Code Review / groupbasedpolicy.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Fixed missing tunnel type
[groupbasedpolicy.git] / renderers / ofoverlay / src / test / java / org / opendaylight / groupbasedpolicy / renderer / ofoverlay / flow / PortSecurityTest.java
1 /*\r
2  * Copyright (c) 2014 Cisco Systems, Inc. and others.  All rights reserved.\r
3  *\r
4  * This program and the accompanying materials are made available under the\r
5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,\r
6  * and is available at http://www.eclipse.org/legal/epl-v10.html\r
7  */\r
8 \r
9 package org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow;\r
10 \r
11 import java.util.Collections;\r
12 import java.util.HashMap;\r
13 import java.util.List;\r
14 import java.util.Map;\r
15 import java.util.Objects;\r
16 import java.util.Set;\r
17 \r
18 import org.junit.Before;\r
19 import org.junit.Test;\r
20 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.PolicyManager.FlowMap;\r
21 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpAddress;\r
22 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv4Address;\r
23 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv6Address;\r
24 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.Flow;\r
25 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.endpoint.fields.L3Address;\r
26 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.endpoint.fields.L3AddressBuilder;\r
27 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.endpoints.Endpoint;\r
28 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.ofoverlay.rev140528.OfOverlayContext;\r
29 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.ofoverlay.rev140528.OfOverlayNodeConfigBuilder;\r
30 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.ofoverlay.rev140528.nodes.node.TunnelBuilder;\r
31 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeConnectorId;\r
32 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeId;\r
33 import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.ArpMatch;\r
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv4Match;\r
35 import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv6Match;\r
36 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.overlay.rev150105.TunnelTypeVxlan;\r
37 import org.slf4j.Logger;\r
38 import org.slf4j.LoggerFactory;\r
39 \r
40 import com.google.common.collect.ImmutableList;\r
41 import com.google.common.collect.ImmutableSet;\r
42 \r
43 import static org.junit.Assert.*;\r
44 \r
45 public class PortSecurityTest extends FlowTableTest {\r
46     protected static final Logger LOG =\r
47             LoggerFactory.getLogger(PortSecurityTest.class);\r
48 \r
49     @Override\r
50     @Before\r
51     public void setup() throws Exception {\r
52         initCtx();\r
53         table = new PortSecurity(ctx);\r
54         super.setup();\r
55     }\r
56 \r
57     @Test\r
58     public void testDefaultDeny() throws Exception {\r
59         FlowMap fm = dosync(null);\r
60         int count = 0;\r
61         Map<String, Flow> flowMap = new HashMap<>();\r
62         for (Flow f : fm.getTableForNode(nodeId, (short) 0).getFlow()) {\r
63             flowMap.put(f.getId().getValue(), f);\r
64             Long etherType = null;\r
65             if (f.getMatch() != null) {\r
66                 etherType = f.getMatch().getEthernetMatch().getEthernetType().getType().getValue();\r
67             }\r
68             if (f.getMatch() == null || FlowUtils.ARP.equals(etherType) || FlowUtils.IPv4.equals(etherType)\r
69                     || FlowUtils.IPv6.equals(etherType)) {\r
70                 count += 1;\r
71                 assertEquals(FlowUtils.dropInstructions(), f.getInstructions());\r
72             }\r
73         }\r
74         assertEquals(4, count);\r
75         int numberOfFlows = fm.getTableForNode(nodeId, (short) 0).getFlow().size();\r
76         fm = dosync(flowMap);\r
77         assertEquals(numberOfFlows, fm.getTableForNode(nodeId, (short) 0).getFlow().size());\r
78     }\r
79 \r
80     @Test\r
81     public void testNonLocalAllow() throws Exception {\r
82         switchManager\r
83             .addSwitch(new NodeId("openflow:1"),\r
84                        new NodeConnectorId("openflow:1:1"),\r
85                        ImmutableSet.of(new NodeConnectorId("openflow:1:2")),\r
86                        new OfOverlayNodeConfigBuilder().setTunnel(\r
87                                ImmutableList.of(new TunnelBuilder()\r
88                                    .setTunnelType(TunnelTypeVxlan.class)\r
89                                    .setNodeConnectorId(new NodeConnectorId("openflow:1:1"))\r
90                                    .build())).build());\r
91         FlowMap fm = dosync(null);\r
92         assertNotEquals(0 ,fm.getTableForNode(nodeId, (short) 0).getFlow().size());\r
93 \r
94         int count = 0;\r
95         HashMap<String, Flow> flowMap = new HashMap<>();\r
96         Set<String> ncs = ImmutableSet.of("openflow:1:1", "openflow:1:2");\r
97         for (Flow f : fm.getTableForNode(nodeId, (short) 0).getFlow()) {\r
98             flowMap.put(f.getId().getValue(), f);\r
99             if (f.getMatch() != null && f.getMatch().getInPort() != null &&\r
100                 ncs.contains(f.getMatch().getInPort().getValue())) {\r
101                 assertEquals(f.getInstructions(),\r
102                              FlowUtils.gotoTableInstructions((short)(table.getTableId()+1)));\r
103                 count += 1;\r
104             }\r
105         }\r
106         assertEquals(2, count);\r
107         int numberOfFlows = fm.getTableForNode(nodeId, (short) 0).getFlow().size();\r
108         fm = dosync(flowMap);\r
109         assertEquals(numberOfFlows, fm.getTableForNode(nodeId, (short) 0).getFlow().size());\r
110     }\r
111 \r
112     @Test\r
113     public void testL2() throws Exception {\r
114         List<L3Address> l3 = Collections.emptyList();\r
115         Endpoint ep = localEP()\r
116             .setL3Address(l3)\r
117             .build();\r
118 \r
119         endpointManager.addEndpoint(ep);\r
120 \r
121         FlowMap fm = dosync(null);\r
122         assertNotEquals(0 ,fm.getTableForNode(nodeId, (short) 0).getFlow().size());\r
123 \r
124         int count = 0;\r
125         HashMap<String, Flow> flowMap = new HashMap<>();\r
126         for (Flow f : fm.getTableForNode(nodeId, (short) 0).getFlow()) {\r
127             flowMap.put(f.getId().getValue(), f);\r
128             if (f.getMatch() != null &&\r
129                 f.getMatch().getEthernetMatch() != null &&\r
130                 f.getMatch().getEthernetMatch().getEthernetSource() != null &&\r
131                 Objects.equals(ep.getMacAddress(),\r
132                                f.getMatch().getEthernetMatch()\r
133                                    .getEthernetSource().getAddress()) &&\r
134                 Objects.equals(ep.getAugmentation(OfOverlayContext.class).getNodeConnectorId(),\r
135                                f.getMatch().getInPort())) {\r
136                 count += 1;\r
137                 assertEquals(FlowUtils.gotoTableInstructions((short)(table.getTableId()+1)),\r
138                              f.getInstructions());\r
139             }\r
140         }\r
141         assertEquals(2, count);\r
142         int numberOfFlows = fm.getTableForNode(nodeId, (short) 0).getFlow().size();\r
143         fm = dosync(flowMap);\r
144         assertEquals(numberOfFlows, fm.getTableForNode(nodeId, (short) 0).getFlow().size());\r
145     }\r
146 \r
147     @Test\r
148     public void testL3() throws Exception {\r
149         Endpoint ep = localEP()\r
150             .setL3Address(ImmutableList.of(new L3AddressBuilder()\r
151                 .setIpAddress(new IpAddress(new Ipv4Address("10.10.10.10")))\r
152                 .build(),\r
153                 new L3AddressBuilder()\r
154                 .setIpAddress(new IpAddress(new Ipv6Address("2001:db8:85a3::8a2e:370:7334")))\r
155                 .build()))\r
156             .build();\r
157 \r
158         endpointManager.addEndpoint(ep);\r
159 \r
160         FlowMap fm = dosync(null);\r
161         assertNotEquals(0 ,fm.getTableForNode(nodeId, (short) 0).getFlow().size());\r
162 \r
163         int count = 0;\r
164         HashMap<String, Flow> flowMap = new HashMap<>();\r
165         for (Flow f : fm.getTableForNode(nodeId, (short) 0).getFlow()) {\r
166             flowMap.put(f.getId().getValue(), f);\r
167             if (f.getMatch() != null &&\r
168                 Objects.equals(ep.getAugmentation(OfOverlayContext.class).getNodeConnectorId(),\r
169                                f.getMatch().getInPort()) &&\r
170                 ((f.getMatch().getLayer3Match() != null &&\r
171                   f.getMatch().getLayer3Match() instanceof Ipv4Match &&\r
172                   ((Ipv4Match)f.getMatch().getLayer3Match()).getIpv4Source() != null &&\r
173                   Objects.equals(ep.getL3Address().get(0).getIpAddress().getIpv4Address().getValue(),\r
174                           ((Ipv4Match)f.getMatch().getLayer3Match()).getIpv4Source().getValue().split("/")[0])) ||\r
175                  (f.getMatch().getLayer3Match() != null &&\r
176                          f.getMatch().getLayer3Match() instanceof Ipv4Match &&\r
177                          ((Ipv4Match)f.getMatch().getLayer3Match()).getIpv4Destination() != null &&\r
178                   Objects.equals("255.255.255.255",\r
179                           ((Ipv4Match)f.getMatch().getLayer3Match()).getIpv4Destination().getValue().split("/")[0]))     ||\r
180                  (f.getMatch().getLayer3Match() != null &&\r
181                   f.getMatch().getLayer3Match() instanceof ArpMatch &&\r
182                   Objects.equals(ep.getL3Address().get(0).getIpAddress().getIpv4Address().getValue(),\r
183                                  ((ArpMatch)f.getMatch().getLayer3Match()).getArpSourceTransportAddress().getValue().split("/")[0])) ||\r
184                  (f.getMatch().getLayer3Match() != null &&\r
185                   f.getMatch().getLayer3Match() instanceof Ipv6Match &&\r
186                   Objects.equals(ep.getL3Address().get(1).getIpAddress().getIpv6Address().getValue(),\r
187                                  ((Ipv6Match)f.getMatch().getLayer3Match()).getIpv6Source().getValue().split("/")[0])))) {\r
188                 count += 1;\r
189                 assertEquals(FlowUtils.gotoTableInstructions((short)(table.getTableId()+1)),\r
190                              f.getInstructions());\r
191             }\r
192         }\r
193         assertEquals(4, count);\r
194         int numberOfFlows = fm.getTableForNode(nodeId, (short) 0).getFlow().size();\r
195         fm = dosync(flowMap);\r
196         assertEquals(numberOfFlows, fm.getTableForNode(nodeId, (short) 0).getFlow().size());\r
197     }\r
198 }\r
OpenDaylight Group Based Policy Plugin