Search in sources :

Example 11 with Protocol

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.Protocol in project netvirt by opendaylight.

the class NaptEventHandler method buildAndGetSetActionInstructionInfo.

@NonNull
private static List<InstructionInfo> buildAndGetSetActionInstructionInfo(String ipAddress, int port, Uint32 segmentId, Uint32 vpnId, short tableId, NAPTEntryEvent.Protocol protocol, String extGwMacAddress) {
    ActionInfo ipActionInfo = null;
    ActionInfo macActionInfo = null;
    ActionInfo portActionInfo = null;
    ArrayList<ActionInfo> listActionInfo = new ArrayList<>();
    ArrayList<InstructionInfo> instructionInfo = new ArrayList<>();
    switch(tableId) {
        case NwConstants.OUTBOUND_NAPT_TABLE:
            ipActionInfo = new ActionSetSourceIp(ipAddress);
            // Added External Gateway MAC Address
            macActionInfo = new ActionSetFieldEthernetSource(new MacAddress(extGwMacAddress));
            if (protocol == NAPTEntryEvent.Protocol.TCP) {
                portActionInfo = new ActionSetTcpSourcePort(port);
            } else if (protocol == NAPTEntryEvent.Protocol.UDP) {
                portActionInfo = new ActionSetUdpSourcePort(port);
            }
            // reset the split-horizon bit to allow traffic from tunnel to be sent back to the provider port
            instructionInfo.add(new InstructionWriteMetadata(MetaDataUtil.getVpnIdMetadata(vpnId.longValue()), Uint64.fromLongBits(MetaDataUtil.METADATA_MASK_VRFID.longValue() | MetaDataUtil.METADATA_MASK_SH_FLAG.longValue())));
            break;
        case NwConstants.INBOUND_NAPT_TABLE:
            ipActionInfo = new ActionSetDestinationIp(ipAddress);
            if (protocol == NAPTEntryEvent.Protocol.TCP) {
                portActionInfo = new ActionSetTcpDestinationPort(port);
            } else if (protocol == NAPTEntryEvent.Protocol.UDP) {
                portActionInfo = new ActionSetUdpDestinationPort(port);
            }
            instructionInfo.add(new InstructionWriteMetadata(MetaDataUtil.getVpnIdMetadata(segmentId.longValue()), MetaDataUtil.METADATA_MASK_VRFID));
            break;
        default:
            LOG.error("buildAndGetSetActionInstructionInfo : Neither OUTBOUND_NAPT_TABLE nor " + "INBOUND_NAPT_TABLE matches with input table id {}", tableId);
            return Collections.emptyList();
    }
    listActionInfo.add(ipActionInfo);
    listActionInfo.add(portActionInfo);
    if (macActionInfo != null) {
        listActionInfo.add(macActionInfo);
        LOG.debug("buildAndGetSetActionInstructionInfo : External GW MAC Address {} is found  ", macActionInfo);
    }
    instructionInfo.add(new InstructionApplyActions(listActionInfo));
    instructionInfo.add(new InstructionGotoTable(NwConstants.NAPT_PFIB_TABLE));
    return instructionInfo;
}
Also used : ActionSetUdpSourcePort(org.opendaylight.genius.mdsalutil.actions.ActionSetUdpSourcePort) InstructionGotoTable(org.opendaylight.genius.mdsalutil.instructions.InstructionGotoTable) ArrayList(java.util.ArrayList) ActionSetSourceIp(org.opendaylight.genius.mdsalutil.actions.ActionSetSourceIp) ActionInfo(org.opendaylight.genius.mdsalutil.ActionInfo) MacAddress(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress) ActionSetTcpSourcePort(org.opendaylight.genius.mdsalutil.actions.ActionSetTcpSourcePort) ActionSetFieldEthernetSource(org.opendaylight.genius.mdsalutil.actions.ActionSetFieldEthernetSource) InstructionInfo(org.opendaylight.genius.mdsalutil.InstructionInfo) ActionSetUdpDestinationPort(org.opendaylight.genius.mdsalutil.actions.ActionSetUdpDestinationPort) InstructionWriteMetadata(org.opendaylight.genius.mdsalutil.instructions.InstructionWriteMetadata) ActionSetDestinationIp(org.opendaylight.genius.mdsalutil.actions.ActionSetDestinationIp) ActionSetTcpDestinationPort(org.opendaylight.genius.mdsalutil.actions.ActionSetTcpDestinationPort) InstructionApplyActions(org.opendaylight.genius.mdsalutil.instructions.InstructionApplyActions) NonNull(org.eclipse.jdt.annotation.NonNull)

Example 12 with Protocol

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.Protocol in project netvirt by opendaylight.

the class NaptManager method checkIpPortMap.

@Nullable
private SessionAddress checkIpPortMap(Uint32 segmentId, String internalIpPort, NAPTEntryEvent.Protocol protocol) {
    LOG.debug("checkIpPortMap : called with segmentId {} and internalIpPort {}", segmentId, internalIpPort);
    ProtocolTypes protocolType = NatUtil.getProtocolType(protocol);
    // check if ip-port-map node is there
    InstanceIdentifierBuilder<IpPortMap> idBuilder = InstanceIdentifier.builder(IntextIpPortMap.class).child(IpPortMapping.class, new IpPortMappingKey(segmentId)).child(IntextIpProtocolType.class, new IntextIpProtocolTypeKey(protocolType)).child(IpPortMap.class, new IpPortMapKey(internalIpPort));
    InstanceIdentifier<IpPortMap> id = idBuilder.build();
    Optional<IpPortMap> ipPortMapType = Optional.empty();
    try {
        ipPortMapType = SingleTransactionDataBroker.syncReadOptional(dataBroker, LogicalDatastoreType.CONFIGURATION, id);
    } catch (ExecutionException | InterruptedException e) {
        LOG.error("checkIpPortMap: Exception while reading IpMap DS for the segmentId {} " + "internalIpPort {} protocol {}", segmentId, internalIpPort, protocol, e);
    }
    if (ipPortMapType.isPresent()) {
        LOG.debug("checkIpPortMap : {}", ipPortMapType.get());
        SessionAddress externalIpPort = new SessionAddress(ipPortMapType.get().getIpPortExternal().getIpAddress(), ipPortMapType.get().getIpPortExternal().getPortNum().toJava());
        LOG.debug("checkIpPortMap : returning successfully externalIP {} and port {}", externalIpPort.getIpAddress(), externalIpPort.getPortNumber());
        return externalIpPort;
    }
    // return null if not found
    LOG.warn("checkIpPortMap : no-entry in checkIpPortMap, returning NULL [should be OK] for " + "segmentId {} and internalIPPort {}", segmentId, internalIpPort);
    return null;
}
Also used : IpPortMappingKey(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.intext.ip.port.map.IpPortMappingKey) IntextIpPortMap(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.IntextIpPortMap) IntextIpProtocolTypeKey(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.intext.ip.port.map.ip.port.mapping.IntextIpProtocolTypeKey) SnatintIpPortMap(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.SnatintIpPortMap) IntextIpPortMap(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.IntextIpPortMap) IpPortMap(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.intext.ip.port.map.ip.port.mapping.intext.ip.protocol.type.IpPortMap) IpPortMapKey(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.intext.ip.port.map.ip.port.mapping.intext.ip.protocol.type.IpPortMapKey) IntextIpProtocolType(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.intext.ip.port.map.ip.port.mapping.IntextIpProtocolType) ProtocolTypes(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.ProtocolTypes) UncheckedExecutionException(com.google.common.util.concurrent.UncheckedExecutionException) ExecutionException(java.util.concurrent.ExecutionException) Nullable(org.eclipse.jdt.annotation.Nullable)

Example 13 with Protocol

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.Protocol in project netvirt by opendaylight.

the class NaptManager method getExternalAddressMapping.

/**
 * method to get external ip/port mapping when provided with internal ip/port pair
 * If already a mapping exist for the given input, then the existing mapping is returned
 * instead of overwriting with new ip/port pair.
 *
 * @param segmentId     - Router ID
 * @param sourceAddress - internal ip address/port pair
 * @param protocol      - TCP/UDP
 * @return external ip address/port
 */
// TODO Clean up the exception handling
@SuppressWarnings("checkstyle:IllegalCatch")
@Nullable
public SessionAddress getExternalAddressMapping(Uint32 segmentId, SessionAddress sourceAddress, NAPTEntryEvent.Protocol protocol) {
    LOG.debug("getExternalAddressMapping : called with segmentId {}, internalIp {} and port {}", segmentId, sourceAddress.getIpAddress(), sourceAddress.getPortNumber());
    /*
         1. Get Internal IP, Port in IP:Port format
         2. Inside DB with routerId get the list of entries and check if it matches with existing IP:Port
         3. If True return SessionAddress of ExternalIp and Port
         4. Else check ip Map and Form the ExternalIp and Port and update DB and then return ExternalIp and Port
         */
    // SessionAddress externalIpPort = new SessionAddress();
    String internalIpPort = sourceAddress.getIpAddress() + ":" + sourceAddress.getPortNumber();
    // First check existing Port Map.
    SessionAddress existingIpPort = checkIpPortMap(segmentId, internalIpPort, protocol);
    if (existingIpPort != null) {
        // populate externalIpPort from IpPortMap and return
        LOG.debug("getExternalAddressMapping : successfully returning existingIpPort as {} and {}", existingIpPort.getIpAddress(), existingIpPort.getPortNumber());
        return existingIpPort;
    }
    // Now check in ip-map
    String externalIp = checkIpMap(segmentId, sourceAddress.getIpAddress());
    if (externalIp == null) {
        LOG.error("getExternalAddressMapping : Unexpected error, internal to external " + "ip map does not exist");
        return null;
    }
    /* Logic assuming internalIp is always ip and not subnet
         * case 1: externalIp is ip
         *        a) goto externalIp pool and getPort and return
         *        b) else return error
         * case 2: externalIp is subnet
         *        a) Take first externalIp and goto that Pool and getPort
         *             if port -> return
         *             else Take second externalIp and create that Pool and getPort
         *             if port ->return
         *             else
         *             Continue same with third externalIp till we exhaust subnet
         *        b) Nothing worked return error
         */
    SubnetUtils externalIpSubnet;
    List<String> allIps = new ArrayList<>();
    String subnetPrefix = "/" + String.valueOf(NatConstants.DEFAULT_PREFIX);
    boolean extSubnetFlag = false;
    if (!externalIp.contains(subnetPrefix)) {
        extSubnetFlag = true;
        externalIpSubnet = new SubnetUtils(externalIp);
        allIps = Arrays.asList(externalIpSubnet.getInfo().getAllAddresses());
        LOG.debug("getExternalAddressMapping : total count of externalIps available {}", externalIpSubnet.getInfo().getAddressCount());
    } else {
        LOG.debug("getExternalAddressMapping : getExternalAddress single ip case");
        if (externalIp.contains(subnetPrefix)) {
            // remove /32 what we got from checkIpMap
            externalIp = externalIp.substring(0, externalIp.indexOf(subnetPrefix));
        }
        allIps.add(externalIp);
    }
    boolean nextExtIpFlag = false;
    for (String extIp : allIps) {
        LOG.info("getExternalAddressMapping : Looping externalIPs with externalIP now as {}", extIp);
        if (nextExtIpFlag) {
            createNaptPortPool(extIp);
            LOG.debug("getExternalAddressMapping : Created Pool for next Ext IP {}", extIp);
        }
        Uint32 extPort = NatUtil.getUniqueId(idManager, extIp, internalIpPort);
        if (extPort == NatConstants.INVALID_ID) {
            LOG.error("getExternalAddressMapping : getExternalAddressMapping, idManager could not " + "allocate id retry if subnet");
            if (!extSubnetFlag) {
                LOG.error("getExternalAddressMapping : getExternalAddressMapping returning null " + "for single IP case, may be ports exhausted");
                return null;
            }
            LOG.debug("getExternalAddressMapping : Could be ports exhausted case, " + "try with another externalIP if possible");
            nextExtIpFlag = true;
            continue;
        }
        // Write to ip-port-map before returning
        IpPortExternalBuilder ipExt = new IpPortExternalBuilder();
        IpPortExternal ipPortExt = ipExt.setIpAddress(extIp).setPortNum(extPort.intValue()).build();
        IpPortMap ipm = new IpPortMapBuilder().withKey(new IpPortMapKey(internalIpPort)).setIpPortInternal(internalIpPort).setIpPortExternal(ipPortExt).build();
        LOG.debug("getExternalAddressMapping : writing into ip-port-map with " + "externalIP {} and port {}", ipPortExt.getIpAddress(), ipPortExt.getPortNum());
        try {
            MDSALUtil.syncWrite(dataBroker, LogicalDatastoreType.CONFIGURATION, getIpPortMapIdentifier(segmentId, internalIpPort, protocol), ipm);
        } catch (UncheckedExecutionException uee) {
            LOG.error("getExternalAddressMapping : Failed to write into ip-port-map with exception", uee);
        }
        // Write to snat-internal-ip-port-info
        String internalIpAddress = sourceAddress.getIpAddress();
        int ipPort = sourceAddress.getPortNumber();
        ProtocolTypes protocolType = NatUtil.getProtocolType(protocol);
        final ReentrantLock lock = lockFor(segmentId, internalIpAddress, protocolType);
        lock.lock();
        try {
            List<Uint16> portList = new ArrayList<>(NatUtil.getInternalIpPortListInfo(dataBroker, segmentId, internalIpAddress, protocolType));
            portList.add(Uint16.valueOf(ipPort));
            IntIpProtoTypeBuilder builder = new IntIpProtoTypeBuilder();
            IntIpProtoType intIpProtocolType = builder.withKey(new IntIpProtoTypeKey(protocolType)).setPorts(portList).build();
            try {
                MDSALUtil.syncWrite(dataBroker, LogicalDatastoreType.CONFIGURATION, NatUtil.buildSnatIntIpPortIdentifier(segmentId, internalIpAddress, protocolType), intIpProtocolType);
            } catch (Exception ex) {
                LOG.error("getExternalAddressMapping : Failed to write into snat-internal-ip-port-info " + "with exception", ex);
            }
        } finally {
            lock.unlock();
        }
        SessionAddress externalIpPort = new SessionAddress(extIp, extPort.intValue());
        LOG.debug("getExternalAddressMapping : successfully returning externalIP {} " + "and port {}", externalIpPort.getIpAddress(), externalIpPort.getPortNumber());
        return externalIpPort;
    }
    // end of for loop
    LOG.error("getExternalAddressMapping : Unable to handle external IP address and port mapping with segmentId {}," + "internalIp {} and internalPort {}", segmentId, sourceAddress.getIpAddress(), sourceAddress.getPortNumber());
    return null;
}
Also used : ReentrantLock(java.util.concurrent.locks.ReentrantLock) IntIpProtoTypeKey(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.snatint.ip.port.map.intip.port.map.ip.port.IntIpProtoTypeKey) SubnetUtils(org.apache.commons.net.util.SubnetUtils) UncheckedExecutionException(com.google.common.util.concurrent.UncheckedExecutionException) ArrayList(java.util.ArrayList) IntIpProtoTypeBuilder(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.snatint.ip.port.map.intip.port.map.ip.port.IntIpProtoTypeBuilder) UncheckedExecutionException(com.google.common.util.concurrent.UncheckedExecutionException) ExecutionException(java.util.concurrent.ExecutionException) IpPortExternalBuilder(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.intext.ip.port.map.ip.port.mapping.intext.ip.protocol.type.ip.port.map.IpPortExternalBuilder) IpPortMapBuilder(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.intext.ip.port.map.ip.port.mapping.intext.ip.protocol.type.IpPortMapBuilder) SnatintIpPortMap(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.SnatintIpPortMap) IntextIpPortMap(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.IntextIpPortMap) IpPortMap(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.intext.ip.port.map.ip.port.mapping.intext.ip.protocol.type.IpPortMap) IpPortMapKey(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.intext.ip.port.map.ip.port.mapping.intext.ip.protocol.type.IpPortMapKey) ProtocolTypes(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.ProtocolTypes) Uint16(org.opendaylight.yangtools.yang.common.Uint16) IntIpProtoType(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.snatint.ip.port.map.intip.port.map.ip.port.IntIpProtoType) IpPortExternal(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.intext.ip.port.map.ip.port.mapping.intext.ip.protocol.type.ip.port.map.IpPortExternal) Uint32(org.opendaylight.yangtools.yang.common.Uint32) Nullable(org.eclipse.jdt.annotation.Nullable)

Example 14 with Protocol

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.Protocol in project netvirt by opendaylight.

the class NaptFlowRemovedEventHandler method onFlowRemoved.

@Override
public void onFlowRemoved(FlowRemoved flowRemoved) {
    /*
        If the removed flow is from the OUTBOUND NAPT table :
        1) Get the ActionInfo of the flow.
        2) From the ActionInfo of the flow get the internal IP address, port and the protocol.
        3) Get the Metadata matching info of the flow.
        4) From the Metadata matching info of the flow get router ID.
        5) Querry the container intext-ip-port-map using the router ID
           and the internal IP address, port to get the external IP address, port
        6) Instantiate an NaptEntry event and populate the external IP address, port and the router ID.
        7) Place the NaptEntry event to the queue.
*/
    short tableId = flowRemoved.getTableId().toJava();
    RemovedFlowReason removedReasonFlag = flowRemoved.getReason();
    if (tableId == NwConstants.OUTBOUND_NAPT_TABLE && RemovedFlowReason.OFPRRIDLETIMEOUT.equals(removedReasonFlag)) {
        LOG.info("onFlowRemoved : triggered for table-{} entry", tableId);
        // Get the internal internal IP address and the port number from the IPv4 match.
        Ipv4Prefix internalIpv4Address = null;
        Layer3Match layer3Match = flowRemoved.getMatch().getLayer3Match();
        if (layer3Match instanceof Ipv4Match) {
            Ipv4Match internalIpv4Match = (Ipv4Match) layer3Match;
            internalIpv4Address = internalIpv4Match.getIpv4Source();
        }
        if (internalIpv4Address == null) {
            LOG.error("onFlowRemoved : Matching internal IP is null while retrieving the " + "value from the Outbound NAPT flow");
            return;
        }
        // Get the internal IP as a string
        String internalIpv4AddressAsString = internalIpv4Address.getValue();
        String[] internalIpv4AddressParts = internalIpv4AddressAsString.split("/");
        String internalIpv4HostAddress = null;
        if (internalIpv4AddressParts.length >= 1) {
            internalIpv4HostAddress = internalIpv4AddressParts[0];
        }
        // Get the protocol from the layer4 match
        NAPTEntryEvent.Protocol protocol = null;
        Integer internalPortNumber = null;
        Layer4Match layer4Match = flowRemoved.getMatch().getLayer4Match();
        if (layer4Match instanceof TcpMatch) {
            TcpMatchFields tcpMatchFields = (TcpMatchFields) layer4Match;
            internalPortNumber = tcpMatchFields.getTcpSourcePort().getValue().toJava();
            protocol = NAPTEntryEvent.Protocol.TCP;
        } else if (layer4Match instanceof UdpMatch) {
            UdpMatchFields udpMatchFields = (UdpMatchFields) layer4Match;
            internalPortNumber = udpMatchFields.getUdpSourcePort().getValue().toJava();
            protocol = NAPTEntryEvent.Protocol.UDP;
        }
        if (protocol == null) {
            LOG.error("onFlowRemoved : Matching protocol is null while retrieving the value " + "from the Outbound NAPT flow");
            return;
        }
        // Get the router ID from the metadata.
        Uint32 routerId;
        Uint64 metadata = flowRemoved.getMatch().getMetadata().getMetadata();
        if (MetaDataUtil.getNatRouterIdFromMetadata(metadata) != 0) {
            routerId = Uint32.valueOf(MetaDataUtil.getNatRouterIdFromMetadata(metadata));
        } else {
            LOG.error("onFlowRemoved : Null exception while retrieving routerId");
            return;
        }
        String flowDpn = NatUtil.getDpnFromNodeRef(flowRemoved.getNode());
        NAPTEntryEvent naptEntryEvent = new NAPTEntryEvent(internalIpv4HostAddress, internalPortNumber, flowDpn, routerId, NAPTEntryEvent.Operation.DELETE, protocol);
        naptEventdispatcher.addFlowRemovedNaptEvent(naptEntryEvent);
    } else {
        LOG.debug("onFlowRemoved : Received flow removed notification due to flowdelete from switch for flowref");
    }
}
Also used : Layer3Match(org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.Layer3Match) UdpMatchFields(org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.UdpMatchFields) Ipv4Match(org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv4Match) TcpMatchFields(org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.TcpMatchFields) RemovedFlowReason(org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.RemovedFlowReason) TcpMatch(org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._4.match.TcpMatch) Layer4Match(org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.Layer4Match) UdpMatch(org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._4.match.UdpMatch) Ipv4Prefix(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Prefix) Uint32(org.opendaylight.yangtools.yang.common.Uint32) Uint64(org.opendaylight.yangtools.yang.common.Uint64)

Example 15 with Protocol

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.Protocol in project netvirt by opendaylight.

the class AclServiceOFFlowBuilder method programIcmpFlow.

/**
 *Converts icmp matches to flows.
 * @param acl the access control list
 * @return the map containing the flows and the respective flow id
 */
public static Map<String, List<MatchInfoBase>> programIcmpFlow(AceIp acl) {
    List<MatchInfoBase> flowMatches = new ArrayList<>();
    flowMatches.addAll(addSrcIpMatches(acl));
    flowMatches.addAll(addDstIpMatches(acl));
    // For ICMP port range indicates type and code
    SourcePortRange sourcePortRange = acl.getSourcePortRange();
    String flowId = "ICMP_";
    if (sourcePortRange != null) {
        if (acl.getAceIpVersion() instanceof AceIpv4) {
            flowMatches.add(new MatchIcmpv4(sourcePortRange.getLowerPort().getValue().shortValue(), sourcePortRange.getUpperPort().getValue().shortValue()));
            flowId = flowId + "V4_SOURCE_" + sourcePortRange.getLowerPort().getValue() + sourcePortRange.getUpperPort().getValue();
        } else if (acl.getAceIpVersion() instanceof AceIpv6) {
            flowMatches.add(new MatchIcmpv6(sourcePortRange.getLowerPort().getValue().shortValue(), sourcePortRange.getUpperPort().getValue().shortValue()));
            flowId = flowId + "V6_SOURCE_" + sourcePortRange.getLowerPort().getValue() + "_" + sourcePortRange.getUpperPort().getValue() + "_";
        }
    }
    DestinationPortRange destinationPortRange = acl.getDestinationPortRange();
    if (destinationPortRange != null) {
        if (acl.getAceIpVersion() instanceof AceIpv4) {
            flowMatches.add(new MatchIcmpv4(destinationPortRange.getLowerPort().getValue().shortValue(), destinationPortRange.getUpperPort().getValue().shortValue()));
            flowId = flowId + "V4_DESTINATION_" + destinationPortRange.getLowerPort().getValue() + destinationPortRange.getUpperPort().getValue() + "_";
        } else if (acl.getAceIpVersion() instanceof AceIpv6) {
            flowMatches.add(new MatchIcmpv6(destinationPortRange.getLowerPort().getValue().shortValue(), destinationPortRange.getUpperPort().getValue().shortValue()));
            flowId = flowId + "V6_DESTINATION_" + destinationPortRange.getLowerPort().getValue() + destinationPortRange.getUpperPort().getValue() + "_";
        }
    }
    if (acl.getAceIpVersion() instanceof AceIpv6 && acl.getProtocol().toJava() == NwConstants.IP_PROT_ICMP) {
        // We are aligning our implementation similar to Neutron Firewall driver where a Security
        // Group rule with "Ethertype as IPv6 and Protocol as icmp" is treated as ICMPV6 SG Rule.
        flowMatches.add(new MatchIpProtocol(AclConstants.IP_PROT_ICMPV6));
    } else {
        flowMatches.add(new MatchIpProtocol(acl.getProtocol().toJava()));
    }
    Map<String, List<MatchInfoBase>> flowMatchesMap = new HashMap<>();
    flowMatchesMap.put(flowId, flowMatches);
    return flowMatchesMap;
}
Also used : SourcePortRange(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160218.acl.transport.header.fields.SourcePortRange) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) MatchIpProtocol(org.opendaylight.genius.mdsalutil.matches.MatchIpProtocol) DestinationPortRange(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160218.acl.transport.header.fields.DestinationPortRange) MatchIcmpv4(org.opendaylight.genius.mdsalutil.matches.MatchIcmpv4) MatchIcmpv6(org.opendaylight.genius.mdsalutil.matches.MatchIcmpv6) ArrayList(java.util.ArrayList) List(java.util.List) AceIpv6(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.ace.ip.version.AceIpv6) MatchInfoBase(org.opendaylight.genius.mdsalutil.MatchInfoBase) AceIpv4(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.ace.ip.version.AceIpv4)

Aggregations

ArrayList (java.util.ArrayList)18 Uint32 (org.opendaylight.yangtools.yang.common.Uint32)16 Test (org.junit.Test)15 ProtocolTypes (org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.ProtocolTypes)14 ExecutionException (java.util.concurrent.ExecutionException)11 IpPortMap (org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.intext.ip.port.map.ip.port.mapping.intext.ip.protocol.type.IpPortMap)11 Uint64 (org.opendaylight.yangtools.yang.common.Uint64)11 IntextIpPortMap (org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.IntextIpPortMap)10 Uint16 (org.opendaylight.yangtools.yang.common.Uint16)10 Ipv4Prefix (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Prefix)9 PortNumber (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber)9 Uint8 (org.opendaylight.yangtools.yang.common.Uint8)8 IntextIpProtocolType (org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.intext.ip.port.map.ip.port.mapping.IntextIpProtocolType)7 List (java.util.List)6 Nullable (org.eclipse.jdt.annotation.Nullable)6 AceIpBuilder (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIpBuilder)6 Ipv4Address (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Address)6 Ipv4Match (org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv4Match)6 TcpMatch (org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._4.match.TcpMatch)6 UdpMatch (org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._4.match.UdpMatch)6