2 * Copyright (c) 2017 Ericsson India Global Services Pvt Ltd. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.netvirt.aclservice.shell;
11 import static java.util.stream.Collectors.joining;
13 import java.util.Collection;
14 import java.util.Formatter;
15 import java.util.HashMap;
16 import java.util.List;
18 import java.util.Map.Entry;
19 import java.util.SortedSet;
20 import java.util.stream.Collectors;
21 import org.apache.karaf.shell.commands.Command;
22 import org.apache.karaf.shell.commands.Option;
23 import org.apache.karaf.shell.console.OsgiCommandSupport;
24 import org.opendaylight.netvirt.aclservice.api.AclInterfaceCache;
25 import org.opendaylight.netvirt.aclservice.api.utils.AclDataCache;
26 import org.opendaylight.netvirt.aclservice.api.utils.AclInterface;
27 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.Acl;
28 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.Ace;
29 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIp;
30 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.AceIpVersion;
31 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.ace.ip.version.AceIpv4;
32 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.ace.ip.version.AceIpv6;
33 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress;
34 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefix;
35 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Prefix;
36 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Prefix;
37 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
38 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionBase;
39 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionEgress;
40 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionIngress;
41 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress;
42 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.SecurityRuleAttr;
43 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
44 import org.opendaylight.yangtools.yang.common.Uint8;
46 import org.slf4j.Logger;
47 import org.slf4j.LoggerFactory;
49 @Command(scope = "aclservice", name = "display-acl-data-cache", description = " ")
50 public class DisplayAclDataCaches extends OsgiCommandSupport {
51 private static final Logger LOG = LoggerFactory.getLogger(DisplayAclDataCaches.class);
52 private AclDataCache aclDataCache;
53 private AclInterfaceCache aclInterfaceCache;
55 private static final String UUID_TAB = "%-40s";
56 private static final String DELIMITER = String.format("%-40s", "");
57 private static final String ACL_TAG_HEADER_LINE = "-----------------------------------------------";
58 private static final String ACL_TAG_HEADERS = String.format("%-40s%-40s", "ACL Id", "ACL Tag");
59 private static final String ACL_TAG_DATA_FORMAT_STRING = "%-40s%-40s";
60 private static final String HEADER_LINE =
61 "----------------------------------------------------------------------------------";
62 private static final String REMOTE_ACL_ID_HEADERS = String.format("%-40s%-40s", "Remote ACL Id", "ACL Id");
63 private static final String ACL_INTERFACE_MAP_HEADERS = String.format("%-40s%-40s", "ACL Id", "Interface Id");
64 private static final String ACL_HEADER = String.format("%-8s", "ACL Id: ");
65 private static final String ACE_DATA_FOR = "%-37s%-10s%-6s%-7s%-25s";
66 private static final String ACL_ENTRIES_HEADERS = String.format(ACE_DATA_FOR, "ACE ID", "Direction", "Proto",
67 "IP Ver", "IP Prefix/RemoteGroupId");
68 private static final String ACL_INTERFACE_FORMAT_STRING = "%-37s %-12s %-10s %-15s %-7s %-6s %-6s";
69 private static final String ACL_ENTRIES_HEADER_LINE =
70 "--------------------------------------------------------------------------------------";
71 private static final String ACE_ENTRIES_FORMAT_STRING = "%-37s%-10s%-6s%-7s%-40s";
73 private final String exeCmdStr = "display-acl-data-cache -op ";
74 private final String opSelections =
75 "[ aclInterface | ingressRemoteAclId | egressRemoteAclId | aclTag | aclInterfaceCache | acl ]";
76 private final String opSelStr = exeCmdStr + opSelections;
78 @Option(name = "-op", aliases = {"--option",
79 "--op"}, description = opSelections, required = false, multiValued = false)
82 @Option(name = "--all", description = "display the complete selected map", required = false, multiValued = false)
85 @Option(name = "--key", description = "key for aclTag/aclInterfaceCache/acl", required = false,
89 public void setAclDataCache(AclDataCache aclDataCache) {
90 this.aclDataCache = aclDataCache;
93 public void setAclInterfaceCache(AclInterfaceCache aclInterfaceCache) {
94 this.aclInterfaceCache = aclInterfaceCache;
97 private Map<String, String> protoMap = new HashMap<String, String>() {
105 private Map<String, String> opToKeyIdMap = new HashMap<String, String>() {
107 put("aclInterface", "aclInterfaceUuid");
108 put("ingressRemoteAclId", "remoteAclUuid");
109 put("egressRemoteAclId", "remoteAclUuid");
110 put("aclTag", "aclUuid");
111 put("aclInterfaceCache", "aclInterfaceUuid");
112 put("acl", "aclUuid");
117 protected Object doExecute() {
118 if (aclDataCache == null) {
119 session.getConsole().println("Failed to handle the command, AclData reference is null at this point");
124 session.getConsole().println("Please provide valid option");
125 session.getConsole().println();
126 session.getConsole().println("Usage: " + opSelStr);
131 getAclInterfaceMap();
133 case "ingressRemoteAclId":
134 getRemoteAclIdMap(DirectionIngress.class);
136 case "egressRemoteAclId":
137 getRemoteAclIdMap(DirectionEgress.class);
142 case "aclInterfaceCache":
143 getAclInterfaceCache();
149 session.getConsole().println("Invalid operation");
150 session.getConsole().println();
151 session.getConsole().println("Usage: " + opSelStr);
156 private void printHelp() {
157 session.getConsole().println("Invalid input");
158 session.getConsole().println();
159 session.getConsole().println("Usage: " + exeCmdStr + op + " --all show | --key <"
160 + opToKeyIdMap.get(op) + ">");
163 private boolean validateAll() {
164 return "show".equalsIgnoreCase(all);
167 private void printHeader(String headerString, String headerLine) {
168 session.getConsole().println();
169 session.getConsole().println(headerString);
170 session.getConsole().println(headerLine);
173 protected void getAclInterfaceMap() {
174 if (all == null && key == null) {
176 } else if (all == null) {
179 uuid = Uuid.getDefaultInstance(key);
180 } catch (IllegalArgumentException e) {
181 session.getConsole().println("Invalid uuid. " + e.getMessage());
182 LOG.error("Invalid uuid", e);
185 Collection<AclInterface> aclInterfaceList = aclDataCache.getInterfaceList(uuid);
186 printHeader(ACL_INTERFACE_MAP_HEADERS, HEADER_LINE);
187 session.getConsole().print(String.format(UUID_TAB, uuid.getValue()));
188 printAclInterfaceMap(aclInterfaceList);
189 } else if (key == null) {
190 if (!validateAll()) {
194 Map<Uuid, Collection<AclInterface>> aclInterfaceMap = aclDataCache.getAclInterfaceMap();
195 if (aclInterfaceMap.isEmpty()) {
196 session.getConsole().println("No data found");
198 printHeader(ACL_INTERFACE_MAP_HEADERS, HEADER_LINE);
199 aclInterfaceMap.forEach((uuid, aclInterfaceList) -> {
200 session.getConsole().print(String.format(UUID_TAB, uuid.getValue()));
201 printAclInterfaceMap(aclInterfaceList);
207 protected void getRemoteAclIdMap(Class<? extends DirectionBase> direction) {
208 if (all == null && key == null) {
210 } else if (all == null) {
213 uuidRef = Uuid.getDefaultInstance(key);
214 } catch (IllegalArgumentException e) {
215 session.getConsole().println("Invalid uuid" + e.getMessage());
216 LOG.error("Invalid uuid", e);
219 Collection<Uuid> remoteUuidLst = aclDataCache.getRemoteAcl(uuidRef, direction);
220 printHeader(REMOTE_ACL_ID_HEADERS, HEADER_LINE);
221 session.getConsole().print(String.format(UUID_TAB, uuidRef.getValue()));
222 printRemoteAcl(remoteUuidLst);
223 } else if (key == null) {
224 if (!validateAll()) {
229 Map<Uuid, Collection<Uuid>> map = DirectionEgress.class.equals(direction)
230 ? aclDataCache.getEgressRemoteAclIdMap() : aclDataCache.getIngressRemoteAclIdMap();
232 session.getConsole().println("No data found");
234 printHeader(REMOTE_ACL_ID_HEADERS, HEADER_LINE);
235 map.forEach((uuid, remoteUuidList) -> {
236 session.getConsole().print(String.format(UUID_TAB, uuid.getValue()));
237 printRemoteAcl(remoteUuidList);
238 session.getConsole().println();
244 private void printRemoteAcl(Collection<Uuid> remoteUuidLst) {
245 if (remoteUuidLst == null || remoteUuidLst.isEmpty()) {
246 session.getConsole().println("No data found ");
248 List<String> uuids = remoteUuidLst.stream().map(Uuid::getValue).collect(Collectors.toList());
249 String joined = uuids.stream().collect(joining("\n" + DELIMITER, "", ""));
250 session.getConsole().println(joined);
254 protected void getAclTagMap() {
255 if (all == null && key == null) {
257 } else if (all == null) {
258 Integer val = aclDataCache.getAclTag(key);
260 session.getConsole().println("No data found");
263 printHeader(ACL_TAG_HEADERS, ACL_TAG_HEADER_LINE);
264 session.getConsole().println(String.format(ACL_TAG_DATA_FORMAT_STRING, key, val));
265 } else if (key == null) {
266 if (!validateAll()) {
270 Map<String, Integer> map = aclDataCache.getAclTagMap();
272 session.getConsole().println("No data found");
274 printHeader(ACL_TAG_HEADERS, ACL_TAG_HEADER_LINE);
275 map.entrySet().stream().sorted(Map.Entry.comparingByValue()).forEach(entry -> session.getConsole()
276 .println(String.format(ACL_TAG_DATA_FORMAT_STRING, entry.getKey(), entry.getValue())));
282 protected void getAclInterfaceCache() {
283 if (all == null && key == null) {
287 if (all == null && key != null) {
288 AclInterface aclInterface = aclInterfaceCache.get(key);
289 if (aclInterface == null) {
290 session.getConsole().println("No data found");
293 printAclInterfaceHeader();
294 printAclInterface(aclInterface);
295 } else if (key == null) {
296 if (!validateAll()) {
300 Collection<Entry<String, AclInterface>> entries = aclInterfaceCache.entries();
301 if (entries.isEmpty()) {
302 session.getConsole().println("No data found");
305 printAclInterfaceCache(entries);
309 private void printAclInterfaceMap(Collection<AclInterface> aclInterfaceList) {
310 if (aclInterfaceList == null || aclInterfaceList.isEmpty()) {
311 session.getConsole().println("No data found");
313 List<String> uuids = aclInterfaceList.stream().map(AclInterface::getInterfaceId)
314 .collect(Collectors.toList());
315 String joined = uuids.stream().collect(joining("\n" + DELIMITER, "", ""));
316 session.getConsole().println(joined);
317 session.getConsole().println();
321 @SuppressWarnings("checkstyle:RegexpSinglelineJava")
322 private void printAclInterfaceCache(Collection<Entry<String, AclInterface>> entries) {
323 printAclInterfaceHeader();
325 for (Map.Entry<String, AclInterface> entry : entries) {
326 AclInterface aclInterface = entry.getValue();
327 printAclInterface(aclInterface);
331 private void printAclInterface(AclInterface aclInterface) {
332 session.getConsole().println(String.format(ACL_INTERFACE_FORMAT_STRING, aclInterface.getInterfaceId(),
333 aclInterface.getInterfaceType(), aclInterface.isPortSecurityEnabled(), aclInterface.getDpId(),
334 aclInterface.getLPortTag(), aclInterface.getElanId(), aclInterface.isMarkedForDelete()));
335 List<AllowedAddressPairs> aaps = aclInterface.getAllowedAddressPairs();
336 if (aaps == null || aaps.isEmpty()) {
337 session.getConsole().println("--");
339 for (AllowedAddressPairs aap : aaps) {
340 IpPrefixOrAddress ipPrefixOrAddress = aap.getIpAddress();
341 IpPrefix ipPrefix = ipPrefixOrAddress.getIpPrefix();
342 String ipAddrStr = "";
343 if (ipPrefix != null) {
344 if (ipPrefix.getIpv4Prefix() != null) {
345 ipAddrStr = ipPrefix.getIpv4Prefix().getValue();
347 ipAddrStr = ipPrefix.getIpv6Prefix().getValue();
350 IpAddress ipAddress = ipPrefixOrAddress.getIpAddress();
351 if (ipAddress != null) {
352 if (ipAddress.getIpv4Address() != null) {
353 ipAddrStr = ipAddress.getIpv4Address().getValue();
355 ipAddrStr = ipAddress.getIpv6Address().getValue();
359 String macAddrStr = aap.getMacAddress().getValue();
360 session.getConsole().println(ipAddrStr + ", " + macAddrStr);
364 List<Uuid> sgsUuid = aclInterface.getSecurityGroups();
365 if (sgsUuid == null || sgsUuid.isEmpty()) {
366 session.getConsole().println("--");
368 for (Uuid sgUuid : sgsUuid) {
369 session.getConsole().println(sgUuid.getValue());
372 SortedSet<Integer> ingressRemoteAclTags = aclInterface.getIngressRemoteAclTags();
373 if (ingressRemoteAclTags == null || ingressRemoteAclTags.isEmpty()) {
374 session.getConsole().println("--");
376 session.getConsole().println(ingressRemoteAclTags);
378 SortedSet<Integer> egressRemoteAclTags = aclInterface.getEgressRemoteAclTags();
379 if (egressRemoteAclTags == null || egressRemoteAclTags.isEmpty()) {
380 session.getConsole().println("--");
382 session.getConsole().println(egressRemoteAclTags);
384 session.getConsole().println();
387 private void printAclInterfaceHeader() {
388 session.getConsole().println();
389 StringBuilder sb = new StringBuilder();
390 Formatter fmt = new Formatter(sb);
391 session.getConsole().println(fmt.format(ACL_INTERFACE_FORMAT_STRING, "InterfaceId", "Type",
392 "SGEnabled", "DpId", "LPort", "ElanId", "Marked"));
394 session.getConsole().println(fmt.format("%-55s", "AllowedAddressPairs"));
396 session.getConsole().println(fmt.format("%-55s", "SecurityGroups"));
398 session.getConsole().println(fmt.format("%-55s", "IngressRemoteAclTags"));
400 session.getConsole().println(fmt.format("%-55s", "EgressRemoteAclTags"));
402 session.getConsole().println(fmt
403 .format("----------------------------------------------------------------------------------------------"));
408 protected void getAclMap() {
409 if (all == null && key == null) {
411 } else if (all == null) {
412 Acl acl = aclDataCache.getAcl(key);
414 session.getConsole().println("No data found");
418 } else if (key == null) {
419 if (!validateAll()) {
423 Map<String, Acl> map = aclDataCache.getAclMap();
425 session.getConsole().println("No data found");
427 map.forEach(this::printAcl);
432 private void printAcl(String aclId, Acl acl) {
433 session.getConsole().println();
434 session.getConsole().println(ACL_HEADER + String.format("%-32s ", aclId));
435 if (null != acl.getAccessListEntries() && null != acl.getAccessListEntries().getAce()) {
436 printHeader(ACL_ENTRIES_HEADERS, ACL_ENTRIES_HEADER_LINE);
437 List<Ace> aceList = acl.getAccessListEntries().getAce();
438 for (Ace ace : aceList) {
439 LOG.info("ace data: {}", ace);
440 SecurityRuleAttr aceAttr = getAccessListAttributes(ace);
441 Class<? extends DirectionBase> aceAttrDirection = aceAttr.getDirection();
442 AceIp aceIp = (AceIp) ace.getMatches().getAceType();
443 AceIpVersion ipVersion = aceIp.getAceIpVersion();
444 Uint8 protoNum = aceIp.getProtocol();
445 String protocol = "Any";
446 if (null != protoNum) {
447 protocol = protoMap.get(protoNum.toString());
448 protocol = (protocol == null) ? protoNum.toString() : protocol;
451 String direction = DirectionEgress.class.equals(aceAttrDirection) ? "Egress" : "Ingress";
452 String ipPrefix = " -- ";
453 if (null != ipVersion && ipVersion instanceof AceIpv4) {
455 Ipv4Prefix srcNetwork = ((AceIpv4) ipVersion).getSourceIpv4Network();
456 if (null != srcNetwork) {
457 ipPrefix = srcNetwork.getValue();
459 } else if (null != ipVersion && ipVersion instanceof AceIpv6) {
461 Ipv6Prefix srcNetwork = ((AceIpv6) ipVersion).getSourceIpv6Network();
462 if (null != srcNetwork) {
463 ipPrefix = srcNetwork.getValue();
466 String remoteGroupId = "-";
467 if (aceAttr.getRemoteGroupId() != null) {
468 remoteGroupId = aceAttr.getRemoteGroupId().getValue();
471 String prefixAndRemoteId = ipPrefix + " / " + remoteGroupId;
472 session.getConsole().print(String.format(ACE_ENTRIES_FORMAT_STRING, ace.key().getRuleName(),
473 direction, protocol, ipVer, prefixAndRemoteId));
476 session.getConsole().println();
479 public SecurityRuleAttr getAccessListAttributes(Ace ace) {
481 LOG.error("Ace is Null");
484 SecurityRuleAttr aceAttributes = ace.augmentation(SecurityRuleAttr.class);
485 if (aceAttributes == null) {
486 LOG.error("Ace is null");
489 return aceAttributes;