private boolean isSameDirection(Direction direction, Rule rule) { for (ClassifierRef classifier : rule.getClassifierRef()) { if (direction.equals(classifier.getDirection()) || direction.equals(Direction.Bidirectional) || Direction.Bidirectional.equals(classifier.getDirection())) { return true; } } return false; }
private static Rule createRuleAllow(ClassifierName classifierName, Direction direction) { ClassifierName name = new ClassifierName(direction.name() + MappingUtils.NAME_DOUBLE_DELIMETER + classifierName.getValue()); ClassifierRef classifierRef = new ClassifierRefBuilder().setName(name) .setInstanceName(classifierName) .setDirection(direction) .build(); return new RuleBuilder().setName(new RuleName(name)) .setActionRef(ImmutableList.<ActionRef>of(MappingUtils.ACTION_REF_ALLOW)) .setClassifierRef(ImmutableList.of(classifierRef)) .build(); }
List<RuleClassifier> fClassifiers = new ArrayList<>(); for (ClassifierRef classifierRef : classifierRefs) { if (classifierRef.getName() == null) { LOG.warn("Found a Classifer without name in Contract {} ", contract.getId().getValue()); continue; ruleClassifierBuilder.setName(new Name(classifierRef.getName().getValue())); ClassifierInstance classifierInstance = getClassifierInstance(tenantId, classifierRef.getName(), dataProvider); if (classifierInstance == null) { LOG.warn("Classifer instance {} is not found -- will only use the classifier Ref info", classifierRef.getName()); } else { if (classifierInstance.getClassifierDefinitionId() != null) { ruleClassifierBuilder.setAdditionalInfo(new Text(classifierInstance.getClassifierDefinitionId() .getValue())); if (classifierInstance.getParameterValue() != null) { LOG.trace("Calssifier Instance {} has {} parameters", classifierInstance.getName().getValue(), classifierInstance.getParameterValue().size()); parms = new ArrayList<>(); for (org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValue instance : classifierInstance.getParameterValue()) { ParameterValueBuilder pBuilder = new ParameterValueBuilder(); pBuilder.setIntValue(instance.getIntValue()); pBuilder.setName(new Name(instance.getName().getValue())); pBuilder.setStringValue(instance.getStringValue()); if (instance.getRangeValue() != null) { RangeValueBuilder rBuilder = new RangeValueBuilder().setMax( instance.getRangeValue().getMax()).setMin(instance.getRangeValue().getMin());
Map<String, ParameterValue> paramsFromClassifier = new HashMap<>(); Set<ClassifierDefinitionId> classifiers = new HashSet<>(); for (ClassifierRef cr : rule.getClassifierRef()) { if (cr.getDirection() != null && !cr.getDirection().equals(Direction.Bidirectional) && !cr.getDirection().equals(classifierDirection)) { continue; ClassifierInstance ci = contractTenant.getClassifier(cr.getInstanceName()); if (ci == null) { LOG.warn("Classifier instance {} not found", cr.getInstanceName().getValue()); return null; Classifier classifier = SubjectFeatures.getClassifier(ci.getClassifierDefinitionId()); if (classifier == null) { LOG.warn("Classifier definition {} not found", ci.getClassifierDefinitionId().getValue()); return null; classifiers.add(new ClassifierDefinitionId(ci.getClassifierDefinitionId())); for (ParameterValue v : ci.getParameterValue()) { if (paramsFromClassifier.get(v.getName().getValue()) == null) { if (v.getIntValue() != null || v.getStringValue() != null || v.getRangeValue() != null) { paramsFromClassifier.put(v.getName().getValue(), v); if (!paramsFromClassifier.get(v.getName().getValue()).equals(v)) { throw new IllegalArgumentException("Classification error in rule: " + rule.getName() + ".\nCause: " + "Classification conflict detected at parameter " + v.getName());
private List<String> resolveSymetricChainActions(Direction direction, Rule rule, IndexedTenant tenant, List<Rule> reversedProvidedRules, List<Rule> consumedRules) { List<String> chainNames = new ArrayList<>(); if (rule.getActionRef() != null) { for (ActionRef actionRef : rule.getActionRef()) { ActionInstance actionInstance = tenant.getAction(actionRef.getName()); if (actionInstance == null) { continue; Action action = SubjectFeatures.getAction(actionInstance.getActionDefinitionId()); if (action == null) { continue; if (oppositeRule.getActionRef() == null) { continue; for (ActionRef oppositeActionRef : oppositeRule.getActionRef()) { ActionInstance oppositeActionInstance = tenant.getAction(oppositeActionRef.getName()); if (oppositeActionInstance == null) { continue; Action oppositeAction = SubjectFeatures.getAction(oppositeActionInstance.getActionDefinitionId()); if (oppositeAction == null) { continue; if ((consumedRules.contains(rule) && (direction.equals(Direction.Out))) || ((!consumedRules.contains(rule)) && direction.equals(Direction.In))) { return new ArrayList<>();
public OfContext(DataBroker dataBroker, PolicyManager policyManager, SwitchManager switchManager, EndpointManager endpointManager, ScheduledExecutorService executor) { this.dataBroker = dataBroker; this.policyManager = policyManager; this.switchManager = switchManager; this.epManager = endpointManager; this.executor = executor; if (dataBroker == null) { LOG.error("DataBroker is null. Cannot read resolved tenants and resolved policy from DS."); } else { ReadOnlyTransaction rTx = dataBroker.newReadOnlyTransaction(); Optional<Tenants> potentialTenants = DataStoreHelper.readFromDs(LogicalDatastoreType.OPERATIONAL, TENANTS_IID, rTx); if (potentialTenants.isPresent() && potentialTenants.get().getTenant() != null) { for (Tenant tenant : potentialTenants.get().getTenant()) { resolvedTenants.put(tenant.getId(), new IndexedTenant(tenant)); } // TODO we should read resolved-policy from DS instead of this policyInfo = resolvePolicy(resolvedTenants); } rTx.close(); } }
private $YangModuleInfoImpl() { Set<YangModuleInfo> set = new HashSet<>(); set.add(org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.$YangModuleInfoImpl.getInstance()); set.add(org.opendaylight.yang.gen.v1.urn.opendaylight.intent.rev150122.$YangModuleInfoImpl.getInstance()); set.add(org.opendaylight.yang.gen.v1.urn.opendaylight.yang.extension.yang.ext.rev130709.$YangModuleInfoImpl.getInstance()); importedModules = ImmutableSet.copyOf(set); InputStream stream = $YangModuleInfoImpl.class.getResourceAsStream(resourcePath); if (stream == null) { throw new IllegalStateException("Resource '" + resourcePath + "' is missing"); } try { stream.close(); } catch (IOException e) { // Resource leak, but there is nothing we can do } }
public static ClassifierName getClassifierRefName(SecurityRule secRule) { Direction direction = SecRuleEntityDecoder.getDirection(secRule); ClassifierName classifierInstanceName = getClassifierInstanceName(secRule); String crName = new StringBuilder().append(direction.name()) .append(MappingUtils.NAME_DOUBLE_DELIMETER) .append(classifierInstanceName.getValue()) .toString(); return new ClassifierName(crName); }
private $YangModuleInfoImpl() { Set<YangModuleInfo> set = new HashSet<>(); set.add(org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.$YangModuleInfoImpl.getInstance()); set.add(org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.$YangModuleInfoImpl.getInstance()); set.add(org.opendaylight.yang.gen.v1.urn.opendaylight.yang.extension.yang.ext.rev130709.$YangModuleInfoImpl.getInstance()); set.add(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.$YangModuleInfoImpl.getInstance()); set.add(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.$YangModuleInfoImpl.getInstance()); set.add(org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.overlay.rev150105.$YangModuleInfoImpl.getInstance()); set.add(org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.$YangModuleInfoImpl.getInstance()); importedModules = ImmutableSet.copyOf(set); InputStream stream = $YangModuleInfoImpl.class.getResourceAsStream(resourcePath); if (stream == null) { throw new IllegalStateException("Resource '" + resourcePath + "' is missing"); } try { stream.close(); } catch (IOException e) { // Resource leak, but there is nothing we can do } }
private Pair<? extends EpgKey, ? extends EpgKey> getMatchingEpgs(Set<Pair<ConsEpgKey, ProvEpgKey>> epgsForContract, Set<EpgKey> epgsFromSrcEp, Set<EpgKey> epgsFromDstEp, Direction direction) { if (direction == null || Direction.Bidirectional == direction) { LOG.info("The bidirectional direction is not supported."); return null; } for (Pair<ConsEpgKey, ProvEpgKey> epgForContract : epgsForContract) { ConsEpgKey consEpg = epgForContract.getLeft(); ProvEpgKey provEpg = epgForContract.getRight(); if (epgsFromSrcEp.contains(consEpg) && epgsFromDstEp.contains(provEpg)) { if (Direction.In.equals(direction)) { return Pair.of(consEpg, provEpg); } else if (Direction.Out.equals(direction)) { return Pair.of(provEpg, consEpg); } } if (epgsFromSrcEp.contains(provEpg) && epgsFromDstEp.contains(consEpg)) { if (Direction.In.equals(direction)) { return Pair.of(consEpg, provEpg); } else if (Direction.Out.equals(direction)) { return Pair.of(provEpg, consEpg); } } } LOG.info( "EPGs of srcEP and dstEp does not match against EPGs for contract:" + "\nsrcEP EPGs: {}\ndstEP EPGs: {}\nEPGs for contract: {}", epgsFromSrcEp, epgsFromDstEp, epgsForContract); return null; }
if (direction.equals(Direction.Out) ) { actions = addActionBuilder(actions, nxPushNshAction(), order); actions = addActionBuilder(actions, nxLoadNshMdtypeAction(Short.valueOf((short)0x1)), order);
public static void createChainTunnelFlows(SfcNshHeader sfcNshHeader, NetworkElements netElements, OfWriter ofWriter, OfContext ctx, Direction direction) { NodeId localNodeId = netElements.getLocalNodeId(); EndpointFwdCtxOrdinals epOrdinals = netElements.getSrcEpOrdinals(); NodeConnectorId localNodeTunPort = ctx.getSwitchManager().getTunnelPort(localNodeId, TunnelTypeVxlanGpe.class); Ipv4Address tunDestAddress = ctx.getSwitchManager() .getTunnelIP(netElements.getDstNodeId(), TunnelTypeVxlanGpe.class) .getIpv4Address(); if (localNodeTunPort == null) { LOG.error("createChainTunnelFlows: No valid VXLAN GPE tunnel for Node {} ", localNodeId); return; } if (direction.equals(Direction.In)) { ofWriter.writeFlow(localNodeId, ctx.getPolicyManager().getTABLEID_PORTSECURITY(), allowFromChainPort( sfcNshHeader, localNodeTunPort, ctx.getPolicyManager().getTABLEID_PORTSECURITY(), ctx)); for (Flow flow : createChainTunnelFlow(sfcNshHeader, localNodeTunPort, netElements, ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER(), ctx)) { ofWriter.writeFlow(localNodeId, ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER(), flow); } ofWriter.writeFlow(localNodeId, ctx.getPolicyManager().getTABLEID_POLICY_ENFORCER(), allowFromChainTunnel(localNodeTunPort, ctx.getPolicyManager().getTABLEID_POLICY_ENFORCER())); ofWriter.writeFlow(localNodeId, ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER(), createChainBroadcastFlow(sfcNshHeader, localNodeTunPort, epOrdinals, ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER(), ctx)); } else { ofWriter.writeFlow(localNodeId, ctx.getPolicyManager().getTABLEID_EXTERNAL_MAPPER(), createExternalFlow(sfcNshHeader, localNodeTunPort, netElements, ctx.getPolicyManager(), ctx.getSwitchManager(), tunDestAddress)); } }
private MatchBuilder createBaseMatch(Direction direction, NetworkElements netElements, IpPrefix sIpPrefix, IpPrefix dIpPrefix) { MatchBuilder baseMatch = new MatchBuilder(); if (direction.equals(Direction.In)) { addNxRegMatch(baseMatch, RegMatch.of(NxmNxReg0.class, (long) netElements.getDstEpOrdinals().getEpgId()), RegMatch.of(NxmNxReg1.class, (long) netElements.getDstEpOrdinals().getCgId()), RegMatch.of(NxmNxReg2.class, (long) netElements.getSrcEpOrdinals().getEpgId()), RegMatch.of(NxmNxReg3.class, (long) netElements.getSrcEpOrdinals().getCgId())); if (sIpPrefix != null) { baseMatch.setLayer3Match(createLayer3Match(sIpPrefix, true)); } if (dIpPrefix != null) { baseMatch.setLayer3Match(createLayer3Match(dIpPrefix, false)); } } else { addNxRegMatch(baseMatch, RegMatch.of(NxmNxReg0.class, (long) netElements.getSrcEpOrdinals().getEpgId()), RegMatch.of(NxmNxReg1.class, (long) netElements.getSrcEpOrdinals().getCgId()), RegMatch.of(NxmNxReg2.class, (long) netElements.getDstEpOrdinals().getEpgId()), RegMatch.of(NxmNxReg3.class, (long) netElements.getDstEpOrdinals().getCgId())); if (sIpPrefix != null) { baseMatch.setLayer3Match(createLayer3Match(sIpPrefix, false)); } if (dIpPrefix != null) { baseMatch.setLayer3Match(createLayer3Match(dIpPrefix, true)); } } return baseMatch; }