Examples with HeaderSpaceMatchExpr org.batfish.z3.expr.HeaderSpaceMatchExpr used on opensource projects

Search in sources :

Example 1 with HeaderSpaceMatchExpr

use of org.batfish.z3.expr.HeaderSpaceMatchExpr in project batfish by batfish.

the class EarliestMoreGeneralReachableLineQuerySynthesizer method getReachabilityProgram.

@Override
public ReachabilityProgram getReachabilityProgram(SynthesizerInput input) {
    int unreachableLineIndex = _unreachableLine.getLine();
    IpAccessListLine unreachableLine = _list.getLines().get(unreachableLineIndex);
    BooleanExpr matchUnreachableLineHeaderSpace = new HeaderSpaceMatchExpr(unreachableLine);
    ImmutableList.Builder<QueryStatement> queries = ImmutableList.builder();
    ImmutableList.Builder<RuleStatement> rules = ImmutableList.builder();
    for (AclLine earlierReachableLine : _earlierReachableLines) {
        int earlierLineIndex = earlierReachableLine.getLine();
        IpAccessListLine earlierLine = _list.getLines().get(earlierLineIndex);
        BooleanExpr matchEarlierLineHeaderSpace = new HeaderSpaceMatchExpr(earlierLine);
        NumberedQuery queryRel = new NumberedQuery(earlierLineIndex);
        rules.add(new BasicRuleStatement(new AndExpr(ImmutableList.of(new NotExpr(matchEarlierLineHeaderSpace), matchUnreachableLineHeaderSpace, SaneExpr.INSTANCE)), queryRel));
        QueryStatement query = new QueryStatement(queryRel);
        queries.add(query);
        _resultsByQueryIndex.add(earlierLineIndex);
    }
    return ReachabilityProgram.builder().setInput(input).setQueries(queries.build()).setRules(rules.build()).build();
}
Also used : AndExpr(org.batfish.z3.expr.AndExpr) NumberedQuery(org.batfish.z3.state.NumberedQuery) ImmutableList(com.google.common.collect.ImmutableList) BasicRuleStatement(org.batfish.z3.expr.BasicRuleStatement) BasicRuleStatement(org.batfish.z3.expr.BasicRuleStatement) RuleStatement(org.batfish.z3.expr.RuleStatement) IpAccessListLine(org.batfish.datamodel.IpAccessListLine) HeaderSpaceMatchExpr(org.batfish.z3.expr.HeaderSpaceMatchExpr) QueryStatement(org.batfish.z3.expr.QueryStatement) NotExpr(org.batfish.z3.expr.NotExpr) BooleanExpr(org.batfish.z3.expr.BooleanExpr)

Example 2 with HeaderSpaceMatchExpr

use of org.batfish.z3.expr.HeaderSpaceMatchExpr in project batfish by batfish.

the class BoolExprTransformerTest method testVisitHeaderSpaceMatchExpr.

@Test
public void testVisitHeaderSpaceMatchExpr() {
    long ipCounter = 1L;
    int intCounter = 1;
    HeaderSpace.Builder<?, ?> hb = IpAccessListLine.builder();
    BooleanExpr expr = new HeaderSpaceMatchExpr(hb.setDscps(ImmutableSet.of(intCounter++, intCounter++)).setDstIps(ImmutableSet.of(new IpWildcard(new Ip(ipCounter++)), new IpWildcard(new Ip(ipCounter++)))).setDstPorts(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setDstProtocols(ImmutableSet.of(Protocol.DNS, Protocol.HTTP)).setEcns(ImmutableSet.of(intCounter++, intCounter++)).setFragmentOffsets(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setIcmpCodes(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setIcmpTypes(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setIpProtocols(ImmutableSet.of(IpProtocol.AHP, IpProtocol.ARGUS)).setNegate(true).setNotDscps(ImmutableSet.of(intCounter++, intCounter++)).setNotDstIps(ImmutableSet.of(new IpWildcard(new Ip(ipCounter++)), new IpWildcard(new Ip(ipCounter++)))).setNotDstPorts(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setNotDstProtocols(ImmutableSet.of(Protocol.HTTPS, Protocol.TELNET)).setNotEcns(ImmutableSet.of(intCounter++, intCounter++)).setNotFragmentOffsets(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setNotIcmpCodes(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setNotIcmpTypes(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setNotIpProtocols(ImmutableSet.of(IpProtocol.BNA, IpProtocol.XNET)).setNotPacketLengths(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setNotSrcIps(ImmutableSet.of(new IpWildcard(new Ip(ipCounter++)), new IpWildcard(new Ip(ipCounter++)))).setNotSrcPorts(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setNotSrcProtocols(ImmutableSet.of(Protocol.SSH, Protocol.TCP)).setPacketLengths(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setSrcIps(ImmutableSet.of(new IpWildcard(new Ip(ipCounter++)), new IpWildcard(new Ip(ipCounter++)))).setSrcOrDstIps(ImmutableSet.of(new IpWildcard(new Ip(ipCounter++)), new IpWildcard(new Ip(ipCounter++)))).setSrcOrDstPorts(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setSrcOrDstProtocols(ImmutableSet.of(Protocol.UDP, Protocol.HTTP)).setSrcPorts(ImmutableSet.of(new SubRange(intCounter++, intCounter++), new SubRange(intCounter++, intCounter++))).setSrcProtocols(ImmutableSet.of(Protocol.HTTPS, Protocol.DNS)).setStates(ImmutableSet.of(State.ESTABLISHED, State.NEW)).setTcpFlags(ImmutableSet.of(TcpFlags.builder().setAck(true).setUseAck(true).build(), TcpFlags.builder().setUseCwr(true).build())).build());
    assertThat(toBoolExpr(expr, _input, _nodContext), instanceOf(BoolExpr.class));
}
Also used : IpWildcard(org.batfish.datamodel.IpWildcard) BoolExpr(com.microsoft.z3.BoolExpr) BoolExprTransformer.toBoolExpr(org.batfish.z3.expr.visitors.BoolExprTransformer.toBoolExpr) Ip(org.batfish.datamodel.Ip) HeaderSpace(org.batfish.datamodel.HeaderSpace) HeaderSpaceMatchExpr(org.batfish.z3.expr.HeaderSpaceMatchExpr) SubRange(org.batfish.datamodel.SubRange) BooleanExpr(org.batfish.z3.expr.BooleanExpr) Test(org.junit.Test)

Example 3 with HeaderSpaceMatchExpr

use of org.batfish.z3.expr.HeaderSpaceMatchExpr in project batfish by batfish.

the class SimplifierTest method testSimplifyWrappers.

/**
 * Test that wrapper expressions are changed by simplification
 */
@Test
public void testSimplifyWrappers() {
    BooleanExpr headerSpaceMatchExpr = new HeaderSpaceMatchExpr(IpAccessListLine.builder().build());
    BooleanExpr prefixMatchExpr = new PrefixMatchExpr(BasicHeaderField.DST_IP, Prefix.ZERO);
    BooleanExpr rangeMatchExpr = RangeMatchExpr.greaterThanOrEqualTo(BasicHeaderField.DST_IP, 123456L, 10);
    assertThat(simplifyBooleanExpr(CurrentIsOriginalExpr.INSTANCE), not(equalTo(CurrentIsOriginalExpr.INSTANCE)));
    assertThat(simplifyBooleanExpr(headerSpaceMatchExpr), not(equalTo(headerSpaceMatchExpr)));
    assertThat(simplifyBooleanExpr(prefixMatchExpr), not(equalTo(prefixMatchExpr)));
    assertThat(simplifyBooleanExpr(rangeMatchExpr), not(equalTo(rangeMatchExpr)));
    assertThat(simplifyBooleanExpr(SaneExpr.INSTANCE), not(equalTo(SaneExpr.INSTANCE)));
}
Also used : PrefixMatchExpr(org.batfish.z3.expr.PrefixMatchExpr) HeaderSpaceMatchExpr(org.batfish.z3.expr.HeaderSpaceMatchExpr) BooleanExpr(org.batfish.z3.expr.BooleanExpr) Simplifier.simplifyBooleanExpr(org.batfish.z3.expr.visitors.Simplifier.simplifyBooleanExpr) Test(org.junit.Test)

Example 4 with HeaderSpaceMatchExpr

use of org.batfish.z3.expr.HeaderSpaceMatchExpr in project batfish by batfish.

the class SynthesizerInputImplTest method testComputeAclConditions.

@Test
public void testComputeAclConditions() {
    Configuration c = _cb.build();
    IpAccessList aclWithoutLines = _aclb.setOwner(c).build();
    _acllb.setAction(LineAction.ACCEPT);
    IpAccessList aclWithLines = _aclb.setLines(ImmutableList.<IpAccessListLine>of(_acllb.setDstIps(ImmutableSet.of(new IpWildcard(new Ip("1.2.3.4")))).build(), _acllb.setDstIps(ImmutableSet.of(new IpWildcard(new Ip("5.6.7.8")))).build())).build();
    SynthesizerInput input = _inputBuilder.setConfigurations(ImmutableMap.of(c.getName(), c)).build();
    assertThat(input, hasAclConditions(equalTo(ImmutableMap.of(c.getName(), ImmutableMap.of(aclWithoutLines.getName(), ImmutableList.of(), aclWithLines.getName(), ImmutableList.of(new HeaderSpaceMatchExpr(aclWithLines.getLines().get(0)), new HeaderSpaceMatchExpr(aclWithLines.getLines().get(1))))))));
    Configuration srcNode = _cb.build();
    Configuration nextHop = _cb.build();
    Vrf srcVrf = _vb.setOwner(srcNode).build();
    Vrf nextHopVrf = _vb.setOwner(nextHop).build();
    Ip ip11 = new Ip("1.0.0.0");
    Ip ip12 = new Ip("1.0.0.10");
    Ip ip21 = new Ip("2.0.0.0");
    Ip ip22 = new Ip("2.0.0.10");
    IpAccessList sourceNat1Acl = _aclb.setLines(ImmutableList.of()).setOwner(srcNode).build();
    IpAccessList sourceNat2Acl = _aclb.build();
    SourceNat sourceNat1 = _snb.setPoolIpFirst(ip11).setPoolIpLast(ip12).setAcl(sourceNat1Acl).build();
    SourceNat sourceNat2 = _snb.setPoolIpFirst(ip21).setPoolIpLast(ip22).setAcl(sourceNat2Acl).build();
    Interface srcInterfaceZeroSourceNats = _ib.setOwner(srcNode).setVrf(srcVrf).setSourceNats(ImmutableList.of()).build();
    Interface srcInterfaceOneSourceNat = _ib.setSourceNats(ImmutableList.of(sourceNat1)).build();
    Interface srcInterfaceTwoSourceNats = _ib.setSourceNats(ImmutableList.of(sourceNat1, sourceNat2)).build();
    Interface nextHopInterface = _ib.setOwner(nextHop).setVrf(nextHopVrf).setSourceNats(ImmutableList.of()).build();
    Edge forwardEdge1 = new Edge(srcInterfaceZeroSourceNats, nextHopInterface);
    Edge forwardEdge2 = new Edge(srcInterfaceOneSourceNat, nextHopInterface);
    Edge forwardEdge3 = new Edge(srcInterfaceTwoSourceNats, nextHopInterface);
    Edge backEdge1 = new Edge(nextHopInterface, srcInterfaceZeroSourceNats);
    Edge backEdge2 = new Edge(nextHopInterface, srcInterfaceOneSourceNat);
    Edge backEdge3 = new Edge(nextHopInterface, srcInterfaceTwoSourceNats);
    SynthesizerInput inputWithDataPlane = _inputBuilder.setConfigurations(ImmutableMap.of(srcNode.getName(), srcNode, nextHop.getName(), nextHop)).setForwardingAnalysis(MockForwardingAnalysis.builder().build()).setTopology(new Topology(ImmutableSortedSet.of(forwardEdge1, forwardEdge2, forwardEdge3, backEdge1, backEdge2, backEdge3))).build();
    assertThat(inputWithDataPlane, hasAclConditions(equalTo(ImmutableMap.of(srcNode.getName(), ImmutableMap.of(sourceNat1Acl.getName(), ImmutableList.of(), sourceNat2Acl.getName(), ImmutableList.of()), nextHop.getName(), ImmutableMap.of()))));
}
Also used : IpWildcard(org.batfish.datamodel.IpWildcard) SourceNat(org.batfish.datamodel.SourceNat) Configuration(org.batfish.datamodel.Configuration) Ip(org.batfish.datamodel.Ip) IpAccessListLine(org.batfish.datamodel.IpAccessListLine) IpAccessList(org.batfish.datamodel.IpAccessList) HeaderSpaceMatchExpr(org.batfish.z3.expr.HeaderSpaceMatchExpr) Vrf(org.batfish.datamodel.Vrf) Topology(org.batfish.datamodel.Topology) Edge(org.batfish.datamodel.Edge) SynthesizerInputMatchers.hasArpTrueEdge(org.batfish.z3.matchers.SynthesizerInputMatchers.hasArpTrueEdge) Interface(org.batfish.datamodel.Interface) Test(org.junit.Test)

Example 5 with HeaderSpaceMatchExpr

use of org.batfish.z3.expr.HeaderSpaceMatchExpr in project batfish by batfish.

the class SynthesizerInputImplTest method testSourceNatWithNoAcl.

/**
 * Test that for a SourceNat with no ACL, the SynthesizerInput will have an "accept everything"
 * ACL.
 */
@Test
public void testSourceNatWithNoAcl() {
    Configuration srcNode = _cb.build();
    Configuration nextHop = _cb.build();
    Vrf srcVrf = _vb.setOwner(srcNode).build();
    Vrf nextHopVrf = _vb.setOwner(nextHop).build();
    Ip ip1 = new Ip("1.0.0.0");
    Ip ip2 = new Ip("1.0.0.10");
    SourceNat sourceNat = _snb.setPoolIpFirst(ip1).setPoolIpLast(ip2).build();
    Interface srcInterfaceOneSourceNat = _ib.setOwner(srcNode).setVrf(srcVrf).setSourceNats(ImmutableList.of(sourceNat)).build();
    Interface nextHopInterface = _ib.setOwner(nextHop).setVrf(nextHopVrf).setSourceNats(ImmutableList.of()).build();
    Edge forwardEdge = new Edge(srcInterfaceOneSourceNat, nextHopInterface);
    Edge backEdge = new Edge(nextHopInterface, srcInterfaceOneSourceNat);
    SynthesizerInput inputWithDataPlane = _inputBuilder.setConfigurations(ImmutableMap.of(srcNode.getName(), srcNode, nextHop.getName(), nextHop)).setForwardingAnalysis(MockForwardingAnalysis.builder().build()).setTopology(new Topology(ImmutableSortedSet.of(forwardEdge, backEdge))).build();
    // Acl for the SourceNat is DefaultSourceNatAcl
    assertThat(inputWithDataPlane, hasSourceNats(hasEntry(equalTo(srcNode.getName()), hasEntry(equalTo(srcInterfaceOneSourceNat.getName()), equalTo(ImmutableList.of(immutableEntry(new AclPermit(srcNode.getHostname(), SynthesizerInputImpl.DEFAULT_SOURCE_NAT_ACL.getName()), new RangeMatchExpr(TransformationHeaderField.NEW_SRC_IP, TransformationHeaderField.NEW_SRC_IP.getSize(), ImmutableSet.of(Range.closed(ip1.asLong(), ip2.asLong()))))))))));
    assertThat(inputWithDataPlane, hasAclConditions(hasEntry(srcNode.getHostname(), ImmutableMap.of(SynthesizerInputImpl.DEFAULT_SOURCE_NAT_ACL.getName(), ImmutableList.of(new HeaderSpaceMatchExpr(IpAccessListLine.builder().setSrcIps(ImmutableList.of(new IpWildcard("0.0.0.0/0"))).build()))))));
    assertThat(inputWithDataPlane, hasAclActions(hasEntry(srcNode.getHostname(), ImmutableMap.of(SynthesizerInputImpl.DEFAULT_SOURCE_NAT_ACL.getName(), ImmutableList.of(LineAction.ACCEPT)))));
}
Also used : SourceNat(org.batfish.datamodel.SourceNat) IpWildcard(org.batfish.datamodel.IpWildcard) Configuration(org.batfish.datamodel.Configuration) Ip(org.batfish.datamodel.Ip) AclPermit(org.batfish.z3.state.AclPermit) RangeMatchExpr(org.batfish.z3.expr.RangeMatchExpr) Vrf(org.batfish.datamodel.Vrf) Topology(org.batfish.datamodel.Topology) HeaderSpaceMatchExpr(org.batfish.z3.expr.HeaderSpaceMatchExpr) Edge(org.batfish.datamodel.Edge) SynthesizerInputMatchers.hasArpTrueEdge(org.batfish.z3.matchers.SynthesizerInputMatchers.hasArpTrueEdge) Interface(org.batfish.datamodel.Interface) Test(org.junit.Test)

Aggregations

HeaderSpaceMatchExpr (org.batfish.z3.expr.HeaderSpaceMatchExpr)5 Test (org.junit.Test)4 Ip (org.batfish.datamodel.Ip)3 IpWildcard (org.batfish.datamodel.IpWildcard)3 BooleanExpr (org.batfish.z3.expr.BooleanExpr)3 Configuration (org.batfish.datamodel.Configuration)2 Edge (org.batfish.datamodel.Edge)2 Interface (org.batfish.datamodel.Interface)2 IpAccessListLine (org.batfish.datamodel.IpAccessListLine)2 SourceNat (org.batfish.datamodel.SourceNat)2 Topology (org.batfish.datamodel.Topology)2 Vrf (org.batfish.datamodel.Vrf)2 SynthesizerInputMatchers.hasArpTrueEdge (org.batfish.z3.matchers.SynthesizerInputMatchers.hasArpTrueEdge)2 ImmutableList (com.google.common.collect.ImmutableList)1 BoolExpr (com.microsoft.z3.BoolExpr)1 HeaderSpace (org.batfish.datamodel.HeaderSpace)1 IpAccessList (org.batfish.datamodel.IpAccessList)1 SubRange (org.batfish.datamodel.SubRange)1 AndExpr (org.batfish.z3.expr.AndExpr)1 BasicRuleStatement (org.batfish.z3.expr.BasicRuleStatement)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial