use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIpBuilder in project netvirt by opendaylight.
the class OpenFlow13ProviderTest method createIngressClassifierAclFlow.
@Test
public void createIngressClassifierAclFlow() {
// Create an empty AclMatch to pass in
MatchesBuilder matchesBuilder = new MatchesBuilder();
matchesBuilder.setAceType(new AceIpBuilder().build());
AclMatches aclMatches = new AclMatches(matchesBuilder.build());
MatchBuilder matchBuilder = aclMatches.buildMatch();
Flow flow = openflowProvider.createIngressClassifierAclFlow(nodeId, matchBuilder, IN_PORT, NSP, NSI);
assertEquals(flow.getTableId().shortValue(), NwConstants.INGRESS_SFC_CLASSIFIER_ACL_TABLE);
assertEquals(flow.getPriority().intValue(), OpenFlow13Provider.INGRESS_CLASSIFIER_ACL_PRIORITY);
assertEquals(flow.getId().getValue(), OpenFlow13Provider.INGRESS_CLASSIFIER_ACL_FLOW_NAME + "_" + nodeId.getValue() + matchBuilder.build().toString());
assertEquals(flow.getCookie().getValue(), OpenFlow13Provider.INGRESS_CLASSIFIER_ACL_COOKIE);
// Only checking the inport match, since the rest is tested in AclMatchesTest
checkMatchInport(flow.getMatch(), nodeId.getValue() + ":" + IN_PORT);
assertEquals(1, flow.getInstructions().getInstruction().size());
Instruction curInstruction = flow.getInstructions().getInstruction().get(0).getInstruction();
List<Action> actionList = checkApplyActionSize(curInstruction, 8);
checkActionPushNsh(actionList.get(0));
checkActionLoadNshMdtype(actionList.get(1));
checkActionLoadNshNp(actionList.get(2));
checkActionLoadNsp(actionList.get(3));
checkActionLoadNsi(actionList.get(4));
checkActionLoadNshc1(actionList.get(5), OpenFlow13Provider.ACL_FLAG_CONTEXT_VALUE);
checkActionLoadNshc2(actionList.get(6), OpenFlow13Provider.DEFAULT_NSH_CONTEXT_VALUE);
checkActionResubmit(curInstruction, NwConstants.LPORT_DISPATCHER_TABLE);
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIpBuilder in project netvirt by opendaylight.
the class AclMatchesTest method buildIpv4UdpMatchTest.
@Test
public void buildIpv4UdpMatchTest() {
AceIpBuilder aceIpBuilder = new AceIpBuilder();
aceIpBuilder.setAceIpVersion(new AceIpv4Builder().build());
aceIpBuilder.setProtocol(IPProtocols.UDP.shortValue());
SourcePortRangeBuilder srcPortRange = new SourcePortRangeBuilder();
srcPortRange.setLowerPort(new PortNumber(UDP_SRC_LOWER_PORT));
srcPortRange.setUpperPort(new PortNumber(UDP_SRC_UPPER_PORT));
aceIpBuilder.setSourcePortRange(srcPortRange.build());
DestinationPortRangeBuilder dstPortRange = new DestinationPortRangeBuilder();
dstPortRange.setLowerPort(new PortNumber(UDP_DST_LOWER_PORT));
dstPortRange.setUpperPort(new PortNumber(UDP_DST_UPPER_PORT));
aceIpBuilder.setDestinationPortRange(dstPortRange.build());
MatchesBuilder matchesBuilder = new MatchesBuilder();
matchesBuilder.setAceType(aceIpBuilder.build());
// Create the aclMatches that is the object to be tested
AclMatches aclMatches = new AclMatches(matchesBuilder.build());
MatchBuilder matchBuilder = aclMatches.buildMatch();
// There should be an IPv4 etherType set
EthernetMatch ethMatch = matchBuilder.getEthernetMatch();
assertNotNull(ethMatch);
assertEquals(ethMatch.getEthernetType().getType().getValue(), Long.valueOf(NwConstants.ETHTYPE_IPV4));
// Make sure its UDP
IpMatch ipMatch = matchBuilder.getIpMatch();
assertNotNull(ipMatch);
assertEquals(ipMatch.getIpProtocol(), Short.valueOf(IPProtocols.UDP.shortValue()));
// Currently ranges arent supported, only the lower port is used
UdpMatch udpMatch = (UdpMatch) matchBuilder.getLayer4Match();
assertEquals(udpMatch.getUdpSourcePort().getValue(), Integer.valueOf(UDP_SRC_LOWER_PORT));
assertEquals(udpMatch.getUdpDestinationPort().getValue(), Integer.valueOf(UDP_DST_LOWER_PORT));
// The layer3 match should be null
assertNull(matchBuilder.getLayer3Match());
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIpBuilder in project netvirt by opendaylight.
the class AclMatchesTest method invertIpv4MatchTest.
@Test
public void invertIpv4MatchTest() {
AceIpBuilder aceIpBuilder = new AceIpBuilder();
aceIpBuilder.setProtocol(IPProtocols.UDP.shortValue());
aceIpBuilder.setDscp(new Dscp(DSCP_VALUE));
DestinationPortRangeBuilder dstPortRange = new DestinationPortRangeBuilder();
dstPortRange.setLowerPort(new PortNumber(UDP_DST_LOWER_PORT));
dstPortRange.setUpperPort(new PortNumber(UDP_DST_UPPER_PORT));
DestinationPortRange destinationPortRange = dstPortRange.build();
aceIpBuilder.setDestinationPortRange(destinationPortRange);
AceIpv4Builder aceIpv4Builder = new AceIpv4Builder();
aceIpv4Builder.setDestinationIpv4Network(new Ipv4Prefix(IPV4_DST_STR));
aceIpv4Builder.setSourceIpv4Network(new Ipv4Prefix(IPV4_SRC_STR));
AceIpv4 aceIpv4 = aceIpv4Builder.build();
aceIpBuilder.setAceIpVersion(aceIpv4);
MatchesBuilder matchesBuilder = new MatchesBuilder();
AceIp aceIp = aceIpBuilder.build();
matchesBuilder.setAceType(aceIp);
Matches matches = matchesBuilder.build();
Matches invertedMatches = AclMatches.invertMatches(matches);
assertNotEquals(matches, invertedMatches);
AceIp invertedAceIp = (AceIp) invertedMatches.getAceType();
assertEquals(invertedAceIp.getDscp(), aceIp.getDscp());
assertEquals(invertedAceIp.getProtocol(), aceIp.getProtocol());
DestinationPortRange invertedDestinationPortRange = invertedAceIp.getDestinationPortRange();
assertNull(invertedDestinationPortRange);
SourcePortRange invertedSourcePortRange = invertedAceIp.getSourcePortRange();
assertEquals(invertedSourcePortRange.getLowerPort(), destinationPortRange.getLowerPort());
assertEquals(invertedSourcePortRange.getUpperPort(), destinationPortRange.getUpperPort());
AceIpv4 invertedAceIpv4 = (AceIpv4) invertedAceIp.getAceIpVersion();
assertEquals(invertedAceIpv4.getDestinationIpv4Network(), aceIpv4.getSourceIpv4Network());
assertEquals(invertedAceIpv4.getSourceIpv4Network(), aceIpv4.getDestinationIpv4Network());
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIpBuilder in project netvirt by opendaylight.
the class AclMatchesTest method buildIpv4TcpMatchTest.
@Test
public void buildIpv4TcpMatchTest() {
AceIpBuilder aceIpBuilder = new AceIpBuilder();
aceIpBuilder.setAceIpVersion(new AceIpv4Builder().build());
aceIpBuilder.setProtocol(IPProtocols.TCP.shortValue());
SourcePortRangeBuilder srcPortRange = new SourcePortRangeBuilder();
srcPortRange.setLowerPort(new PortNumber(TCP_SRC_LOWER_PORT));
srcPortRange.setUpperPort(new PortNumber(TCP_SRC_UPPER_PORT));
aceIpBuilder.setSourcePortRange(srcPortRange.build());
DestinationPortRangeBuilder dstPortRange = new DestinationPortRangeBuilder();
dstPortRange.setLowerPort(new PortNumber(TCP_DST_LOWER_PORT));
dstPortRange.setUpperPort(new PortNumber(TCP_DST_UPPER_PORT));
aceIpBuilder.setDestinationPortRange(dstPortRange.build());
MatchesBuilder matchesBuilder = new MatchesBuilder();
matchesBuilder.setAceType(aceIpBuilder.build());
// Create the aclMatches that is the object to be tested
AclMatches aclMatches = new AclMatches(matchesBuilder.build());
MatchBuilder matchBuilder = aclMatches.buildMatch();
// There should be an IPv4 etherType set
EthernetMatch ethMatch = matchBuilder.getEthernetMatch();
assertNotNull(ethMatch);
assertEquals(ethMatch.getEthernetType().getType().getValue(), Long.valueOf(NwConstants.ETHTYPE_IPV4));
// Make sure its TCP
IpMatch ipMatch = matchBuilder.getIpMatch();
assertNotNull(ipMatch);
assertEquals(ipMatch.getIpProtocol(), Short.valueOf(IPProtocols.TCP.shortValue()));
// Currently ranges arent supported, only the lower port is used
TcpMatch tcpMatch = (TcpMatch) matchBuilder.getLayer4Match();
assertEquals(tcpMatch.getTcpSourcePort().getValue(), Integer.valueOf(TCP_SRC_LOWER_PORT));
assertEquals(tcpMatch.getTcpDestinationPort().getValue(), Integer.valueOf(TCP_DST_LOWER_PORT));
// The layer3 match should be null
assertNull(matchBuilder.getLayer3Match());
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIpBuilder in project netvirt by opendaylight.
the class FlowClassifierTranslator method buildAcl.
public static Acl buildAcl(SfcFlowClassifier flowClassifier, String sfpName) {
LOG.info("OpenStack Networking SFC pushed Flow classifier : {}", flowClassifier);
AclBuilder aclBuilder = new AclBuilder();
AceBuilder aceBuilder = new AceBuilder();
ActionsBuilder actionsBuilder = new ActionsBuilder();
RedirectToSfcBuilder redirectToSfcBuilder = new RedirectToSfcBuilder();
NeutronPortsBuilder neutronPortsBuilder = new NeutronPortsBuilder();
AceIpBuilder aceIpBuilder = new AceIpBuilder();
DestinationPortRangeBuilder destinationPortRange = new DestinationPortRangeBuilder();
SourcePortRangeBuilder sourcePortRangeBuilder = new SourcePortRangeBuilder();
if (flowClassifier.getUuid() != null) {
if (flowClassifier.getName() != null) {
aclBuilder.setAclName(flowClassifier.getUuid().getValue() + "_" + flowClassifier.getName());
} else {
aclBuilder.setAclName(flowClassifier.getUuid().getValue());
}
}
if (flowClassifier.getEthertype() != null) {
IpPrefix sourceIp = null;
IpPrefix destinationIp = null;
if (flowClassifier.getSourceIpPrefix() != null) {
sourceIp = flowClassifier.getSourceIpPrefix();
}
if (flowClassifier.getDestinationIpPrefix() != null) {
destinationIp = flowClassifier.getDestinationIpPrefix();
}
if (flowClassifier.getEthertype() == EthertypeV4.class) {
AceIpv4Builder aceIpv4Builder = new AceIpv4Builder();
if (sourceIp != null && sourceIp.getIpv4Prefix() != null) {
aceIpv4Builder.setSourceIpv4Network(sourceIp.getIpv4Prefix());
}
if (destinationIp != null && destinationIp.getIpv4Prefix() != null) {
aceIpv4Builder.setDestinationIpv4Network(destinationIp.getIpv4Prefix());
}
aceIpBuilder.setAceIpVersion(aceIpv4Builder.build());
aclBuilder.setAclType(Ipv4Acl.class);
}
if (flowClassifier.getEthertype() == EthertypeV6.class) {
AceIpv6Builder aceIpv6Builder = new AceIpv6Builder();
if (sourceIp != null && sourceIp.getIpv6Prefix() != null) {
aceIpv6Builder.setSourceIpv6Network(sourceIp.getIpv6Prefix());
}
if (sourceIp != null && destinationIp.getIpv6Prefix() != null) {
aceIpv6Builder.setDestinationIpv6Network(destinationIp.getIpv6Prefix());
}
aceIpBuilder.setAceIpVersion(aceIpv6Builder.build());
aclBuilder.setAclType(Ipv6Acl.class);
}
}
if (flowClassifier.getProtocol() != null) {
if (flowClassifier.getProtocol() == ProtocolTcp.class) {
aceIpBuilder.setProtocol(PROTO_TCP);
}
if (flowClassifier.getProtocol() == ProtocolUdp.class) {
aceIpBuilder.setProtocol(PROTO_UDP);
}
}
if (flowClassifier.getSourcePortRangeMin() != null) {
sourcePortRangeBuilder.setLowerPort(new PortNumber(flowClassifier.getSourcePortRangeMin()));
// set source port range only if lower port is specified as it is a mandatory parameter in acl model
aceIpBuilder.setSourcePortRange(sourcePortRangeBuilder.build());
}
if (flowClassifier.getSourcePortRangeMax() != null) {
sourcePortRangeBuilder.setUpperPort(new PortNumber(flowClassifier.getSourcePortRangeMax()));
}
if (flowClassifier.getDestinationPortRangeMin() != null) {
destinationPortRange.setLowerPort(new PortNumber(flowClassifier.getDestinationPortRangeMin()));
// set destination port range only if lower port is specified as it is a mandatory parameter in acl model
aceIpBuilder.setDestinationPortRange(destinationPortRange.build());
}
if (flowClassifier.getDestinationPortRangeMax() != null) {
destinationPortRange.setUpperPort(new PortNumber(flowClassifier.getDestinationPortRangeMax()));
}
if (flowClassifier.getLogicalSourcePort() != null) {
neutronPortsBuilder.setSourcePortUuid(flowClassifier.getLogicalSourcePort().getValue());
}
if (flowClassifier.getLogicalDestinationPort() != null) {
neutronPortsBuilder.setDestinationPortUuid(flowClassifier.getLogicalDestinationPort().getValue());
}
// currently not supported.
// if (flowClassifier.getL7Parameter() != null) {
// }
MatchesBuilder matchesBuilder = new MatchesBuilder();
matchesBuilder.setAceType(aceIpBuilder.build());
matchesBuilder.addAugmentation(NeutronPorts.class, neutronPortsBuilder.build());
// Set redirect-to-rsp action if rsp name is provided
if (sfpName != null) {
redirectToSfcBuilder.setSfpName(sfpName);
actionsBuilder.addAugmentation(RedirectToSfc.class, redirectToSfcBuilder.build());
aceBuilder.setActions(actionsBuilder.build());
}
aceBuilder.setMatches(matchesBuilder.build());
// OpenStack networking-sfc don't pass action information
// with flow classifier. It need to be determined using the
// Port Chain data and then flow calssifier need to be updated
// with the actions.
aceBuilder.setRuleName(aclBuilder.getAclName() + RULE);
aceBuilder.setKey(new AceKey(aceBuilder.getRuleName()));
ArrayList<Ace> aceList = new ArrayList<>();
aceList.add(aceBuilder.build());
AccessListEntriesBuilder accessListEntriesBuilder = new AccessListEntriesBuilder();
accessListEntriesBuilder.setAce(aceList);
aclBuilder.setAccessListEntries(accessListEntriesBuilder.build());
aclBuilder.setKey(new AclKey(aclBuilder.getAclName(), aclBuilder.getAclType()));
LOG.info("Translated ACL Flow classfier : {}", aclBuilder.toString());
return aclBuilder.build();
}
Aggregations