Example 51 with MatchInfoBase
use of org.opendaylight.genius.mdsalutil.MatchInfoBase in project netvirt by opendaylight.
the class AclServiceUtils method buildIcmpV6Matches.
/**
* Returns the ICMPv6 match.
*
* @param icmpType the icmpv6-type.
* @param icmpCode the icmpv6-code.
* @param lportTag the lport tag
* @param serviceMode ingress or egress
* @return list of matches.
*/
public static List<MatchInfoBase> buildIcmpV6Matches(int icmpType, int icmpCode, int lportTag, Class<? extends ServiceModeBase> serviceMode) {
List<MatchInfoBase> matches = new ArrayList<>(6);
matches.add(MatchEthernetType.IPV6);
matches.add(MatchIpProtocol.ICMPV6);
if (icmpType != 0) {
matches.add(new MatchIcmpv6((short) icmpType, (short) icmpCode));
}
matches.add(AclServiceUtils.buildLPortTagMatch(lportTag, serviceMode));
return matches;
}
Also used :
MatchIcmpv6(org.opendaylight.genius.mdsalutil.matches.MatchIcmpv6)
ArrayList(java.util.ArrayList)
MatchInfoBase(org.opendaylight.genius.mdsalutil.MatchInfoBase)
Example 52 with MatchInfoBase
use of org.opendaylight.genius.mdsalutil.MatchInfoBase in project netvirt by opendaylight.
the class AclServiceUtils method buildDhcpV6Matches.
/**
* Returns the DHCPv6 match.
*
* @param srcPort the source port.
* @param dstPort the destination port.
* @param lportTag the lport tag
* @param serviceMode ingress or egress
* @return list of matches.
*/
public static List<MatchInfoBase> buildDhcpV6Matches(int srcPort, int dstPort, int lportTag, Class<? extends ServiceModeBase> serviceMode) {
List<MatchInfoBase> matches = new ArrayList<>(6);
matches.add(MatchEthernetType.IPV6);
matches.add(MatchIpProtocol.UDP);
matches.add(new MatchUdpDestinationPort(dstPort));
matches.add(new MatchUdpSourcePort(srcPort));
matches.add(AclServiceUtils.buildLPortTagMatch(lportTag, serviceMode));
return matches;
}
Also used :
MatchUdpDestinationPort(org.opendaylight.genius.mdsalutil.matches.MatchUdpDestinationPort)
MatchUdpSourcePort(org.opendaylight.genius.mdsalutil.matches.MatchUdpSourcePort)
ArrayList(java.util.ArrayList)
MatchInfoBase(org.opendaylight.genius.mdsalutil.MatchInfoBase)
Example 53 with MatchInfoBase
use of org.opendaylight.genius.mdsalutil.MatchInfoBase in project netvirt by opendaylight.
the class AclServiceUtils method buildMatchesForLPortTagAndConntrackClassifierType.
public static Collection<? extends MatchInfoBase> buildMatchesForLPortTagAndConntrackClassifierType(int lportTag, AclConntrackClassifierType conntrackClassifierType, Class<? extends ServiceModeBase> serviceMode) {
List<MatchInfoBase> matches = new ArrayList<>();
if (serviceMode != null && serviceMode.isAssignableFrom(ServiceModeEgress.class)) {
matches.add(AclServiceUtils.buildLPortTagMatch(lportTag, serviceMode));
matches.add(AclServiceUtils.buildAclConntrackClassifierTypeMatch(conntrackClassifierType));
} else {
// In case of ingress service mode, only metadata is used for
// matching both lportTag and conntrackClassifierType. Hence performing "or"
// operation on both lportTag and conntrackClassifierType metadata.
BigInteger metaData = MetaDataUtil.getLportTagMetaData(lportTag).or(MetaDataUtil.getAclConntrackClassifierTypeFromMetaData(conntrackClassifierType.getValue()));
BigInteger metaDataMask = MetaDataUtil.METADATA_MASK_LPORT_TAG.or(MetaDataUtil.METADATA_MASK_ACL_CONNTRACK_CLASSIFIER_TYPE);
matches.add(new MatchMetadata(metaData, metaDataMask));
}
return matches;
}
Also used :
MatchMetadata(org.opendaylight.genius.mdsalutil.matches.MatchMetadata)
ServiceModeEgress(org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.ServiceModeEgress)
ArrayList(java.util.ArrayList)
BigInteger(java.math.BigInteger)
MatchInfoBase(org.opendaylight.genius.mdsalutil.MatchInfoBase)
Example 54 with MatchInfoBase
use of org.opendaylight.genius.mdsalutil.MatchInfoBase in project netvirt by opendaylight.
the class EgressAclServiceImpl method egressAclDhcpv6AllowClientTraffic.
/**
* Add rule to ensure only DHCPv6 server traffic from the specified mac is
* allowed.
*
* @param dpId the dpid
* @param allowedAddresses the allowed addresses
* @param lportTag the lport tag
* @param addOrRemove whether to add or remove the flow
*/
private void egressAclDhcpv6AllowClientTraffic(BigInteger dpId, List<AllowedAddressPairs> allowedAddresses, int lportTag, int addOrRemove) {
List<InstructionInfo> instructions = getDispatcherTableResubmitInstructions();
for (AllowedAddressPairs aap : allowedAddresses) {
if (AclServiceUtils.isIPv4Address(aap)) {
continue;
}
List<MatchInfoBase> matches = new ArrayList<>();
matches.addAll(AclServiceUtils.buildDhcpV6Matches(AclConstants.DHCP_CLIENT_PORT_IPV6, AclConstants.DHCP_SERVER_PORT_IPV6, lportTag, serviceMode));
matches.add(new MatchEthernetSource(aap.getMacAddress()));
String flowName = "Egress_DHCP_Client_v6" + "_" + dpId + "_" + lportTag + "_" + aap.getMacAddress().getValue() + "_Permit_";
syncFlow(dpId, getAclAntiSpoofingTable(), flowName, AclConstants.PROTO_DHCP_CLIENT_TRAFFIC_MATCH_PRIORITY, "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, matches, instructions, addOrRemove);
}
}
Also used :
InstructionInfo(org.opendaylight.genius.mdsalutil.InstructionInfo)
MatchEthernetSource(org.opendaylight.genius.mdsalutil.matches.MatchEthernetSource)
ArrayList(java.util.ArrayList)
AllowedAddressPairs(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs)
MatchInfoBase(org.opendaylight.genius.mdsalutil.MatchInfoBase)
Example 55 with MatchInfoBase
use of org.opendaylight.genius.mdsalutil.MatchInfoBase in project netvirt by opendaylight.
the class EgressAclServiceImpl method programArpRule.
/**
* Adds the rule to allow arp packets.
*
* @param dpId the dpId
* @param allowedAddresses the allowed addresses
* @param lportTag the lport tag
* @param addOrRemove whether to add or remove the flow
*/
protected void programArpRule(BigInteger dpId, List<AllowedAddressPairs> allowedAddresses, int lportTag, int addOrRemove) {
for (AllowedAddressPairs allowedAddress : allowedAddresses) {
if (!AclServiceUtils.isIPv4Address(allowedAddress)) {
// For IPv6 allowed addresses
continue;
}
IpPrefixOrAddress allowedAddressIp = allowedAddress.getIpAddress();
MacAddress allowedAddressMac = allowedAddress.getMacAddress();
List<MatchInfoBase> arpIpMatches = AclServiceUtils.buildArpIpMatches(allowedAddressIp);
List<MatchInfoBase> matches = new ArrayList<>();
matches.add(MatchEthernetType.ARP);
matches.add(new MatchArpSha(allowedAddressMac));
matches.add(new MatchEthernetSource(allowedAddressMac));
matches.addAll(arpIpMatches);
matches.add(AclServiceUtils.buildLPortTagMatch(lportTag, serviceMode));
List<InstructionInfo> instructions = getDispatcherTableResubmitInstructions();
LOG.debug("{} ARP Rule on DPID {}, lportTag {}", addOrRemove == NwConstants.DEL_FLOW ? "Deleting" : "Adding", dpId, lportTag);
String flowName = "Egress_ARP_" + dpId + "_" + lportTag + "_" + allowedAddress.getMacAddress().getValue() + String.valueOf(allowedAddressIp.getValue());
syncFlow(dpId, getAclAntiSpoofingTable(), flowName, AclConstants.PROTO_ARP_TRAFFIC_MATCH_PRIORITY, "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, matches, instructions, addOrRemove);
}
}
Also used :
MatchArpSha(org.opendaylight.genius.mdsalutil.matches.MatchArpSha)
InstructionInfo(org.opendaylight.genius.mdsalutil.InstructionInfo)
IpPrefixOrAddress(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress)
MatchEthernetSource(org.opendaylight.genius.mdsalutil.matches.MatchEthernetSource)
ArrayList(java.util.ArrayList)
AllowedAddressPairs(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs)
MacAddress(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress)
MatchInfoBase(org.opendaylight.genius.mdsalutil.MatchInfoBase)
Aggregations
MatchInfoBase (org.opendaylight.genius.mdsalutil.MatchInfoBase)70
ArrayList (java.util.ArrayList)60
InstructionInfo (org.opendaylight.genius.mdsalutil.InstructionInfo)33
BigInteger (java.math.BigInteger)18
ActionInfo (org.opendaylight.genius.mdsalutil.ActionInfo)18
List (java.util.List)16
MatchMetadata (org.opendaylight.genius.mdsalutil.matches.MatchMetadata)15
InstructionApplyActions (org.opendaylight.genius.mdsalutil.instructions.InstructionApplyActions)13
Ipv4Prefix (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Prefix)11
Test (org.junit.Test)10
NxMatchCtState (org.opendaylight.genius.mdsalutil.nxmatches.NxMatchCtState)10
AceIpBuilder (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIpBuilder)10
MatchIpv4Destination (org.opendaylight.genius.mdsalutil.matches.MatchIpv4Destination)9
ActionNxConntrack (org.opendaylight.genius.mdsalutil.actions.ActionNxConntrack)8
MacAddress (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress)8
AllowedAddressPairs (org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs)8
MatchIpv4Source (org.opendaylight.genius.mdsalutil.matches.MatchIpv4Source)7
AceIpv4Builder (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.ace.ip.version.AceIpv4Builder)7
HashMap (java.util.HashMap)6
NxCtAction (org.opendaylight.genius.mdsalutil.actions.ActionNxConntrack.NxCtAction)6
