use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid in project netvirt by opendaylight.
the class AclServiceTestBase method newInterfaceWithMultipleAcl.
@Test
public void newInterfaceWithMultipleAcl() throws Exception {
LOG.info("newInterfaceWithEtherTypeAcl - start");
newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2));
dataBrokerUtil.put(new IdentifiedSubnetIpPrefixBuilder().interfaceName(PORT_1).addAllIpPrefixOrAddress(Collections.singletonList(new IpPrefixOrAddress(SUBNET_IP_PREFIX_1.toCharArray()))));
dataBrokerUtil.put(new IdentifiedSubnetIpPrefixBuilder().interfaceName(PORT_2).addAllIpPrefixOrAddress(Collections.singletonList(new IpPrefixOrAddress(SUBNET_IP_PREFIX_1.toCharArray()))));
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_UNSPECIFIED, AclConstants.DEST_UPPER_PORT_UNSPECIFIED, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) -1);
dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1).newMatches(matches).newDirection(DirectionEgress.class).build());
matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_UNSPECIFIED, AclConstants.DEST_UPPER_PORT_UNSPECIFIED, AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED, (short) -1);
dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2).newMatches(matches).newDirection(DirectionIngress.class).newRemoteGroupId(new Uuid(SG_UUID_1)).build());
// When
putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
asyncEventsWaiter.awaitEventsConsumption();
// Then
newInterfaceWithEtherTypeAclCheck();
LOG.info("newInterfaceWithEtherTypeAcl - end");
// Given
matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_HTTP, AclConstants.DEST_UPPER_PORT_HTTP, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_TCP);
dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_2).newRuleName(SR_UUID_2_1).newMatches(matches).newDirection(DirectionEgress.class).newRemoteGroupId(new Uuid(SG_UUID_2)).build());
matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_HTTP, AclConstants.DEST_UPPER_PORT_HTTP, AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED, (short) NwConstants.IP_PROT_TCP);
dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_2).newRuleName(SR_UUID_2_2).newMatches(matches).newDirection(DirectionIngress.class).build());
List<String> sgList = new ArrayList<>();
sgList.add(SG_UUID_1);
sgList.add(SG_UUID_2);
newAllowedAddressPair(PORT_1, sgList, Collections.singletonList(AAP_PORT_1));
newAllowedAddressPair(PORT_2, sgList, Collections.singletonList(AAP_PORT_2));
asyncEventsWaiter.awaitEventsConsumption();
newInterfaceWithMultipleAclCheck();
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid in project netvirt by opendaylight.
the class AclServiceTestBase method newInterfaceWithUdpDstAcl.
@Test
public void newInterfaceWithUdpDstAcl() throws Exception {
LOG.info("newInterfaceWithUdpDstAcl - start");
newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2));
dataBrokerUtil.put(new IdentifiedSubnetIpPrefixBuilder().interfaceName(PORT_1).addAllIpPrefixOrAddress(Collections.singletonList(new IpPrefixOrAddress(SUBNET_IP_PREFIX_1.toCharArray()))));
dataBrokerUtil.put(new IdentifiedSubnetIpPrefixBuilder().interfaceName(PORT_2).addAllIpPrefixOrAddress(Collections.singletonList(new IpPrefixOrAddress(SUBNET_IP_PREFIX_1.toCharArray()))));
// Given
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_HTTP, AclConstants.DEST_UPPER_PORT_HTTP, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_UDP);
dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1).newMatches(matches).newDirection(DirectionEgress.class).build());
matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_HTTP, AclConstants.DEST_UPPER_PORT_HTTP, AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED, (short) NwConstants.IP_PROT_UDP);
dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2).newMatches(matches).newDirection(DirectionIngress.class).newRemoteGroupId(new Uuid(SG_UUID_1)).build());
// When
putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
asyncEventsWaiter.awaitEventsConsumption();
// Then
newInterfaceWithUdpDstAclCheck();
LOG.info("newInterfaceWithUdpDstAcl - end");
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid in project netvirt by opendaylight.
the class AclEventListener method updateAclCaches.
private void updateAclCaches(Acl aclBefore, Acl aclAfter, Collection<AclInterface> aclInterfaces, Class<? extends DirectionBase> direction) {
Uuid aclId = new Uuid(aclAfter.getAclName());
Set<Uuid> remoteAclsBefore = AclServiceUtils.getRemoteAclIdsByDirection(aclBefore, direction);
Set<Uuid> remoteAclsAfter = AclServiceUtils.getRemoteAclIdsByDirection(aclAfter, direction);
Set<Uuid> remoteAclsDeleted = new HashSet<>(remoteAclsBefore);
remoteAclsDeleted.removeAll(remoteAclsAfter);
for (Uuid remoteAcl : remoteAclsDeleted) {
aclDataUtil.removeRemoteAclId(remoteAcl, aclId, direction);
}
Set<Uuid> remoteAclsAdded = new HashSet<>(remoteAclsAfter);
remoteAclsAdded.removeAll(remoteAclsBefore);
for (Uuid remoteAcl : remoteAclsAdded) {
aclDataUtil.addRemoteAclId(remoteAcl, aclId, direction);
}
if (remoteAclsDeleted.isEmpty() && remoteAclsAdded.isEmpty()) {
return;
}
if (aclInterfaces != null) {
for (AclInterface aclInterface : aclInterfaces) {
AclInterface aclInterfaceInCache = aclInterfaceCache.addOrUpdate(aclInterface.getInterfaceId(), (prevAclInterface, builder) -> {
SortedSet<Integer> remoteAclTags = aclServiceUtils.getRemoteAclTags(aclInterface.getSecurityGroups(), direction);
if (DirectionEgress.class.equals(direction)) {
builder.egressRemoteAclTags(remoteAclTags);
} else {
builder.ingressRemoteAclTags(remoteAclTags);
}
});
aclDataUtil.addOrUpdateAclInterfaceMap(aclInterface.getSecurityGroups(), aclInterfaceInCache);
}
}
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid in project netvirt by opendaylight.
the class AclInterfaceStateListener method add.
@Override
protected void add(InstanceIdentifier<Interface> key, Interface added) {
if (!L2vlan.class.equals(added.getType())) {
return;
}
org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface iface;
iface = interfaceManager.getInterfaceInfoFromConfigDataStore(added.getName());
if (iface == null) {
LOG.error("No interface with name {} available in interfaceConfig, servicing interfaceState ADD" + "for ACL failed", added.getName());
return;
}
InterfaceAcl aclInPort = iface.getAugmentation(InterfaceAcl.class);
if (aclInPort == null) {
LOG.trace("Interface {} is not an ACL Interface, ignoring ADD interfaceState event", added.getName());
return;
}
AclInterface aclInterface = aclInterfaceCache.addOrUpdate(added.getName(), (prevAclInterface, builder) -> {
builder.dpId(AclServiceUtils.getDpIdFromIterfaceState(added)).lPortTag(added.getIfIndex()).isMarkedForDelete(false);
if (AclServiceUtils.isOfInterest(prevAclInterface)) {
if (prevAclInterface.getSubnetIpPrefixes() == null) {
// For upgrades
List<IpPrefixOrAddress> subnetIpPrefixes = AclServiceUtils.getSubnetIpPrefixes(dataBroker, added.getName());
builder.subnetIpPrefixes(subnetIpPrefixes);
}
SortedSet<Integer> ingressRemoteAclTags = aclServiceUtils.getRemoteAclTags(aclInPort.getSecurityGroups(), DirectionIngress.class);
SortedSet<Integer> egressRemoteAclTags = aclServiceUtils.getRemoteAclTags(aclInPort.getSecurityGroups(), DirectionEgress.class);
builder.ingressRemoteAclTags(ingressRemoteAclTags).egressRemoteAclTags(egressRemoteAclTags);
}
});
if (AclServiceUtils.isOfInterest(aclInterface)) {
List<Uuid> aclList = aclInterface.getSecurityGroups();
if (aclList != null) {
aclDataUtil.addAclInterfaceMap(aclList, aclInterface);
}
if (aclInterface.getElanId() == null) {
LOG.debug("On Add event, skip ADD since ElanId is not updated");
return;
}
if (aclClusterUtil.isEntityOwner()) {
LOG.debug("On add event, notify ACL service manager to add ACL for interface: {}", aclInterface);
aclServiceManger.notify(aclInterface, null, Action.BIND);
if (aclList != null) {
aclServiceUtils.addAclPortsLookup(aclInterface, aclList, aclInterface.getAllowedAddressPairs());
}
aclServiceManger.notify(aclInterface, null, Action.ADD);
}
}
}
use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid in project netvirt by opendaylight.
the class AclDataUtil method getRemoteAclInterfaces.
/**
* Gets the set of ACL interfaces per ACL (in a map) which has specified
* remote ACL ID.
*
* @param remoteAclId the remote acl id
* @param direction the direction
* @return the set of ACL interfaces per ACL (in a map) which has specified
* remote ACL ID.
*/
public Map<String, Set<AclInterface>> getRemoteAclInterfaces(Uuid remoteAclId, Class<? extends DirectionBase> direction) {
Collection<Uuid> remoteAclList = getRemoteAcl(remoteAclId, direction);
if (remoteAclList == null) {
return null;
}
Map<String, Set<AclInterface>> mapOfAclWithInterfaces = new HashMap<>();
for (Uuid acl : remoteAclList) {
Set<AclInterface> interfaceSet = new HashSet<>();
Collection<AclInterface> interfaces = getInterfaceList(acl);
if (interfaces != null && !interfaces.isEmpty()) {
interfaceSet.addAll(interfaces);
mapOfAclWithInterfaces.put(acl.getValue(), interfaceSet);
}
}
return mapOfAclWithInterfaces;
}
Aggregations