@JsonCreator public IkePhase1Key() { _remoteIdentity = new IpWildcard("0.0.0.0:0.0.0.0").toIpSpace(); _localInterface = UNSET_LOCAL_INTERFACE; }
@Override public Boolean visitPrefixIpSpace(PrefixIpSpace prefixIpSpace) { return _ipWildcard.supersetOf(new IpWildcard(prefixIpSpace.getPrefix())); }
@Override public boolean containsIp(Ip ip, Map<String, IpSpace> namedIpSpaces) { return _ipWildcard.containsIp(ip); }
@Override public Boolean visitPrefixIpSpace(PrefixIpSpace prefixIpSpace) { return new IpWildcard(prefixIpSpace.getPrefix()).intersects(_ipWildcard); }
public RouteFilterLine(LineAction action, Prefix prefix, SubRange lengthRange) { _action = action; _ipWildcard = new IpWildcard(prefix); _lengthRange = lengthRange; }
@Override @Nonnull public IpSpace toIpSpace() { return _ipWildcard.toIpSpace(); } }
private static RouteFilterLine toRouteFilterLine(ExtendedAccessListLine fromLine) { LineAction action = fromLine.getAction(); IpWildcard srcIpWildcard = ((WildcardAddressSpecifier) fromLine.getSourceAddressSpecifier()).getIpWildcard(); Ip ip = srcIpWildcard.getIp(); IpWildcard dstIpWildcard = ((WildcardAddressSpecifier) fromLine.getDestinationAddressSpecifier()).getIpWildcard(); long minSubnet = dstIpWildcard.getIp().asLong(); long maxSubnet = minSubnet | dstIpWildcard.getWildcard().asLong(); int minPrefixLength = dstIpWildcard.getIp().numSubnetBits(); int maxPrefixLength = Ip.create(maxSubnet).numSubnetBits(); int statedPrefixLength = srcIpWildcard.getWildcard().inverted().numSubnetBits(); int prefixLength = Math.min(statedPrefixLength, minPrefixLength); Prefix prefix = Prefix.create(ip, prefixLength); return new RouteFilterLine( action, new IpWildcard(prefix), new SubRange(minPrefixLength, maxPrefixLength)); }
@Override public Boolean visitIpIpSpace(IpIpSpace ipIpSpace) { return !new IpWildcard(ipIpSpace.getIp()).equals(_ipWildcard); }
public static BooleanExpr matchIpWildcard(IpWildcard ipWildcard, IntExpr ipField) { if (ipWildcard.isPrefix()) { return matchPrefix(ipWildcard.toPrefix(), ipField); } long ip = ipWildcard.getIp().asLong(); long wildcard = ipWildcard.getWildcard().asLong(); ImmutableList.Builder<BooleanExpr> matchIp = ImmutableList.builder(); for (int currentBitIndex = 0; currentBitIndex < Prefix.MAX_PREFIX_LENGTH; currentBitIndex++) { long mask = 1L << currentBitIndex; long currentWildcardBit = mask & wildcard; boolean useBit = currentWildcardBit == 0; if (useBit) { IntExpr extractIp = ExtractExpr.newExtractExpr(ipField, currentBitIndex, currentBitIndex); LitIntExpr srcIpMatchLit = new LitIntExpr(ip, currentBitIndex, currentBitIndex); EqExpr matchIpBit = new EqExpr(extractIp, srcIpMatchLit); matchIp.add(matchIpBit); } } return new AndExpr(matchIp.build()); }
/** * @param other another IpWildcard * @return whether the set of IPs matched by this intersects the set of those matched by other. */ public boolean intersects(IpWildcard other) { long differentIpBits = getIp().asLong() ^ other.getIp().asLong(); long canDiffer = getWildcard().asLong() | other.getWildcard().asLong(); /* * All IP bits that different must be wild in either this or other. */ return (differentIpBits & canDiffer) == differentIpBits; }
/** * @param other another IpWildcard * @return whether the set of IPs matched by this is a subset of those matched by other. */ public boolean subsetOf(IpWildcard other) { return other.supersetOf(this); }
@Override public Boolean visitUniverseIpSpace(UniverseIpSpace universeIpSpace) { return _ipWildcard.equals(IpWildcard.ANY); } }
@Override public Boolean visitIpWildcardIpSpace(IpWildcardIpSpace ipWildcardIpSpace) { return _ipWildcard.intersects(ipWildcardIpSpace.getIpWildcard()); }
private void assertIpWildcardIsPrefix(IpWildcard ipWildcard) { if (!ipWildcard.isPrefix()) { throw new BatfishException("non-prefix IpWildcards are unsupported"); } }
boolean relevantPrefix(Prefix p) { if (_headerSpace.getDstIps() == null) { return true; } return new IpSpaceMayIntersectWildcard(new IpWildcard(p), ImmutableMap.of()) .visit(_headerSpace.getDstIps()); }
@Override protected IpSpace specialize(IpWildcard ipWildcard) { return emptyIfNoIntersection(ipWildcard.toIpSpace()); }
@Test public void testIntersects() { /* * The second Ip of an IpWildcard indicates which bits of the first Ip * are significant (i.e. not wild). In this example, since the significant bits of * wc1 and wc2 don't overlap, they should intersect (i.e. their bitwise OR is included in each). */ IpWildcard wc1 = new IpWildcard(Ip.create(0x00b0000aL), Ip.create(0x00FF00FFL).inverted()); IpWildcard wc2 = new IpWildcard(Ip.create(0x000cd000L), Ip.create(0x0000FF00L).inverted()); assertThat("wildcards should overlap", wc1.intersects(wc2)); }
/** * @param other another IpWildcard * @return whether the set of IPs matched by this is a superset of those matched by other. */ public boolean supersetOf(IpWildcard other) { long wildToThis = getWildcard().asLong(); long wildToOther = other.getWildcard().asLong(); long differentIpBits = getIp().asLong() ^ other.getIp().asLong(); /* * 1. Any bits wild in other must be wild in this (i.e. other's wild bits must be a subset * of this' wild bits). * 2. Any IP bits that differ must be wild in this. */ return (wildToThis & wildToOther) == wildToOther && (wildToThis & differentIpBits) == differentIpBits; }
private void computeSuppressedAggregates() { _encoderSlice .getGraph() .getConfigurations() .forEach( (router, conf) -> { Set<Prefix> prefixes = new HashSet<>(); _suppressedAggregates.put(router, prefixes); conf.getRouteFilterLists() .forEach( (name, filter) -> { if (name.contains(AGGREGATION_SUPPRESS_NAME)) { for (RouteFilterLine line : filter.getLines()) { if (!line.getIpWildcard().isPrefix()) { throw new BatfishException("non-prefix IpWildcards are unsupported"); } prefixes.add(line.getIpWildcard().toPrefix()); } } }); }); }