Code Review / netvirt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "Fix bugs related to wrong exception handling"
[netvirt.git] / vpnservice / aclservice / impl / src / main / java / org / opendaylight / netvirt / aclservice / LearnEgressAclServiceImpl.java
1 /*
2  * Copyright (c) 2016 HPE, Inc. and others. All rights reserved.
3  *
4  * This program and the accompanying materials are made available under the
5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6  * and is available at http://www.eclipse.org/legal/epl-v10.html
7  */
8 package org.opendaylight.netvirt.aclservice;
9
10 import java.math.BigInteger;
11 import java.util.ArrayList;
12 import java.util.List;
13 import java.util.Map;
14
15 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
16 import org.opendaylight.genius.mdsalutil.ActionInfo;
17 import org.opendaylight.genius.mdsalutil.ActionType;
18 import org.opendaylight.genius.mdsalutil.InstructionInfo;
19 import org.opendaylight.genius.mdsalutil.InstructionType;
20 import org.opendaylight.genius.mdsalutil.MatchInfoBase;
21 import org.opendaylight.genius.mdsalutil.NwConstants;
22 import org.opendaylight.genius.mdsalutil.NxMatchFieldType;
23 import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager;
24 import org.opendaylight.netvirt.aclservice.api.AclServiceManager.Action;
25 import org.opendaylight.netvirt.aclservice.utils.AclConstants;
26 import org.opendaylight.netvirt.aclservice.utils.AclServiceUtils;
27 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.Ace;
28 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
29 import org.slf4j.Logger;
30 import org.slf4j.LoggerFactory;
31
32 public class LearnEgressAclServiceImpl extends AbstractEgressAclServiceImpl {
33
34     private static final Logger LOG = LoggerFactory.getLogger(LearnEgressAclServiceImpl.class);
35
36     /**
37      * Initialize the member variables.
38      *
39      * @param dataBroker
40      *            the data broker instance.
41      * @param mdsalManager
42      *            the mdsal manager instance.
43      */
44     public LearnEgressAclServiceImpl(DataBroker dataBroker,
45             IMdsalApiManager mdsalManager) {
46         super(dataBroker, mdsalManager);
47     }
48
49     @Override
50     protected void programSpecificFixedRules(BigInteger dpid, String dhcpMacAddress,
51             List<AllowedAddressPairs> allowedAddresses, int lportTag, String portId, Action action, int addOrRemove) {
52     }
53
54     @Override
55     protected String syncSpecificAclFlow(BigInteger dpId, int lportTag, int addOrRemove, Ace ace, String portId,
56             Map<String, List<MatchInfoBase>> flowMap, String flowName) {
57         List<MatchInfoBase> flowMatches = flowMap.get(flowName);
58         flowMatches.add(AclServiceUtils.buildLPortTagMatch(lportTag));
59         List<ActionInfo> actionsInfos = new ArrayList<>();
60         addLearnActions(flowMatches, actionsInfos);
61
62         actionsInfos.add(new ActionInfo(ActionType.nx_resubmit,
63                 new String[] {Short.toString(NwConstants.LPORT_DISPATCHER_TABLE)}));
64
65         List<InstructionInfo> instructions = new ArrayList<>();
66         instructions.add(new InstructionInfo(InstructionType.apply_actions, actionsInfos));
67
68         String flowNameAdded = flowName + "Egress" + lportTag + ace.getKey().getRuleName();
69         syncFlow(dpId, NwConstants.INGRESS_LEARN2_TABLE, flowNameAdded, AclConstants.PROTO_MATCH_PRIORITY, "ACL", 0, 0,
70                 AclConstants.COOKIE_ACL_BASE, flowMatches, instructions, addOrRemove);
71         return flowName;
72     }
73
74     /*
75      * learn header
76      *
77      * 0 1 2 3 4 5 6 7 idleTO hardTO prio cook flags table finidle finhrad
78      *
79      * learn flowmod learnFlowModType srcField dstField FlowModNumBits 0 1 2 3
80      */
81     private void addLearnActions(List<MatchInfoBase> flows, List<ActionInfo> actionsInfos) {
82         boolean isTcp = AclServiceUtils.containsMatchFieldType(flows, NxMatchFieldType.nx_tcp_src_with_mask)
83                 || AclServiceUtils.containsMatchFieldType(flows, NxMatchFieldType.nx_tcp_dst_with_mask);
84         boolean isUdp = AclServiceUtils.containsMatchFieldType(flows, NxMatchFieldType.nx_udp_src_with_mask)
85                 || AclServiceUtils.containsMatchFieldType(flows, NxMatchFieldType.nx_udp_dst_with_mask);
86         if (isTcp) {
87             addTcpLearnActions(actionsInfos);
88         } else if (isUdp) {
89             addUdpLearnActions(actionsInfos);
90         } else {
91             addOtherProtocolsLearnActions(actionsInfos);
92         }
93     }
94
95     private void addOtherProtocolsLearnActions(List<ActionInfo> actionsInfos) {
96         String[][] flowMod = new String[5][];
97
98         flowMod[0] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_VALUE.name(),
99                 Integer.toString(NwConstants.ETHTYPE_IPV4),
100                 NwConstants.NxmOfFieldType.NXM_OF_ETH_TYPE.getHexType(),
101                 NwConstants.NxmOfFieldType.NXM_OF_ETH_TYPE.getFlowModHeaderLen() };
102         flowMod[1] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
103                 NwConstants.NxmOfFieldType.NXM_OF_IP_DST.getHexType(),
104                 NwConstants.NxmOfFieldType.NXM_OF_IP_SRC.getHexType(),
105                 NwConstants.NxmOfFieldType.NXM_OF_IP_SRC.getFlowModHeaderLen() };
106         flowMod[2] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
107                 NwConstants.NxmOfFieldType.NXM_OF_ETH_DST.getHexType(),
108                 NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getHexType(),
109                 NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getFlowModHeaderLen() };
110         flowMod[3] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
111                 NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getHexType(),
112                 NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getHexType(),
113                 NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getFlowModHeaderLen() };
114         flowMod[4] = new String[] {
115                 NwConstants.LearnFlowModsType.COPY_FROM_VALUE.name(), AclConstants.LEARN_MATCH_REG_VALUE,
116                 NwConstants.NxmOfFieldType.NXM_NX_REG6.getHexType(), "8" };
117
118         String[] header = new String[] {
119                 AclConstants.getGlobalConf(AclConstants.SECURITY_GROUP_UDP_IDLE_TO_KEY, "60"),
120                 AclConstants.getGlobalConf(AclConstants.SECURITY_GROUP_UDP_HARD_TO_KEY, "60"),
121                 AclConstants.PROTO_MATCH_PRIORITY.toString(),
122                 AclConstants.COOKIE_ACL_BASE.toString(), "0",
123                 Short.toString(NwConstants.EGRESS_LEARN_TABLE), "0", "0" };
124         actionsInfos.add(new ActionInfo(ActionType.learn, header, flowMod));
125     }
126
127     private void addTcpLearnActions(List<ActionInfo> actionsInfos) {
128         String[][] flowMod = new String[6][];
129
130         flowMod[0] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_VALUE.name(),
131                 Integer.toString(NwConstants.ETHTYPE_IPV4),
132                 NwConstants.NxmOfFieldType.NXM_OF_ETH_TYPE.getHexType(),
133                 NwConstants.NxmOfFieldType.NXM_OF_ETH_TYPE.getFlowModHeaderLen() };
134         flowMod[1] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_VALUE.name(),
135                 Integer.toString(NwConstants.IP_PROT_TCP),
136                 NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getHexType(),
137                 NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getFlowModHeaderLen() };
138         flowMod[2] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
139                 NwConstants.NxmOfFieldType.NXM_OF_IP_DST.getHexType(),
140                 NwConstants.NxmOfFieldType.NXM_OF_IP_SRC.getHexType(),
141                 NwConstants.NxmOfFieldType.NXM_OF_IP_SRC.getFlowModHeaderLen() };
142         flowMod[3] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
143                 NwConstants.NxmOfFieldType.NXM_OF_TCP_DST.getHexType(),
144                 NwConstants.NxmOfFieldType.NXM_OF_TCP_SRC.getHexType(),
145                 NwConstants.NxmOfFieldType.NXM_OF_TCP_SRC.getFlowModHeaderLen() };
146         flowMod[4] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
147                 NwConstants.NxmOfFieldType.NXM_OF_ETH_DST.getHexType(),
148                 NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getHexType(),
149                 NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getFlowModHeaderLen() };
150         flowMod[5] = new String[] {
151                 NwConstants.LearnFlowModsType.COPY_FROM_VALUE.name(), AclConstants.LEARN_MATCH_REG_VALUE,
152                 NwConstants.NxmOfFieldType.NXM_NX_REG6.getHexType(), "8" };
153
154         String[] header = new String[] {
155                 AclConstants.getGlobalConf(AclConstants.SECURITY_GROUP_UDP_IDLE_TO_KEY, "3600"),
156                 AclConstants.getGlobalConf(AclConstants.SECURITY_GROUP_UDP_HARD_TO_KEY, "3600"),
157                 AclConstants.PROTO_MATCH_PRIORITY.toString(),
158                 AclConstants.COOKIE_ACL_BASE.toString(), "0",
159                 Short.toString(NwConstants.EGRESS_LEARN_TABLE), "60", "60" };
160         actionsInfos.add(new ActionInfo(ActionType.learn, header, flowMod));
161     }
162
163     private void addUdpLearnActions(List<ActionInfo> actionsInfos) {
164         String[][] flowMod = new String[6][];
165
166         flowMod[0] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_VALUE.name(),
167                 Integer.toString(NwConstants.ETHTYPE_IPV4),
168                 NwConstants.NxmOfFieldType.NXM_OF_ETH_TYPE.getHexType(),
169                 NwConstants.NxmOfFieldType.NXM_OF_ETH_TYPE.getFlowModHeaderLen() };
170         flowMod[1] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_VALUE.name(),
171                 Integer.toString(NwConstants.IP_PROT_UDP),
172                 NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getHexType(),
173                 NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getFlowModHeaderLen() };
174         flowMod[2] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
175                 NwConstants.NxmOfFieldType.NXM_OF_IP_DST.getHexType(),
176                 NwConstants.NxmOfFieldType.NXM_OF_IP_SRC.getHexType(),
177                 NwConstants.NxmOfFieldType.NXM_OF_IP_SRC.getFlowModHeaderLen() };
178         flowMod[3] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
179                 NwConstants.NxmOfFieldType.NXM_OF_UDP_DST.getHexType(),
180                 NwConstants.NxmOfFieldType.NXM_OF_UDP_SRC.getHexType(),
181                 NwConstants.NxmOfFieldType.NXM_OF_TCP_SRC.getFlowModHeaderLen() };
182         flowMod[4] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
183                 NwConstants.NxmOfFieldType.NXM_OF_ETH_DST.getHexType(),
184                 NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getHexType(),
185                 NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getFlowModHeaderLen() };
186         flowMod[5] = new String[] {
187                 NwConstants.LearnFlowModsType.COPY_FROM_VALUE.name(), AclConstants.LEARN_MATCH_REG_VALUE,
188                 NwConstants.NxmOfFieldType.NXM_NX_REG6.getHexType(), "8" };
189
190         String[] header = new String[] {
191                 AclConstants.getGlobalConf(AclConstants.SECURITY_GROUP_UDP_IDLE_TO_KEY, "60"),
192                 AclConstants.getGlobalConf(AclConstants.SECURITY_GROUP_UDP_HARD_TO_KEY, "60"),
193                 AclConstants.PROTO_MATCH_PRIORITY.toString(),
194                 AclConstants.COOKIE_ACL_BASE.toString(), "0",
195                 Short.toString(NwConstants.EGRESS_LEARN_TABLE), "0", "0" };
196         actionsInfos.add(new ActionInfo(ActionType.learn, header, flowMod));
197     }
198 }
NetVirt - Archived