headerSpaceBuilder.setIpProtocols(ImmutableSortedSet.of(IpProtocol.TCP, IpProtocol.UDP)); break; .setIpProtocols(ImmutableSet.of(IpProtocol.UDP)) .setDstPorts( ImmutableSet.of( new SubRange(NamedPort.BOOTPS_OR_DHCP.number(), NamedPort.BOOTPC.number()))); .setIpProtocols(ImmutableSortedSet.of(IpProtocol.TCP, IpProtocol.UDP)) .setDstPorts( ImmutableSet.of( new SubRange(NamedPort.DOMAIN.number(), NamedPort.DOMAIN.number()))); .setIpProtocols(ImmutableSet.of(IpProtocol.TCP)) .setDstPorts( ImmutableSet.of( new SubRange(NamedPort.FINGER.number(), NamedPort.FINGER.number()))); .setIpProtocols(ImmutableSet.of(IpProtocol.TCP)) .setDstPorts( ImmutableSet.of(new SubRange(NamedPort.FTP.number(), NamedPort.FTP.number()))); break; .setIpProtocols(ImmutableSet.of(IpProtocol.TCP)) .setDstPorts( ImmutableSet.of(new SubRange(NamedPort.HTTP.number(), NamedPort.HTTP.number()))); break; .setIpProtocols(ImmutableSet.of(IpProtocol.TCP))
switch (match.getMatchType()) { case DESTINATION: headerSpaceBuilder.setDstIps( AclIpSpace.union(headerSpaceBuilder.getDstIps(), match.toIpWildcard().toIpSpace())); break; case DESTINATION_PORT: headerSpaceBuilder.setDstPorts( Iterables.concat(headerSpaceBuilder.getDstPorts(), match.toPortRanges())); break; case IN_INTERFACE: break; case PROTOCOL: headerSpaceBuilder.setIpProtocols( Iterables.concat( headerSpaceBuilder.getIpProtocols(), ImmutableSet.of(match.toIpProtocol()))); break; case SOURCE: headerSpaceBuilder.setSrcIps( AclIpSpace.union(headerSpaceBuilder.getSrcIps(), match.toIpWildcard().toIpSpace())); break; case SOURCE_PORT: headerSpaceBuilder.setSrcPorts( Iterables.concat(headerSpaceBuilder.getSrcPorts(), match.toPortRanges())); break; default: IpAccessListLine.builder() .setAction(rule.getIpAccessListLineAction())
@Override @Nonnull public AclLineMatchExpr toAclLineMatchExpr(Map<String, ObjectGroup> objectGroups) { return new MatchHeaderSpace( HeaderSpace.builder() .setDscps(_dscps) .setDstPorts(_dstPortRanges) .setEcns(_ecns) .setIcmpCodes( _icmpCode != null ? ImmutableSet.of(new SubRange(_icmpCode)) : ImmutableSet.of()) .setIcmpTypes( _icmpType != null ? ImmutableSet.of(new SubRange(_icmpType)) : ImmutableSet.of()) .setIpProtocols( _protocol != IpProtocol.IP ? ImmutableSet.of(_protocol) : ImmutableSet.of()) .setSrcPorts(_srcPortRanges) .setStates(_states) .setTcpFlags(_tcpFlags) .build()); }
t2.setHeaderSpace(l2.build()); HeaderSpace.Builder l3 = t3.getHeaderSpace().toBuilder(); setHeaderSpaceInfo(l3, IpProtocol.TCP, NamedPort.H323_T3.number(), null); t3.setHeaderSpace(l3.build()); NamedPort.LDAP.number(), t4.setHeaderSpace(l4.build()); HeaderSpace.Builder l5 = t5.getHeaderSpace().toBuilder(); setHeaderSpaceInfo(l5, IpProtocol.TCP, NamedPort.H323_T5.number(), null); t5.setHeaderSpace(l5.build()); HeaderSpace.Builder l6 = t6.getHeaderSpace().toBuilder(); setHeaderSpaceInfo(l6, IpProtocol.TCP, NamedPort.H323_T6.number(), null); t6.setHeaderSpace(l6.build()); NamedPort.MICROSOFT_DS.number(), t2.setHeaderSpace(l2.build()); l1.setIcmpTypes(ImmutableSet.of(new SubRange(icmpType))); t1.setHeaderSpace(l1.build()); terms.put(t1Name, t1);
.setIpProtocols(ImmutableSortedSet.of(IpProtocol.TCP, IpProtocol.UDP)) .setDstPorts( ImmutableSet.of( new SubRange(NamedPort.BFD_CONTROL.number(), NamedPort.BFD_ECHO.number()))); .setIpProtocols(ImmutableSet.of(IpProtocol.TCP)) .setDstPorts( ImmutableSet.of(new SubRange(NamedPort.BGP.number(), NamedPort.BGP.number()))); break; headerSpaceBuilder.setIpProtocols(ImmutableSet.of(IpProtocol.IGMP)); break; headerSpaceBuilder.setIpProtocols(ImmutableSet.of(IpProtocol.IGMP)); break; .setIpProtocols(ImmutableSortedSet.of(IpProtocol.TCP, IpProtocol.UDP)) .setDstPorts( ImmutableSet.of(new SubRange(NamedPort.LDP.number(), NamedPort.LDP.number()))); break; .setIpProtocols(ImmutableSet.of(IpProtocol.TCP)) .setDstPorts( ImmutableSet.of(new SubRange(NamedPort.MSDP.number(), NamedPort.MSDP.number()))); break; headerSpaceBuilder.setIpProtocols(ImmutableSet.of(IpProtocol.NARP)); break;
_headerSpace .toBuilder() .setDstIps(nullIpSpace) .setNotDstIps(nullIpSpace) .setNotSrcIps(nullIpSpace) .setSrcIps(nullIpSpace) .build();
if (!prefix.equals(Prefix.ZERO)) { if (isEgress) { headerSpaceBuilder.setDstIps(ImmutableSortedSet.of(new IpWildcard(prefix))); } else { headerSpaceBuilder.setSrcIps(ImmutableSortedSet.of(new IpWildcard(prefix))); String protocolStr = protocol != null ? protocol.toString() : "ALL"; if (protocol != null) { headerSpaceBuilder.setIpProtocols(ImmutableSortedSet.of(protocol)); toPort = 65535; headerSpaceBuilder.setDstPorts(ImmutableSortedSet.of(portRange)); IpAccessListLine.builder() .setAction(action) .setMatchCondition(new MatchHeaderSpace(headerSpaceBuilder.build())) .setName( String.format(
headerSpace .toBuilder() .setDstIps(simplifyPositiveIpConstraint(dstIps)) .setNotDstIps(simplifyNegativeIpConstraint(notDstIps)) .setNotSrcIps(simplifyNegativeIpConstraint(notSrcIps)) .setSrcIps(simplifyPositiveIpConstraint(srcIps)) .setSrcOrDstIps(simplifyPositiveIpConstraint(srcOrDstIps)) .build(); if (simplifiedHeaderSpace.equals(HeaderSpace.builder().build())) {
case HTTP: headerSpace = HeaderSpace.builder().setIpProtocols(ImmutableList.of(IpProtocol.TCP)).build(); break; case HTTPS: headerSpace = HeaderSpace.builder().setIpProtocols(ImmutableList.of(IpProtocol.TCP)).build(); break; case ICMP: headerSpace = HeaderSpace.builder().setIpProtocols(ImmutableList.of(IpProtocol.ICMP)).build(); break; case TCP: headerSpace = HeaderSpace.builder().setIpProtocols(ImmutableList.of(IpProtocol.TCP)).build(); break; case TFTP: headerSpace = HeaderSpace.builder().setIpProtocols(ImmutableList.of(IpProtocol.UDP)).build(); break; case UDP: headerSpace = HeaderSpace.builder().setIpProtocols(ImmutableList.of(IpProtocol.UDP)).build(); break; default:
new MatchHeaderSpace( HeaderSpace.builder() .setIpProtocols(srcHeaderSpace.getIpProtocols()) .setDstIps(srcHeaderSpace.getSrcIps()) .setSrcPorts(srcHeaderSpace.getDstPorts()) .setTcpFlags( ImmutableSet.of(TcpFlagsMatchConditions.ACK_TCP_FLAG)) .build())) .setAction(ipAccessListLine.getAction()) .build(); new MatchHeaderSpace( HeaderSpace.builder() .setIpProtocols(srcHeaderSpace.getIpProtocols()) .setSrcIps(srcHeaderSpace.getDstIps()) .setSrcPorts(srcHeaderSpace.getDstPorts()) .setTcpFlags( ImmutableSet.of(TcpFlagsMatchConditions.ACK_TCP_FLAG)) .build())) .setAction(ipAccessListLine.getAction()) .build();
.setSrcIps(originalHeaderSpace.getSrcIps()) .setDstIps(originalHeaderSpace.getDstIps()) .setSrcPorts(originalHeaderSpace.getSrcPorts()) .setDstPorts(originalHeaderSpace.getDstPorts()) .setIpProtocols(originalHeaderSpace.getIpProtocols()) .setIcmpCodes(originalHeaderSpace.getIcmpCodes()) .setTcpFlags(originalHeaderSpace.getTcpFlags()) .build())) { new MatchHeaderSpace( reversedHeaderSpaceBuilder .setSrcIps(originalHeaderSpace.getDstIps()) .setSrcPorts(originalHeaderSpace.getDstPorts()) .setDstIps(originalHeaderSpace.getSrcIps()) .setDstPorts(originalHeaderSpace.getSrcPorts()) .build())) .setAction(ipAccessListLine.getAction()) .build());
IpSpace original = headerSpace.getSrcIps(); if (original != null) { hsb.setSrcIps(original.accept(new IpSpaceDereferencer(namedIpSpaces))); hsb.setDstIps(original.accept(new IpSpaceDereferencer(namedIpSpaces))); hsb.setNotSrcIps(original.accept(new IpSpaceDereferencer(namedIpSpaces))); hsb.setNotDstIps(original.accept(new IpSpaceDereferencer(namedIpSpaces))); hsb.setSrcOrDstIps(original.accept(new IpSpaceDereferencer(namedIpSpaces))); return hsb.build();
acceptingHeaderSpace( HeaderSpace.builder() .setSrcIps(new IpWildcard("1.0.0.0:0.0.0.0").toIpSpace()) .build()), acceptingHeaderSpace( HeaderSpace.builder() .setSrcIps(new IpWildcard("1.0.0.1:0.0.0.0").toIpSpace()) .build()), acceptingHeaderSpace( HeaderSpace.builder() .setSrcIps(new IpWildcard("1.0.0.0:0.0.0.1").toIpSpace()) .build())); IpAccessList acl = _aclb.setLines(aclLines).setName("acl").build(); List<String> lineNames = aclLines.stream().map(Object::toString).collect(Collectors.toList());
IpAccessListLine.acceptingHeaderSpace( HeaderSpace.builder() .setSrcIps(new IpWildcard(Prefix.create(Ip.parse("1.2.3.4"), 30)).toIpSpace()) .build()), IpAccessListLine.acceptingHeaderSpace( HeaderSpace.builder() .setSrcIps(new IpWildcard(Prefix.create(Ip.parse("1.2.3.4"), 32)).toIpSpace()) .build()), IpAccessListLine.acceptingHeaderSpace( HeaderSpace.builder() .setSrcIps(new IpWildcard(Prefix.create(Ip.parse("1.2.3.4"), 28)).toIpSpace()) .build())); _aclb.setLines(lines).setName("acl").build(); List<String> lineNames = lines.stream().map(Object::toString).collect(Collectors.toList());