@Override public BooleanExpr toBooleanExpr(JuniperConfiguration jc, Configuration c, Warnings warnings) { PrefixList pl = jc.getMasterLogicalSystem().getPrefixLists().get(_prefixList); if (pl != null) { if (pl.getIpv6()) { return BooleanExprs.FALSE; } RouteFilterList rf = c.getRouteFilterLists().get(_prefixList); String orLongerListName = "~" + _prefixList + "~ORLONGER~"; RouteFilterList orLongerList = c.getRouteFilterLists().get(orLongerListName); if (orLongerList == null) { orLongerList = new RouteFilterList(orLongerListName); for (RouteFilterLine line : rf.getLines()) { Prefix prefix = line.getIpWildcard().toPrefix(); LineAction action = line.getAction(); SubRange orLongerLineRange = new SubRange(line.getLengthRange().getStart(), Prefix.MAX_PREFIX_LENGTH); RouteFilterLine orLongerLine = new RouteFilterLine(action, prefix, orLongerLineRange); orLongerList.addLine(orLongerLine); c.getRouteFilterLists().put(orLongerListName, orLongerList); } } return new MatchPrefixSet( DestinationNetwork.instance(), new NamedPrefixSet(orLongerListName)); } else { warnings.redFlag("Reference to undefined prefix-list: \"" + _prefixList + "\""); return BooleanExprs.FALSE; } } }
private void genDiffInfo( NavigableMap<String, RouteFilterList> before, NavigableMap<String, RouteFilterList> after, String name) { Set<String> beforeNames = new TreeSet<>(); Set<String> afterNames = new TreeSet<>(); ConfigDiffElement di = new ConfigDiffElement(beforeNames, afterNames); List<RouteFilterLine> beforeLines = before.get(name).getLines(); List<RouteFilterLine> afterLines = after.get(name).getLines(); for (RouteFilterLine line : beforeLines) { String compactLine = line.toCompactString(); if (afterLines.contains(line)) { di._identical.add(compactLine); } else { di._inBeforeOnly.add(compactLine); } } for (RouteFilterLine line : afterLines) { if (!beforeLines.contains(line)) { di._inAfterOnly.add(line.toCompactString()); } } _diffInfo.put(name, di); } }
/** * Returns the set of {@link IpWildcard ips} that match this filter list. * * @throws BatfishException if any line in this {@link RouteFilterList} does not have an {@link * LineAction#PERMIT} when matching. */ @JsonIgnore public List<IpWildcard> getMatchingIps() { return getLines().stream() .map( rfLine -> { if (rfLine.getAction() != LineAction.PERMIT) { throw new BatfishException( "Expected accept action for routerfilterlist from juniper"); } else { return rfLine.getIpWildcard(); } }) .collect(Collectors.toList()); }
private boolean evaluatePrefix(Prefix prefix) { boolean accept = false; for (RouteFilterLine line : _lines) { if (line.getIpWildcard().containsIp(prefix.getStartIp())) { int prefixLength = prefix.getPrefixLength(); SubRange range = line.getLengthRange(); if (prefixLength >= range.getStart() && prefixLength <= range.getEnd()) { accept = line.getAction() == LineAction.PERMIT; break; } } } if (accept) { _permittedCache.get().add(prefix); } else { _deniedCache.get().add(prefix); } return accept; }
@Override public void applyTo(RouteFilterList rfl) { org.batfish.datamodel.RouteFilterLine line = new org.batfish.datamodel.RouteFilterLine( LineAction.PERMIT, _prefix, new SubRange(_minPrefixLength, _maxPrefixLength)); rfl.addLine(line); }
private void computeSuppressedAggregates() { _encoderSlice .getGraph() .getConfigurations() .forEach( (router, conf) -> { Set<Prefix> prefixes = new HashSet<>(); _suppressedAggregates.put(router, prefixes); conf.getRouteFilterLists() .forEach( (name, filter) -> { if (name.contains(AGGREGATION_SUPPRESS_NAME)) { for (RouteFilterLine line : filter.getLines()) { if (!line.getIpWildcard().isPrefix()) { throw new BatfishException("non-prefix IpWildcards are unsupported"); } prefixes.add(line.getIpWildcard().toPrefix()); } } }); }); }
private BoolExpr matchFilterList(RouteFilterList x, SymbolicRoute other) { BoolExpr acc = _enc.mkFalse(); List<RouteFilterLine> lines = new ArrayList<>(x.getLines()); Collections.reverse(lines); for (RouteFilterLine line : lines) { if (!line.getIpWildcard().isPrefix()) { throw new BatfishException("non-prefix IpWildcards are unsupported"); } Prefix p = line.getIpWildcard().toPrefix(); SubRange r = line.getLengthRange(); PrefixRange range = new PrefixRange(p, r); BoolExpr matches = _enc.isRelevantFor(other.getPrefixLength(), range); BoolExpr action = _enc.mkBool(line.getAction() == LineAction.PERMIT); acc = _enc.mkIf(matches, action, acc); } return acc; }
private RouteFilterList toRouteFilterList(PrefixList prefixList) { String name = prefixList.getName(); RouteFilterList newList = new RouteFilterList(name); List<RouteFilterLine> newLines = prefixList.getRules().values().stream() .map(l -> new RouteFilterLine(l.getAction(), l.getPrefix(), l.getLengthRange())) .collect(ImmutableList.toImmutableList()); newList.setLines(newLines); return newList; }
longerList = new RouteFilterList(longerListName); for (RouteFilterLine line : rf.getLines()) { Prefix prefix = line.getIpWildcard().toPrefix(); LineAction action = line.getAction(); SubRange longerLineRange = new SubRange(line.getLengthRange().getStart() + 1, Prefix.MAX_PREFIX_LENGTH); if (longerLineRange.getStart() > Prefix.MAX_PREFIX_LENGTH) { warnings.redFlag( continue; RouteFilterLine orLongerLine = new RouteFilterLine(action, prefix, longerLineRange); longerList.addLine(orLongerLine); c.getRouteFilterLists().put(longerListName, longerList);
private BDD matchFilterList(TransferParam<BDDRoute> p, RouteFilterList x, BDDRoute other) { BDD acc = factory.zero(); List<RouteFilterLine> lines = new ArrayList<>(x.getLines()); Collections.reverse(lines); for (RouteFilterLine line : lines) { if (!line.getIpWildcard().isPrefix()) { throw new BatfishException("non-prefix IpWildcards are unsupported"); } Prefix pfx = line.getIpWildcard().toPrefix(); if (!PrefixUtils.isContainedBy(pfx, _ignoredNetworks)) { SubRange r = line.getLengthRange(); PrefixRange range = new PrefixRange(pfx, r); p.debug("Prefix Range: " + range); p.debug("Action: " + line.getAction()); BDD matches = isRelevantFor(other, range); BDD action = mkBDD(line.getAction() == LineAction.PERMIT); acc = ite(matches, action, acc); } } return acc; }
@Override public void applyTo(RouteFilterList rfl) { int prefixLength = _prefix.getPrefixLength(); org.batfish.datamodel.RouteFilterLine line = new org.batfish.datamodel.RouteFilterLine( LineAction.PERMIT, _prefix, new SubRange(prefixLength, Prefix.MAX_PREFIX_LENGTH)); rfl.addLine(line); }
@Override public void applyTo(RouteFilterList rfl) { int prefixLength = _prefix.getPrefixLength(); org.batfish.datamodel.RouteFilterLine line = new org.batfish.datamodel.RouteFilterLine( LineAction.PERMIT, _prefix, new SubRange(prefixLength, _maxPrefixLength)); rfl.addLine(line); }
@Override public void applyTo(RouteFilterList rfl) { int prefixLength = _prefix.getPrefixLength(); if (prefixLength >= 32) { throw new BatfishException("Route filter prefix length cannot be 'longer' than 32"); } org.batfish.datamodel.RouteFilterLine line = new org.batfish.datamodel.RouteFilterLine( LineAction.PERMIT, PrefixRange.moreSpecificThan(_prefix)); rfl.addLine(line); }
@Override public void applyTo(RouteFilterList rfl) { int prefixLength = _prefix.getPrefixLength(); org.batfish.datamodel.RouteFilterLine line = new org.batfish.datamodel.RouteFilterLine( LineAction.PERMIT, _prefix, new SubRange(prefixLength, prefixLength)); rfl.addLine(line); }
static RouteFilterList toRouteFilterList(PrefixList list) { RouteFilterList newRouteFilterList = new RouteFilterList(list.getName()); List<RouteFilterLine> newLines = list.getLines().stream() .map( l -> new RouteFilterLine( l.getAction(), new IpWildcard(l.getPrefix()), l.getLengthRange())) .collect(ImmutableList.toImmutableList()); newRouteFilterList.setLines(newLines); return newRouteFilterList; }
p -> matchLonger.addLine( new RouteFilterLine(LineAction.PERMIT, PrefixRange.moreSpecificThan(p))));
@Override public void applyTo(RouteFilterList rfl) { int low = _prefix.getPrefixLength(); int high = _throughPrefix.getPrefixLength(); for (int i = low; i <= high; i++) { Ip currentNetworkAddress = _throughPrefix.getStartIp().getNetworkAddress(i); Prefix currentPrefix = Prefix.create(currentNetworkAddress, i); org.batfish.datamodel.RouteFilterLine line = new org.batfish.datamodel.RouteFilterLine( LineAction.PERMIT, currentPrefix, new SubRange(i, i)); rfl.addLine(line); } }
@Override public void applyTo(RouteFilterList rfl) { int prefixLength = _prefix.getPrefixLength(); org.batfish.datamodel.RouteFilterLine line = new org.batfish.datamodel.RouteFilterLine( LineAction.PERMIT, new IpWildcard( Prefix.create(_prefix.getStartIp(), prefixLength).getStartIp(), _addressMask), new SubRange(prefixLength, prefixLength)); rfl.addLine(line); }
/** Convert a standard access list line to a route filter list line */ private static RouteFilterLine toRouteFilterLine(StandardAccessListLine fromLine) { LineAction action = fromLine.getAction(); /* * This cast is safe since the other address specifier (network object group specifier) * can be used only from extended ACLs. */ IpWildcard srcIpWildcard = ((WildcardAddressSpecifier) fromLine.getSrcAddressSpecifier()).getIpWildcard(); Prefix prefix = srcIpWildcard.toPrefix(); return new RouteFilterLine( action, new IpWildcard(prefix), new SubRange(prefix.getPrefixLength(), Prefix.MAX_PREFIX_LENGTH)); }
RouteFilterList rfList = new RouteFilterList(rflName); rfList.addLine( new org.batfish.datamodel.RouteFilterLine( LineAction.PERMIT, prefix,