Limit BUM traffic to DHCP namespaces

[netvirt.git] / aclservice / impl / src / main / java / org / opendaylight / netvirt / aclservice / utils / AclServiceUtils.java

diff --git a/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/utils/AclServiceUtils.java b/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/utils/AclServiceUtils.java
index 9620850f0403d2dc746947b91acb0a80a411210d..014a13ef6af14d33f907ceba4fd501b0018e7054 100644 (file)
--- a/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/utils/AclServiceUtils.java
+++ b/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/utils/AclServiceUtils.java
@@ -116,6 +116,7 @@ import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeCon
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.config.rev160806.AclserviceConfig;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.AclPortsLookup;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionBase;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddressBuilder;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpVersionV6;
@@ -702,7 +703,7 @@ public final class AclServiceUtils {
         ElanInterface elanInterface = getElanInterfaceByElanInterfaceName(elanInterfaceName, broker);
         if (null != elanInterface) {
             ElanInstance elanInfo = getElanInstanceByName(elanInterface.getElanInstanceName(), broker);
-            return elanInfo.getElanTag();
+            return elanInfo != null ? elanInfo.getElanTag() : null;
         }
         return null;
     }
@@ -822,13 +823,25 @@ public final class AclServiceUtils {
     }
 
     /**
-     * Indicates whether the interface has port security enabled.
+     * Indicates whether the interface has port security enabled or interface is DHCP service port.
      *
      * @param aclInterface the interface.
-     * @return true if port is security enabled.
+     * @return true if port is security enabled or is a DHCP service port.
      */
     public static boolean isOfInterest(AclInterface aclInterface) {
-        return aclInterface != null && aclInterface.isPortSecurityEnabled();
+        return aclInterface != null && (aclInterface.isPortSecurityEnabled()
+                || aclInterface.getInterfaceType() == InterfaceAcl.InterfaceType.DhcpService);
+    }
+
+    /**
+     * Indicates whether the interface has port security enabled or interface is DHCP service port.
+     *
+     * @param aclInterface the interface.
+     * @return true if port is security enabled or is a DHCP service port.
+     */
+    public static boolean isOfInterest(InterfaceAcl aclInterface) {
+        return aclInterface != null && (aclInterface.isPortSecurityEnabled()
+                || aclInterface.getInterfaceType() == InterfaceAcl.InterfaceType.DhcpService);
     }
 
     /**
@@ -952,6 +965,17 @@ public final class AclServiceUtils {
         return flowMatches;
     }
 
+    public static List<Ace> getAceListFromAcl(Acl acl) {
+        if (acl.getAccessListEntries() != null) {
+            List<Ace> aceList = acl.getAccessListEntries().getAce();
+            if (aceList != null && !aceList.isEmpty()
+                    && aceList.get(0).augmentation(SecurityRuleAttr.class) != null) {
+                return aceList;
+            }
+        }
+        return Collections.emptyList();
+    }
+
     /**
      * Builds the ip protocol matches.
      *