use of org.batfish.datamodel.TcpFlags in project batfish by batfish.
the class CiscoControlPlaneExtractor method exitExtended_access_list_tail.
@Override
public void exitExtended_access_list_tail(Extended_access_list_tailContext ctx) {
LineAction action = toLineAction(ctx.ala);
IpProtocol protocol = toIpProtocol(ctx.prot);
Ip srcIp = getIp(ctx.srcipr);
Ip srcWildcard = getWildcard(ctx.srcipr);
Ip dstIp = getIp(ctx.dstipr);
Ip dstWildcard = getWildcard(ctx.dstipr);
String srcAddressGroup = getAddressGroup(ctx.srcipr);
String dstAddressGroup = getAddressGroup(ctx.dstipr);
List<SubRange> srcPortRanges = ctx.alps_src != null ? toPortRanges(ctx.alps_src) : Collections.<SubRange>emptyList();
List<SubRange> dstPortRanges = ctx.alps_dst != null ? toPortRanges(ctx.alps_dst) : Collections.<SubRange>emptyList();
Integer icmpType = null;
Integer icmpCode = null;
List<TcpFlags> tcpFlags = new ArrayList<>();
Set<Integer> dscps = new TreeSet<>();
Set<Integer> ecns = new TreeSet<>();
Set<State> states = EnumSet.noneOf(State.class);
for (Extended_access_list_additional_featureContext feature : ctx.features) {
if (feature.ACK() != null) {
TcpFlags alt = new TcpFlags();
alt.setUseAck(true);
alt.setAck(true);
tcpFlags.add(alt);
}
if (feature.DSCP() != null) {
int dscpType = toDscpType(feature.dscp_type());
dscps.add(dscpType);
}
if (feature.ECE() != null) {
TcpFlags alt = new TcpFlags();
alt.setUseEce(true);
alt.setEce(true);
tcpFlags.add(alt);
}
if (feature.ECHO_REPLY() != null) {
icmpType = IcmpType.ECHO_REPLY;
icmpCode = IcmpCode.ECHO_REPLY;
}
if (feature.ECHO() != null) {
icmpType = IcmpType.ECHO_REQUEST;
icmpCode = IcmpCode.ECHO_REQUEST;
}
if (feature.ECN() != null) {
int ecn = toInteger(feature.ecn);
ecns.add(ecn);
}
if (feature.ESTABLISHED() != null) {
// must contain ACK or RST
TcpFlags alt1 = new TcpFlags();
TcpFlags alt2 = new TcpFlags();
alt1.setUseAck(true);
alt1.setAck(true);
alt2.setUseRst(true);
alt2.setRst(true);
tcpFlags.add(alt1);
tcpFlags.add(alt2);
}
if (feature.FIN() != null) {
TcpFlags alt = new TcpFlags();
alt.setUseFin(true);
alt.setFin(true);
tcpFlags.add(alt);
}
if (feature.FRAGMENTS() != null) {
todo(ctx, F_FRAGMENTS);
}
if (feature.HOST_UNKNOWN() != null) {
icmpType = IcmpType.DESTINATION_UNREACHABLE;
icmpCode = IcmpCode.DESTINATION_HOST_UNKNOWN;
}
if (feature.HOST_UNREACHABLE() != null) {
icmpType = IcmpType.DESTINATION_UNREACHABLE;
icmpCode = IcmpCode.DESTINATION_HOST_UNREACHABLE;
}
if (feature.NETWORK_UNKNOWN() != null) {
icmpType = IcmpType.DESTINATION_UNREACHABLE;
icmpCode = IcmpCode.DESTINATION_NETWORK_UNKNOWN;
}
if (feature.NET_UNREACHABLE() != null) {
icmpType = IcmpType.DESTINATION_UNREACHABLE;
icmpCode = IcmpCode.DESTINATION_NETWORK_UNREACHABLE;
}
if (feature.PACKET_TOO_BIG() != null) {
icmpType = IcmpType.DESTINATION_UNREACHABLE;
icmpCode = IcmpCode.PACKET_TOO_BIG;
}
if (feature.PARAMETER_PROBLEM() != null) {
icmpType = IcmpType.PARAMETER_PROBLEM;
}
if (feature.PORT_UNREACHABLE() != null) {
icmpType = IcmpType.DESTINATION_UNREACHABLE;
icmpCode = IcmpCode.DESTINATION_PORT_UNREACHABLE;
}
if (feature.PSH() != null) {
TcpFlags alt = new TcpFlags();
alt.setUsePsh(true);
alt.setPsh(true);
tcpFlags.add(alt);
}
if (feature.REDIRECT() != null) {
icmpType = IcmpType.REDIRECT_MESSAGE;
}
if (feature.RST() != null) {
TcpFlags alt = new TcpFlags();
alt.setUseRst(true);
alt.setRst(true);
tcpFlags.add(alt);
}
if (feature.SOURCE_QUENCH() != null) {
icmpType = IcmpType.SOURCE_QUENCH;
icmpCode = IcmpCode.SOURCE_QUENCH;
}
if (feature.SYN() != null) {
TcpFlags alt = new TcpFlags();
alt.setUseSyn(true);
alt.setSyn(true);
tcpFlags.add(alt);
}
if (feature.TIME_EXCEEDED() != null) {
icmpType = IcmpType.TIME_EXCEEDED;
}
if (feature.TTL() != null) {
todo(ctx, F_TTL);
}
if (feature.TTL_EXCEEDED() != null) {
icmpType = IcmpType.TIME_EXCEEDED;
icmpCode = IcmpCode.TTL_EXCEEDED;
}
if (feature.TRACEROUTE() != null) {
icmpType = IcmpType.TRACEROUTE;
icmpCode = IcmpCode.TRACEROUTE;
}
if (feature.TRACKED() != null) {
states.add(State.ESTABLISHED);
}
if (feature.UNREACHABLE() != null) {
icmpType = IcmpType.DESTINATION_UNREACHABLE;
}
if (feature.URG() != null) {
TcpFlags alt = new TcpFlags();
alt.setUseUrg(true);
alt.setUrg(true);
tcpFlags.add(alt);
}
}
String name = getFullText(ctx).trim();
ExtendedAccessListLine line = new ExtendedAccessListLine(name, action, protocol, new IpWildcard(srcIp, srcWildcard), srcAddressGroup, new IpWildcard(dstIp, dstWildcard), dstAddressGroup, srcPortRanges, dstPortRanges, dscps, ecns, icmpType, icmpCode, states, tcpFlags);
_currentExtendedAcl.addLine(line);
}
use of org.batfish.datamodel.TcpFlags in project batfish by batfish.
the class ConfigurationBuilder method exitFftf_tcp_flags.
@Override
public void exitFftf_tcp_flags(Fftf_tcp_flagsContext ctx) {
List<TcpFlags> tcpFlags = toTcpFlags(ctx.tcp_flags());
FwFrom from = new FwFromTcpFlags(tcpFlags);
_currentFwTerm.getFroms().add(from);
}
use of org.batfish.datamodel.TcpFlags in project batfish by batfish.
the class CiscoConfiguration method toIpAccessList.
private IpAccessList toIpAccessList(ExtendedAccessList eaList) {
String name = eaList.getName();
List<IpAccessListLine> lines = new ArrayList<>(eaList.getLines().size());
for (ExtendedAccessListLine fromLine : eaList.getLines()) {
IpAccessListLine newLine = new IpAccessListLine();
newLine.setName(fromLine.getName());
newLine.setAction(fromLine.getAction());
IpWildcard srcIpWildcard = fromLine.getSourceIpWildcard();
if (srcIpWildcard != null) {
newLine.setSrcIps(ImmutableSortedSet.of(srcIpWildcard));
}
IpWildcard dstIpWildcard = fromLine.getDestinationIpWildcard();
if (dstIpWildcard != null) {
newLine.setDstIps(ImmutableSortedSet.of(dstIpWildcard));
}
// TODO: src/dst address group
IpProtocol protocol = fromLine.getProtocol();
if (protocol != IpProtocol.IP) {
newLine.setIpProtocols(ImmutableSortedSet.of(protocol));
}
newLine.setDstPorts(fromLine.getDstPorts());
newLine.setSrcPorts(fromLine.getSrcPorts());
Integer icmpType = fromLine.getIcmpType();
if (icmpType != null) {
newLine.setIcmpTypes(ImmutableSortedSet.of(new SubRange(icmpType)));
}
Integer icmpCode = fromLine.getIcmpCode();
if (icmpCode != null) {
newLine.setIcmpCodes(ImmutableSortedSet.of(new SubRange(icmpCode)));
}
Set<State> states = fromLine.getStates();
newLine.setStates(states);
List<TcpFlags> tcpFlags = fromLine.getTcpFlags();
newLine.setTcpFlags(tcpFlags);
Set<Integer> dscps = fromLine.getDscps();
newLine.setDscps(dscps);
Set<Integer> ecns = fromLine.getEcns();
newLine.setEcns(ecns);
lines.add(newLine);
}
return new IpAccessList(name, lines);
}
use of org.batfish.datamodel.TcpFlags in project batfish by batfish.
the class CiscoConfiguration method toIp6AccessList.
private Ip6AccessList toIp6AccessList(ExtendedIpv6AccessList eaList) {
String name = eaList.getName();
List<Ip6AccessListLine> lines = new ArrayList<>();
for (ExtendedIpv6AccessListLine fromLine : eaList.getLines()) {
Ip6AccessListLine newLine = new Ip6AccessListLine();
newLine.setName(fromLine.getName());
newLine.setAction(fromLine.getAction());
Ip6Wildcard srcIpWildcard = fromLine.getSourceIpWildcard();
if (srcIpWildcard != null) {
newLine.getSrcIps().add(srcIpWildcard);
}
Ip6Wildcard dstIpWildcard = fromLine.getDestinationIpWildcard();
if (dstIpWildcard != null) {
newLine.getDstIps().add(dstIpWildcard);
}
// TODO: src/dst address group
IpProtocol protocol = fromLine.getProtocol();
if (protocol != IpProtocol.IP) {
newLine.getIpProtocols().add(protocol);
}
newLine.getDstPorts().addAll(fromLine.getDstPorts());
newLine.getSrcPorts().addAll(fromLine.getSrcPorts());
Integer icmpType = fromLine.getIcmpType();
if (icmpType != null) {
newLine.setIcmpTypes(new TreeSet<>(Collections.singleton(new SubRange(icmpType))));
}
Integer icmpCode = fromLine.getIcmpCode();
if (icmpCode != null) {
newLine.setIcmpCodes(new TreeSet<>(Collections.singleton(new SubRange(icmpCode))));
}
Set<State> states = fromLine.getStates();
newLine.getStates().addAll(states);
List<TcpFlags> tcpFlags = fromLine.getTcpFlags();
newLine.getTcpFlags().addAll(tcpFlags);
Set<Integer> dscps = fromLine.getDscps();
newLine.getDscps().addAll(dscps);
Set<Integer> ecns = fromLine.getEcns();
newLine.getEcns().addAll(ecns);
lines.add(newLine);
}
return new Ip6AccessList(name, lines);
}
Aggregations