use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.ace.ip.version.AceIpv4 in project netvirt by opendaylight.
the class AclMatchesTest method invertIpv4MatchTest.
@Test
public void invertIpv4MatchTest() {
AceIpBuilder aceIpBuilder = new AceIpBuilder();
aceIpBuilder.setProtocol(IPProtocols.UDP.shortValue());
aceIpBuilder.setDscp(new Dscp(DSCP_VALUE));
DestinationPortRangeBuilder dstPortRange = new DestinationPortRangeBuilder();
dstPortRange.setLowerPort(new PortNumber(UDP_DST_LOWER_PORT));
dstPortRange.setUpperPort(new PortNumber(UDP_DST_UPPER_PORT));
DestinationPortRange destinationPortRange = dstPortRange.build();
aceIpBuilder.setDestinationPortRange(destinationPortRange);
AceIpv4Builder aceIpv4Builder = new AceIpv4Builder();
aceIpv4Builder.setDestinationIpv4Network(new Ipv4Prefix(IPV4_DST_STR));
aceIpv4Builder.setSourceIpv4Network(new Ipv4Prefix(IPV4_SRC_STR));
AceIpv4 aceIpv4 = aceIpv4Builder.build();
aceIpBuilder.setAceIpVersion(aceIpv4);
MatchesBuilder matchesBuilder = new MatchesBuilder();
AceIp aceIp = aceIpBuilder.build();
matchesBuilder.setAceType(aceIp);
Matches matches = matchesBuilder.build();
Matches invertedMatches = AclMatches.invertMatches(matches);
assertNotEquals(matches, invertedMatches);
AceIp invertedAceIp = (AceIp) invertedMatches.getAceType();
assertEquals(invertedAceIp.getDscp(), aceIp.getDscp());
assertEquals(invertedAceIp.getProtocol(), aceIp.getProtocol());
DestinationPortRange invertedDestinationPortRange = invertedAceIp.getDestinationPortRange();
assertNull(invertedDestinationPortRange);
SourcePortRange invertedSourcePortRange = invertedAceIp.getSourcePortRange();
assertEquals(invertedSourcePortRange.getLowerPort(), destinationPortRange.getLowerPort());
assertEquals(invertedSourcePortRange.getUpperPort(), destinationPortRange.getUpperPort());
AceIpv4 invertedAceIpv4 = (AceIpv4) invertedAceIp.getAceIpVersion();
assertEquals(invertedAceIpv4.getDestinationIpv4Network(), aceIpv4.getSourceIpv4Network());
assertEquals(invertedAceIpv4.getSourceIpv4Network(), aceIpv4.getDestinationIpv4Network());
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.ace.ip.version.AceIpv4 in project netvirt by opendaylight.
the class AclServiceOFFlowBuilder method programOtherProtocolFlow.
/**
* Converts generic protocol matches to flows.
*
* @param acl the access control list
* @return the map containing the flows and the respective flow id
*/
public static Map<String, List<MatchInfoBase>> programOtherProtocolFlow(AceIp acl) {
List<MatchInfoBase> flowMatches = new ArrayList<>();
flowMatches.addAll(addSrcIpMatches(acl));
flowMatches.addAll(addDstIpMatches(acl));
if (acl.getAceIpVersion() instanceof AceIpv4) {
flowMatches.add(MatchEthernetType.IPV4);
} else if (acl.getAceIpVersion() instanceof AceIpv6) {
flowMatches.add(MatchEthernetType.IPV6);
}
flowMatches.add(new MatchIpProtocol(acl.getProtocol()));
String flowId = "OTHER_PROTO" + acl.getProtocol();
Map<String, List<MatchInfoBase>> flowMatchesMap = new HashMap<>();
flowMatchesMap.put(flowId, flowMatches);
return flowMatchesMap;
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.ace.ip.version.AceIpv4 in project netvirt by opendaylight.
the class AclServiceOFFlowBuilder method addSrcIpMatches.
/**
* Adds source ip matches to the flows.
* @param acl the access control list
* @return the list of flows.
*/
public static List<MatchInfoBase> addSrcIpMatches(AceIp acl) {
List<MatchInfoBase> flowMatches = new ArrayList<>();
if (acl.getAceIpVersion() instanceof AceIpv4) {
flowMatches.add(MatchEthernetType.IPV4);
Ipv4Prefix srcNetwork = ((AceIpv4) acl.getAceIpVersion()).getSourceIpv4Network();
if (null != srcNetwork && !srcNetwork.getValue().equals(AclConstants.IPV4_ALL_NETWORK)) {
flowMatches.add(new MatchIpv4Source(srcNetwork));
}
} else if (acl.getAceIpVersion() instanceof AceIpv6) {
flowMatches.add(MatchEthernetType.IPV6);
Ipv6Prefix srcNetwork = ((AceIpv6) acl.getAceIpVersion()).getSourceIpv6Network();
if (null != srcNetwork && !srcNetwork.getValue().equals(AclConstants.IPV6_ALL_NETWORK)) {
flowMatches.add(new MatchIpv6Source(srcNetwork));
}
}
return flowMatches;
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.ace.ip.version.AceIpv4 in project netvirt by opendaylight.
the class AbstractAclServiceImpl method programAclForExistingTrafficTable.
private void programAclForExistingTrafficTable(AclInterface port, Ace ace, int addOrRemove, String flowName, List<MatchInfoBase> matches, Integer priority) {
AceIp acl = (AceIp) ace.getMatches().getAceType();
final String newFlowName = flowName + this.directionString + "_" + port.getDpId() + "_" + port.getLPortTag() + "_" + ((acl.getAceIpVersion() instanceof AceIpv4) ? "_IPv4" : "_IPv6") + "_FlowAfterRuleDeleted";
final List<MatchInfoBase> newMatches = matches.stream().filter(obj -> !(obj instanceof NxMatchCtState || obj instanceof MatchMetadata)).collect(Collectors.toList());
newMatches.add(AclServiceUtils.buildLPortTagMatch(port.getLPortTag(), serviceMode));
newMatches.add(new NxMatchCtState(AclConstants.TRACKED_RPL_CT_STATE, AclConstants.TRACKED_RPL_CT_STATE_MASK));
List<InstructionInfo> instructions = AclServiceUtils.createCtMarkInstructionForNewState(getAclFilterCumDispatcherTable(), port.getElanId());
// Reversing the flow add/delete operation for this table.
int operation = (addOrRemove == NwConstants.ADD_FLOW) ? NwConstants.DEL_FLOW : NwConstants.ADD_FLOW;
syncFlow(port.getDpId(), getAclForExistingTrafficTable(), newFlowName, priority, "ACL", 0, AclServiceUtils.getHardTimoutForApplyStatefulChangeOnExistingTraffic(ace, aclServiceUtils), AclConstants.COOKIE_ACL_BASE, newMatches, instructions, operation);
}
Aggregations