.IpAccessList)

Example 9 with TcpFlags

use of org.batfish.datamodel.TcpFlags in project batfish by batfish.

the class CiscoConfiguration method toIp6AccessList.

private Ip6AccessList toIp6AccessList(ExtendedIpv6AccessList eaList) {
    String name = eaList.getName();
    List<Ip6AccessListLine> lines = new ArrayList<>();
    for (ExtendedIpv6AccessListLine fromLine : eaList.getLines()) {
        Ip6AccessListLine newLine = new Ip6AccessListLine();
        newLine.setName(fromLine.getName());
        newLine.setAction(fromLine.getAction());
        Ip6Wildcard srcIpWildcard = fromLine.getSourceIpWildcard();
        if (srcIpWildcard != null) {
            newLine.getSrcIps().add(srcIpWildcard);
        }
        Ip6Wildcard dstIpWildcard = fromLine.getDestinationIpWildcard();
        if (dstIpWildcard != null) {
            newLine.getDstIps().add(dstIpWildcard);
        }
        // TODO: src/dst address group
        IpProtocol protocol = fromLine.getProtocol();
        if (protocol != IpProtocol.IP) {
            newLine.getIpProtocols().add(protocol);
        }
        newLine.getDstPorts().addAll(fromLine.getDstPorts());
        newLine.getSrcPorts().addAll(fromLine.getSrcPorts());
        Integer icmpType = fromLine.getIcmpType();
        if (icmpType != null) {
            newLine.setIcmpTypes(new TreeSet<>(Collections.singleton(new SubRange(icmpType))));
        }
        Integer icmpCode = fromLine.getIcmpCode();
        if (icmpCode != null) {
            newLine.setIcmpCodes(new TreeSet<>(Collections.singleton(new SubRange(icmpCode))));
        }
        Set<State> states = fromLine.getStates();
        newLine.getStates().addAll(states);
        List<TcpFlags> tcpFlags = fromLine.getTcpFlags();
        newLine.getTcpFlags().addAll(tcpFlags);
        Set<Integer> dscps = fromLine.getDscps();
        newLine.getDscps().addAll(dscps);
        Set<Integer> ecns = fromLine.getEcns();
        newLine.getEcns().addAll(ecns);
        lines.add(newLine);
    }
    return new Ip6AccessList(name, lines);
}
Also used : ArrayList(java.util.ArrayList) BigInteger(java.math.BigInteger) TcpFlags(org.batfish.datamodel.TcpFlags) State(org.batfish.datamodel.State) IpProtocol(org.batfish.datamodel.IpProtocol) SubRange(org.batfish.datamodel.SubRange) Ip6Wildcard(org.batfish.datamodel.Ip6Wildcard) Ip6AccessList(org.batfish.datamodel.Ip6AccessList) Ip6AccessListLine(org.batfish.datamodel.Ip6AccessListLine)

Aggregations

TcpFlags (org.batfish.datamodel.TcpFlags)9 ArrayList (java.util.ArrayList)7 FwFromTcpFlags (org.batfish.representation.juniper.FwFromTcpFlags)5 IpProtocol (org.batfish.datamodel.IpProtocol)4 State (org.batfish.datamodel.State)4 SubRange (org.batfish.datamodel.SubRange)4 FwFrom (org.batfish.representation.juniper.FwFrom)3 BigInteger (java.math.BigInteger)2 TreeSet (java.util.TreeSet)2 Ip6Wildcard (org.batfish.datamodel.Ip6Wildcard)2 IpWildcard (org.batfish.datamodel.IpWildcard)2 LineAction (org.batfish.datamodel.LineAction)2 Extended_access_list_additional_featureContext (org.batfish.grammar.cisco.CiscoParser.Extended_access_list_additional_featureContext)2 BatfishException (org.batfish.common.BatfishException)1 Ip (org.batfish.datamodel.Ip)1 Ip6 (org.batfish.datamodel.Ip6)1 Ip6AccessList (org.batfish.datamodel.Ip6AccessList)1 Ip6AccessListLine (org.batfish.datamodel.Ip6AccessListLine)1 IpAccessList (org.batfish.datamodel.IpAccessList)1 IpAccessListLine (org.batfish.datamodel.IpAccessListLine)1