diff options
Diffstat (limited to 'acl')
4 files changed, 46 insertions, 2 deletions
diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java index 3053fe96f..5293b5b28 100644 --- a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java +++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java @@ -75,7 +75,7 @@ public interface AceConverter extends MacIpAceDataExtractor, StandardAceDataExtr .map(ace -> { final VppAce standardAce = fromStandardAce(ace); - // pre-bind rule with protocol based attributes + // pre-bind rule with protocol based attributes (if present) AclRule rule = createPreBindRule(standardAce); rule.isPermit = standardAction(ace); diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java index c1f9a40ff..f5de7e393 100644 --- a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java +++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java @@ -172,10 +172,23 @@ public interface ProtoPreBindRuleProducer { return portNumber.getValue().shortValue(); } + /** + * Pre-bind rule with protocol based attributes (if present). + * + * @param vppAce rule to be processed + * @return AclRule with protocol filled protocol fields + */ default AclRule createPreBindRule(@Nonnull final VppAce vppAce) { AclRule rule = new AclRule(); - rule.proto = protocol(vppAce.getVppAceNodes().getIpProtocol()); + + final IpProtocol ipProtocol = vppAce.getVppAceNodes().getIpProtocol(); + if (ipProtocol == null) { + // returns AclRule with rule.proto set to 0 (protocol fields will be ignored by vpp) + return rule; + } + + rule.proto = protocol(ipProtocol); switch (rule.proto) { case ICMP_INDEX: { diff --git a/acl/acl-impl/src/test/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducerTest.java b/acl/acl-impl/src/test/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducerTest.java index 8f4100349..24de2c999 100644 --- a/acl/acl-impl/src/test/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducerTest.java +++ b/acl/acl-impl/src/test/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducerTest.java @@ -29,6 +29,7 @@ import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl. @RunWith(HoneycombTestRunner.class) public class ProtoPreBindRuleProducerTest implements ProtoPreBindRuleProducer, AclTestSchemaContext { + private static final byte IGNORE_PROTOCOL = 0; //TODO - remove after resolving how to address identity from different model in textual yang instance identifier private VppAce extractAce(AccessLists accessLists) { @@ -99,4 +100,11 @@ public class ProtoPreBindRuleProducerTest implements ProtoPreBindRuleProducer, A assertEquals(0, icmpRule.tcpFlagsValue); } + @Test + public void tesProtocolNotSpecified(@InjectTestData(resourcePath = "/rules/no-protocol-rule.json") AccessLists acls) { + final AclRule noProtocolRule = createPreBindRule(extractAce(acls)); + + assertEquals(IGNORE_PROTOCOL, noProtocolRule.proto); + } + }
\ No newline at end of file diff --git a/acl/acl-impl/src/test/resources/rules/no-protocol-rule.json b/acl/acl-impl/src/test/resources/rules/no-protocol-rule.json new file mode 100644 index 000000000..a022bf08d --- /dev/null +++ b/acl/acl-impl/src/test/resources/rules/no-protocol-rule.json @@ -0,0 +1,23 @@ +{ + "access-lists": { + "acl": [ + { + "acl-name": "standard-acl", + "acl-type": "vpp-acl:vpp-acl", + "access-list-entries": { + "ace": [ + { + "rule-name": "no-protocol-rule", + "matches": { + "vpp-ace-nodes": { + "destination-ipv4-network": "192.168.2.1/32", + "source-ipv4-network": "192.168.2.2/32" + } + } + } + ] + } + } + ] + } +}
\ No newline at end of file |