2 * Copyright (c) 2014 Cisco Systems, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.groupbasedpolicy.neutron.mapper.infrastructure;
11 import com.google.common.collect.ImmutableList;
13 import java.util.Collections;
14 import java.util.HashSet;
17 import javax.annotation.Nullable;
19 import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
20 import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
21 import org.opendaylight.groupbasedpolicy.api.sf.EtherTypeClassifierDefinition;
22 import org.opendaylight.groupbasedpolicy.api.sf.IpProtoClassifierDefinition;
23 import org.opendaylight.groupbasedpolicy.api.sf.L4ClassifierDefinition;
24 import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
25 import org.opendaylight.groupbasedpolicy.util.IidFactory;
26 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefix;
27 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClassifierName;
28 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ContractId;
29 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.Description;
30 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.EndpointGroupId;
31 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.Name;
32 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SubjectName;
33 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.TenantId;
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection.Direction;
35 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.L3EndpointIdentificationConstraints;
36 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.Contract;
37 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroup;
38 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.Clause;
39 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.Subject;
40 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.SubjectBuilder;
41 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ConsumerMatchers;
42 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ProviderMatchers;
43 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.subject.Rule;
44 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ConsumerNamedSelector;
45 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ProviderNamedSelector;
46 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ActionInstance;
47 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstance;
49 public class NetworkService extends ServiceUtil {
52 * Unit tests {@link NetworkServiceTest}.
55 private static final long DHCP_IPV4_SERVER_PORT = 67;
56 private static final long DHCP_IPV4_CLIENT_PORT = 68;
57 private static final long DHCP_IPV6_SERVER_PORT = 547;
58 private static final long DHCP_IPV6_CLIENT_PORT = 546;
59 private static final ClassifierName DHCP_IPV4_CLIENT_SERVER_NAME =
60 new ClassifierName("DHCP_IPv4_FROM_CLIENT_TO_SERVER");
61 private static final ClassifierName DHCP_IPV4_SERVER_CLIENT_NAME =
62 new ClassifierName("DHCP_IPv4_FROM_SERVER_TO_CLIENT");
63 private static final ClassifierName DHCP_IPV6_CLIENT_SERVER_NAME =
64 new ClassifierName("DHCP_IPv6_FROM_CLIENT_TO_SERVER");
65 private static final ClassifierName DHCP_IPV6_SERVER_CLIENT_NAME =
66 new ClassifierName("DHCP_IPv6_FROM_SERVER_TO_CLIENT");
67 private static final SubjectName DHCP_SUBJECT_NAME = new SubjectName("ALLOW_DHCP");
68 private static final Description DHCP_CONTRACT_DESC =
69 new Description("Allow DHCP communication between client and server.");
72 * Id of {@link #DHCP_CONTRACT}.
74 public static final ContractId DHCP_CONTRACT_ID = new ContractId("11118d2e-dddd-11e5-885d-feff819cdc9f");
76 * Contains rules with action {@link MappingUtils#ACTION_REF_ALLOW} matching DHCP communication
77 * between Client and Server.
79 public static final Contract DHCP_CONTRACT;
81 * {@link ConsumerNamedSelector} pointing to {@link #DHCP_CONTRACT}.
83 public static final ConsumerNamedSelector DHCP_CONTRACT_CONSUMER_SELECTOR;
86 private static final long DNS_SERVER_PORT = 53;
87 private static final ClassifierName DNS_UDP_IPV4_CLIENT_SERVER_NAME =
88 new ClassifierName("DNS_UDP_IPv4_FROM_CLIENT_TO_SERVER");
89 private static final ClassifierName DNS_UDP_IPV4_SERVER_CLIENT_NAME =
90 new ClassifierName("DNS_UDP_IPv4_FROM_SERVER_TO_CLIENT");
91 private static final ClassifierName DNS_UDP_IPV6_CLIENT_SERVER_NAME =
92 new ClassifierName("DNS_UDP_IPv6_FROM_CLIENT_TO_SERVER");
93 private static final ClassifierName DNS_UDP_IPV6_SERVER_CLIENT_NAME =
94 new ClassifierName("DNS_UDP_IPv6_FROM_SERVER_TO_CLIENT");
95 private static final ClassifierName DNS_TCP_IPV4_CLIENT_SERVER_NAME =
96 new ClassifierName("DNS_TCP_IPv4_FROM_CLIENT_TO_SERVER");
97 private static final ClassifierName DNS_TCP_IPV4_SERVER_CLIENT_NAME =
98 new ClassifierName("DNS_TCP_IPv4_FROM_SERVER_TO_CLIENT");
99 private static final ClassifierName DNS_TCP_IPV6_CLIENT_SERVER_NAME =
100 new ClassifierName("DNS_TCP_IPv6_FROM_CLIENT_TO_SERVER");
101 private static final ClassifierName DNS_TCP_IPV6_SERVER_CLIENT_NAME =
102 new ClassifierName("DNS_TCP_IPv6_FROM_SERVER_TO_CLIENT");
103 private static final SubjectName DNS_SUBJECT_NAME = new SubjectName("ALLOW_DNS");
104 private static final Description DNS_CONTRACT_DESC =
105 new Description("Allow DNS communication between client and server.");
107 * ID of {@link #DNS_CONTRACT}.
109 public static final ContractId DNS_CONTRACT_ID = new ContractId("22218d2e-dddd-11e5-885d-feff819cdc9f");
111 * Contains rules with action {@link MappingUtils#ACTION_REF_ALLOW} matching DNS communication
112 * between Client and Server.
114 public static final Contract DNS_CONTRACT;
116 * {@link ConsumerNamedSelector} pointing to {@link #DNS_CONTRACT}.
118 public static final ConsumerNamedSelector DNS_CONTRACT_CONSUMER_SELECTOR;
120 // ########### SSH and ICMP management
121 private static final long SSH_TCP_PORT = 22;
122 private static final ClassifierName SSH_IPV4_SERVER_TO_CLIENT_NAME =
123 new ClassifierName("SSH_IPV4_FROM_SERVER_TO_CLIENT");
124 private static final ClassifierName SSH_IPV6_SERVER_TO_CLIENT_NAME =
125 new ClassifierName("SSH_IPV6_FROM_SERVER_TO_CLIENT");
126 private static final ClassifierName SSH_IPV4_CLIENT_TO_SERVER_NAME =
127 new ClassifierName("SSH_IPV4_FROM_CLIENT_TO_SERVER");
128 private static final ClassifierName SSH_IPV6_CLIENT_TO_SERVER_NAME =
129 new ClassifierName("SSH_IPV6_FROM_CLIENT_TO_SERVER");
130 private static final ClassifierName ICMP_IPV4_BETWEEN_SERVER_CLIENT_NAME =
131 new ClassifierName("ICMP_IPV4_BETWEEN_SERVER_CLIENT");
132 private static final ClassifierName ICMP_IPV6_BETWEEN_SERVER_CLIENT_NAME =
133 new ClassifierName("ICMP_IPV6_BETWEEN_SERVER_CLIENT");
134 private static final SubjectName MGMT_SUBJECT_NAME = new SubjectName("ALLOW_MGMT");
135 private static final Description MGMT_CONTRACT_DESC =
136 new Description("Allow ICMP and SSH management communication between server and client.");
139 * Id of {@link #MGMT_CONTRACT}.
141 public static final ContractId MGMT_CONTRACT_ID = new ContractId("33318d2e-dddd-11e5-885d-feff819cdc9f");
143 * Contains rules with action {@link MappingUtils#ACTION_REF_ALLOW} matching ICMP and SSH communication
144 * between Client and Server.
146 public static final Contract MGMT_CONTRACT;
148 * {@link ConsumerNamedSelector} pointing to {@link #MGMT_CONTRACT}.
150 public static final ConsumerNamedSelector MGMT_CONTRACT_CONSUMER_SELECTOR;
152 // ########### NETWORK-SERVICE ENDPOINT-GROUP
153 private static final Name NETWORK_SERVICE_EPG_NAME = new Name("NETWORK_SERVICE");
154 private static final Description NETWORK_SERVICE_EPG_DESC = new Description("Represents DHCP and DNS servers.");
156 * ID of {@link #EPG}.
158 public static final EndpointGroupId EPG_ID = new EndpointGroupId("ddd6cfe6-dfe5-11e4-8a00-1681e6b88ec1");
160 * Network-service endpoint-group providing {@link #DHCP_CONTRACT} and {@link #DNS_CONTRACT}.
162 public static final EndpointGroup EPG;
165 DHCP_CONTRACT = createContractDhcp();
166 DHCP_CONTRACT_CONSUMER_SELECTOR = createConsumerSelector(DHCP_CONTRACT);
167 DNS_CONTRACT = createContractDns();
168 DNS_CONTRACT_CONSUMER_SELECTOR = createConsumerSelector(DNS_CONTRACT);
169 MGMT_CONTRACT = createContractMgmt();
170 MGMT_CONTRACT_CONSUMER_SELECTOR = createConsumerSelector(MGMT_CONTRACT);
171 EPG = createNetworkServiceEpg();
174 private static EndpointGroup createNetworkServiceEpg() {
175 ProviderNamedSelector dhcpProviderSelector = createProviderSelector(DHCP_CONTRACT);
176 ProviderNamedSelector dnsProviderSelector = createProviderSelector(DNS_CONTRACT);
177 ProviderNamedSelector mgmtProviderSelector = createProviderSelector(MGMT_CONTRACT);
178 return createEpgBuilder(EPG_ID, NETWORK_SERVICE_EPG_NAME, NETWORK_SERVICE_EPG_DESC)
179 .setProviderNamedSelector(ImmutableList.of(dhcpProviderSelector, dnsProviderSelector, mgmtProviderSelector))
183 private static Contract createContractDhcp() {
184 Rule clientServerIpv4Rule = createRuleAllow(DHCP_IPV4_CLIENT_SERVER_NAME, Direction.In);
185 Rule serverClientIpv4Rule = createRuleAllow(DHCP_IPV4_SERVER_CLIENT_NAME, Direction.Out);
186 Rule clientServerIpv6Rule = createRuleAllow(DHCP_IPV6_CLIENT_SERVER_NAME, Direction.In);
187 Rule serverClientIpv6Rule = createRuleAllow(DHCP_IPV6_SERVER_CLIENT_NAME, Direction.Out);
188 Subject subject = new SubjectBuilder().setName(DHCP_SUBJECT_NAME)
190 .setRule(ImmutableList.of(clientServerIpv4Rule, serverClientIpv4Rule, clientServerIpv6Rule,
191 serverClientIpv6Rule))
193 return createContract(DHCP_CONTRACT_ID, ImmutableList.of(subject), DHCP_CONTRACT_DESC);
196 private static Contract createContractDns() {
197 Rule clientServerUdpIpv4Rule = createRuleAllow(DNS_UDP_IPV4_CLIENT_SERVER_NAME, Direction.In);
198 Rule serverClientUdpIpv4Rule = createRuleAllow(DNS_UDP_IPV4_SERVER_CLIENT_NAME, Direction.Out);
199 Rule clientServerUdpIpv6Rule = createRuleAllow(DNS_UDP_IPV6_CLIENT_SERVER_NAME, Direction.In);
200 Rule serverClientUdpIpv6Rule = createRuleAllow(DNS_UDP_IPV6_SERVER_CLIENT_NAME, Direction.Out);
201 Rule clientServerTcpIpv4Rule = createRuleAllow(DNS_TCP_IPV4_CLIENT_SERVER_NAME, Direction.In);
202 Rule serverClientTcpIpv4Rule = createRuleAllow(DNS_TCP_IPV4_SERVER_CLIENT_NAME, Direction.Out);
203 Rule clientServerTcpIpv6Rule = createRuleAllow(DNS_TCP_IPV6_CLIENT_SERVER_NAME, Direction.In);
204 Rule serverClientTcpIpv6Rule = createRuleAllow(DNS_TCP_IPV6_SERVER_CLIENT_NAME, Direction.Out);
205 Subject subject = new SubjectBuilder().setName(DNS_SUBJECT_NAME)
207 .setRule(ImmutableList.of(clientServerUdpIpv4Rule, serverClientUdpIpv4Rule, clientServerUdpIpv6Rule,
208 serverClientUdpIpv6Rule, clientServerTcpIpv4Rule, serverClientTcpIpv4Rule, clientServerTcpIpv6Rule,
209 serverClientTcpIpv6Rule))
211 return createContract(DNS_CONTRACT_ID, ImmutableList.of(subject), DNS_CONTRACT_DESC);
214 private static Contract createContractMgmt() {
215 Rule serverClientSshIpv4Rule = createRuleAllow(SSH_IPV4_SERVER_TO_CLIENT_NAME, Direction.Out);
216 Rule serverClientSshIpv6Rule = createRuleAllow(SSH_IPV6_SERVER_TO_CLIENT_NAME, Direction.Out);
217 Rule clientServerSshIpv4Rule = createRuleAllow(SSH_IPV4_CLIENT_TO_SERVER_NAME, Direction.In);
218 Rule clientServerSshIpv6Rule = createRuleAllow(SSH_IPV6_CLIENT_TO_SERVER_NAME, Direction.In);
219 Rule serverClientIcmpIpv4Rule = createRuleAllow(ICMP_IPV4_BETWEEN_SERVER_CLIENT_NAME, Direction.Out);
220 Rule serverClientIcmpIpv6Rule = createRuleAllow(ICMP_IPV6_BETWEEN_SERVER_CLIENT_NAME, Direction.Out);
221 Rule clientServerIcmpIpv4Rule = createRuleAllow(ICMP_IPV4_BETWEEN_SERVER_CLIENT_NAME, Direction.In);
222 Rule clientServerIcmpIpv6Rule = createRuleAllow(ICMP_IPV6_BETWEEN_SERVER_CLIENT_NAME, Direction.In);
224 Subject subject = new SubjectBuilder().setName(MGMT_SUBJECT_NAME)
226 .setRule(ImmutableList.of(serverClientSshIpv4Rule, serverClientSshIpv6Rule, clientServerSshIpv4Rule,
227 clientServerSshIpv6Rule, clientServerIcmpIpv4Rule, clientServerIcmpIpv6Rule,
228 serverClientIcmpIpv4Rule, serverClientIcmpIpv6Rule))
230 return createContract(MGMT_CONTRACT_ID, ImmutableList.of(subject), MGMT_CONTRACT_DESC);
234 * puts clause with {@link L3EndpointIdentificationConstraints} in {@link ConsumerMatchers}
235 * and {@link ProviderMatchers}. This clause points to subject in {@link #DHCP_CONTRACT}.
237 * @param tenantId location of {@link #DHCP_CONTRACT}
238 * @param ipPrefix used in {@link L3EndpointIdentificationConstraints}
239 * @param writeTx transaction where entities are written
241 public static void writeDhcpClauseWithConsProvEic(TenantId tenantId, @Nullable IpPrefix ipPrefix,
242 WriteTransaction writeTx) {
243 Clause clause = createClauseWithConsProvEic(ipPrefix, DHCP_SUBJECT_NAME);
244 writeTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.clauseIid(tenantId, DHCP_CONTRACT_ID,
245 clause.getName()), clause, true);
249 * puts clause with {@link L3EndpointIdentificationConstraints} in {@link ConsumerMatchers}
250 * and {@link ProviderMatchers}. This clause points to subject in {@link #DNS_CONTRACT}.
252 * @param tenantId location of {@link #DNS_CONTRACT}
253 * @param ipPrefix used in {@link L3EndpointIdentificationConstraints}
254 * @param writeTx transaction where entities are written
256 public static void writeDnsClauseWithConsProvEic(TenantId tenantId, @Nullable IpPrefix ipPrefix,
257 WriteTransaction writeTx) {
258 Clause clause = createClauseWithConsProvEic(ipPrefix, DNS_SUBJECT_NAME);
259 writeTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.clauseIid(tenantId, DNS_CONTRACT_ID,
260 clause.getName()), clause, true);
264 * puts clause with {@link L3EndpointIdentificationConstraints} in {@link ConsumerMatchers}
265 * and {@link ProviderMatchers}. This clause points to subject in {@link #MGMT_CONTRACT}.
267 * @param tenantId location of {@link #MGMT_CONTRACT}
268 * @param ipPrefix used in {@link L3EndpointIdentificationConstraints}
269 * @param writeTx transaction where entities are written
271 public static void writeMgmtClauseWithConsProvEic(TenantId tenantId, @Nullable IpPrefix ipPrefix,
272 WriteTransaction writeTx) {
273 Clause clause = createClauseWithConsProvEic(ipPrefix, MGMT_SUBJECT_NAME);
274 writeTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.clauseIid(tenantId, MGMT_CONTRACT_ID,
275 clause.getName()), clause, true);
279 * Puts network service entities (classifier-instances, {@link #DHCP_CONTRACT},
280 * {@link #DNS_CONTRACT}, {@link #MGMT_CONTRACT} and {@link #EPG}) to
281 * {@link LogicalDatastoreType#CONFIGURATION}.
283 * @param tenantId location of network-service entities
284 * @param writeTx transaction where network-service entities are written
286 public static void writeNetworkServiceEntitiesToTenant(TenantId tenantId, WriteTransaction writeTx) {
287 Set<ClassifierInstance> classifierInstances = getAllClassifierInstances();
288 for (ClassifierInstance ci : classifierInstances) {
289 writeTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.classifierInstanceIid(tenantId, ci.getName()),
292 for (ActionInstance ai : Collections.singleton(MappingUtils.ACTION_ALLOW)) {
293 writeTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.actionInstanceIid(tenantId, ai.getName()), ai,
296 writeTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.contractIid(tenantId, DHCP_CONTRACT_ID),
297 DHCP_CONTRACT, true);
298 writeTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.contractIid(tenantId, DNS_CONTRACT_ID), DNS_CONTRACT,
300 writeTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.contractIid(tenantId, MGMT_CONTRACT_ID),
301 MGMT_CONTRACT, true);
302 writeTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.endpointGroupIid(tenantId, EPG_ID), EPG, true);
306 * Used to get all Classifier instances.
307 * @return All classifier-instances used in {@link #DHCP_CONTRACT}, {@link #DNS_CONTRACT} and
308 * {@link #MGMT_CONTRACT}.
310 public static Set<ClassifierInstance> getAllClassifierInstances() {
311 HashSet<ClassifierInstance> cis = new HashSet<>();
312 cis.add(createDhcpIpv4ClientServer());
313 cis.add(createDhcpIpv4ServerClient());
314 cis.add(createDhcpIpv6ClientServer());
315 cis.add(createDhcpIpv6ServerClient());
316 cis.add(createDnsUdpIpv4ClientServer());
317 cis.add(createDnsUdpIpv4ServerClient());
318 cis.add(createDnsUdpIpv6ClientServer());
319 cis.add(createDnsUdpIpv6ServerClient());
320 cis.add(createDnsTcpIpv4ClientServer());
321 cis.add(createDnsTcpIpv4ServerClient());
322 cis.add(createDnsTcpIpv6ClientServer());
323 cis.add(createDnsTcpIpv6ServerClient());
325 cis.add(createSshTcpIpv4ServerClient());
326 cis.add(createSshTcpIpv6ServerClient());
327 cis.add(createSshTcpIpv4ClientServer());
328 cis.add(createSshTcpIpv6ClientServer());
329 cis.add(createIcmpIpv4());
330 cis.add(createIcmpIpv6());
334 // ###################### DHCP
335 private static ClassifierInstance createDhcpIpv4ClientServer() {
336 return createClassifInstance(DHCP_IPV4_CLIENT_SERVER_NAME, L4ClassifierDefinition.DEFINITION.getId(),
337 createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
338 DHCP_IPV4_CLIENT_PORT, DHCP_IPV4_SERVER_PORT));
341 private static ClassifierInstance createDhcpIpv4ServerClient() {
342 return createClassifInstance(DHCP_IPV4_SERVER_CLIENT_NAME, L4ClassifierDefinition.DEFINITION.getId(),
343 createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
344 DHCP_IPV4_SERVER_PORT, DHCP_IPV4_CLIENT_PORT));
347 private static ClassifierInstance createDhcpIpv6ClientServer() {
348 return createClassifInstance(DHCP_IPV6_CLIENT_SERVER_NAME, L4ClassifierDefinition.DEFINITION.getId(),
349 createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
350 DHCP_IPV6_CLIENT_PORT, DHCP_IPV6_SERVER_PORT));
353 private static ClassifierInstance createDhcpIpv6ServerClient() {
354 return createClassifInstance(DHCP_IPV6_SERVER_CLIENT_NAME, L4ClassifierDefinition.DEFINITION.getId(),
355 createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
356 DHCP_IPV6_SERVER_PORT, DHCP_IPV6_CLIENT_PORT));
359 // ###################### DNS UDP
360 private static ClassifierInstance createDnsUdpIpv4ClientServer() {
361 return createClassifInstance(DNS_UDP_IPV4_CLIENT_SERVER_NAME, L4ClassifierDefinition.DEFINITION.getId(),
362 createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.UDP_VALUE, null,
366 private static ClassifierInstance createDnsUdpIpv4ServerClient() {
367 return createClassifInstance(DNS_UDP_IPV4_SERVER_CLIENT_NAME, L4ClassifierDefinition.DEFINITION.getId(),
368 createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
369 DNS_SERVER_PORT, null));
372 private static ClassifierInstance createDnsUdpIpv6ClientServer() {
373 return createClassifInstance(DNS_UDP_IPV6_CLIENT_SERVER_NAME, L4ClassifierDefinition.DEFINITION.getId(),
374 createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.UDP_VALUE, null,
378 private static ClassifierInstance createDnsUdpIpv6ServerClient() {
379 return createClassifInstance(DNS_UDP_IPV6_SERVER_CLIENT_NAME, L4ClassifierDefinition.DEFINITION.getId(),
380 createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
381 DNS_SERVER_PORT, null));
384 // ###################### DNS TCP
385 private static ClassifierInstance createDnsTcpIpv4ClientServer() {
386 return createClassifInstance(DNS_TCP_IPV4_CLIENT_SERVER_NAME,
387 L4ClassifierDefinition.DEFINITION.getId(),
388 createParams(EtherTypeClassifierDefinition.IPv4_VALUE,
389 IpProtoClassifierDefinition.TCP_VALUE, null, DNS_SERVER_PORT));
392 private static ClassifierInstance createDnsTcpIpv4ServerClient() {
393 return createClassifInstance(DNS_TCP_IPV4_SERVER_CLIENT_NAME,
394 L4ClassifierDefinition.DEFINITION.getId(),
395 createParams(EtherTypeClassifierDefinition.IPv4_VALUE,
396 IpProtoClassifierDefinition.TCP_VALUE, DNS_SERVER_PORT, null));
399 private static ClassifierInstance createDnsTcpIpv6ClientServer() {
400 return createClassifInstance(DNS_TCP_IPV6_CLIENT_SERVER_NAME,
401 L4ClassifierDefinition.DEFINITION.getId(),
402 createParams(EtherTypeClassifierDefinition.IPv6_VALUE,
403 IpProtoClassifierDefinition.TCP_VALUE, null, DNS_SERVER_PORT));
406 private static ClassifierInstance createDnsTcpIpv6ServerClient() {
407 return createClassifInstance(DNS_TCP_IPV6_SERVER_CLIENT_NAME,
408 L4ClassifierDefinition.DEFINITION.getId(),
409 createParams(EtherTypeClassifierDefinition.IPv6_VALUE,
410 IpProtoClassifierDefinition.TCP_VALUE, DNS_SERVER_PORT, null));
413 // ###################### SSH TCP
414 private static ClassifierInstance createSshTcpIpv4ClientServer() {
415 return createClassifInstance(SSH_IPV4_CLIENT_TO_SERVER_NAME,
416 L4ClassifierDefinition.DEFINITION.getId(),
417 createParams(EtherTypeClassifierDefinition.IPv4_VALUE,
418 IpProtoClassifierDefinition.TCP_VALUE, SSH_TCP_PORT, null));
421 private static ClassifierInstance createSshTcpIpv4ServerClient() {
422 return createClassifInstance(SSH_IPV4_SERVER_TO_CLIENT_NAME,
423 L4ClassifierDefinition.DEFINITION.getId(),
424 createParams(EtherTypeClassifierDefinition.IPv4_VALUE,
425 IpProtoClassifierDefinition.TCP_VALUE, null, SSH_TCP_PORT));
428 private static ClassifierInstance createSshTcpIpv6ClientServer() {
429 return createClassifInstance(SSH_IPV6_CLIENT_TO_SERVER_NAME,
430 L4ClassifierDefinition.DEFINITION.getId(),
431 createParams(EtherTypeClassifierDefinition.IPv6_VALUE,
432 IpProtoClassifierDefinition.TCP_VALUE, SSH_TCP_PORT, null));
435 private static ClassifierInstance createSshTcpIpv6ServerClient() {
436 return createClassifInstance(SSH_IPV6_SERVER_TO_CLIENT_NAME,
437 L4ClassifierDefinition.DEFINITION.getId(),
438 createParams(EtherTypeClassifierDefinition.IPv6_VALUE,
439 IpProtoClassifierDefinition.TCP_VALUE, null, SSH_TCP_PORT));
442 // ###################### ICMP
443 private static ClassifierInstance createIcmpIpv4() {
444 return createClassifInstance(ICMP_IPV4_BETWEEN_SERVER_CLIENT_NAME,
445 IpProtoClassifierDefinition.DEFINITION.getId(), createParams(
446 EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.ICMP_VALUE, null, null));
449 private static ClassifierInstance createIcmpIpv6() {
450 return createClassifInstance((ICMP_IPV6_BETWEEN_SERVER_CLIENT_NAME),
451 IpProtoClassifierDefinition.DEFINITION.getId(), createParams(
452 EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.ICMP_VALUE, null, null));