@Override protected List<AclIpSpaceLine> featureValueOf(AclIpSpace actual) { return actual.getLines(); } }
@Override public Boolean visitAclIpSpace(AclIpSpace aclIpSpace) { return aclIpSpace.getLines().stream() .filter(line -> line.getAction() == LineAction.PERMIT) .allMatch(line -> line.getIpSpace().accept(this)); }
@Override public String visitAclIpSpace(AclIpSpace aclIpSpace) { String metadataDescription = computeMetadataDescription(aclIpSpace); if (metadataDescription != null) { return metadataDescription; } ImmutableList.Builder<String> lineDescs = ImmutableList.builder(); CommonUtil.<AclIpSpaceLine>forEachWithIndex( aclIpSpace.getLines(), (i, line) -> lineDescs.add(String.format("%d: %s", i, line.getIpSpace().accept(this)))); return lineDescs.build().toString(); }
@Override public BooleanExpr visitAclIpSpace(AclIpSpace aclIpSpace) { return matchAnyField( field -> { // right fold BooleanExpr expr = FalseExpr.INSTANCE; for (int i = aclIpSpace.getLines().size() - 1; i >= 0; i--) { AclIpSpaceLine line = aclIpSpace.getLines().get(i); expr = new IfThenElse( new IpSpaceMatchExpr(line.getIpSpace(), _namedIpSpaces, field).getExpr(), line.getAction() == LineAction.PERMIT ? TrueExpr.INSTANCE : FalseExpr.INSTANCE, expr); } return expr; }); }
@Override public IpSpace visitAclIpSpace(AclIpSpace aclIpSpace) { /* Just specialize the IpSpace of each acl line. */ List<AclIpSpaceLine> specializedLines = aclIpSpace.getLines().stream() .map(line -> line.toBuilder().setIpSpace(visit(line.getIpSpace())).build()) .filter(line -> line.getIpSpace() != EmptyIpSpace.INSTANCE) .collect(ImmutableList.toImmutableList()); if (specializedLines.isEmpty()) { return EmptyIpSpace.INSTANCE; } if (specializedLines.stream() .allMatch(aclIpSpaceLine -> aclIpSpaceLine.getAction() == LineAction.DENY)) { return EmptyIpSpace.INSTANCE; } return AclIpSpace.of(specializedLines); }
@Override public IpSpace visitAclIpSpace(AclIpSpace aclIpSpace) { AclIpSpace.Builder renamedSpace = AclIpSpace.builder(); aclIpSpace .getLines() .forEach( line -> { IpSpace space = line.getIpSpace().accept(this); renamedSpace.thenAction(line.getAction(), space); }); return renamedSpace.build(); }
@Override public BoolExpr visitAclIpSpace(AclIpSpace aclIpSpace) { BoolExpr expr = _context.mkFalse(); for (AclIpSpaceLine aclIpSpaceLine : Lists.reverse(aclIpSpace.getLines())) { BoolExpr matchExpr = aclIpSpaceLine.getIpSpace().accept(this); BoolExpr actionExpr = aclIpSpaceLine.getAction() == LineAction.PERMIT ? _context.mkTrue() : _context.mkFalse(); expr = (BoolExpr) _context.mkITE(matchExpr, actionExpr, expr); } return expr; }
for (AclIpSpaceLine line : aclIpSpace.getLines()) { IpSpace simplifiedLineIpSpace = line.getIpSpace().accept(this); if (simplifiedLineIpSpace == EmptyIpSpace.INSTANCE) {
@Override public BDD visitAclIpSpace(AclIpSpace aclIpSpace) { BDD bdd = _factory.zero(); for (AclIpSpaceLine aclIpSpaceLine : Lists.reverse(aclIpSpace.getLines())) { bdd = visit(aclIpSpaceLine.getIpSpace()) .ite( aclIpSpaceLine.getAction() == LineAction.PERMIT ? _factory.one() : _factory.zero(), bdd); } return bdd; }
@Override public Boolean visitAclIpSpace(AclIpSpace aclIpSpace) { for (AclIpSpaceLine line : aclIpSpace.getLines()) { if (line.getAction() == LineAction.PERMIT && ipSpaceMayIntersectWildcard(line.getIpSpace())) { return true; } if (line.getAction() == LineAction.DENY && ipSpaceContainsWildcard(line.getIpSpace())) { return false; } } return false; }
@Override public Boolean visitAclIpSpace(AclIpSpace aclIpSpace) { String name = _aclTracer.getIpSpaceNames().get(aclIpSpace); _aclTracer.newTrace(); List<AclIpSpaceLine> lines = aclIpSpace.getLines(); for (int i = 0; i < lines.size(); i++) { AclIpSpaceLine line = lines.get(i); if (line.getIpSpace().accept(this)) { if (name != null) { _aclTracer.recordAction( name, _aclTracer.getIpSpaceMetadata().get(aclIpSpace), i, line, _ip, _ipDescription, _ipSpaceDescriber); } _aclTracer.endTrace(); return line.getAction() == LineAction.PERMIT; } _aclTracer.nextLine(); } if (name != null) { _aclTracer.recordDefaultDeny( name, _aclTracer.getIpSpaceMetadata().get(aclIpSpace), _ip, _ipDescription); } _aclTracer.endTrace(); return false; }
@Override public Boolean visitAclIpSpace(AclIpSpace aclIpSpace) { for (AclIpSpaceLine line : aclIpSpace.getLines()) { if (line.getAction() == LineAction.DENY && ipSpaceMayIntersectWildcard(line.getIpSpace())) { return true; } if (line.getAction() == LineAction.PERMIT && ipSpaceContainsWildcard(line.getIpSpace())) { return false; } } /* * If we reach this point, no PERMIT line is guaranteed to contain ipWildcard. This means * it's possible (though not certain) that this does not contain ipWildcard. */ return true; }
/** * @param aclIpSpace The {@link AclIpSpace} to dereference * @return An {@link AclIpSpace} identical to the original but with all uses of {@link * IpSpaceReference} replaced with the dereferenced {@link IpSpace} they represent * @throws CircularReferenceException if original {@link AclIpSpace} points to a cyclical * reference. * @throws UndefinedReferenceException if original {@link AclIpSpace} points to an undefined * reference. */ @Override public IpSpace visitAclIpSpace(AclIpSpace aclIpSpace) throws CircularReferenceException, UndefinedReferenceException { AclIpSpace.Builder sanitizedSpace = AclIpSpace.builder(); for (AclIpSpaceLine line : aclIpSpace.getLines()) { IpSpace ipSpace = line.getIpSpace().accept(this); sanitizedSpace.thenAction(line.getAction(), ipSpace); } // No cycles/undefined references in this AclIpSpace. Return reference-free version. return sanitizedSpace.build(); }