use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIp in project netvirt by opendaylight.
the class AclMatches method addIpProtocolMatch.
private void addIpProtocolMatch(AceIp aceIp) {
// Match on IP
setIpv4EtherType();
IpMatchBuilder ipMatch = new IpMatchBuilder();
ipMatch.setIpProtocol(aceIp.getProtocol());
matchBuilder.setIpMatch(mergeIpMatch(matchBuilder, ipMatch));
// TODO Ranges are not supported yet
int srcPort = 0;
if (aceIp.getSourcePortRange() != null && aceIp.getSourcePortRange().getLowerPort() != null) {
srcPort = aceIp.getSourcePortRange().getLowerPort().getValue();
}
int dstPort = 0;
if (aceIp.getDestinationPortRange() != null && aceIp.getDestinationPortRange().getLowerPort() != null) {
dstPort = aceIp.getDestinationPortRange().getLowerPort().getValue();
}
// Match on a TCP/UDP src/dst port
if (aceIp.getProtocol() == IPProtocols.TCP.shortValue()) {
TcpMatchBuilder tcpMatch = new TcpMatchBuilder();
if (srcPort != 0) {
tcpMatch.setTcpSourcePort(new PortNumber(srcPort));
}
if (dstPort != 0) {
tcpMatch.setTcpDestinationPort(new PortNumber(dstPort));
}
if (srcPort != 0 || dstPort != 0) {
matchBuilder.setLayer4Match(tcpMatch.build());
}
} else if (aceIp.getProtocol() == IPProtocols.UDP.shortValue()) {
UdpMatchBuilder udpMatch = new UdpMatchBuilder();
if (srcPort != 0) {
udpMatch.setUdpSourcePort(new PortNumber(srcPort));
}
if (dstPort != 0) {
udpMatch.setUdpDestinationPort(new PortNumber(dstPort));
}
if (srcPort != 0 || dstPort != 0) {
matchBuilder.setLayer4Match(udpMatch.build());
}
}
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIp in project netvirt by opendaylight.
the class AclMatches method invertMatches.
public static Matches invertMatches(Matches matches) {
LOG.trace("Invert matches: {}", matches);
MatchesBuilder matchesBuilder = new MatchesBuilder(matches);
if (matches.getAceType() instanceof AceIp) {
AceIp aceIp = (AceIp) matches.getAceType();
AceIpBuilder aceIpBuilder = new AceIpBuilder(aceIp);
aceIpBuilder.setDestinationPortRange(null);
aceIpBuilder.setSourcePortRange(null);
SourcePortRange sourcePortRange = aceIp.getSourcePortRange();
DestinationPortRange destinationPortRange = aceIp.getDestinationPortRange();
if (sourcePortRange != null) {
DestinationPortRangeBuilder destinationPortRangeBuilder = new DestinationPortRangeBuilder();
destinationPortRangeBuilder.setLowerPort(sourcePortRange.getLowerPort());
destinationPortRangeBuilder.setUpperPort(sourcePortRange.getUpperPort());
aceIpBuilder.setDestinationPortRange(destinationPortRangeBuilder.build());
}
if (destinationPortRange != null) {
SourcePortRangeBuilder sourcePortRangeBuilder = new SourcePortRangeBuilder();
sourcePortRangeBuilder.setLowerPort(destinationPortRange.getLowerPort());
sourcePortRangeBuilder.setUpperPort(destinationPortRange.getUpperPort());
aceIpBuilder.setSourcePortRange(sourcePortRangeBuilder.build());
}
if (aceIp.getAceIpVersion() instanceof AceIpv4) {
AceIpv4 aceIpv4 = (AceIpv4) aceIp.getAceIpVersion();
Ipv4Prefix destinationIpv4Network = aceIpv4.getDestinationIpv4Network();
Ipv4Prefix sourceIpv4Network = aceIpv4.getSourceIpv4Network();
AceIpv4Builder aceIpv4Builder = new AceIpv4Builder(aceIpv4);
aceIpv4Builder.setDestinationIpv4Network(sourceIpv4Network);
aceIpv4Builder.setSourceIpv4Network(destinationIpv4Network);
aceIpBuilder.setAceIpVersion(aceIpv4Builder.build());
} else if (aceIp.getAceIpVersion() instanceof AceIpv6) {
AceIpv6 aceIpv6 = (AceIpv6) aceIp.getAceIpVersion();
Ipv6Prefix destinationIpv6Network = aceIpv6.getDestinationIpv6Network();
Ipv6Prefix sourceIpv6Network = aceIpv6.getSourceIpv6Network();
AceIpv6Builder aceIpv6Builder = new AceIpv6Builder(aceIpv6);
aceIpv6Builder.setDestinationIpv6Network(sourceIpv6Network);
aceIpv6Builder.setSourceIpv6Network(destinationIpv6Network);
aceIpBuilder.setAceIpVersion(aceIpv6Builder.build());
}
matchesBuilder.setAceType(aceIpBuilder.build());
} else if (matches.getAceType() instanceof AceEth) {
AceEth aceEth = (AceEth) matches.getAceType();
MacAddress destinationMacAddress = aceEth.getDestinationMacAddress();
MacAddress destinationMacAddressMask = aceEth.getDestinationMacAddressMask();
MacAddress sourceMacAddress = aceEth.getSourceMacAddress();
MacAddress sourceMacAddressMask = aceEth.getSourceMacAddressMask();
AceEthBuilder aceEthBuilder = new AceEthBuilder(aceEth);
aceEthBuilder.setDestinationMacAddress(sourceMacAddress);
aceEthBuilder.setDestinationMacAddressMask(sourceMacAddressMask);
aceEthBuilder.setSourceMacAddress(destinationMacAddress);
aceEthBuilder.setSourceMacAddressMask(destinationMacAddressMask);
matchesBuilder.setAceType(aceEthBuilder.build());
}
Matches invertedMatches = matchesBuilder.build();
LOG.trace("Inverted matches: {}", invertedMatches);
return invertedMatches;
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIp in project netvirt by opendaylight.
the class AclMatches method addIpV4Match.
private void addIpV4Match(AceIp aceIp) {
setIpv4EtherType();
AceIpv4 aceIpv4 = (AceIpv4) aceIp.getAceIpVersion();
if (aceIpv4.getDestinationIpv4Network() != null) {
Ipv4MatchBuilder ipv4match = new Ipv4MatchBuilder();
ipv4match.setIpv4Destination(aceIpv4.getDestinationIpv4Network());
matchBuilder.setLayer3Match(mergeIpv4Match(matchBuilder, ipv4match));
}
if (aceIpv4.getSourceIpv4Network() != null) {
Ipv4MatchBuilder ipv4match = new Ipv4MatchBuilder();
ipv4match.setIpv4Source(aceIpv4.getSourceIpv4Network());
matchBuilder.setLayer3Match(mergeIpv4Match(matchBuilder, ipv4match));
}
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIp in project netvirt by opendaylight.
the class AclMatchesTest method invertIpv6MatchTest.
@Test
public void invertIpv6MatchTest() {
AceIpBuilder aceIpBuilder = new AceIpBuilder();
aceIpBuilder.setProtocol(IPProtocols.TCP.shortValue());
aceIpBuilder.setDscp(new Dscp(DSCP_VALUE));
SourcePortRangeBuilder srcPortRange = new SourcePortRangeBuilder();
srcPortRange.setLowerPort(new PortNumber(TCP_SRC_LOWER_PORT));
srcPortRange.setUpperPort(new PortNumber(TCP_SRC_UPPER_PORT));
SourcePortRange sourcePortRange = srcPortRange.build();
aceIpBuilder.setSourcePortRange(sourcePortRange);
DestinationPortRangeBuilder dstPortRange = new DestinationPortRangeBuilder();
dstPortRange.setLowerPort(new PortNumber(TCP_DST_LOWER_PORT));
dstPortRange.setUpperPort(new PortNumber(TCP_DST_UPPER_PORT));
DestinationPortRange destinationPortRange = dstPortRange.build();
aceIpBuilder.setDestinationPortRange(destinationPortRange);
AceIpv6Builder aceIpv6Builder = new AceIpv6Builder();
aceIpv6Builder.setDestinationIpv6Network(new Ipv6Prefix(IPV6_DST_STR));
aceIpv6Builder.setSourceIpv6Network(new Ipv6Prefix(IPV6_SRC_STR));
AceIpv6 aceIpv6 = aceIpv6Builder.build();
aceIpBuilder.setAceIpVersion(aceIpv6);
MatchesBuilder matchesBuilder = new MatchesBuilder();
AceIp aceIp = aceIpBuilder.build();
matchesBuilder.setAceType(aceIp);
Matches matches = matchesBuilder.build();
Matches invertedMatches = AclMatches.invertMatches(matches);
assertNotEquals(matches, invertedMatches);
AceIp invertedAceIp = (AceIp) invertedMatches.getAceType();
assertEquals(invertedAceIp.getDscp(), aceIp.getDscp());
assertEquals(invertedAceIp.getProtocol(), aceIp.getProtocol());
DestinationPortRange invertedDestinationPortRange = invertedAceIp.getDestinationPortRange();
assertEquals(invertedDestinationPortRange.getLowerPort(), sourcePortRange.getLowerPort());
assertEquals(invertedDestinationPortRange.getUpperPort(), sourcePortRange.getUpperPort());
SourcePortRange invertedSourcePortRange = invertedAceIp.getSourcePortRange();
assertEquals(invertedSourcePortRange.getLowerPort(), destinationPortRange.getLowerPort());
assertEquals(invertedSourcePortRange.getUpperPort(), destinationPortRange.getUpperPort());
AceIpv6 invertedAceIpv6 = (AceIpv6) invertedAceIp.getAceIpVersion();
assertEquals(invertedAceIpv6.getDestinationIpv6Network(), aceIpv6.getSourceIpv6Network());
assertEquals(invertedAceIpv6.getSourceIpv6Network(), aceIpv6.getDestinationIpv6Network());
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIp in project netvirt by opendaylight.
the class AclServiceOFFlowBuilder method programUdpFlow.
/**
*Converts UDP matches to flows.
* @param acl the access control list
* @return the map containing the flows and the respective flow id
*/
public static Map<String, List<MatchInfoBase>> programUdpFlow(AceIp acl) {
Map<String, List<MatchInfoBase>> flowMatchesMap = new HashMap<>();
SourcePortRange sourcePortRange = acl.getSourcePortRange();
DestinationPortRange destinationPortRange = acl.getDestinationPortRange();
if (sourcePortRange == null && destinationPortRange == null) {
List<MatchInfoBase> flowMatches = new ArrayList<>();
flowMatches.addAll(addSrcIpMatches(acl));
flowMatches.addAll(addDstIpMatches(acl));
flowMatches.add(new MatchIpProtocol(acl.getProtocol()));
String flowId = "UDP_SOURCE_ALL_";
flowMatchesMap.put(flowId, flowMatches);
return flowMatchesMap;
}
if (sourcePortRange != null) {
Map<Integer, Integer> portMaskMap = getLayer4MaskForRange(sourcePortRange.getLowerPort().getValue(), sourcePortRange.getUpperPort().getValue());
for (Entry<Integer, Integer> entry : portMaskMap.entrySet()) {
Integer port = entry.getKey();
List<MatchInfoBase> flowMatches = new ArrayList<>();
flowMatches.addAll(addSrcIpMatches(acl));
flowMatches.addAll(addDstIpMatches(acl));
Integer mask = entry.getValue();
if (mask != AclConstants.ALL_LAYER4_PORT_MASK) {
flowMatches.add(new NxMatchUdpSourcePort(port, mask));
}
flowMatches.add(new MatchIpProtocol(acl.getProtocol()));
String flowId = "UDP_SOURCE_" + port + "_" + mask;
flowMatchesMap.put(flowId, flowMatches);
}
}
if (destinationPortRange != null) {
Map<Integer, Integer> portMaskMap = getLayer4MaskForRange(destinationPortRange.getLowerPort().getValue(), destinationPortRange.getUpperPort().getValue());
for (Entry<Integer, Integer> entry : portMaskMap.entrySet()) {
Integer port = entry.getKey();
List<MatchInfoBase> flowMatches = new ArrayList<>();
flowMatches.addAll(addSrcIpMatches(acl));
flowMatches.addAll(addDstIpMatches(acl));
Integer mask = entry.getValue();
if (mask != AclConstants.ALL_LAYER4_PORT_MASK) {
flowMatches.add(new NxMatchUdpDestinationPort(port, mask));
}
flowMatches.add(new MatchIpProtocol(acl.getProtocol()));
String flowId = "UDP_DESTINATION_" + port + "_" + mask;
flowMatchesMap.put(flowId, flowMatches);
}
}
return flowMatchesMap;
}
Aggregations