diff options
Diffstat (limited to 'v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl')
18 files changed, 364 insertions, 126 deletions
diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/IetfAclWriter.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AbstractIetfAclWriter.java index c74845ce7..1a1fbd519 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/IetfAclWriter.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AbstractIetfAclWriter.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress; +package io.fd.honeycomb.translate.v3po.interfaces.acl.common; import static com.google.common.base.Preconditions.checkArgument; @@ -27,10 +27,6 @@ import io.fd.vpp.jvpp.core.dto.ClassifyAddDelSession; import io.fd.vpp.jvpp.core.dto.ClassifyAddDelSessionReply; import io.fd.vpp.jvpp.core.dto.ClassifyAddDelTable; import io.fd.vpp.jvpp.core.dto.ClassifyAddDelTableReply; -import io.fd.vpp.jvpp.core.dto.ClassifyTableByInterface; -import io.fd.vpp.jvpp.core.dto.ClassifyTableByInterfaceReply; -import io.fd.vpp.jvpp.core.dto.InputAclSetInterface; -import io.fd.vpp.jvpp.core.dto.InputAclSetInterfaceReply; import io.fd.vpp.jvpp.core.future.FutureJVppCore; import java.util.HashMap; import java.util.List; @@ -40,9 +36,7 @@ import java.util.concurrent.CompletionStage; import java.util.function.Predicate; import java.util.stream.Collectors; import java.util.stream.Stream; -import javax.annotation.Nonnegative; import javax.annotation.Nonnull; -import javax.annotation.Nullable; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.AclBase; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.AclKey; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.AccessListEntries; @@ -62,15 +56,15 @@ import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -public final class IetfAclWriter implements JvppReplyConsumer, AclTranslator { +public abstract class AbstractIetfAclWriter implements IetfAclWriter, JvppReplyConsumer, AclTranslator { - private static final Logger LOG = LoggerFactory.getLogger(IetfAclWriter.class); + private static final Logger LOG = LoggerFactory.getLogger(AbstractIetfAclWriter.class); private static final int NOT_DEFINED = -1; - private final FutureJVppCore jvpp; + protected final FutureJVppCore jvpp; private Map<AclType, AceWriter<? extends AceType>> aceWriters = new HashMap<>(); - public IetfAclWriter(@Nonnull final FutureJVppCore futureJVppCore) { + public AbstractIetfAclWriter(@Nonnull final FutureJVppCore futureJVppCore) { this.jvpp = Preconditions.checkNotNull(futureJVppCore, "futureJVppCore should not be null"); aceWriters.put(AclType.ETH, new AceEthWriter()); aceWriters.put(AclType.IP4, new AceIp4Writer()); @@ -99,39 +93,7 @@ public final class IetfAclWriter implements JvppReplyConsumer, AclTranslator { return accessListEntries.getAce().stream(); } - void deleteAcl(@Nonnull final InstanceIdentifier<?> id, final int swIfIndex) - throws WriteFailedException { - final ClassifyTableByInterface request = new ClassifyTableByInterface(); - request.swIfIndex = swIfIndex; - - final CompletionStage<ClassifyTableByInterfaceReply> cs = jvpp.classifyTableByInterface(request); - final ClassifyTableByInterfaceReply reply = getReplyForDelete(cs.toCompletableFuture(), id); - - // We unassign and remove all ACL-related classify tables for given interface (we assume we are the only - // classify table manager) - - unassignClassifyTables(id, reply); - - removeClassifyTable(id, reply.l2TableId); - removeClassifyTable(id, reply.ip4TableId); - removeClassifyTable(id, reply.ip6TableId); - } - - private void unassignClassifyTables(@Nonnull final InstanceIdentifier<?> id, - final ClassifyTableByInterfaceReply currentState) - throws WriteFailedException { - final InputAclSetInterface request = new InputAclSetInterface(); - request.isAdd = 0; - request.swIfIndex = currentState.swIfIndex; - request.l2TableIndex = currentState.l2TableId; - request.ip4TableIndex = currentState.ip4TableId; - request.ip6TableIndex = currentState.ip6TableId; - final CompletionStage<InputAclSetInterfaceReply> inputAclSetInterfaceReplyCompletionStage = - jvpp.inputAclSetInterface(request); - getReplyForDelete(inputAclSetInterfaceReplyCompletionStage.toCompletableFuture(), id); - } - - private void removeClassifyTable(@Nonnull final InstanceIdentifier<?> id, final int tableIndex) + protected void removeClassifyTable(@Nonnull final InstanceIdentifier<?> id, final int tableIndex) throws WriteFailedException { if (tableIndex == -1) { @@ -143,14 +105,7 @@ public final class IetfAclWriter implements JvppReplyConsumer, AclTranslator { getReplyForDelete(cs.toCompletableFuture(), id); } - void write(@Nonnull final InstanceIdentifier<?> id, final int swIfIndex, @Nonnull final List<Acl> acls, - final AccessLists.DefaultAction defaultAction, @Nullable final InterfaceMode mode, - @Nonnull final WriteContext writeContext) - throws WriteFailedException { - write(id, swIfIndex, mode, acls, defaultAction, writeContext, 0); - } - - private static boolean appliesToIp4Path(final Ace ace) { + protected static boolean appliesToIp4Path(final Ace ace) { final AceType aceType = ace.getMatches().getAceType(); final AclType aclType = AclType.fromAce(ace); if (aclType == AclType.IP4) { @@ -166,7 +121,7 @@ public final class IetfAclWriter implements JvppReplyConsumer, AclTranslator { return false; } - private static boolean appliesToIp6Path(final Ace ace) { + protected static boolean appliesToIp6Path(final Ace ace) { final AceType aceType = ace.getMatches().getAceType(); final AclType aclType = AclType.fromAce(ace); if (aclType == AclType.IP6) { @@ -182,43 +137,15 @@ public final class IetfAclWriter implements JvppReplyConsumer, AclTranslator { return false; } - void write(@Nonnull final InstanceIdentifier<?> id, final int swIfIndex, final InterfaceMode mode, - @Nonnull final List<Acl> acls, final AccessLists.DefaultAction defaultAction, - @Nonnull final WriteContext writeContext, @Nonnegative final int numberOfTags) - throws WriteFailedException { - checkArgument(numberOfTags >= 0 && numberOfTags <= 2, "Number of vlan tags %s is not in [0,2] range"); - - final InputAclSetInterface request = new InputAclSetInterface(); - request.isAdd = 1; - request.swIfIndex = swIfIndex; - request.l2TableIndex = NOT_DEFINED; - request.ip4TableIndex = NOT_DEFINED; - request.ip6TableIndex = NOT_DEFINED; - - if (InterfaceMode.L2.equals(mode)) { - final List<Ace> aces = getACEs(acls, writeContext, ace -> true); - request.l2TableIndex = writeAces(id, aces, defaultAction, mode, numberOfTags); - } else { - final List<Ace> ip4Aces = getACEs(acls, writeContext, (IetfAclWriter::appliesToIp4Path)); - request.ip4TableIndex = writeAces(id, ip4Aces, defaultAction, mode, numberOfTags); - final List<Ace> ip6Aces = getACEs(acls, writeContext, (IetfAclWriter::appliesToIp6Path)); - request.ip6TableIndex = writeAces(id, ip6Aces, defaultAction, mode, numberOfTags); - } - - final CompletionStage<InputAclSetInterfaceReply> inputAclSetInterfaceReplyCompletionStage = - jvpp.inputAclSetInterface(request); - getReplyForWrite(inputAclSetInterfaceReplyCompletionStage.toCompletableFuture(), id); - } - - private static List<Ace> getACEs(@Nonnull final List<Acl> acls, @Nonnull final WriteContext writeContext, - final Predicate<? super Ace> filter) { + protected static List<Ace> getACEs(@Nonnull final List<Acl> acls, @Nonnull final WriteContext writeContext, + final Predicate<? super Ace> filter) { return acls.stream().flatMap(acl -> aclToAceStream(acl, writeContext)).filter(filter) .collect(Collectors.toList()); } - private int writeAces(final InstanceIdentifier<?> id, final List<Ace> aces, - final AccessLists.DefaultAction defaultAction, final InterfaceMode mode, - final int vlanTags) throws WriteFailedException { + protected int writeAces(final InstanceIdentifier<?> id, final List<Ace> aces, + final AccessLists.DefaultAction defaultAction, final InterfaceMode mode, + final int vlanTags) throws WriteFailedException { if (aces.isEmpty()) { return NOT_DEFINED; } diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceEthWriter.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AceEthWriter.java index c0e79f194..14124dcc7 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceEthWriter.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AceEthWriter.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress; +package io.fd.honeycomb.translate.v3po.interfaces.acl.common; import com.google.common.annotations.VisibleForTesting; import io.fd.vpp.jvpp.core.dto.ClassifyAddDelSession; diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceIp4Writer.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AceIp4Writer.java index ceef19244..7d75e3969 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceIp4Writer.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AceIp4Writer.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress; +package io.fd.honeycomb.translate.v3po.interfaces.acl.common; import static com.google.common.base.Preconditions.checkArgument; diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceIp6Writer.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AceIp6Writer.java index 143fcb238..cad80022e 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceIp6Writer.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AceIp6Writer.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress; +package io.fd.honeycomb.translate.v3po.interfaces.acl.common; import static com.google.common.base.Preconditions.checkArgument; diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceIpAndEthWriter.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AceIpAndEthWriter.java index 83a9848c9..ca12cbe19 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceIpAndEthWriter.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AceIpAndEthWriter.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress; +package io.fd.honeycomb.translate.v3po.interfaces.acl.common; import static com.google.common.base.Preconditions.checkArgument; @@ -33,7 +33,7 @@ import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl. import org.slf4j.Logger; import org.slf4j.LoggerFactory; -final class AceIpAndEthWriter +public final class AceIpAndEthWriter implements AceWriter<AceIpAndEth>, AclTranslator, L2AclTranslator, Ip4AclTranslator, Ip6AclTranslator { private static final Logger LOG = LoggerFactory.getLogger(AceIpAndEthWriter.class); diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceWriter.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AceWriter.java index bc0b435bd..ae540f94d 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceWriter.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AceWriter.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress; +package io.fd.honeycomb.translate.v3po.interfaces.acl.common; import io.fd.vpp.jvpp.core.dto.ClassifyAddDelSession; import io.fd.vpp.jvpp.core.dto.ClassifyAddDelTable; diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AclTranslator.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AclTranslator.java index 44e4622d8..2d898f1d9 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AclTranslator.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/AclTranslator.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress; +package io.fd.honeycomb.translate.v3po.interfaces.acl.common; import static com.google.common.base.Preconditions.checkArgument; diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/IetfAclWriter.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/IetfAclWriter.java new file mode 100644 index 000000000..1ce5a040d --- /dev/null +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/IetfAclWriter.java @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2016 Cisco and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package io.fd.honeycomb.translate.v3po.interfaces.acl.common; + +import io.fd.honeycomb.translate.write.WriteContext; +import io.fd.honeycomb.translate.write.WriteFailedException; +import java.util.List; +import javax.annotation.Nonnegative; +import javax.annotation.Nonnull; +import javax.annotation.Nullable; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.InterfaceMode; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.ietf.acl.base.attributes.AccessLists; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.ietf.acl.base.attributes.access.lists.Acl; +import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; + +public interface IetfAclWriter { + default void write(@Nonnull final InstanceIdentifier<?> id, final int ifIndex, @Nonnull final List<Acl> acls, + final AccessLists.DefaultAction defaultAction, @Nullable final InterfaceMode mode, + @Nonnull final WriteContext writeContext) + throws WriteFailedException { + write(id, ifIndex, acls, defaultAction, mode, writeContext, 0); + } + + void write(@Nonnull final InstanceIdentifier<?> id, int ifIndex, @Nonnull final List<Acl> acls, + final AccessLists.DefaultAction defaultAction, @Nullable InterfaceMode mode, + @Nonnull final WriteContext writeContext, @Nonnegative final int numberOfTags) + throws WriteFailedException; + + void deleteAcl(InstanceIdentifier<?> id, int ifIndex) throws WriteFailedException; +} diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/Ip4AclTranslator.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/Ip4AclTranslator.java index 55d73fccb..304d6c1f0 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/Ip4AclTranslator.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/Ip4AclTranslator.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress; +package io.fd.honeycomb.translate.v3po.interfaces.acl.common; import com.google.common.primitives.Ints; import io.fd.honeycomb.translate.vpp.util.Ipv4Translator; @@ -25,7 +25,7 @@ import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fiel import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.AclIpv4HeaderFields; import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.InterfaceMode; -public interface Ip4AclTranslator extends Ipv4Translator { +interface Ip4AclTranslator extends Ipv4Translator { int ETHER_TYPE_OFFSET = 12; // first 14 bytes represent L2 header (2x6) int DSCP_OFFSET = 15; int DSCP_MASK = 0xfc; diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/Ip6AclTranslator.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/Ip6AclTranslator.java index 9dfab31c2..c0da75687 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/Ip6AclTranslator.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/Ip6AclTranslator.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress; +package io.fd.honeycomb.translate.v3po.interfaces.acl.common; import io.fd.vpp.jvpp.core.dto.ClassifyAddDelSession; import io.fd.vpp.jvpp.core.dto.ClassifyAddDelTable; @@ -26,7 +26,7 @@ import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fiel import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.AclIpv6HeaderFields; import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.InterfaceMode; -public interface Ip6AclTranslator { +interface Ip6AclTranslator { int ETHER_TYPE_OFFSET = 12; // first 14 bytes represent L2 header (2x6) int IP_VERSION_OFFSET = ETHER_TYPE_OFFSET + 2; diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/L2AclTranslator.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/L2AclTranslator.java index a802ed3fa..c74db7e2a 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/L2AclTranslator.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/L2AclTranslator.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress; +package io.fd.honeycomb.translate.v3po.interfaces.acl.common; import io.fd.honeycomb.translate.vpp.util.MacTranslator; import io.fd.vpp.jvpp.core.dto.ClassifyAddDelSession; @@ -22,7 +22,7 @@ import io.fd.vpp.jvpp.core.dto.ClassifyAddDelTable; import java.util.List; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress; -public interface L2AclTranslator extends MacTranslator { +interface L2AclTranslator extends MacTranslator { default boolean destinationMacAddressMask(final MacAddress dstMask, final MacAddress dstAddress, final ClassifyAddDelTable request) { diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/PortPair.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/PortPair.java index 274303004..6d5d506d8 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/PortPair.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/common/PortPair.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress; +package io.fd.honeycomb.translate.v3po.interfaces.acl.common; import java.util.ArrayList; import java.util.List; diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/egress/EgressIetfAclWriter.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/egress/EgressIetfAclWriter.java new file mode 100644 index 000000000..eee8f68eb --- /dev/null +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/egress/EgressIetfAclWriter.java @@ -0,0 +1,98 @@ +/* + * Copyright (c) 2016 Cisco and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package io.fd.honeycomb.translate.v3po.interfaces.acl.egress; + +import static com.google.common.base.Preconditions.checkArgument; + +import io.fd.honeycomb.translate.v3po.interfaces.acl.common.AbstractIetfAclWriter; +import io.fd.honeycomb.translate.write.WriteContext; +import io.fd.honeycomb.translate.write.WriteFailedException; +import io.fd.vpp.jvpp.core.dto.ClassifySetInterfaceL2Tables; +import io.fd.vpp.jvpp.core.dto.ClassifySetInterfaceL2TablesReply; +import io.fd.vpp.jvpp.core.future.FutureJVppCore; +import java.util.List; +import java.util.concurrent.CompletionStage; +import javax.annotation.Nonnegative; +import javax.annotation.Nonnull; +import javax.annotation.Nullable; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.Ace; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.Matches; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.matches.ace.type.AceEth; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.InterfaceMode; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.ietf.acl.base.attributes.AccessLists; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.ietf.acl.base.attributes.access.lists.Acl; +import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; + +public final class EgressIetfAclWriter extends AbstractIetfAclWriter { + private static final int NOT_DEFINED = -1; + + public EgressIetfAclWriter(@Nonnull final FutureJVppCore futureJVppCore) { + super(futureJVppCore); + } + + @Override + public void deleteAcl(@Nonnull final InstanceIdentifier<?> id, final int swIfIndex) + throws WriteFailedException { + // We unassign and remove all ACL-related classify tables for given interface (we assume we are the only + // classify table manager) + unassignClassifyTables(id, swIfIndex); + + // TODO(HONEYCOMB-264): remove classify tables from vpp (we need to cache interface/acl mapping) + } + + private void unassignClassifyTables(@Nonnull final InstanceIdentifier<?> id, final int swIfIndex) + throws WriteFailedException { + final ClassifySetInterfaceL2Tables request = new ClassifySetInterfaceL2Tables(); + request.swIfIndex = swIfIndex; + request.ip4TableIndex = NOT_DEFINED; + request.ip6TableIndex = NOT_DEFINED; + request.otherTableIndex = NOT_DEFINED; + request.isInput = 0; // egress + final CompletionStage<ClassifySetInterfaceL2TablesReply> cs = jvpp.classifySetInterfaceL2Tables(request); + getReplyForDelete(cs.toCompletableFuture(), id); + } + + @Override + public void write(@Nonnull final InstanceIdentifier<?> id, int swIfIndex, @Nonnull final List<Acl> acls, + final AccessLists.DefaultAction defaultAction, @Nullable InterfaceMode mode, + @Nonnull final WriteContext writeContext, @Nonnegative final int numberOfTags) + throws WriteFailedException { + checkArgument(numberOfTags >= 0 && numberOfTags <= 2, "Number of vlan tags %s is not in [0,2] range"); + checkArgument(InterfaceMode.L2.equals(mode), "Writing egress Acls is supported only in L2 mode"); + + final ClassifySetInterfaceL2Tables request = new ClassifySetInterfaceL2Tables(); + request.isInput = 0; // egress + request.swIfIndex = swIfIndex; + + // applied to packets according to their ether type + final List<Ace> ip4Aces = getACEs(acls, writeContext, (AbstractIetfAclWriter::appliesToIp4Path)); + request.ip4TableIndex = writeAces(id, ip4Aces, defaultAction, mode, numberOfTags); + final List<Ace> ip6Aces = getACEs(acls, writeContext, (AbstractIetfAclWriter::appliesToIp6Path)); + request.ip6TableIndex = writeAces(id, ip6Aces, defaultAction, mode, numberOfTags); + final List<Ace> aces = getACEs(acls, writeContext, EgressIetfAclWriter::isNotIpRule); + request.otherTableIndex = writeAces(id, aces, defaultAction, mode, numberOfTags); + + final CompletionStage<ClassifySetInterfaceL2TablesReply> cs = jvpp.classifySetInterfaceL2Tables(request); + getReplyForWrite(cs.toCompletableFuture(), id); + } + + private static boolean isNotIpRule(final Ace ace) { + final Matches matches = ace.getMatches(); + checkArgument(matches != null, "Incomplete ACE: %s", ace); + return matches.getAceType() instanceof AceEth; + } +} diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/egress/IetfAclCustomizer.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/egress/IetfAclCustomizer.java index 3dc9e2262..e8f8af296 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/egress/IetfAclCustomizer.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/egress/IetfAclCustomizer.java @@ -16,26 +16,28 @@ package io.fd.honeycomb.translate.v3po.interfaces.acl.egress; +import static com.google.common.base.Preconditions.checkArgument; import static com.google.common.base.Preconditions.checkNotNull; import io.fd.honeycomb.translate.spi.write.WriterCustomizer; -import io.fd.honeycomb.translate.v3po.interfaces.acl.ingress.IetfAclWriter; import io.fd.honeycomb.translate.vpp.util.NamingContext; import io.fd.honeycomb.translate.write.WriteContext; import io.fd.honeycomb.translate.write.WriteFailedException; import javax.annotation.Nonnull; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface; import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev161214.interfaces._interface.ietf.acl.Egress; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.InterfaceMode; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.ietf.acl.base.attributes.AccessLists; import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; public class IetfAclCustomizer implements WriterCustomizer<Egress> { private static final Logger LOG = LoggerFactory.getLogger(IetfAclCustomizer.class); - private final IetfAclWriter aclWriter; + private final EgressIetfAclWriter aclWriter; private final NamingContext interfaceContext; - - public IetfAclCustomizer(final IetfAclWriter aclWriter, final NamingContext interfaceContext) { + public IetfAclCustomizer(final EgressIetfAclWriter aclWriter, final NamingContext interfaceContext) { this.aclWriter = checkNotNull(aclWriter, "aclWriter should not be null"); this.interfaceContext = checkNotNull(interfaceContext, "interfaceContext should not be null"); } @@ -43,20 +45,40 @@ public class IetfAclCustomizer implements WriterCustomizer<Egress> { @Override public void writeCurrentAttributes(@Nonnull final InstanceIdentifier<Egress> id, @Nonnull final Egress dataAfter, @Nonnull final WriteContext writeContext) throws WriteFailedException { - LOG.debug("Writing attributes for id={} dataAfter={}: NOT IMPLEMENTED YET", id, dataAfter); + final String ifName = id.firstKeyOf(Interface.class).getName(); + final int ifIndex = interfaceContext.getIndex(ifName, writeContext.getMappingContext()); + LOG.debug("Adding egress ACLs for interface={}(id={}): {}", ifName, ifIndex, dataAfter); + + final AccessLists accessLists = dataAfter.getAccessLists(); + checkArgument(accessLists != null && accessLists.getAcl() != null, + "ietf-acl container does not define acl list"); + + if (!InterfaceMode.L2.equals(accessLists.getMode())) { + LOG.debug("Writing egress Acls is supported only in L2 mode. Ignoring config: {}", dataAfter); + return; + } + + aclWriter.write(id, ifIndex, accessLists.getAcl(), accessLists.getDefaultAction(), accessLists.getMode(), + writeContext); } @Override public void updateCurrentAttributes(@Nonnull final InstanceIdentifier<Egress> id, @Nonnull final Egress dataBefore, @Nonnull final Egress dataAfter, @Nonnull final WriteContext writeContext) throws WriteFailedException { - LOG.debug("Updating attributes for id={} dataBefore={} dataAfter={}: NOT IMPLEMENTED YET", id, dataBefore, dataAfter); - + LOG.debug("ACLs update: removing previously configured ACLs"); + deleteCurrentAttributes(id, dataBefore, writeContext); + LOG.debug("ACLs update: adding updated ACLs"); + writeCurrentAttributes(id, dataAfter, writeContext); + LOG.debug("ACLs update was successful"); } @Override public void deleteCurrentAttributes(@Nonnull final InstanceIdentifier<Egress> id, @Nonnull final Egress dataBefore, @Nonnull final WriteContext writeContext) throws WriteFailedException { - LOG.debug("Deleting attributes for id={} dataBefore={}: NOT IMPLEMENTED YET", id, dataBefore); + final String ifName = id.firstKeyOf(Interface.class).getName(); + final int ifIndex = interfaceContext.getIndex(ifName, writeContext.getMappingContext()); + LOG.debug("Removing ACLs for interface={}(id={}): {}", ifName, ifIndex, dataBefore); + aclWriter.deleteAcl(id, ifIndex); } } diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/egress/SubInterfaceIetfAclCustomizer.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/egress/SubInterfaceIetfAclCustomizer.java index b5198465a..cba045add 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/egress/SubInterfaceIetfAclCustomizer.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/egress/SubInterfaceIetfAclCustomizer.java @@ -16,14 +16,23 @@ package io.fd.honeycomb.translate.v3po.interfaces.acl.egress; +import static com.google.common.base.Preconditions.checkArgument; import static com.google.common.base.Preconditions.checkNotNull; +import static com.google.common.base.Preconditions.checkState; +import static io.fd.honeycomb.translate.vpp.util.SubInterfaceUtils.getNumberOfTags; +import com.google.common.base.Optional; import io.fd.honeycomb.translate.spi.write.WriterCustomizer; -import io.fd.honeycomb.translate.v3po.interfaces.acl.ingress.IetfAclWriter; import io.fd.honeycomb.translate.vpp.util.NamingContext; +import io.fd.honeycomb.translate.vpp.util.SubInterfaceUtils; import io.fd.honeycomb.translate.write.WriteContext; import io.fd.honeycomb.translate.write.WriteFailedException; import javax.annotation.Nonnull; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.InterfaceKey; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.ietf.acl.base.attributes.AccessLists; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.vlan.rev161214.interfaces._interface.sub.interfaces.SubInterface; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.vlan.rev161214.interfaces._interface.sub.interfaces.SubInterfaceKey; import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.vlan.rev161214.sub._interface.base.attributes.ietf.acl.Egress; import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; import org.slf4j.Logger; @@ -31,31 +40,59 @@ import org.slf4j.LoggerFactory; public class SubInterfaceIetfAclCustomizer implements WriterCustomizer<Egress> { private static final Logger LOG = LoggerFactory.getLogger(SubInterfaceIetfAclCustomizer.class); - private final IetfAclWriter aclWriter; + private final EgressIetfAclWriter aclWriter; private final NamingContext interfaceContext; - public SubInterfaceIetfAclCustomizer(final IetfAclWriter aclWriter, final NamingContext interfaceContext) { + public SubInterfaceIetfAclCustomizer(final EgressIetfAclWriter aclWriter, final NamingContext interfaceContext) { this.aclWriter = checkNotNull(aclWriter, "aclWriter should not be null"); this.interfaceContext = checkNotNull(interfaceContext, "interfaceContext should not be null"); } + private String getSubInterfaceName(@Nonnull final InstanceIdentifier<Egress> id) { + final InterfaceKey parentInterfacekey = id.firstKeyOf(Interface.class); + final SubInterfaceKey subInterfacekey = id.firstKeyOf(SubInterface.class); + return SubInterfaceUtils + .getSubInterfaceName(parentInterfacekey.getName(), subInterfacekey.getIdentifier().intValue()); + } + @Override public void writeCurrentAttributes(@Nonnull final InstanceIdentifier<Egress> id, @Nonnull final Egress dataAfter, @Nonnull final WriteContext writeContext) throws WriteFailedException { - LOG.debug("Writing attributes for id={} dataAfter={}: NOT IMPLEMENTED YET", id, dataAfter); + final String subInterfaceName = getSubInterfaceName(id); + final int subInterfaceIndex = interfaceContext.getIndex(subInterfaceName, writeContext.getMappingContext()); + LOG.debug("Adding IETF-ACL for sub-interface: {}(id={}): {}", subInterfaceName, subInterfaceIndex, dataAfter); + + final AccessLists accessLists = dataAfter.getAccessLists(); + checkArgument(accessLists != null && accessLists.getAcl() != null, + "ietf-acl container does not define acl list"); + + final Optional<SubInterface> subInterfaceOptional = + writeContext.readAfter(id.firstIdentifierOf(SubInterface.class)); + checkState(subInterfaceOptional.isPresent(), "Could not read SubInterface data object for %s", id); + final SubInterface subInterface = subInterfaceOptional.get(); + + aclWriter + .write(id, subInterfaceIndex, accessLists.getAcl(), accessLists.getDefaultAction(), accessLists.getMode(), + writeContext, getNumberOfTags(subInterface.getTags())); } @Override public void updateCurrentAttributes(@Nonnull final InstanceIdentifier<Egress> id, @Nonnull final Egress dataBefore, @Nonnull final Egress dataAfter, @Nonnull final WriteContext writeContext) throws WriteFailedException { - LOG.debug("Updating attributes for id={} dataBefore={} dataAfter={}: NOT IMPLEMENTED YET", id, dataBefore, dataAfter); - + LOG.debug("Sub-interface ACLs update: removing previously configured ACLs"); + deleteCurrentAttributes(id, dataBefore, writeContext); + LOG.debug("Sub-interface ACLs update: adding updated ACLs"); + writeCurrentAttributes(id, dataAfter, writeContext); + LOG.debug("Sub-interface ACLs update was successful"); } @Override public void deleteCurrentAttributes(@Nonnull final InstanceIdentifier<Egress> id, @Nonnull final Egress dataBefore, @Nonnull final WriteContext writeContext) throws WriteFailedException { - LOG.debug("Deleting attributes for id={} dataBefore={}: NOT IMPLEMENTED YET", id, dataBefore); + final String subInterfaceName = getSubInterfaceName(id); + final int subInterfaceIndex = interfaceContext.getIndex(subInterfaceName, writeContext.getMappingContext()); + LOG.debug("Removing ACLs for sub-interface={}(id={}): {}", subInterfaceName, subInterfaceIndex, dataBefore); + aclWriter.deleteAcl(id, subInterfaceIndex); } } diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/IetfAclCustomizer.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/IetfAclCustomizer.java index 4eac0fad6..f4f3d1384 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/IetfAclCustomizer.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/IetfAclCustomizer.java @@ -25,8 +25,8 @@ import io.fd.honeycomb.translate.write.WriteContext; import io.fd.honeycomb.translate.write.WriteFailedException; import javax.annotation.Nonnull; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.ietf.acl.base.attributes.AccessLists; import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev161214.interfaces._interface.ietf.acl.Ingress; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.ietf.acl.base.attributes.AccessLists; import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -41,10 +41,10 @@ import org.slf4j.LoggerFactory; public class IetfAclCustomizer implements WriterCustomizer<Ingress> { private static final Logger LOG = LoggerFactory.getLogger(IetfAclCustomizer.class); - private final IetfAclWriter aclWriter; + private final IngressIetfAclWriter aclWriter; private final NamingContext interfaceContext; - public IetfAclCustomizer(@Nonnull final IetfAclWriter aclWriter, + public IetfAclCustomizer(@Nonnull final IngressIetfAclWriter aclWriter, @Nonnull final NamingContext interfaceContext) { this.aclWriter = checkNotNull(aclWriter, "aclWriter should not be null"); this.interfaceContext = checkNotNull(interfaceContext, "interfaceContext should not be null"); diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/IngressIetfAclWriter.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/IngressIetfAclWriter.java new file mode 100644 index 000000000..969ac43f4 --- /dev/null +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/IngressIetfAclWriter.java @@ -0,0 +1,109 @@ +/* + * Copyright (c) 2016 Cisco and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress; + +import static com.google.common.base.Preconditions.checkArgument; + +import io.fd.honeycomb.translate.v3po.interfaces.acl.common.AbstractIetfAclWriter; +import io.fd.honeycomb.translate.write.WriteContext; +import io.fd.honeycomb.translate.write.WriteFailedException; +import io.fd.vpp.jvpp.core.dto.ClassifyTableByInterface; +import io.fd.vpp.jvpp.core.dto.ClassifyTableByInterfaceReply; +import io.fd.vpp.jvpp.core.dto.InputAclSetInterface; +import io.fd.vpp.jvpp.core.dto.InputAclSetInterfaceReply; +import io.fd.vpp.jvpp.core.future.FutureJVppCore; +import java.util.List; +import java.util.concurrent.CompletionStage; +import javax.annotation.Nonnegative; +import javax.annotation.Nonnull; +import javax.annotation.Nullable; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.Ace; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.InterfaceMode; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.ietf.acl.base.attributes.AccessLists; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.ietf.acl.base.attributes.access.lists.Acl; +import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; + +public final class IngressIetfAclWriter extends AbstractIetfAclWriter { + + private static final int NOT_DEFINED = -1; + + public IngressIetfAclWriter(@Nonnull final FutureJVppCore futureJVppCore) { + super(futureJVppCore); + } + + @Override + public void deleteAcl(@Nonnull final InstanceIdentifier<?> id, final int swIfIndex) + throws WriteFailedException { + final ClassifyTableByInterface request = new ClassifyTableByInterface(); + request.swIfIndex = swIfIndex; + + final CompletionStage<ClassifyTableByInterfaceReply> cs = jvpp.classifyTableByInterface(request); + final ClassifyTableByInterfaceReply reply = getReplyForDelete(cs.toCompletableFuture(), id); + + // We unassign and remove all ACL-related classify tables for given interface (we assume we are the only + // classify table manager) + + unassignClassifyTables(id, reply); + + removeClassifyTable(id, reply.l2TableId); + removeClassifyTable(id, reply.ip4TableId); + removeClassifyTable(id, reply.ip6TableId); + } + + private void unassignClassifyTables(@Nonnull final InstanceIdentifier<?> id, + final ClassifyTableByInterfaceReply currentState) + throws WriteFailedException { + final InputAclSetInterface request = new InputAclSetInterface(); + request.isAdd = 0; + request.swIfIndex = currentState.swIfIndex; + request.l2TableIndex = currentState.l2TableId; + request.ip4TableIndex = currentState.ip4TableId; + request.ip6TableIndex = currentState.ip6TableId; + final CompletionStage<InputAclSetInterfaceReply> inputAclSetInterfaceReplyCompletionStage = + jvpp.inputAclSetInterface(request); + getReplyForDelete(inputAclSetInterfaceReplyCompletionStage.toCompletableFuture(), id); + } + + @Override + public void write(@Nonnull final InstanceIdentifier<?> id, int swIfIndex, @Nonnull final List<Acl> acls, + final AccessLists.DefaultAction defaultAction, @Nullable InterfaceMode mode, + @Nonnull final WriteContext writeContext, @Nonnegative final int numberOfTags) + throws WriteFailedException { + checkArgument(numberOfTags >= 0 && numberOfTags <= 2, "Number of vlan tags %s is not in [0,2] range"); + + final InputAclSetInterface request = new InputAclSetInterface(); + request.isAdd = 1; + request.swIfIndex = swIfIndex; + request.l2TableIndex = NOT_DEFINED; + request.ip4TableIndex = NOT_DEFINED; + request.ip6TableIndex = NOT_DEFINED; + + if (InterfaceMode.L2.equals(mode)) { + final List<Ace> aces = getACEs(acls, writeContext, ace -> true); + request.l2TableIndex = writeAces(id, aces, defaultAction, mode, numberOfTags); + } else { + final List<Ace> ip4Aces = getACEs(acls, writeContext, (AbstractIetfAclWriter::appliesToIp4Path)); + request.ip4TableIndex = writeAces(id, ip4Aces, defaultAction, mode, numberOfTags); + final List<Ace> ip6Aces = getACEs(acls, writeContext, (AbstractIetfAclWriter::appliesToIp6Path)); + request.ip6TableIndex = writeAces(id, ip6Aces, defaultAction, mode, numberOfTags); + } + + final CompletionStage<InputAclSetInterfaceReply> inputAclSetInterfaceReplyCompletionStage = + jvpp.inputAclSetInterface(request); + getReplyForWrite(inputAclSetInterfaceReplyCompletionStage.toCompletableFuture(), id); + } +} diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/SubInterfaceIetfAclCustomizer.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/SubInterfaceIetfAclCustomizer.java index fdefc0855..47b8aba6f 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/SubInterfaceIetfAclCustomizer.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/SubInterfaceIetfAclCustomizer.java @@ -48,10 +48,10 @@ import org.slf4j.LoggerFactory; public class SubInterfaceIetfAclCustomizer implements WriterCustomizer<Ingress> { private static final Logger LOG = LoggerFactory.getLogger(SubInterfaceIetfAclCustomizer.class); - private final IetfAclWriter aclWriter; + private final IngressIetfAclWriter aclWriter; private final NamingContext interfaceContext; - public SubInterfaceIetfAclCustomizer(@Nonnull final IetfAclWriter aclWriter, + public SubInterfaceIetfAclCustomizer(@Nonnull final IngressIetfAclWriter aclWriter, @Nonnull final NamingContext interfaceContext) { this.aclWriter = checkNotNull(aclWriter, "aclWriter should not be null"); this.interfaceContext = checkNotNull(interfaceContext, "interfaceContext should not be null"); @@ -61,7 +61,7 @@ public class SubInterfaceIetfAclCustomizer implements WriterCustomizer<Ingress> final InterfaceKey parentInterfacekey = id.firstKeyOf(Interface.class); final SubInterfaceKey subInterfacekey = id.firstKeyOf(SubInterface.class); return SubInterfaceUtils - .getSubInterfaceName(parentInterfacekey.getName(), subInterfacekey.getIdentifier().intValue()); + .getSubInterfaceName(parentInterfacekey.getName(), subInterfacekey.getIdentifier().intValue()); } @Override @@ -73,15 +73,16 @@ public class SubInterfaceIetfAclCustomizer implements WriterCustomizer<Ingress> final AccessLists accessLists = dataAfter.getAccessLists(); checkArgument(accessLists != null && accessLists.getAcl() != null, - "ietf-acl container does not define acl list"); + "ietf-acl container does not define acl list"); final Optional<SubInterface> subInterfaceOptional = - writeContext.readAfter(id.firstIdentifierOf(SubInterface.class)); + writeContext.readAfter(id.firstIdentifierOf(SubInterface.class)); checkState(subInterfaceOptional.isPresent(), "Could not read SubInterface data object for %s", id); final SubInterface subInterface = subInterfaceOptional.get(); - aclWriter.write(id, subInterfaceIndex, accessLists.getMode(), accessLists.getAcl(), - accessLists.getDefaultAction(), writeContext, getNumberOfTags(subInterface.getTags())); + aclWriter + .write(id, subInterfaceIndex, accessLists.getAcl(), accessLists.getDefaultAction(), accessLists.getMode(), + writeContext, getNumberOfTags(subInterface.getTags())); } @Override @@ -98,7 +99,7 @@ public class SubInterfaceIetfAclCustomizer implements WriterCustomizer<Ingress> @Override public void deleteCurrentAttributes(@Nonnull final InstanceIdentifier<Ingress> id, @Nonnull final Ingress dataBefore, @Nonnull final WriteContext writeContext) - throws WriteFailedException { + throws WriteFailedException { final String subInterfaceName = getSubInterfaceName(id); final int subInterfaceIndex = interfaceContext.getIndex(subInterfaceName, writeContext.getMappingContext()); LOG.debug("Removing ACLs for sub-interface={}(id={}): {}", subInterfaceName, subInterfaceIndex, dataBefore); |