- flowId = flowId + "_Permit_";
- String nodeName = Constants.OPENFLOW_NODE_PREFIX + dpidLong;
- NodeBuilder nodeBuilder = createNodeBuilder(nodeName);
- syncFlow(flowId, nodeBuilder, matchBuilder, protoPortMatchPriority, write, false);
-
- }
- public void egressACLDefaultTcpDrop(Long dpidLong, String segmentationId, String attachedMac,
- int priority, boolean write) {
-
- String nodeName = Constants.OPENFLOW_NODE_PREFIX + dpidLong;
- MatchBuilder matchBuilder = new MatchBuilder();
- NodeBuilder nodeBuilder = createNodeBuilder(nodeName);
- FlowBuilder flowBuilder = new FlowBuilder();
-
- flowBuilder.setMatch(MatchUtils.createSmacTcpPortWithFlagMatch(matchBuilder,
- attachedMac, Constants.TCP_SYN, segmentationId).build());
- LOG.debug("MatchBuilder contains: {}", flowBuilder.getMatch());
-
- String flowId = "TCP_Syn_Egress_Default_Drop_" + segmentationId + "_" + attachedMac;
- flowBuilder.setId(new FlowId(flowId));
- FlowKey key = new FlowKey(new FlowId(flowId));
- flowBuilder.setStrict(false);
- flowBuilder.setPriority(priority);
- flowBuilder.setBarrier(true);
- flowBuilder.setTableId(this.getTable());
- flowBuilder.setKey(key);
- flowBuilder.setFlowName(flowId);
- flowBuilder.setHardTimeout(0);
- flowBuilder.setIdleTimeout(0);
-
- if (write) {
- // Instantiate the Builders for the OF Actions and Instructions
- InstructionBuilder ib = new InstructionBuilder();
- InstructionsBuilder isb = new InstructionsBuilder();
- List<Instruction> instructions = Lists.newArrayList();
-
- InstructionUtils.createDropInstructions(ib);
- ib.setOrder(0);
- ib.setKey(new InstructionKey(0));
- instructions.add(ib.build());
- // Add InstructionBuilder to the Instruction(s)Builder List
- isb.setInstruction(instructions);
-
- LOG.debug("Instructions contain: {}", ib.getInstruction());
- // Add InstructionsBuilder to FlowBuilder
- flowBuilder.setInstructions(isb.build());
- writeFlow(flowBuilder, nodeBuilder);
- } else {
- removeFlow(flowBuilder, nodeBuilder);
- }
- }
-
- public void egressACLTcpPortWithPrefix(Long dpidLong, String segmentationId, String attachedMac, boolean write,
- Integer securityRulePortMin, String securityRuleIpPrefix, Integer protoPortPrefixMatchPriority) {
-
- String nodeName = Constants.OPENFLOW_NODE_PREFIX + dpidLong;
- PortNumber tcpPort = new PortNumber(securityRulePortMin);
- MatchBuilder matchBuilder = new MatchBuilder();
- NodeBuilder nodeBuilder = createNodeBuilder(nodeName);
- FlowBuilder flowBuilder = new FlowBuilder();
- Ipv4Prefix srcIpPrefix = new Ipv4Prefix(securityRuleIpPrefix);
-
- flowBuilder.setMatch(MatchUtils
- .createSmacTcpSynDstIpPrefixTcpPort(matchBuilder, new MacAddress(attachedMac),
- tcpPort, Constants.TCP_SYN, segmentationId, srcIpPrefix).build());
-
- LOG.debug(" MatchBuilder contains: {}", flowBuilder.getMatch());
- String flowId = "UcastEgress_" + segmentationId + "_" + attachedMac +
- securityRulePortMin + securityRuleIpPrefix;
- // Add Flow Attributes
- flowBuilder.setId(new FlowId(flowId));
- FlowKey key = new FlowKey(new FlowId(flowId));
- flowBuilder.setStrict(false);
- flowBuilder.setPriority(protoPortPrefixMatchPriority);
- flowBuilder.setBarrier(true);
- flowBuilder.setTableId(this.getTable());
- flowBuilder.setKey(key);
- flowBuilder.setFlowName(flowId);
- flowBuilder.setHardTimeout(0);
- flowBuilder.setIdleTimeout(0);
-
- if (write) {
- // Instantiate the Builders for the OF Actions and Instructions
- InstructionsBuilder isb = new InstructionsBuilder();
- List<Instruction> instructionsList = Lists.newArrayList();
-
- InstructionBuilder ib = this.getMutablePipelineInstructionBuilder();
- ib.setOrder(0);
- ib.setKey(new InstructionKey(0));
- instructionsList.add(ib.build());
- isb.setInstruction(instructionsList);
-
- LOG.debug("Instructions contain: {}", ib.getInstruction());
- // Add InstructionsBuilder to FlowBuilder
- flowBuilder.setInstructions(isb.build());
- writeFlow(flowBuilder, nodeBuilder);
- } else {
- removeFlow(flowBuilder, nodeBuilder);
- }
- }
-
-
-
- public void egressAllowProto(Long dpidLong, String segmentationId, String attachedMac, boolean write,
- String securityRuleProtcol, Integer protoMatchPriority) {
-
- String nodeName = Constants.OPENFLOW_NODE_PREFIX + dpidLong;
- MatchBuilder matchBuilder = new MatchBuilder();
- NodeBuilder nodeBuilder = createNodeBuilder(nodeName);
- FlowBuilder flowBuilder = new FlowBuilder();
-
- flowBuilder.setMatch(MatchUtils
- .createDmacIpTcpSynMatch(matchBuilder, new MacAddress(attachedMac), null, null).build());
- flowBuilder.setMatch(MatchUtils
- .createTunnelIDMatch(matchBuilder, new BigInteger(segmentationId)).build());
-
- LOG.debug("MatchBuilder contains: {}", flowBuilder.getMatch());
- String flowId = "EgressAllProto_" + segmentationId + "_" +
- attachedMac + "_AllowEgressTCPSyn_" + securityRuleProtcol;
- // Add Flow Attributes
- flowBuilder.setId(new FlowId(flowId));
- FlowKey key = new FlowKey(new FlowId(flowId));
- flowBuilder.setStrict(false);
- flowBuilder.setPriority(protoMatchPriority);
- flowBuilder.setBarrier(true);
- flowBuilder.setTableId(this.getTable());
- flowBuilder.setKey(key);
- flowBuilder.setFlowName(flowId);
- flowBuilder.setHardTimeout(0);
- flowBuilder.setIdleTimeout(0);
-
- if (write) {
- // Instantiate the Builders for the OF Actions and Instructions
- InstructionsBuilder isb = new InstructionsBuilder();
- List<Instruction> instructionsList = Lists.newArrayList();
-
- InstructionBuilder ib = this.getMutablePipelineInstructionBuilder();
- ib.setOrder(0);
- ib.setKey(new InstructionKey(0));
- instructionsList.add(ib.build());
- isb.setInstruction(instructionsList);
-
- LOG.debug("Instructions contain: {}", ib.getInstruction());
- // Add InstructionsBuilder to FlowBuilder
- flowBuilder.setInstructions(isb.build());
- writeFlow(flowBuilder, nodeBuilder);
- } else {
- removeFlow(flowBuilder, nodeBuilder);
- }
- }
-
- public void egressACLPermitAllProto(Long dpidLong, String segmentationId, String attachedMac,
- boolean write, String securityRuleIpPrefix, Integer protoPortMatchPriority) {
-
- String nodeName = Constants.OPENFLOW_NODE_PREFIX + dpidLong;
- MatchBuilder matchBuilder = new MatchBuilder();
- NodeBuilder nodeBuilder = createNodeBuilder(nodeName);
- FlowBuilder flowBuilder = new FlowBuilder();
-
- flowBuilder.setMatch(MatchUtils.createTunnelIDMatch(matchBuilder, new BigInteger(segmentationId))
- .build());
- if (securityRuleIpPrefix != null) {
- Ipv4Prefix srcIpPrefix = new Ipv4Prefix(securityRuleIpPrefix);
- flowBuilder.setMatch(MatchUtils
- .createSmacIpTcpSynMatch(matchBuilder, new MacAddress(attachedMac), null, srcIpPrefix)
- .build());
- } else {
- flowBuilder.setMatch(MatchUtils
- .createSmacIpTcpSynMatch(matchBuilder, new MacAddress(attachedMac), null, null)
- .build());
- }
- LOG.debug("MatchBuilder contains: {}", flowBuilder.getMatch());
- String flowId = "Egress_Proto_ACL" + segmentationId + "_" +
- attachedMac + "_Permit_" + securityRuleIpPrefix;
- // Add Flow Attributes
- flowBuilder.setId(new FlowId(flowId));
- FlowKey key = new FlowKey(new FlowId(flowId));
- flowBuilder.setStrict(false);
- flowBuilder.setPriority(protoPortMatchPriority);
- flowBuilder.setBarrier(true);
- flowBuilder.setTableId(this.getTable());
- flowBuilder.setKey(key);
- flowBuilder.setFlowName(flowId);
- flowBuilder.setHardTimeout(0);
- flowBuilder.setIdleTimeout(0);
-
- if (write) {
- // Instantiate the Builders for the OF Actions and Instructions
- InstructionsBuilder isb = new InstructionsBuilder();
- List<Instruction> instructionsList = Lists.newArrayList();
-
- InstructionBuilder ib = this.getMutablePipelineInstructionBuilder();
- ib.setOrder(0);
- ib.setKey(new InstructionKey(0));
- instructionsList.add(ib.build());
- isb.setInstruction(instructionsList);
-
- LOG.debug("Instructions contain: {}", ib.getInstruction());
- // Add InstructionsBuilder to FlowBuilder
- flowBuilder.setInstructions(isb.build());
- writeFlow(flowBuilder, nodeBuilder);
- } else {
- removeFlow(flowBuilder, nodeBuilder);
- }
- }
-
-
- public void egressACLTcpSyn(Long dpidLong, String segmentationId, String attachedMac, boolean write,
- Integer securityRulePortMin, Integer protoPortMatchPriority) {
-
- String nodeName = Constants.OPENFLOW_NODE_PREFIX + dpidLong;
- PortNumber tcpPort = new PortNumber(securityRulePortMin);
- MatchBuilder matchBuilder = new MatchBuilder();
- NodeBuilder nodeBuilder = createNodeBuilder(nodeName);
- FlowBuilder flowBuilder = new FlowBuilder();
-
- flowBuilder.setMatch(MatchUtils.createSmacTcpSyn(matchBuilder, attachedMac, tcpPort,
- Constants.TCP_SYN, segmentationId).build());
-
- LOG.debug("MatchBuilder contains: {}", flowBuilder.getMatch());
- String flowId = "Ucast_this.getTable()" + segmentationId + "_" + attachedMac + securityRulePortMin;
- // Add Flow Attributes
- flowBuilder.setId(new FlowId(flowId));
- FlowKey key = new FlowKey(new FlowId(flowId));
- flowBuilder.setStrict(false);
- flowBuilder.setPriority(protoPortMatchPriority);
- flowBuilder.setBarrier(true);
- flowBuilder.setTableId(this.getTable());
- flowBuilder.setKey(key);
- flowBuilder.setFlowName(flowId);
- flowBuilder.setHardTimeout(0);
- flowBuilder.setIdleTimeout(0);
-
- if (write) {
- // Instantiate the Builders for the OF Actions and Instructions
- InstructionsBuilder isb = new InstructionsBuilder();
- List<Instruction> instructionsList = Lists.newArrayList();
-
- InstructionBuilder ib = this.getMutablePipelineInstructionBuilder();
- ib.setOrder(0);
- ib.setKey(new InstructionKey(0));
- instructionsList.add(ib.build());
- isb.setInstruction(instructionsList);
-
- LOG.debug("Instructions contain: {}", ib.getInstruction());
- // Add InstructionsBuilder to FlowBuilder
- flowBuilder.setInstructions(isb.build());
- writeFlow(flowBuilder, nodeBuilder);