diff options
Diffstat (limited to 'acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace')
3 files changed, 273 insertions, 230 deletions
diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java index db5efb4d6..8e774104a 100644 --- a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java +++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java @@ -16,6 +16,7 @@ package io.fd.hc2vpp.acl.util.ace; +import com.google.common.base.Preconditions; import io.fd.hc2vpp.acl.util.AclContextManager; import io.fd.hc2vpp.acl.util.ace.extractor.MacIpAceDataExtractor; import io.fd.hc2vpp.acl.util.ace.extractor.StandardAceDataExtractor; @@ -27,16 +28,16 @@ import java.util.ArrayList; import java.util.List; import java.util.stream.Collectors; import javax.annotation.Nonnull; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.Ace; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.AceBuilder; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.AceKey; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.MatchesBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.VppAce; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.VppAceBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.VppMacipAce; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.VppMacipAceBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.ace.VppAceNodesBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.macip.ace.VppMacipAceNodesBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.Ace; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.AceBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.AceKey; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.MatchesBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.L3; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l2.EthBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l2.eth.Eth; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.ipv4.Ipv4; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.ipv6.Ipv6; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv4.header.fields.SourceNetwork; /** * Convert between Ace's and vpp rules. @@ -45,23 +46,55 @@ public interface AceConverter extends MacIpAceDataExtractor, StandardAceDataExtr default MacipAclRule[] toMacIpAclRules(@Nonnull final List<Ace> aces) { return aces.stream() + .filter(ace -> ace.getMatches() != null && ace.getMatches().getL2() != null) + .filter(ace -> ace.getMatches().getL2().getImplementedInterface() + .equals(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l2.Eth.class)) .map(ace -> { - final VppMacipAce macIpAce = fromMacIpAce(ace); - MacipAclRule rule = new MacipAclRule(); + org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l2.Eth + l2 = + (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l2.Eth) ace + .getMatches().getL2(); + + Eth eth = Preconditions + .checkNotNull(l2.getEth(), "Cannot parse eth for MacIpAcl ACE rule: {}", ace); - rule.srcMac = sourceMacAsBytes(macIpAce); - rule.srcMacMask = sourceMacMaskAsBytes(macIpAce); + rule.srcMac = sourceMacAsBytes(eth.getSourceMacAddress()); + rule.srcMacMask = sourceMacMaskAsBytes(eth.getSourceMacAddressMask()); rule.isPermit = macIpAction(ace); - if (macIpIsIpv6(macIpAce)) { - rule.isIpv6 = 1; - rule.srcIpAddr = ipv6Address(macIpAce); - rule.srcIpPrefixLen = ipv6AddressPrefix(macIpAce); + L3 l3 = ace.getMatches().getL3(); + + if (l3 != null && l3.getImplementedInterface() + .equals(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv4.class)) { + Ipv4 ipv4 = + ((org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv4) l3) + .getIpv4(); + if (ipv4 != null && ipv4.getSourceNetwork() != null) { + // IPv4 is set for MacIpAcl + SourceNetwork sourceNetwork = ipv4.getSourceNetwork(); + rule.isIpv6 = 0; + rule.srcIpAddr = ipv4Address(sourceNetwork); + rule.srcIpPrefixLen = ipv4AddressPrefix(sourceNetwork); + } + } else if (l3 != null && l3.getImplementedInterface() + .equals(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv6.class)) { + Ipv6 ipv6 = + ((org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv6) l3) + .getIpv6(); + if (ipv6 != null && ipv6.getSourceNetwork() != null) { + // IPv6 is set for MacIpAcl + org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv6.header.fields.SourceNetwork + sourceNetwork = ipv6.getSourceNetwork(); + rule.isIpv6 = 1; + rule.srcIpAddr = ipv6Address(sourceNetwork); + rule.srcIpPrefixLen = ipv6AddressPrefix(sourceNetwork); + } } else { + // No IP is set for MacIpAcl rule.isIpv6 = 0; - rule.srcIpAddr = ipv4Address(macIpAce); - rule.srcIpPrefixLen = ipv4AddressPrefix(macIpAce); + rule.srcIpAddr = new byte[4]; + rule.srcIpPrefixLen = 0; } return rule; @@ -72,26 +105,25 @@ public interface AceConverter extends MacIpAceDataExtractor, StandardAceDataExtr default AclRule[] toStandardAclRules(@Nonnull final List<Ace> aces) { return aces.stream() + .filter(ace -> ace.getMatches() != null) .map(ace -> { - final VppAce standardAce = fromStandardAce(ace); - // pre-bind rule with protocol based attributes (if present) - AclRule rule = createPreBindRule(standardAce); + AclRule rule = createPreBindRule(ace); rule.isPermit = standardAction(ace); - if (standardIsIpv6(standardAce, ace.getMatches())) { + if (standardIsIpv6(ace.getMatches())) { rule.isIpv6 = 1; - rule.srcIpAddr = ipv6SourceAddress(standardAce); - rule.srcIpPrefixLen = ipv6SourceAddressPrefix(standardAce); - rule.dstIpAddr = ipv6DestinationAddress(standardAce); - rule.dstIpPrefixLen = ipv6DestinationAddressPrefix(standardAce); + rule.srcIpAddr = ipv6SourceAddress(ace.getMatches()); + rule.srcIpPrefixLen = ipv6SourceAddressPrefix(ace.getMatches()); + rule.dstIpAddr = ipv6DestinationAddress(ace.getMatches()); + rule.dstIpPrefixLen = ipv6DestinationAddressPrefix(ace.getMatches()); } else { rule.isIpv6 = 0; - rule.srcIpAddr = ipv4SourceAddress(standardAce); - rule.srcIpPrefixLen = ipv4SourceAddressPrefix(standardAce); - rule.dstIpAddr = ipv4DestinationAddress(standardAce); - rule.dstIpPrefixLen = ipv4DestinationAddressPrefix(standardAce); + rule.srcIpAddr = ipv4SourceAddress(ace.getMatches()); + rule.srcIpPrefixLen = ipv4SourceAddressPrefix(ace.getMatches()); + rule.dstIpAddr = ipv4DestinationAddress(ace.getMatches()); + rule.dstIpPrefixLen = ipv4DestinationAddressPrefix(ace.getMatches()); } return rule; @@ -107,18 +139,20 @@ public interface AceConverter extends MacIpAceDataExtractor, StandardAceDataExtr int i = 0; for (final MacipAclRule rule : rules) { final AceBuilder ace = new AceBuilder(); - final VppMacipAceBuilder aceType = new VppMacipAceBuilder(); - final VppMacipAceNodesBuilder nodes = new VppMacipAceNodesBuilder(); - nodes.setAceIpVersion(ipVersion(rule)); - nodes.setSourceMacAddress(sourceMac(rule)); - nodes.setSourceMacAddressMask(sourceMacMask(rule)); - aceType.setVppMacipAceNodes(nodes.build()); - - ace.setMatches(new MatchesBuilder().setAceType(aceType.build()).build()); + ace.setMatches( + new MatchesBuilder() + .setL3(parseMacIpAceL3(rule)) + .setL2(new EthBuilder() + .setEth(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l2.eth.EthBuilder() + .setSourceMacAddress(sourceMac(rule)) + .setSourceMacAddressMask(sourceMacMask(rule)) + .build()) + .build()) + .build()); ace.setActions(actions(rule.isPermit)); final String aceName = macipAclContext.getAceName(aclName, i++, mappingContext); - ace.setRuleName(aceName); + ace.setName(aceName); ace.withKey(new AceKey(aceName)); aces.add(ace.build()); @@ -133,17 +167,14 @@ public interface AceConverter extends MacIpAceDataExtractor, StandardAceDataExtr int i = 0; for (final AclRule rule : rules) { final AceBuilder ace = new AceBuilder(); - final VppAceBuilder aceType = new VppAceBuilder(); - final VppAceNodesBuilder nodes = new VppAceNodesBuilder(); - nodes.setAceIpVersion(ipVersion(rule)); - nodes.setIpProtocol(parseProtocol(rule)); - aceType.setVppAceNodes(nodes.build()); - - ace.setMatches(new MatchesBuilder().setAceType(aceType.build()).build()); + ace.setMatches(new MatchesBuilder() + .setL3(parseStandardAceL3(rule)) + .setL4(parseProtocol(rule)) + .build()); ace.setActions(actions(rule.isPermit)); final String aceName = standardAclContext.getAceName(aclName, i++, mappingContext); - ace.setRuleName(aceName); + ace.setName(aceName); ace.withKey(new AceKey(aceName)); aces.add(ace.build()); } diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/extractor/MacIpAceDataExtractor.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/extractor/MacIpAceDataExtractor.java index ddb41ee3c..0c7d761a0 100644 --- a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/extractor/MacIpAceDataExtractor.java +++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/extractor/MacIpAceDataExtractor.java @@ -21,84 +21,67 @@ import io.fd.hc2vpp.common.translate.util.MacTranslator; import io.fd.vpp.jvpp.acl.types.MacipAclRule; import java.util.Optional; import javax.annotation.Nonnull; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.Ace; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.Matches; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.actions.PacketHandling; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.actions.packet.handling.Deny; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.actions.packet.handling.Permit; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.Accept; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.Ace; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.Actions; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.L3; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv4; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv4Builder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv6; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv6Builder; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Prefix; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Prefix; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv4.header.fields.SourceNetwork; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv4.header.fields.source.network.SourceIpv4Network; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv4.header.fields.source.network.SourceIpv4NetworkBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv6.header.fields.source.network.SourceIpv6Network; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv6.header.fields.source.network.SourceIpv6NetworkBuilder; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.VppMacipAceEthHeaderFields; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.VppMacipAceIpv4HeaderFields; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.VppMacipAceIpv6HeaderFields; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.VppMacipAce; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.macip.ace.VppMacipAceNodes; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.macip.ace.vpp.macip.ace.nodes.AceIpVersion; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.macip.ace.vpp.macip.ace.nodes.ace.ip.version.AceIpv4Builder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.macip.ace.vpp.macip.ace.nodes.ace.ip.version.AceIpv6; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.macip.ace.vpp.macip.ace.nodes.ace.ip.version.AceIpv6Builder; public interface MacIpAceDataExtractor extends AddressExtractor, MacTranslator { - default VppMacipAce fromMacIpAce(@Nonnull final Ace ace) { - return Optional.ofNullable(ace.getMatches()) - .map(Matches::getAceType) - .map(VppMacipAce.class::cast) - .orElseThrow( - () -> new IllegalArgumentException(String.format("Unable to create VppMacipAce from %s", ace))); - } - - default boolean macIpIsIpv6(@Nonnull final VppMacipAce ace) { - return Optional.ofNullable(ace.getVppMacipAceNodes()) - .map(VppMacipAceNodes::getAceIpVersion) - .map(aceIpVersion -> aceIpVersion instanceof AceIpv6) - .orElse(false); - } - - default byte[] sourceMacAsBytes(@Nonnull final VppMacipAce ace) { - return macToByteArray(Optional.ofNullable(ace.getVppMacipAceNodes()) - .map(VppMacipAceEthHeaderFields::getSourceMacAddress) + default byte[] sourceMacAsBytes(final MacAddress mac) { + return macToByteArray(Optional.ofNullable(mac) .map(MacAddress::getValue) .orElse(Impl.DEFAULT_MAC)); } - default byte[] sourceMacMaskAsBytes(@Nonnull final VppMacipAce ace) { - return macToByteArray(Optional.ofNullable(ace.getVppMacipAceNodes()) - .map(VppMacipAceEthHeaderFields::getSourceMacAddressMask) + default byte[] sourceMacMaskAsBytes(final MacAddress mac) { + return macToByteArray(Optional.ofNullable(mac) .map(MacAddress::getValue) .orElse(Impl.DEFAULT_MAC_MASK)); } - default byte[] ipv4Address(@Nonnull final VppMacipAce ace) { - return extractIp4Address(extractV4NetworkAddressOrNull(ace)); + default byte[] ipv4Address(@Nonnull final SourceNetwork network) { + return extractIp4Address(extractV4NetworkAddressOrNull(network)); } - default byte ipv4AddressPrefix(@Nonnull final VppMacipAce ace) { - return extractIp4AddressPrefix(extractV4NetworkAddressOrNull(ace)); + default byte ipv4AddressPrefix(@Nonnull final SourceNetwork network) { + return extractIp4AddressPrefix(extractV4NetworkAddressOrNull(network)); } - static Ipv4Prefix extractV4NetworkAddressOrNull(final @Nonnull VppMacipAce ace) { - return Optional.ofNullable(ace.getVppMacipAceNodes()) - .map(VppMacipAceNodes::getAceIpVersion) - .map(VppMacipAceIpv4HeaderFields.class::cast) - .map(VppMacipAceIpv4HeaderFields::getSourceIpv4Network) + static Ipv4Prefix extractV4NetworkAddressOrNull(final @Nonnull SourceNetwork network) { + return Optional.of(network).filter(net -> net instanceof SourceIpv4Network) + .map(SourceIpv4Network.class::cast) + .map(SourceIpv4Network::getSourceIpv4Network) .orElse(null); } - default byte[] ipv6Address(@Nonnull final VppMacipAce ace) { - return extractIp6Address(extractV6NetworkAddressOrNull(ace)); + default byte[] ipv6Address( + @Nonnull final org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv6.header.fields.SourceNetwork network) { + return extractIp6Address(extractV6NetworkAddressOrNull(network)); } - default byte ipv6AddressPrefix(@Nonnull final VppMacipAce ace) { - return extractIp6AddressPrefix(extractV6NetworkAddressOrNull(ace)); + default byte ipv6AddressPrefix( + @Nonnull final org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv6.header.fields.SourceNetwork network) { + return extractIp6AddressPrefix(extractV6NetworkAddressOrNull(network)); } - default Ipv6Prefix extractV6NetworkAddressOrNull(@Nonnull final VppMacipAce ace) { - return Optional.ofNullable(ace.getVppMacipAceNodes()) - .map(VppMacipAceNodes::getAceIpVersion) - .map(VppMacipAceIpv6HeaderFields.class::cast) - .map(VppMacipAceIpv6HeaderFields::getSourceIpv6Network) + default Ipv6Prefix extractV6NetworkAddressOrNull( + @Nonnull final org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv6.header.fields.SourceNetwork network) { + return Optional.of(network).filter(net -> net instanceof SourceIpv6Network) + .map(SourceIpv6Network.class::cast) + .map(SourceIpv6Network::getSourceIpv6Network) .orElse(null); } @@ -107,41 +90,54 @@ public interface MacIpAceDataExtractor extends AddressExtractor, MacTranslator { */ default byte macIpAction(@Nonnull final Ace ace) { // action choice itself has default, but nothing stops us from not defining actions container itself - final PacketHandling action = Optional.ofNullable(ace.getActions()).orElseThrow( - () -> new IllegalArgumentException(String.format("Unable to extract Action from %s", ace))) - .getPacketHandling(); - if (action instanceof Permit) { - return 1; - } else if (action instanceof Deny) { - return 0; + Actions actions = Optional.ofNullable(ace.getActions()).orElseThrow( + () -> new IllegalArgumentException(String.format("Unable to extract Action from %s", ace))); + if (actions.getForwarding() != null) { + if (ace.getActions().getForwarding().equals(Accept.class)) { + return 1; + } else { + return 0; + } } else { throw new IllegalArgumentException( - String.format("Unsupported packet-handling action %s for ACE %s", action, ace)); + String.format("Unsupported packet-handling action %s for ACE %s", actions, ace)); } } - default AceIpVersion ipVersion(@Nonnull final MacipAclRule rule) { + default L3 parseMacIpAceL3(@Nonnull final MacipAclRule rule) { if (rule.isIpv6 == 0) { - return ip4Ace(rule); + return ip4L3(rule); } else { - return ip6Ace(rule); + return ip6L3(rule); } } - default AceIpVersion ip4Ace(@Nonnull final MacipAclRule rule) { - final AceIpv4Builder ipVersion = new AceIpv4Builder(); + default Ipv4 ip4L3(@Nonnull final MacipAclRule rule) { + final Ipv4Builder ipv4Builder = new Ipv4Builder(); + if (rule.srcIpAddr != null && rule.srcIpAddr.length != 0) { - ipVersion.setSourceIpv4Network(toIpv4Prefix(truncateIp4Array(rule.srcIpAddr), rule.srcIpPrefixLen)); + ipv4Builder.setIpv4( + new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.ipv4.Ipv4Builder() + .setSourceNetwork(new SourceIpv4NetworkBuilder() + .setSourceIpv4Network( + toIpv4Prefix(truncateIp4Array(rule.srcIpAddr), rule.srcIpPrefixLen)) + .build()) + .build()); } - return ipVersion.build(); + return ipv4Builder.build(); } - default AceIpVersion ip6Ace(@Nonnull final MacipAclRule rule) { - final AceIpv6Builder ipVersion = new AceIpv6Builder(); + default Ipv6 ip6L3(@Nonnull final MacipAclRule rule) { + final Ipv6Builder ipv6Builder = new Ipv6Builder(); if (rule.srcIpAddr != null && rule.srcIpAddr.length != 0) { - ipVersion.setSourceIpv6Network(toIpv6Prefix(rule.srcIpAddr, rule.srcIpPrefixLen)); + ipv6Builder.setIpv6( + new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.ipv6.Ipv6Builder() + .setSourceNetwork(new SourceIpv6NetworkBuilder() + .setSourceIpv6Network(toIpv6Prefix(rule.srcIpAddr, rule.srcIpPrefixLen)) + .build()) + .build()); } - return ipVersion.build(); + return ipv6Builder.build(); } default MacAddress sourceMac(@Nonnull final MacipAclRule rule) { diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/extractor/StandardAceDataExtractor.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/extractor/StandardAceDataExtractor.java index 8f463aef5..9f454fd38 100644 --- a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/extractor/StandardAceDataExtractor.java +++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/extractor/StandardAceDataExtractor.java @@ -24,147 +24,148 @@ import java.util.Map; import java.util.Optional; import javax.annotation.Nonnull; import javax.annotation.Nullable; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.Ace; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.Actions; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.ActionsBuilder; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.Matches; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.actions.PacketHandling; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.actions.packet.handling.Deny; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.actions.packet.handling.DenyBuilder; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.actions.packet.handling.Permit; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.actions.packet.handling.PermitBuilder; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.AcceptAndReflect; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.Accept; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.Drop; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.ForwardingAction; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.Reject; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.Ace; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.Actions; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.ActionsBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.Matches; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.L3; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv4; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv4Builder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv6; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv6Builder; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Prefix; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Prefix; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.AclIpv4HeaderFields; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.AclIpv6HeaderFields; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.AclIpProtocolHeaderFields; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.actions.packet.handling.Stateful; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.actions.packet.handling.StatefulBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.VppAce; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.ace.VppAceNodes; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.ace.vpp.ace.nodes.AceIpVersion; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.ace.vpp.ace.nodes.ace.ip.version.AceIpv4Builder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.ace.vpp.ace.nodes.ace.ip.version.AceIpv6; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.ace.vpp.ace.nodes.ace.ip.version.AceIpv6Builder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.IcmpV6; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.AclIpv4HeaderFields; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.AclIpv6HeaderFields; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv4.header.fields.destination.network.DestinationIpv4Network; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv4.header.fields.destination.network.DestinationIpv4NetworkBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv4.header.fields.source.network.SourceIpv4Network; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv4.header.fields.source.network.SourceIpv4NetworkBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv6.header.fields.destination.network.DestinationIpv6Network; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv6.header.fields.destination.network.DestinationIpv6NetworkBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv6.header.fields.source.network.SourceIpv6Network; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.acl.ipv6.header.fields.source.network.SourceIpv6NetworkBuilder; public interface StandardAceDataExtractor extends AddressExtractor, ProtoPreBindRuleProducer, IpProtocolReader { /** * Allowed packet-processing actions for Acl's */ - Map<Class<? extends PacketHandling>, Integer> ACTION_VALUE_PAIRS = ImmutableMap.of(Deny.class, 0, Permit.class, 1, - Stateful.class, 2); - - default VppAce fromStandardAce(@Nonnull final Ace ace) { - return Optional.ofNullable(ace.getMatches()) - .map(Matches::getAceType) - .map(VppAce.class::cast) - .orElseThrow(() -> new IllegalArgumentException(String.format("Unable to create VppAce from %s", ace))); - } - - default boolean standardIsIpv6(@Nonnull final VppAce ace, @Nullable final Matches matches) { - final Optional<AceIpVersion> aceIpVersion = Optional.ofNullable(matches) - .map(Matches::getAceType) - .map(VppAce.class::cast) - .map(VppAce::getVppAceNodes) - .map(VppAceNodes::getAceIpVersion); - - // tries to detect version by ace-ip-version - if(aceIpVersion.isPresent()){ - return aceIpVersion - .map(version -> version instanceof AceIpv6) - .orElse(false); - } + Map<Class<? extends ForwardingAction>, Integer> ACTION_VALUE_PAIRS = + ImmutableMap.of(Drop.class, 0, Reject.class, 0, Accept.class, 1, AcceptAndReflect.class, 2); - // otherwise goes by ip-protocol - return Optional.ofNullable(ace.getVppAceNodes()) - .map(AclIpProtocolHeaderFields::getIpProtocol) - .map(ipProtocol -> ipProtocol instanceof IcmpV6) - .orElse(false); + default boolean standardIsIpv6(@Nullable final Matches matches) { + return Optional.ofNullable(matches) + .map(Matches::getL3) + .filter(l3 -> l3.getImplementedInterface().equals(Ipv6.class)) + .map(Ipv6.class::cast) + .map(Ipv6::getIpv6) + .isPresent(); } - default byte[] ipv4SourceAddress(@Nonnull final VppAce ace) { - return extractIp4Address( - extractV4SourceAddressOrNull(ace)); + default byte[] ipv4SourceAddress(@Nonnull final Matches matches) { + return extractIp4Address(extractV4SourceAddressOrNull(matches)); } - default byte ipv4SourceAddressPrefix(@Nonnull final VppAce ace) { - return extractIp4AddressPrefix( - extractV4SourceAddressOrNull(ace)); + default byte ipv4SourceAddressPrefix(@Nonnull final Matches matches) { + return extractIp4AddressPrefix(extractV4SourceAddressOrNull(matches)); } - static Ipv4Prefix extractV4SourceAddressOrNull(@Nonnull final VppAce ace) { - return Optional.ofNullable(ace.getVppAceNodes()) - .map(VppAceNodes::getAceIpVersion) - .map(AclIpv4HeaderFields.class::cast) - .map(AclIpv4HeaderFields::getSourceIpv4Network) + static Ipv4Prefix extractV4SourceAddressOrNull(@Nonnull final Matches matches) { + return getIpv4Optional(matches) + .map(AclIpv4HeaderFields::getSourceNetwork) + .filter(network -> network instanceof SourceIpv4Network) + .map(SourceIpv4Network.class::cast) + .map(SourceIpv4Network::getSourceIpv4Network) .orElse(null); } - default byte[] ipv4DestinationAddress(@Nonnull final VppAce ace) { - return extractIp4Address(extractV4DestinationAddressOrNull(ace)); + default byte[] ipv4DestinationAddress(@Nonnull final Matches matches) { + return extractIp4Address(extractV4DestinationAddressOrNull(matches)); } - default byte ipv4DestinationAddressPrefix(@Nonnull final VppAce ace) { - return extractIp4AddressPrefix(extractV4DestinationAddressOrNull(ace)); + default byte ipv4DestinationAddressPrefix(@Nonnull final Matches matches) { + return extractIp4AddressPrefix(extractV4DestinationAddressOrNull(matches)); } - static Ipv4Prefix extractV4DestinationAddressOrNull(@Nonnull final VppAce ace) { - return Optional.ofNullable(ace.getVppAceNodes()) - .map(VppAceNodes::getAceIpVersion) - .map(AclIpv4HeaderFields.class::cast) - .map(AclIpv4HeaderFields::getDestinationIpv4Network) + static Ipv4Prefix extractV4DestinationAddressOrNull(@Nonnull final Matches matches) { + return getIpv4Optional(matches) + .map(AclIpv4HeaderFields::getDestinationNetwork) + .filter(destinationNetwork -> destinationNetwork instanceof DestinationIpv4Network) + .map(DestinationIpv4Network.class::cast) + .map(DestinationIpv4Network::getDestinationIpv4Network) .orElse(null); } - default byte[] ipv6SourceAddress(@Nonnull final VppAce ace) { - return extractIp6Address(extractV6SourceAddressOrNull(ace)); + static Optional<org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.ipv4.Ipv4> getIpv4Optional( + @Nonnull final Matches matches) { + return Optional.ofNullable(matches.getL3()) + .filter(l3 -> l3.getImplementedInterface().equals(Ipv4.class)) + .map(Ipv4.class::cast) + .map(Ipv4::getIpv4); + } + + default byte[] ipv6SourceAddress(@Nonnull final Matches matches) { + return extractIp6Address(extractV6SourceAddressOrNull(matches)); } - default byte ipv6SourceAddressPrefix(@Nonnull final VppAce ace) { - return extractIp6AddressPrefix(extractV6SourceAddressOrNull(ace)); + default byte ipv6SourceAddressPrefix(@Nonnull final Matches matches) { + return extractIp6AddressPrefix(extractV6SourceAddressOrNull(matches)); } - static Ipv6Prefix extractV6SourceAddressOrNull(@Nonnull final VppAce ace) { - return Optional.ofNullable(ace.getVppAceNodes()) - .map(VppAceNodes::getAceIpVersion) - .map(AclIpv6HeaderFields.class::cast) - .map(AclIpv6HeaderFields::getSourceIpv6Network) + static Ipv6Prefix extractV6SourceAddressOrNull(@Nonnull final Matches matches) { + return getIpv6Optional(matches) + .map(AclIpv6HeaderFields::getSourceNetwork) + .filter(sourceNetwork -> sourceNetwork instanceof SourceIpv6Network) + .map(SourceIpv6Network.class::cast) + .map(SourceIpv6Network::getSourceIpv6Network) .orElse(null); } - default byte[] ipv6DestinationAddress(@Nonnull final VppAce ace) { - return extractIp6Address(extractV6DestinationAddressOrNull(ace)); + default byte[] ipv6DestinationAddress(@Nonnull final Matches matches) { + return extractIp6Address(extractV6DestinationAddressOrNull(matches)); } - default byte ipv6DestinationAddressPrefix(@Nonnull final VppAce ace) { - return extractIp6AddressPrefix(extractV6DestinationAddressOrNull(ace)); + default byte ipv6DestinationAddressPrefix(@Nonnull final Matches matches) { + return extractIp6AddressPrefix(extractV6DestinationAddressOrNull(matches)); } - static Ipv6Prefix extractV6DestinationAddressOrNull(@Nonnull final VppAce ace) { - return Optional.ofNullable(ace.getVppAceNodes()) - .map(VppAceNodes::getAceIpVersion) - .map(AclIpv6HeaderFields.class::cast) - .map(AclIpv6HeaderFields::getDestinationIpv6Network) + static Ipv6Prefix extractV6DestinationAddressOrNull(@Nonnull final Matches matches) { + return getIpv6Optional(matches) + .map(AclIpv6HeaderFields::getDestinationNetwork) + .filter(destinationNetwork -> destinationNetwork instanceof DestinationIpv6Network) + .map(DestinationIpv6Network.class::cast) + .map(DestinationIpv6Network::getDestinationIpv6Network) .orElse(null); } + static Optional<org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.ipv6.Ipv6> getIpv6Optional( + @Nonnull final Matches matches) { + return Optional.ofNullable(matches.getL3()) + .filter(l3 -> l3.getImplementedInterface().equals(Ipv6.class)) + .map(Ipv6.class::cast) + .map(Ipv6::getIpv6); + } + default byte standardAction(@Nonnull final Ace ace) { - // default == deny - final PacketHandling action = Optional.ofNullable(ace.getActions()) + Class<? extends ForwardingAction> forwarding = Optional.ofNullable(ace.getActions()) .orElseThrow(() -> new IllegalArgumentException(String.format("Unable to extract Action from %s", ace))) - .getPacketHandling(); + .getForwarding(); return ACTION_VALUE_PAIRS.get(ACTION_VALUE_PAIRS.keySet().stream() - .filter(aClass -> aClass.isInstance(action)) + .filter(aClass -> aClass.equals(forwarding)) .findAny() .orElseThrow(() -> new IllegalArgumentException( - String.format("Unsupported packet-handling action %s for ACE %s", action, - ace.getRuleName())))).byteValue(); + String.format("Unsupported packet-handling action %s for ACE %s", forwarding, + ace.getName())))).byteValue(); } - default AceIpVersion ipVersion(@Nonnull final AclRule rule) { + default L3 parseStandardAceL3(@Nonnull final AclRule rule) { if (rule.isIpv6 == 0) { return ip4Ace(rule); } else { @@ -172,40 +173,55 @@ public interface StandardAceDataExtractor extends AddressExtractor, ProtoPreBind } } - default AceIpVersion ip4Ace(@Nonnull final AclRule rule) { - final AceIpv4Builder ipVersion = new AceIpv4Builder(); + default org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv4 ip4Ace( + @Nonnull final AclRule rule) { + Ipv4Builder ipv4Builder = new Ipv4Builder(); + org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.ipv4.Ipv4Builder + ip4Builder = + new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.ipv4.Ipv4Builder(); if (rule.srcIpAddr != null && rule.srcIpAddr.length != 0) { - ipVersion.setSourceIpv4Network(toIpv4Prefix(truncateIp4Array(rule.srcIpAddr), rule.srcIpPrefixLen)); + ip4Builder.setSourceNetwork(new SourceIpv4NetworkBuilder() + .setSourceIpv4Network(toIpv4Prefix(truncateIp4Array(rule.srcIpAddr), rule.srcIpPrefixLen)) + .build()); } if (rule.dstIpAddr != null && rule.dstIpAddr.length != 0) { - ipVersion.setDestinationIpv4Network(toIpv4Prefix(truncateIp4Array(rule.dstIpAddr), rule.dstIpPrefixLen)); + ip4Builder.setDestinationNetwork(new DestinationIpv4NetworkBuilder() + .setDestinationIpv4Network(toIpv4Prefix(truncateIp4Array(rule.dstIpAddr), rule.dstIpPrefixLen)) + .build()); } - return ipVersion.build(); + return ipv4Builder.setIpv4(ip4Builder.build()).build(); } - default AceIpVersion ip6Ace(@Nonnull final AclRule rule) { - final AceIpv6Builder ipVersion = new AceIpv6Builder(); + default org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv6 ip6Ace( + @Nonnull final AclRule rule) { + Ipv6Builder ipv6Builder = new Ipv6Builder(); + org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.ipv6.Ipv6Builder + ip6Builder = + new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.ipv6.Ipv6Builder(); + if (rule.srcIpAddr != null && rule.srcIpAddr.length != 0) { - ipVersion.setSourceIpv6Network(toIpv6Prefix(rule.srcIpAddr, rule.srcIpPrefixLen)); + ip6Builder.setSourceNetwork(new SourceIpv6NetworkBuilder() + .setSourceIpv6Network(toIpv6Prefix(rule.srcIpAddr, rule.srcIpPrefixLen)) + .build()); } if (rule.dstIpAddr != null && rule.dstIpAddr.length != 0) { - ipVersion.setDestinationIpv6Network(toIpv6Prefix(rule.dstIpAddr, rule.dstIpPrefixLen)); + ip6Builder.setDestinationNetwork(new DestinationIpv6NetworkBuilder() + .setDestinationIpv6Network(toIpv6Prefix(rule.dstIpAddr, rule.dstIpPrefixLen)) + .build()); } - return ipVersion.build(); + return ipv6Builder.setIpv6(ip6Builder.build()).build(); } default Actions actions(final byte isPermit) { final ActionsBuilder actions = new ActionsBuilder(); switch (isPermit) { case 0: - actions.setPacketHandling(new DenyBuilder().setDeny(true).build()); + actions.setForwarding(Drop.class); break; case 1: - actions.setPacketHandling(new PermitBuilder().setPermit(true).build()); - break; - case 2: - actions.setPacketHandling(new StatefulBuilder().setPermitAndReflect(true).build()); + actions.setForwarding(Accept.class); break; + default: throw new IllegalArgumentException("Unsupported action: " + isPermit); } |