Examples with Matches org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.Matches used on opensource projects

Example 21 with Matches

use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.Matches in project netvirt by opendaylight.

the class EgressAclServiceImpl method programL2BroadcastAllowRule.

/**
 * Programs Non-IP broadcast rules.
 *
 * @param port the Acl Interface port
 * @param addOrRemove whether to delete or add flow
 */
private void programL2BroadcastAllowRule(AclInterface port, int addOrRemove) {
    BigInteger dpId = port.getDpId();
    int lportTag = port.getLPortTag();
    List<AllowedAddressPairs> allowedAddresses = port.getAllowedAddressPairs();
    Set<MacAddress> macs = allowedAddresses.stream().map(aap -> aap.getMacAddress()).collect(Collectors.toSet());
    for (MacAddress mac : macs) {
        List<MatchInfoBase> matches = new ArrayList<>();
        matches.add(new MatchEthernetSource(mac));
        matches.add(AclServiceUtils.buildLPortTagMatch(lportTag, serviceMode));
        List<InstructionInfo> instructions = getDispatcherTableResubmitInstructions();
        String flowName = "Egress_L2Broadcast_" + dpId + "_" + lportTag + "_" + mac.getValue();
        syncFlow(dpId, getAclAntiSpoofingTable(), flowName, AclConstants.PROTO_L2BROADCAST_TRAFFIC_MATCH_PRIORITY, "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, matches, instructions, addOrRemove);
    }
}

Example 22 with Matches

use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.Matches in project netvirt by opendaylight.

the class IngressAclServiceImpl method programIpv4BroadcastRule.

/**
 * Programs IPv4 broadcast rules.
 *
 * @param port the Acl Interface port
 * @param addOrRemove whether to delete or add flow
 */
private void programIpv4BroadcastRule(AclInterface port, int addOrRemove) {
    BigInteger dpId = port.getDpId();
    int lportTag = port.getLPortTag();
    MatchInfoBase lportMatchInfo = AclServiceUtils.buildLPortTagMatch(lportTag, serviceMode);
    List<IpPrefixOrAddress> cidrs = port.getSubnetIpPrefixes();
    if (cidrs != null) {
        List<String> broadcastAddresses = AclServiceUtils.getIpBroadcastAddresses(cidrs);
        for (String broadcastAddress : broadcastAddresses) {
            List<MatchInfoBase> matches = AclServiceUtils.buildBroadcastIpV4Matches(broadcastAddress);
            matches.add(lportMatchInfo);
            List<InstructionInfo> instructions = new ArrayList<>();
            instructions.add(new InstructionGotoTable(getAclConntrackClassifierTable()));
            String flowName = "Ingress_v4_Broadcast_" + dpId + "_" + lportTag + "_" + broadcastAddress + "_Permit";
            syncFlow(dpId, getAclAntiSpoofingTable(), flowName, AclConstants.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, matches, instructions, addOrRemove);
        }
    } else {
        LOG.warn("IP Broadcast CIDRs are missing for port {}", port.getInterfaceId());
    }
}

Example 23 with Matches

use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.Matches in project netvirt by opendaylight.

the class ExternalRoutersListener method makeLFibTableEntry.

private void makeLFibTableEntry(BigInteger dpId, long serviceId, short tableId, WriteTransaction writeFlowInvTx) {
    List<MatchInfo> matches = new ArrayList<>();
    matches.add(MatchEthernetType.MPLS_UNICAST);
    matches.add(new MatchMplsLabel(serviceId));
    List<Instruction> instructions = new ArrayList<>();
    List<ActionInfo> actionsInfos = new ArrayList<>();
    actionsInfos.add(new ActionPopMpls());
    Instruction writeInstruction = new InstructionApplyActions(actionsInfos).buildInstruction(0);
    instructions.add(writeInstruction);
    instructions.add(new InstructionGotoTable(tableId).buildInstruction(1));
    // Install the flow entry in L3_LFIB_TABLE
    String flowRef = getFlowRef(dpId, NwConstants.L3_LFIB_TABLE, serviceId, "");
    Flow flowEntity = MDSALUtil.buildFlowNew(NwConstants.L3_LFIB_TABLE, flowRef, 10, flowRef, 0, 0, COOKIE_VM_LFIB_TABLE, matches, instructions);
    mdsalManager.addFlowToTx(dpId, flowEntity, writeFlowInvTx);
    LOG.debug("makeLFibTableEntry : LFIB Entry for dpID {} : label : {} modified successfully", dpId, serviceId);
}

Example 24 with Matches

use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.Matches in project netvirt by opendaylight.

the class VpnFloatingIpHandler method makeLFibTableEntry.

private void makeLFibTableEntry(BigInteger dpId, long serviceId, String floatingIpPortMacAddress, short tableId, WriteTransaction writeFlowInvTx) {
    List<MatchInfo> matches = new ArrayList<>();
    matches.add(MatchEthernetType.MPLS_UNICAST);
    matches.add(new MatchMplsLabel(serviceId));
    List<Instruction> instructions = new ArrayList<>();
    List<ActionInfo> actionsInfos = new ArrayList<>();
    actionsInfos.add(new ActionPopMpls());
    actionsInfos.add(new ActionSetFieldEthernetDestination(new MacAddress(floatingIpPortMacAddress)));
    Instruction writeInstruction = new InstructionApplyActions(actionsInfos).buildInstruction(0);
    instructions.add(writeInstruction);
    instructions.add(new InstructionGotoTable(tableId).buildInstruction(1));
    // Install the flow entry in L3_LFIB_TABLE
    String flowRef = getFlowRef(dpId, NwConstants.L3_LFIB_TABLE, serviceId, "");
    Flow flowEntity = MDSALUtil.buildFlowNew(NwConstants.L3_LFIB_TABLE, flowRef, 10, flowRef, 0, 0, NwConstants.COOKIE_VM_LFIB_TABLE, matches, instructions);
    mdsalManager.addFlowToTx(dpId, flowEntity, writeFlowInvTx);
    LOG.debug("makeLFibTableEntry : LFIB Entry for dpID {} : label : {} modified successfully", dpId, serviceId);
}

Example 25 with Matches

use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.Matches in project netvirt by opendaylight.

the class VxlanGreConntrackBasedSnatService method createOutboundTblEntryForVxlanGre.

protected void createOutboundTblEntryForVxlanGre(BigInteger dpnId, long routerId, Long extNetVpnId, List<ExternalIps> externalIps, int elanId, int addOrRemove) {
    LOG.info("createOutboundTblEntryForVxlanGre: Install Outbound table flow on dpId {} for routerId {}", dpnId, routerId);
    List<MatchInfoBase> matches = new ArrayList<>();
    matches.add(MatchEthernetType.IPV4);
    matches.add(new NxMatchCtState(TRACKED_NEW_CT_STATE, TRACKED_NEW_CT_MASK));
    matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(routerId), MetaDataUtil.METADATA_MASK_VRFID));
    if (externalIps.isEmpty()) {
        LOG.error("createOutboundTblEntryForVxlanGre: No externalIP present for routerId {}", routerId);
        return;
    }
    // The logic now handle only one external IP per router, others if present will be ignored.
    String externalIp = externalIps.get(0).getIpAddress();
    List<ActionInfo> actionsInfos = new ArrayList<>();
    if (addOrRemove == NwConstants.ADD_FLOW) {
        ActionSetFieldMeta actionSetFieldMeta = new ActionSetFieldMeta(MetaDataUtil.getVpnIdMetadata(extNetVpnId));
        actionsInfos.add(actionSetFieldMeta);
    }
    List<ActionNxConntrack.NxCtAction> ctActionsListCommit = new ArrayList<>();
    int rangePresent = NxActionNatRangePresent.NXNATRANGEIPV4MIN.getIntValue();
    int flags = NxActionNatFlags.NXNATFSRC.getIntValue();
    ActionNxConntrack.NxCtAction nxCtActionCommit = new ActionNxConntrack.NxNat(0, flags, rangePresent, new IpPrefixOrAddress(externalIp.toCharArray()).getIpAddress(), null, 0, 0);
    ctActionsListCommit.add(nxCtActionCommit);
    int ctCommitFlag = 1;
    ActionNxConntrack actionNxConntrackSubmit = new ActionNxConntrack(ctCommitFlag, 0, elanId, NwConstants.NAPT_PFIB_TABLE, ctActionsListCommit);
    actionsInfos.add(actionNxConntrackSubmit);
    List<InstructionInfo> instructions = new ArrayList<>();
    instructions.add(new InstructionApplyActions(actionsInfos));
    String flowRef = getFlowRef(dpnId, NwConstants.OUTBOUND_NAPT_TABLE, routerId);
    syncFlow(dpnId, NwConstants.OUTBOUND_NAPT_TABLE, flowRef, NatConstants.SNAT_NEW_FLOW_PRIORITY, flowRef, NwConstants.COOKIE_SNAT_TABLE, matches, instructions, addOrRemove);
}