@Override protected List<RouteFilterLine> featureValueOf(RouteFilterList actual) { return actual.getLines(); } }
private void genDiffInfo( NavigableMap<String, RouteFilterList> before, NavigableMap<String, RouteFilterList> after, String name) { Set<String> beforeNames = new TreeSet<>(); Set<String> afterNames = new TreeSet<>(); ConfigDiffElement di = new ConfigDiffElement(beforeNames, afterNames); List<RouteFilterLine> beforeLines = before.get(name).getLines(); List<RouteFilterLine> afterLines = after.get(name).getLines(); for (RouteFilterLine line : beforeLines) { String compactLine = line.toCompactString(); if (afterLines.contains(line)) { di._identical.add(compactLine); } else { di._inBeforeOnly.add(compactLine); } } for (RouteFilterLine line : afterLines) { if (!beforeLines.contains(line)) { di._inAfterOnly.add(line.toCompactString()); } } _diffInfo.put(name, di); } }
/** * Returns the set of {@link IpWildcard ips} that match this filter list. * * @throws BatfishException if any line in this {@link RouteFilterList} does not have an {@link * LineAction#PERMIT} when matching. */ @JsonIgnore public List<IpWildcard> getMatchingIps() { return getLines().stream() .map( rfLine -> { if (rfLine.getAction() != LineAction.PERMIT) { throw new BatfishException( "Expected accept action for routerfilterlist from juniper"); } else { return rfLine.getIpWildcard(); } }) .collect(Collectors.toList()); }
private void computeSuppressedAggregates() { _encoderSlice .getGraph() .getConfigurations() .forEach( (router, conf) -> { Set<Prefix> prefixes = new HashSet<>(); _suppressedAggregates.put(router, prefixes); conf.getRouteFilterLists() .forEach( (name, filter) -> { if (name.contains(AGGREGATION_SUPPRESS_NAME)) { for (RouteFilterLine line : filter.getLines()) { if (!line.getIpWildcard().isPrefix()) { throw new BatfishException("non-prefix IpWildcards are unsupported"); } prefixes.add(line.getIpWildcard().toPrefix()); } } }); }); }
@Override public void applyTo( HeaderSpace.Builder headerSpaceBuilder, JuniperConfiguration jc, Warnings w, Configuration c) { PrefixList pl = jc.getMasterLogicalSystem().getPrefixLists().get(_name); if (pl != null) { if (pl.getIpv6()) { return; } RouteFilterList sourcePrefixList = c.getRouteFilterLists().get(_name); // if referenced prefix list is empty, it should not match anything if (sourcePrefixList.getLines().isEmpty()) { headerSpaceBuilder.addSrcIp(EmptyIpSpace.INSTANCE); return; } headerSpaceBuilder.addSrcIp( AclIpSpace.union( sourcePrefixList.getMatchingIps().stream() .map(IpWildcard::toIpSpace) .collect(ImmutableList.toImmutableList()))); } else { w.redFlag("Reference to undefined source prefix-list: \"" + _name + "\""); } } }
@Override public void applyTo( HeaderSpace.Builder headerSpaceBuilder, JuniperConfiguration jc, Warnings w, Configuration c) { PrefixList pl = jc.getMasterLogicalSystem().getPrefixLists().get(_name); if (pl != null) { if (pl.getIpv6()) { return; } RouteFilterList prefixList = c.getRouteFilterLists().get(_name); // if referenced prefix list is empty, it should not match anything if (prefixList.getLines().isEmpty()) { headerSpaceBuilder.addSrcOrDstIp(EmptyIpSpace.INSTANCE); return; } headerSpaceBuilder.addSrcOrDstIp( AclIpSpace.union( prefixList.getMatchingIps().stream() .map(IpWildcard::toIpSpace) .collect(ImmutableList.toImmutableList()))); } else { w.redFlag("Reference to undefined prefix-list: \"" + _name + "\""); } } }
@Override public void applyTo( HeaderSpace.Builder headerSpaceBuilder, JuniperConfiguration jc, Warnings w, Configuration c) { PrefixList pl = jc.getMasterLogicalSystem().getPrefixLists().get(_name); if (pl != null) { if (pl.getIpv6()) { return; } RouteFilterList destinationPrefixList = c.getRouteFilterLists().get(_name); // if referenced prefix list is empty, it should not match anything if (destinationPrefixList.getLines().isEmpty()) { headerSpaceBuilder.addNotDstIp(EmptyIpSpace.INSTANCE); return; } headerSpaceBuilder.addNotDstIp( AclIpSpace.union( destinationPrefixList.getMatchingIps().stream() .map(IpWildcard::toIpSpace) .collect(ImmutableList.toImmutableList()))); } else { w.redFlag("Reference to undefined destination prefix-list: \"" + _name + "\""); } } }
@Override public void applyTo( HeaderSpace.Builder headerSpaceBuilder, JuniperConfiguration jc, Warnings w, Configuration c) { PrefixList pl = jc.getMasterLogicalSystem().getPrefixLists().get(_name); if (pl != null) { if (pl.getIpv6()) { return; } RouteFilterList sourcePrefixList = c.getRouteFilterLists().get(_name); // if referenced prefix list is empty, it should not match anything if (sourcePrefixList.getLines().isEmpty()) { headerSpaceBuilder.addNotSrcIp(EmptyIpSpace.INSTANCE); return; } headerSpaceBuilder.addNotSrcIp( AclIpSpace.union( sourcePrefixList.getMatchingIps().stream() .map(IpWildcard::toIpSpace) .collect(ImmutableList.toImmutableList()))); } else { w.redFlag("Reference to undefined source prefix-list: \"" + _name + "\""); } } }
@Override public void applyTo( HeaderSpace.Builder headerSpaceBuilder, JuniperConfiguration jc, Warnings w, Configuration c) { PrefixList pl = jc.getMasterLogicalSystem().getPrefixLists().get(_name); if (pl != null) { if (pl.getIpv6()) { return; } RouteFilterList destinationPrefixList = c.getRouteFilterLists().get(_name); // if referenced prefix list is empty, it should not match anything if (destinationPrefixList.getLines().isEmpty()) { headerSpaceBuilder.addDstIp(EmptyIpSpace.INSTANCE); return; } headerSpaceBuilder.addDstIp( AclIpSpace.union( destinationPrefixList.getMatchingIps().stream() .map(IpWildcard::toIpSpace) .collect(ImmutableList.toImmutableList()))); } else { w.redFlag("Reference to undefined destination prefix-list: \"" + _name + "\""); } } }
private BoolExpr matchFilterList(RouteFilterList x, SymbolicRoute other) { BoolExpr acc = _enc.mkFalse(); List<RouteFilterLine> lines = new ArrayList<>(x.getLines()); Collections.reverse(lines); for (RouteFilterLine line : lines) { if (!line.getIpWildcard().isPrefix()) { throw new BatfishException("non-prefix IpWildcards are unsupported"); } Prefix p = line.getIpWildcard().toPrefix(); SubRange r = line.getLengthRange(); PrefixRange range = new PrefixRange(p, r); BoolExpr matches = _enc.isRelevantFor(other.getPrefixLength(), range); BoolExpr action = _enc.mkBool(line.getAction() == LineAction.PERMIT); acc = _enc.mkIf(matches, action, acc); } return acc; }
@Override public BooleanExpr toBooleanExpr(JuniperConfiguration jc, Configuration c, Warnings warnings) { PrefixList pl = jc.getMasterLogicalSystem().getPrefixLists().get(_prefixList); if (pl != null) { if (pl.getIpv6()) { return BooleanExprs.FALSE; } RouteFilterList rf = c.getRouteFilterLists().get(_prefixList); String orLongerListName = "~" + _prefixList + "~ORLONGER~"; RouteFilterList orLongerList = c.getRouteFilterLists().get(orLongerListName); if (orLongerList == null) { orLongerList = new RouteFilterList(orLongerListName); for (RouteFilterLine line : rf.getLines()) { Prefix prefix = line.getIpWildcard().toPrefix(); LineAction action = line.getAction(); SubRange orLongerLineRange = new SubRange(line.getLengthRange().getStart(), Prefix.MAX_PREFIX_LENGTH); RouteFilterLine orLongerLine = new RouteFilterLine(action, prefix, orLongerLineRange); orLongerList.addLine(orLongerLine); c.getRouteFilterLists().put(orLongerListName, orLongerList); } } return new MatchPrefixSet( DestinationNetwork.instance(), new NamedPrefixSet(orLongerListName)); } else { warnings.redFlag("Reference to undefined prefix-list: \"" + _prefixList + "\""); return BooleanExprs.FALSE; } } }
private BDD matchFilterList(TransferParam<BDDRoute> p, RouteFilterList x, BDDRoute other) { BDD acc = factory.zero(); List<RouteFilterLine> lines = new ArrayList<>(x.getLines()); Collections.reverse(lines); for (RouteFilterLine line : lines) { if (!line.getIpWildcard().isPrefix()) { throw new BatfishException("non-prefix IpWildcards are unsupported"); } Prefix pfx = line.getIpWildcard().toPrefix(); if (!PrefixUtils.isContainedBy(pfx, _ignoredNetworks)) { SubRange r = line.getLengthRange(); PrefixRange range = new PrefixRange(pfx, r); p.debug("Prefix Range: " + range); p.debug("Action: " + line.getAction()); BDD matches = isRelevantFor(other, range); BDD action = mkBDD(line.getAction() == LineAction.PERMIT); acc = ite(matches, action, acc); } } return acc; }
if (longerList == null) { longerList = new RouteFilterList(longerListName); for (RouteFilterLine line : rf.getLines()) { Prefix prefix = line.getIpWildcard().toPrefix(); LineAction action = line.getAction();