Examples with IpPrefixOrAddress org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress used on opensource projects

Example 26 with IpPrefixOrAddress

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress in project netvirt by opendaylight.

the class EgressAclServiceImpl method programArpRule.

/**
 * Adds the rule to allow arp packets.
 *
 * @param dpId the dpId
 * @param allowedAddresses the allowed addresses
 * @param lportTag the lport tag
 * @param addOrRemove whether to add or remove the flow
 */
protected void programArpRule(BigInteger dpId, List<AllowedAddressPairs> allowedAddresses, int lportTag, int addOrRemove) {
    for (AllowedAddressPairs allowedAddress : allowedAddresses) {
        if (!AclServiceUtils.isIPv4Address(allowedAddress)) {
            // For IPv6 allowed addresses
            continue;
        }
        IpPrefixOrAddress allowedAddressIp = allowedAddress.getIpAddress();
        MacAddress allowedAddressMac = allowedAddress.getMacAddress();
        List<MatchInfoBase> arpIpMatches = AclServiceUtils.buildArpIpMatches(allowedAddressIp);
        List<MatchInfoBase> matches = new ArrayList<>();
        matches.add(MatchEthernetType.ARP);
        matches.add(new MatchArpSha(allowedAddressMac));
        matches.add(new MatchEthernetSource(allowedAddressMac));
        matches.addAll(arpIpMatches);
        matches.add(AclServiceUtils.buildLPortTagMatch(lportTag, serviceMode));
        List<InstructionInfo> instructions = getDispatcherTableResubmitInstructions();
        LOG.debug("{} ARP Rule on DPID {}, lportTag {}", addOrRemove == NwConstants.DEL_FLOW ? "Deleting" : "Adding", dpId, lportTag);
        String flowName = "Egress_ARP_" + dpId + "_" + lportTag + "_" + allowedAddress.getMacAddress().getValue() + String.valueOf(allowedAddressIp.getValue());
        syncFlow(dpId, getAclAntiSpoofingTable(), flowName, AclConstants.PROTO_ARP_TRAFFIC_MATCH_PRIORITY, "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, matches, instructions, addOrRemove);
    }
}

Example 27 with IpPrefixOrAddress

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress in project netvirt by opendaylight.

the class EgressAclServiceImpl method programGotoClassifierTableRules.

@Override
protected void programGotoClassifierTableRules(BigInteger dpId, List<AllowedAddressPairs> aaps, int lportTag, int addOrRemove) {
    List<AllowedAddressPairs> filteredAAPs = AclServiceUtils.excludeMulticastAAPs(aaps);
    for (AllowedAddressPairs aap : filteredAAPs) {
        IpPrefixOrAddress attachIp = aap.getIpAddress();
        MacAddress mac = aap.getMacAddress();
        List<MatchInfoBase> matches = new ArrayList<>();
        matches.add(AclServiceUtils.buildLPortTagMatch(lportTag, serviceMode));
        matches.add(new MatchEthernetSource(mac));
        matches.addAll(AclServiceUtils.buildIpMatches(attachIp, MatchCriteria.MATCH_SOURCE));
        List<InstructionInfo> gotoInstructions = new ArrayList<>();
        gotoInstructions.add(new InstructionGotoTable(getAclConntrackClassifierTable()));
        String flowName = "Egress_Fixed_Goto_Classifier_" + dpId + "_" + lportTag + "_" + mac.getValue() + "_" + String.valueOf(attachIp.getValue());
        syncFlow(dpId, getAclAntiSpoofingTable(), flowName, AclConstants.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, matches, gotoInstructions, addOrRemove);
    }
}

Example 28 with IpPrefixOrAddress

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress in project netvirt by opendaylight.

the class IngressAclServiceImpl method programGotoClassifierTableRules.

@Override
protected void programGotoClassifierTableRules(BigInteger dpId, List<AllowedAddressPairs> aaps, int lportTag, int addOrRemove) {
    for (AllowedAddressPairs aap : aaps) {
        IpPrefixOrAddress attachIp = aap.getIpAddress();
        MacAddress mac = aap.getMacAddress();
        List<MatchInfoBase> matches = new ArrayList<>();
        matches.add(AclServiceUtils.buildLPortTagMatch(lportTag, serviceMode));
        matches.add(new MatchEthernetDestination(mac));
        matches.addAll(AclServiceUtils.buildIpMatches(attachIp, MatchCriteria.MATCH_DESTINATION));
        List<InstructionInfo> gotoInstructions = new ArrayList<>();
        gotoInstructions.add(new InstructionGotoTable(getAclConntrackClassifierTable()));
        String flowName = "Ingress_Fixed_Goto_Classifier_" + dpId + "_" + lportTag + "_" + mac.getValue() + "_" + String.valueOf(attachIp.getValue());
        syncFlow(dpId, getAclAntiSpoofingTable(), flowName, AclConstants.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, matches, gotoInstructions, addOrRemove);
    }
}

Example 29 with IpPrefixOrAddress

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress in project netvirt by opendaylight.

the class AclServiceTestBase method newInterfaceWithAapIpv4All.

@Test
public void newInterfaceWithAapIpv4All() throws Exception {
    LOG.info("newInterfaceWithAapIpv4All test - start");
    newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
    newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Arrays.asList(AAP_PORT_2, buildAap(AclConstants.IPV4_ALL_NETWORK, PORT_MAC_2)));
    dataBrokerUtil.put(new IdentifiedSubnetIpPrefixBuilder().interfaceName(PORT_1).addAllIpPrefixOrAddress(Collections.singletonList(new IpPrefixOrAddress(SUBNET_IP_PREFIX_1.toCharArray()))));
    dataBrokerUtil.put(new IdentifiedSubnetIpPrefixBuilder().interfaceName(PORT_2).addAllIpPrefixOrAddress(Collections.singletonList(new IpPrefixOrAddress(SUBNET_IP_PREFIX_1.toCharArray()))));
    prepareInterfaceWithIcmpAcl();
    // When
    putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
    putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
    asyncEventsWaiter.awaitEventsConsumption();
    // Then
    newInterfaceWithAapIpv4AllCheck();
    LOG.info("newInterfaceWithAapIpv4All test - end");
}

Example 30 with IpPrefixOrAddress

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress in project netvirt by opendaylight.

the class NeutronvpnUtils method getAclAllowedAddressPairs.

/**
 * Gets the acl allowed address pairs.
 *
 * @param macAddress the mac address
 * @param ipAddress the ip address
 * @return the acl allowed address pairs
 */
protected static AllowedAddressPairs getAclAllowedAddressPairs(MacAddress macAddress, org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.types.rev160517.IpPrefixOrAddress ipAddress) {
    AllowedAddressPairsBuilder aclAllowedAdressPairBuilder = new AllowedAddressPairsBuilder();
    aclAllowedAdressPairBuilder.setMacAddress(macAddress);
    if (ipAddress != null && ipAddress.getValue() != null) {
        if (ipAddress.getIpPrefix() != null) {
            aclAllowedAdressPairBuilder.setIpAddress(new IpPrefixOrAddress(ipAddress.getIpPrefix()));
        } else {
            aclAllowedAdressPairBuilder.setIpAddress(new IpPrefixOrAddress(ipAddress.getIpAddress()));
        }
    }
    return aclAllowedAdressPairBuilder.build();
}