use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.Acl in project netvirt by opendaylight.
the class AclServiceOFFlowBuilder method programTcpFlow.
/**
*Converts TCP matches to flows.
* @param acl the access control list
* @return the map containing the flows and the respective flow id
*/
public static Map<String, List<MatchInfoBase>> programTcpFlow(AceIp acl) {
Map<String, List<MatchInfoBase>> flowMatchesMap = new HashMap<>();
SourcePortRange sourcePortRange = acl.getSourcePortRange();
DestinationPortRange destinationPortRange = acl.getDestinationPortRange();
if (sourcePortRange == null && destinationPortRange == null) {
List<MatchInfoBase> flowMatches = new ArrayList<>();
flowMatches.addAll(addSrcIpMatches(acl));
flowMatches.addAll(addDstIpMatches(acl));
flowMatches.add(new MatchIpProtocol(acl.getProtocol()));
String flowId = "TCP_SOURCE_ALL_";
flowMatchesMap.put(flowId, flowMatches);
return flowMatchesMap;
}
if (sourcePortRange != null) {
Map<Integer, Integer> portMaskMap = getLayer4MaskForRange(sourcePortRange.getLowerPort().getValue(), sourcePortRange.getUpperPort().getValue());
for (Entry<Integer, Integer> entry : portMaskMap.entrySet()) {
Integer port = entry.getKey();
List<MatchInfoBase> flowMatches = new ArrayList<>();
flowMatches.addAll(addSrcIpMatches(acl));
flowMatches.addAll(addDstIpMatches(acl));
Integer mask = entry.getValue();
if (mask != AclConstants.ALL_LAYER4_PORT_MASK) {
flowMatches.add(new NxMatchTcpSourcePort(port, mask));
}
flowMatches.add(new MatchIpProtocol(acl.getProtocol()));
String flowId = "TCP_SOURCE_" + port + "_" + mask;
flowMatchesMap.put(flowId, flowMatches);
}
}
if (destinationPortRange != null) {
Map<Integer, Integer> portMaskMap = getLayer4MaskForRange(destinationPortRange.getLowerPort().getValue(), destinationPortRange.getUpperPort().getValue());
for (Entry<Integer, Integer> entry : portMaskMap.entrySet()) {
Integer port = entry.getKey();
List<MatchInfoBase> flowMatches = new ArrayList<>();
flowMatches.addAll(addSrcIpMatches(acl));
flowMatches.addAll(addDstIpMatches(acl));
Integer mask = entry.getValue();
if (mask != AclConstants.ALL_LAYER4_PORT_MASK) {
flowMatches.add(new NxMatchTcpDestinationPort(port, mask));
}
flowMatches.add(new MatchIpProtocol(acl.getProtocol()));
String flowId = "TCP_DESTINATION_" + port + "_" + mask;
flowMatchesMap.put(flowId, flowMatches);
}
}
return flowMatchesMap;
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.Acl in project netvirt by opendaylight.
the class AclServiceOFFlowBuilder method programIpFlow.
/**
* Converts IP matches into flows.
* @param matches
* the matches
* @return the map containing the flows and the respective flow id
*/
public static Map<String, List<MatchInfoBase>> programIpFlow(Matches matches) {
if (matches != null) {
AceIp acl = (AceIp) matches.getAceType();
Short protocol = acl.getProtocol();
if (protocol == null) {
return programEtherFlow(acl);
} else if (acl.getProtocol() == NwConstants.IP_PROT_TCP) {
return programTcpFlow(acl);
} else if (acl.getProtocol() == NwConstants.IP_PROT_UDP) {
return programUdpFlow(acl);
} else if (acl.getProtocol() == NwConstants.IP_PROT_ICMP) {
return programIcmpFlow(acl);
} else if (acl.getProtocol() != -1) {
return programOtherProtocolFlow(acl);
}
}
return null;
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.Acl in project netvirt by opendaylight.
the class AclServiceOFFlowBuilder method programOtherProtocolFlow.
/**
* Converts generic protocol matches to flows.
*
* @param acl the access control list
* @return the map containing the flows and the respective flow id
*/
public static Map<String, List<MatchInfoBase>> programOtherProtocolFlow(AceIp acl) {
List<MatchInfoBase> flowMatches = new ArrayList<>();
flowMatches.addAll(addSrcIpMatches(acl));
flowMatches.addAll(addDstIpMatches(acl));
if (acl.getAceIpVersion() instanceof AceIpv4) {
flowMatches.add(MatchEthernetType.IPV4);
} else if (acl.getAceIpVersion() instanceof AceIpv6) {
flowMatches.add(MatchEthernetType.IPV6);
}
flowMatches.add(new MatchIpProtocol(acl.getProtocol()));
String flowId = "OTHER_PROTO" + acl.getProtocol();
Map<String, List<MatchInfoBase>> flowMatchesMap = new HashMap<>();
flowMatchesMap.put(flowId, flowMatches);
return flowMatchesMap;
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.Acl in project netvirt by opendaylight.
the class AclServiceOFFlowBuilder method addSrcIpMatches.
/**
* Adds source ip matches to the flows.
* @param acl the access control list
* @return the list of flows.
*/
public static List<MatchInfoBase> addSrcIpMatches(AceIp acl) {
List<MatchInfoBase> flowMatches = new ArrayList<>();
if (acl.getAceIpVersion() instanceof AceIpv4) {
flowMatches.add(MatchEthernetType.IPV4);
Ipv4Prefix srcNetwork = ((AceIpv4) acl.getAceIpVersion()).getSourceIpv4Network();
if (null != srcNetwork && !srcNetwork.getValue().equals(AclConstants.IPV4_ALL_NETWORK)) {
flowMatches.add(new MatchIpv4Source(srcNetwork));
}
} else if (acl.getAceIpVersion() instanceof AceIpv6) {
flowMatches.add(MatchEthernetType.IPV6);
Ipv6Prefix srcNetwork = ((AceIpv6) acl.getAceIpVersion()).getSourceIpv6Network();
if (null != srcNetwork && !srcNetwork.getValue().equals(AclConstants.IPV6_ALL_NETWORK)) {
flowMatches.add(new MatchIpv6Source(srcNetwork));
}
}
return flowMatches;
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.Acl in project netvirt by opendaylight.
the class AclServiceUtils method getAceFlowPriority.
/**
* Gets the ace flow priority.
*
* @param aclName the acl name
* @return the ace flow priority
*/
public Integer getAceFlowPriority(String aclName) {
Integer priority = AclConstants.ACE_DEFAULT_PRIORITY;
Integer aclTag = getAclTag(new Uuid(aclName));
if (aclTag != null && aclTag != AclConstants.INVALID_ACL_TAG) {
// To handle overlapping rules, aclTag is added to priority
priority += aclTag;
} else {
LOG.warn("aclTag={} is null or invalid for aclName={}", aclTag, aclName);
}
return priority;
}
Aggregations