summaryrefslogtreecommitdiffstats
path: root/acl
diff options
context:
space:
mode:
Diffstat (limited to 'acl')
-rw-r--r--acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java2
-rw-r--r--acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java15
-rw-r--r--acl/acl-impl/src/test/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducerTest.java8
-rw-r--r--acl/acl-impl/src/test/resources/rules/no-protocol-rule.json23
4 files changed, 46 insertions, 2 deletions
diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java
index 3053fe96f..5293b5b28 100644
--- a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java
+++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java
@@ -75,7 +75,7 @@ public interface AceConverter extends MacIpAceDataExtractor, StandardAceDataExtr
.map(ace -> {
final VppAce standardAce = fromStandardAce(ace);
- // pre-bind rule with protocol based attributes
+ // pre-bind rule with protocol based attributes (if present)
AclRule rule = createPreBindRule(standardAce);
rule.isPermit = standardAction(ace);
diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java
index c1f9a40ff..f5de7e393 100644
--- a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java
+++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java
@@ -172,10 +172,23 @@ public interface ProtoPreBindRuleProducer {
return portNumber.getValue().shortValue();
}
+ /**
+ * Pre-bind rule with protocol based attributes (if present).
+ *
+ * @param vppAce rule to be processed
+ * @return AclRule with protocol filled protocol fields
+ */
default AclRule createPreBindRule(@Nonnull final VppAce vppAce) {
AclRule rule = new AclRule();
- rule.proto = protocol(vppAce.getVppAceNodes().getIpProtocol());
+
+ final IpProtocol ipProtocol = vppAce.getVppAceNodes().getIpProtocol();
+ if (ipProtocol == null) {
+ // returns AclRule with rule.proto set to 0 (protocol fields will be ignored by vpp)
+ return rule;
+ }
+
+ rule.proto = protocol(ipProtocol);
switch (rule.proto) {
case ICMP_INDEX: {
diff --git a/acl/acl-impl/src/test/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducerTest.java b/acl/acl-impl/src/test/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducerTest.java
index 8f4100349..24de2c999 100644
--- a/acl/acl-impl/src/test/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducerTest.java
+++ b/acl/acl-impl/src/test/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducerTest.java
@@ -29,6 +29,7 @@ import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.
@RunWith(HoneycombTestRunner.class)
public class ProtoPreBindRuleProducerTest implements ProtoPreBindRuleProducer, AclTestSchemaContext {
+ private static final byte IGNORE_PROTOCOL = 0;
//TODO - remove after resolving how to address identity from different model in textual yang instance identifier
private VppAce extractAce(AccessLists accessLists) {
@@ -99,4 +100,11 @@ public class ProtoPreBindRuleProducerTest implements ProtoPreBindRuleProducer, A
assertEquals(0, icmpRule.tcpFlagsValue);
}
+ @Test
+ public void tesProtocolNotSpecified(@InjectTestData(resourcePath = "/rules/no-protocol-rule.json") AccessLists acls) {
+ final AclRule noProtocolRule = createPreBindRule(extractAce(acls));
+
+ assertEquals(IGNORE_PROTOCOL, noProtocolRule.proto);
+ }
+
} \ No newline at end of file
diff --git a/acl/acl-impl/src/test/resources/rules/no-protocol-rule.json b/acl/acl-impl/src/test/resources/rules/no-protocol-rule.json
new file mode 100644
index 000000000..a022bf08d
--- /dev/null
+++ b/acl/acl-impl/src/test/resources/rules/no-protocol-rule.json
@@ -0,0 +1,23 @@
+{
+ "access-lists": {
+ "acl": [
+ {
+ "acl-name": "standard-acl",
+ "acl-type": "vpp-acl:vpp-acl",
+ "access-list-entries": {
+ "ace": [
+ {
+ "rule-name": "no-protocol-rule",
+ "matches": {
+ "vpp-ace-nodes": {
+ "destination-ipv4-network": "192.168.2.1/32",
+ "source-ipv4-network": "192.168.2.2/32"
+ }
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+} \ No newline at end of file