diff options
Diffstat (limited to 'acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol')
-rw-r--r-- | acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/IpProtocolReader.java | 176 | ||||
-rw-r--r-- | acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java | 285 |
2 files changed, 265 insertions, 196 deletions
diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/IpProtocolReader.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/IpProtocolReader.java index 9c8b99b45..3207ecd4b 100644 --- a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/IpProtocolReader.java +++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/IpProtocolReader.java @@ -21,40 +21,42 @@ import static io.fd.hc2vpp.acl.util.protocol.ProtoPreBindRuleProducer.ICMP_INDEX import static io.fd.hc2vpp.acl.util.protocol.ProtoPreBindRuleProducer.TCP_INDEX; import static io.fd.hc2vpp.acl.util.protocol.ProtoPreBindRuleProducer.UDP_INDEX; +import com.google.common.annotations.VisibleForTesting; import io.fd.vpp.jvpp.acl.types.AclRule; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.VppIcmpAceAugmentation; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.VppIcmpAceAugmentationBuilder; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.VppTcpAceAugmentation; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.VppTcpAceAugmentationBuilder; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.acl.icmp.header.fields.IcmpCodeRange; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.acl.icmp.header.fields.IcmpCodeRangeBuilder; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.acl.icmp.header.fields.IcmpTypeRange; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.acl.icmp.header.fields.IcmpTypeRangeBuilder; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.acls.acl.aces.ace.matches.l4.icmp.icmp.VppIcmpAceBuilder; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.acls.acl.aces.ace.matches.l4.tcp.tcp.VppTcpAceBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.L4; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.Icmp; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.IcmpBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.Tcp; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.TcpBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.Udp; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.UdpBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.tcp.tcp.DestinationPortBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.tcp.tcp.SourcePortBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.tcp.tcp.source.port.source.port.RangeOrOperatorBuilder; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.acl.transport.header.fields.DestinationPortRange; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.acl.transport.header.fields.DestinationPortRangeBuilder; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.acl.transport.header.fields.SourcePortRange; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.acl.transport.header.fields.SourcePortRangeBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.icmp.header.fields.IcmpCodeRange; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.icmp.header.fields.IcmpCodeRangeBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.icmp.header.fields.IcmpTypeRange; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.icmp.header.fields.IcmpTypeRangeBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.IpProtocol; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.Icmp; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.IcmpBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.IcmpV6; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.IcmpV6Builder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.Other; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.OtherBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.Tcp; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.TcpBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.Udp; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.UdpBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.icmp.IcmpNodesBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.icmp.v6.IcmpV6NodesBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.other.OtherNodesBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.tcp.TcpNodesBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.udp.UdpNodesBuilder; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.AclTcpHeaderFields; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.port.range.or.operator.PortRangeOrOperator; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.port.range.or.operator.port.range.or.operator.Range; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.port.range.or.operator.port.range.or.operator.RangeBuilder; /** * Utility for parsing IpProtocol DO based on data returned by vpp as {@link AclRule}. */ public interface IpProtocolReader { - default IpProtocol parseProtocol(final AclRule rule) { + default L4 parseProtocol(final AclRule rule) { switch (rule.proto) { + case ICMPV6_INDEX: case ICMP_INDEX: { return Impl.parseIcmp(rule); } @@ -66,14 +68,8 @@ public interface IpProtocolReader { case UDP_INDEX: { return Impl.parseUdp(rule); } - - case ICMPV6_INDEX: { - return Impl.parseIcmp6(rule); - } - default: { - return Impl.parse(rule); - } } + return null; } class Impl { @@ -91,51 +87,107 @@ public interface IpProtocolReader { } private static Icmp parseIcmp(final AclRule rule) { - final IcmpNodesBuilder nodes = new IcmpNodesBuilder(); - nodes.setIcmpCodeRange(parseIcmpCodeRange(rule)); - nodes.setIcmpTypeRange(parseIcmpTypeRange(rule)); - return new IcmpBuilder().setIcmpNodes(nodes.build()).build(); + return new IcmpBuilder().setIcmp( + new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.icmp.IcmpBuilder() + .addAugmentation(VppIcmpAceAugmentation.class, + new VppIcmpAceAugmentationBuilder() + .setVppIcmpAce(new VppIcmpAceBuilder() + .setIcmpCodeRange(parseIcmpCodeRange(rule)) + .setIcmpTypeRange(parseIcmpTypeRange(rule)) + .build()) + .build()) + .build()) + .build(); } - private static DestinationPortRange parseDstPortRange(final AclRule rule) { - return new DestinationPortRangeBuilder() - .setLowerPort(new PortNumber(Short.toUnsignedInt(rule.dstportOrIcmpcodeFirst))) - .setUpperPort(new PortNumber(Short.toUnsignedInt(rule.dstportOrIcmpcodeLast))).build(); + private static PortRangeOrOperator parseDstPortRange(final AclRule rule) { + return new RangeBuilder() + .setLowerPort(new PortNumber(Short.toUnsignedInt(rule.dstportOrIcmpcodeFirst))) + .setUpperPort(new PortNumber(Short.toUnsignedInt(rule.dstportOrIcmpcodeLast))).build(); } - private static SourcePortRange parseSrcPortRange(final AclRule rule) { - return new SourcePortRangeBuilder() + private static Range parseSrcPortRange(final AclRule rule) { + return new RangeBuilder() .setLowerPort(new PortNumber(Short.toUnsignedInt(rule.srcportOrIcmptypeFirst))) .setUpperPort(new PortNumber(Short.toUnsignedInt(rule.srcportOrIcmptypeLast))).build(); } private static Tcp parseTcp(final AclRule rule) { - final TcpNodesBuilder nodes = new TcpNodesBuilder(); - nodes.setDestinationPortRange(parseDstPortRange(rule)); - nodes.setSourcePortRange(parseSrcPortRange(rule)); - nodes.setTcpFlagsMask((short) Byte.toUnsignedInt(rule.tcpFlagsMask)); - nodes.setTcpFlagsValue((short) Byte.toUnsignedInt(rule.tcpFlagsValue)); - return new TcpBuilder().setTcpNodes(nodes.build()).build(); + return new TcpBuilder().setTcp( + new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.tcp.TcpBuilder() + .setFlags(parseTcpFlags((short) Byte.toUnsignedInt(rule.tcpFlagsValue))) + .addAugmentation(VppTcpAceAugmentation.class, new VppTcpAceAugmentationBuilder() + .setVppTcpAce(new VppTcpAceBuilder() + .setFlagsMask( + parseTcpFlagsMask((short) Byte.toUnsignedInt(rule.tcpFlagsMask))) + .build()) + .build()) + .setSourcePort(new SourcePortBuilder() + .setSourcePort(new RangeOrOperatorBuilder() + .setPortRangeOrOperator(parseSrcPortRange(rule)) + .build()) + .build()) + .setDestinationPort(new DestinationPortBuilder() + .setDestinationPort( + new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.tcp.tcp.destination.port.destination.port.RangeOrOperatorBuilder() + .setPortRangeOrOperator(parseDstPortRange(rule)) + .build()) + .build()) + .build()) + .build(); } - private static Udp parseUdp(final AclRule rule) { - final UdpNodesBuilder nodes = new UdpNodesBuilder(); - nodes.setDestinationPortRange(parseDstPortRange(rule)); - nodes.setSourcePortRange(parseSrcPortRange(rule)); - return new UdpBuilder().setUdpNodes(nodes.build()).build(); + @VisibleForTesting + private static org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.AclTcpHeaderFields.FlagsMask parseTcpFlagsMask( + final short tcpFlagsMask) { + // Flags from bit on position 1 to 8 + final Boolean cwr = (tcpFlagsMask & 0b00000001) == 1; + final Boolean ece = (tcpFlagsMask & 0b00000010) >> 1 == 1; + final Boolean urg = (tcpFlagsMask & 0b00000100) >> 2 == 1; + final Boolean ack = (tcpFlagsMask & 0b00001000) >> 3 == 1; + final Boolean psh = (tcpFlagsMask & 0b00010000) >> 4 == 1; + final Boolean rst = (tcpFlagsMask & 0b00100000) >> 5 == 1; + final Boolean syn = (tcpFlagsMask & 0b01000000) >> 6 == 1; + final Boolean fin = (tcpFlagsMask & 0b10000000) >> 7 == 1; + + return new org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.AclTcpHeaderFields.FlagsMask( + ack, cwr, ece, fin, psh, rst, syn, urg); } - private static IcmpV6 parseIcmp6(final AclRule rule) { - final IcmpV6NodesBuilder nodes = new IcmpV6NodesBuilder(); - nodes.setIcmpCodeRange(parseIcmpCodeRange(rule)); - nodes.setIcmpTypeRange(parseIcmpTypeRange(rule)); - return new IcmpV6Builder().setIcmpV6Nodes(nodes.build()).build(); + @VisibleForTesting + private static AclTcpHeaderFields.Flags parseTcpFlags(final short tcpFlagsValue) { + // Flags from bit on position 1 to 8 + final Boolean cwr = (tcpFlagsValue & 0b00000001) == 1; + final Boolean ece = (tcpFlagsValue & 0b00000010) >> 1 == 1; + final Boolean urg = (tcpFlagsValue & 0b00000100) >> 2 == 1; + final Boolean ack = (tcpFlagsValue & 0b00001000) >> 3 == 1; + final Boolean psh = (tcpFlagsValue & 0b00010000) >> 4 == 1; + final Boolean rst = (tcpFlagsValue & 0b00100000) >> 5 == 1; + final Boolean syn = (tcpFlagsValue & 0b01000000) >> 6 == 1; + final Boolean fin = (tcpFlagsValue & 0b10000000) >> 7 == 1; + + return new AclTcpHeaderFields.Flags(ack, cwr, ece, fin, psh, rst, syn, urg); } - private static Other parse(final AclRule rule) { - final OtherNodesBuilder nodes = new OtherNodesBuilder(); - nodes.setProtocol((short) Short.toUnsignedInt(rule.proto)); - return new OtherBuilder().setOtherNodes(nodes.build()).build(); + private static Udp parseUdp(final AclRule rule) { + return new UdpBuilder().setUdp( + new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.udp.UdpBuilder() + .setSourcePort( + new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.udp.udp.SourcePortBuilder() + .setSourcePort( + new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.udp.udp.source.port.source.port.RangeOrOperatorBuilder() + .setPortRangeOrOperator(parseSrcPortRange(rule)) + .build()) + .build()) + .setDestinationPort( + new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.udp.udp.DestinationPortBuilder() + .setDestinationPort( + new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.udp.udp.destination.port.destination.port.RangeOrOperatorBuilder() + .setPortRangeOrOperator(parseDstPortRange(rule)) + .build()) + .build()) + .build()) + .build(); } } } diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java index 582da0357..3ca18d6e6 100644 --- a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java +++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java @@ -16,31 +16,27 @@ package io.fd.hc2vpp.acl.util.protocol; -import static com.google.common.base.Preconditions.checkArgument; -import static io.fd.hc2vpp.acl.util.protocol.ProtoPreBindRuleProducer.ProtocolPair.pair; - -import com.google.common.collect.ImmutableSet; +import com.google.common.base.Preconditions; import io.fd.vpp.jvpp.acl.types.AclRule; -import java.util.Optional; -import java.util.Set; import javax.annotation.Nonnull; import javax.annotation.Nullable; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.ValueRange; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.VppIcmpAceAugmentation; +import org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.VppTcpAceAugmentation; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.Ace; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.L4; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l3.Ipv6; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.icmp.Icmp; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.tcp.Tcp; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.tcp.tcp.destination.port.DestinationPort; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.tcp.tcp.source.port.SourcePort; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.tcp.tcp.source.port.source.port.RangeOrOperator; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.udp.Udp; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.acl.transport.header.fields.DestinationPortRange; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.acl.transport.header.fields.SourcePortRange; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.ValueRange; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.VppAce; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.ace.VppAceNodes; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.IpProtocol; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.Icmp; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.IcmpV6; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.Other; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.Tcp; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.Udp; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.icmp.IcmpNodes; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.icmp.v6.IcmpV6Nodes; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.tcp.TcpNodes; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev170615.acl.ip.protocol.header.fields.ip.protocol.udp.UdpNodes; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.AclTcpHeaderFields; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.port.range.or.operator.PortRangeOrOperator; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev181001.port.range.or.operator.port.range.or.operator.Range; +import org.opendaylight.yangtools.yang.binding.DataContainer; /** * Creates ACL rules pre-bind with protocol-related fields.<br> @@ -53,89 +49,41 @@ public interface ProtoPreBindRuleProducer { int TCP_INDEX = 6; int UDP_INDEX = 17; int ICMPV6_INDEX = 58; - short MAX_PORT_NUMBER = (short)65535; - - Set<ProtocolPair> PROTOCOL_PAIRS = ImmutableSet.of(pair(Icmp.class, ICMP_INDEX), pair(Tcp.class, TCP_INDEX), - pair(Udp.class, UDP_INDEX), pair(IcmpV6.class, ICMPV6_INDEX)); - - class ProtocolPair { - private final Class<? extends IpProtocol> protocolClass; - private final int index; + short MAX_PORT_NUMBER = (short) 65535; - private ProtocolPair(final Class<? extends IpProtocol> protocolClass, final int index) { - this.protocolClass = protocolClass; - this.index = index; - } - - static ProtocolPair pair(@Nonnull final Class<? extends IpProtocol> protocolClass, @Nonnull final int index) { - return new ProtocolPair(protocolClass, index); - } + static AclRule bindIcmpVppFields(AclRule rule, Icmp icmp) { + VppIcmpAceAugmentation vppIcmp = icmp.augmentation(VppIcmpAceAugmentation.class); + Preconditions.checkNotNull(vppIcmp.getVppIcmpAce(), "Cannot determine VPP ICMP attributes!"); + final ValueRange typesRange = vppIcmp.getVppIcmpAce().getIcmpTypeRange(); + final ValueRange codesRange = vppIcmp.getVppIcmpAce().getIcmpCodeRange(); - boolean match(@Nonnull final Class<? extends IpProtocol> protocolClass) { - return this.protocolClass.isAssignableFrom(protocolClass); + if (typesRange != null) { + rule.srcportOrIcmptypeFirst = Preconditions.checkNotNull(typesRange.getFirst()); + rule.srcportOrIcmptypeLast = Preconditions.checkNotNull(typesRange.getLast()); } - int getIndex() { - return this.index; + if (codesRange != null) { + rule.dstportOrIcmpcodeFirst = Preconditions.checkNotNull(codesRange.getFirst()); + rule.dstportOrIcmpcodeLast = Preconditions.checkNotNull(codesRange.getLast()); } - } - - static byte protocol(final IpProtocol ipProtocol) { - final Optional<ProtocolPair> optPair = PROTOCOL_PAIRS.stream() - .filter(protocolPair -> protocolPair.match(ipProtocol.getClass())) - .findAny(); - - if (!optPair.isPresent()) { - if (Other.class.isAssignableFrom(ipProtocol.getClass())) { - return Other.class.cast(ipProtocol).getOtherNodes().getProtocol().byteValue(); - } - - throw new IllegalArgumentException(String.format("Unsupported Protocol Type %s", ipProtocol.getClass())); - } - return (byte) optPair.get().getIndex(); - } - - static AclRule bindIcmpNodes(AclRule rule, VppAce ace) { - final VppAceNodes vppAceNodes = ace.getVppAceNodes(); - checkArgument(vppAceNodes.getIpProtocol() instanceof Icmp); - final IcmpNodes icmp = Icmp.class.cast(vppAceNodes.getIpProtocol()).getIcmpNodes(); - final ValueRange typesRange = icmp.getIcmpTypeRange(); - final ValueRange codesRange = icmp.getIcmpCodeRange(); - - rule.srcportOrIcmptypeFirst = typesRange.getFirst(); - rule.srcportOrIcmptypeLast = typesRange.getLast(); - rule.dstportOrIcmpcodeFirst = codesRange.getFirst(); - rule.dstportOrIcmpcodeLast = codesRange.getLast(); return rule; } - static AclRule bindIcmpv6Nodes(AclRule rule, VppAce ace) { - final VppAceNodes vppAceNodes = ace.getVppAceNodes(); - checkArgument(vppAceNodes.getIpProtocol() instanceof IcmpV6); - final IcmpV6Nodes icmpV6 = IcmpV6.class.cast(vppAceNodes.getIpProtocol()).getIcmpV6Nodes(); - final ValueRange typesRange = icmpV6.getIcmpTypeRange(); - final ValueRange codesRange = icmpV6.getIcmpCodeRange(); - - rule.srcportOrIcmptypeFirst = typesRange.getFirst(); - rule.srcportOrIcmptypeLast = typesRange.getLast(); - rule.dstportOrIcmpcodeFirst = codesRange.getFirst(); - rule.dstportOrIcmpcodeLast = codesRange.getLast(); - - return rule; - } - - static void bindSourcePortRange(@Nonnull final AclRule rule, @Nullable final SourcePortRange sourcePortRange) { + static void bindSourcePortRange(@Nonnull final AclRule rule, @Nullable final PortRangeOrOperator sourcePortRange) { // allow all ports by default: rule.srcportOrIcmptypeFirst = 0; rule.srcportOrIcmptypeLast = MAX_PORT_NUMBER; - if(sourcePortRange != null) { + if (sourcePortRange != null) { // lower port is mandatory - rule.srcportOrIcmptypeFirst = portNumber(sourcePortRange.getLowerPort()); + Preconditions.checkArgument(sourcePortRange instanceof Range); + Range portRange = (Range) sourcePortRange; + Preconditions.checkNotNull(portRange.getLowerPort(), "Lower port is mandatory!"); + rule.srcportOrIcmptypeFirst = portNumber(portRange.getLowerPort()); - if (sourcePortRange.getUpperPort() != null) { - rule.srcportOrIcmptypeLast = portNumber(sourcePortRange.getUpperPort()); + if (portRange.getUpperPort() != null) { + rule.srcportOrIcmptypeLast = portNumber(portRange.getUpperPort()); } else { // if upper port is missing, set lower port value as end of checked range: rule.srcportOrIcmptypeLast = rule.srcportOrIcmptypeFirst; @@ -143,17 +91,21 @@ public interface ProtoPreBindRuleProducer { } } - static void bindDestinationPortRange(@Nonnull final AclRule rule, @Nullable final DestinationPortRange destinationPortRange) { + static void bindDestinationPortRange(@Nonnull final AclRule rule, + @Nullable final PortRangeOrOperator destinationPortRange) { // allow all ports by default: rule.dstportOrIcmpcodeFirst = 0; rule.dstportOrIcmpcodeLast = MAX_PORT_NUMBER; - if(destinationPortRange != null) { + if (destinationPortRange != null) { // lower port is mandatory - rule.dstportOrIcmpcodeFirst = portNumber(destinationPortRange.getLowerPort()); + Preconditions.checkArgument(destinationPortRange instanceof Range); + Range portRange = (Range) destinationPortRange; + Preconditions.checkNotNull(portRange.getLowerPort(), "Lower port is mandatory!"); + rule.dstportOrIcmpcodeFirst = portNumber(portRange.getLowerPort()); - if (destinationPortRange.getUpperPort() != null) { - rule.dstportOrIcmpcodeLast = portNumber(destinationPortRange.getUpperPort()); + if (portRange.getUpperPort() != null) { + rule.dstportOrIcmpcodeLast = portNumber(portRange.getUpperPort()); } else { // if upper port is missing, set lower port value as end of checked range: rule.dstportOrIcmpcodeLast = rule.dstportOrIcmpcodeFirst; @@ -161,30 +113,78 @@ public interface ProtoPreBindRuleProducer { } } - static AclRule bindTcpNodes(AclRule rule, VppAce ace) { - final VppAceNodes vppAceNodes = ace.getVppAceNodes(); - checkArgument(vppAceNodes.getIpProtocol() instanceof Tcp); + static AclRule bindTcpAttributes(AclRule rule, Tcp tcp) { + SourcePort srcPort = Preconditions.checkNotNull(tcp.getSourcePort()).getSourcePort(); + if (srcPort instanceof RangeOrOperator) { + bindSourcePortRange(rule, ((RangeOrOperator) srcPort).getPortRangeOrOperator()); + } - final TcpNodes tcp = Tcp.class.cast(vppAceNodes.getIpProtocol()).getTcpNodes(); - bindSourcePortRange(rule, tcp.getSourcePortRange()); - bindDestinationPortRange(rule, tcp.getDestinationPortRange()); + DestinationPort dstPort = Preconditions.checkNotNull(tcp.getDestinationPort()).getDestinationPort(); + if (dstPort instanceof org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.tcp.tcp.destination.port.destination.port.RangeOrOperator) { + bindDestinationPortRange(rule, + ((org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.tcp.tcp.destination.port.destination.port.RangeOrOperator) dstPort) + .getPortRangeOrOperator()); + } + AclTcpHeaderFields.Flags flags = tcp.getFlags(); - if(tcp.getTcpFlagsMask() != null) { - rule.tcpFlagsMask = tcp.getTcpFlagsMask().byteValue(); + if (flags != null) { + rule.tcpFlagsValue = parseTcpFlagsValue(flags); } - if(tcp.getTcpFlagsValue() != null) { - rule.tcpFlagsValue = tcp.getTcpFlagsValue().byteValue(); + + VppTcpAceAugmentation vppTcpAceAugmentation = tcp.augmentation(VppTcpAceAugmentation.class); + if (vppTcpAceAugmentation != null && vppTcpAceAugmentation.getVppTcpAce() != null && + vppTcpAceAugmentation.getVppTcpAce().getFlagsMask() != null) { + rule.tcpFlagsMask = parseTcpFlagsMask(vppTcpAceAugmentation.getVppTcpAce().getFlagsMask()); } + return rule; } - static AclRule bindUdpNodes(AclRule rule, VppAce ace) { - final VppAceNodes vppAceNodes = ace.getVppAceNodes(); - checkArgument(vppAceNodes.getIpProtocol() instanceof Udp); + static byte parseTcpFlagsValue(AclTcpHeaderFields.Flags flags) { + int fin = flags.isFin() ? 1 : 0; + int syn = flags.isSyn() ? 1 : 0; + int rst = flags.isRst() ? 1 : 0; + int psh = flags.isPsh() ? 1 : 0; + int ack = flags.isAck() ? 1 : 0; + int urg = flags.isUrg() ? 1 : 0; + int ece = flags.isEce() ? 1 : 0; + int cwr = flags.isCwr() ? 1 : 0; + String strFlags = String.format("%d%d%d%d%d%d%d%d", fin, syn, rst, psh, ack, urg, ece, cwr); + return Byte.parseByte(strFlags, 2); + } + + static byte parseTcpFlagsMask( + org.opendaylight.yang.gen.v1.http.fd.io.hc2vpp.yang.vpp.acl.rev181022.AclTcpHeaderFields.FlagsMask flags) { + int fin = flags.isFin() ? 1 : 0; + int syn = flags.isSyn() ? 1 : 0; + int rst = flags.isRst() ? 1 : 0; + int psh = flags.isPsh() ? 1 : 0; + int ack = flags.isAck() ? 1 : 0; + int urg = flags.isUrg() ? 1 : 0; + int ece = flags.isEce() ? 1 : 0; + int cwr = flags.isCwr() ? 1 : 0; + String strFlags = String.format("%d%d%d%d%d%d%d%d", fin, syn, rst, psh, ack, urg, ece, cwr); + return Byte.parseByte(strFlags, 2); + } + + static AclRule bindUdpAttributes(AclRule rule, Udp udp) { + org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.udp.udp.source.port.SourcePort + srcPort = Preconditions.checkNotNull(udp.getSourcePort()).getSourcePort(); + + if (srcPort instanceof org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.udp.udp.source.port.source.port.RangeOrOperator) { + bindSourcePortRange(rule, + ((org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.udp.udp.source.port.source.port.RangeOrOperator) srcPort) + .getPortRangeOrOperator()); + } + + org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.udp.udp.destination.port.DestinationPort + dstPort = Preconditions.checkNotNull(udp.getDestinationPort()).getDestinationPort(); - final UdpNodes udp = Udp.class.cast(vppAceNodes.getIpProtocol()).getUdpNodes(); - bindSourcePortRange(rule, udp.getSourcePortRange()); - bindDestinationPortRange(rule, udp.getDestinationPortRange()); + if (dstPort instanceof org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.udp.udp.destination.port.destination.port.RangeOrOperator) { + bindDestinationPortRange(rule, + ((org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.udp.udp.destination.port.destination.port.RangeOrOperator) dstPort) + .getPortRangeOrOperator()); + } return rule; } @@ -208,39 +208,56 @@ public interface ProtoPreBindRuleProducer { * @param vppAce rule to be processed * @return AclRule with protocol filled protocol fields */ - default AclRule createPreBindRule(@Nonnull final VppAce vppAce) { + default AclRule createPreBindRule(@Nonnull final Ace vppAce) { AclRule rule = new AclRule(); - - final IpProtocol ipProtocol = vppAce.getVppAceNodes().getIpProtocol(); - if (ipProtocol == null) { + L4 l4 = Preconditions.checkNotNull(vppAce.getMatches(), "Matches are not defined for ACE: {}!", vppAce).getL4(); + if (l4 == null) { // returns AclRule with rule.proto set to 0 (protocol fields will be ignored by vpp) return rule; } - rule.proto = protocol(ipProtocol); - - switch (rule.proto) { - case ICMP_INDEX: { - return bindIcmpNodes(rule, vppAce); - } - - case TCP_INDEX: { - return bindTcpNodes(rule, vppAce); - } - - case UDP_INDEX: { - return bindUdpNodes(rule, vppAce); - } + if (l4.getImplementedInterface() + .equals(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.Icmp.class)) { + return getIcmpAclRule(vppAce, rule, + (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.Icmp) l4); + } else if (l4.getImplementedInterface() + .equals(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.Tcp.class)) { + return getTcpAclRule(rule, + (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.Tcp) l4); + } else if (l4.getImplementedInterface() + .equals(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.Udp.class)) { + return getUdpAclRule(rule, + (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.Udp) l4); + } else { + return bindDefaultNodes(rule); + } + } - case ICMPV6_INDEX: { - return bindIcmpv6Nodes(rule, vppAce); - } - default: { - return bindDefaultNodes(rule); - } + default AclRule getIcmpAclRule(@Nonnull final Ace vppAce, final AclRule rule, + final org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.Icmp l4) { + if (vppAce.getMatches().getL3() == null) { + rule.proto = ICMP_INDEX; + } else { + Class<? extends DataContainer> ipVersion = vppAce.getMatches().getL3().getImplementedInterface(); + rule.proto = (byte) (ipVersion.equals(Ipv6.class) ? ICMPV6_INDEX : ICMP_INDEX); } + Icmp icmp = l4.getIcmp(); + return icmp != null ? bindIcmpVppFields(rule, icmp) : bindDefaultNodes(rule); } + default AclRule getUdpAclRule(final AclRule rule, + final org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.Udp l4) { + rule.proto = UDP_INDEX; + Udp udp = l4.getUdp(); + return udp != null ? bindUdpAttributes(rule, udp) : bindDefaultNodes(rule); + } + + default AclRule getTcpAclRule(final AclRule rule, + final org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev181001.acls.acl.aces.ace.matches.l4.Tcp l4) { + rule.proto = TCP_INDEX; + Tcp tcp = l4.getTcp(); + return tcp != null ? bindTcpAttributes(rule, tcp) : bindDefaultNodes(rule); + } } |