Code Review / netvirt.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Learn Security Groups bug fixes
[netvirt.git] / vpnservice / aclservice / impl / src / main / java / org / opendaylight / netvirt / aclservice / LearnEgressAclServiceImpl.java
diff --git a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/LearnEgressAclServiceImpl.java b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/LearnEgressAclServiceImpl.java
index 3bda6f7ac081d50513427a7edf30742957fbf195..495c2051aeb3feaefa990809e7d5e493ff31bc5c 100644 (file)
--- a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/LearnEgressAclServiceImpl.java
+++ b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/LearnEgressAclServiceImpl.java
@@ -53,15 +53,9 @@ public class LearnEgressAclServiceImpl extends EgressAclServiceImpl {
     }
 
     @Override
-    protected void programFixedRules(BigInteger dpid, String dhcpMacAddress,
+    protected void programSpecificFixedRules(BigInteger dpid, String dhcpMacAddress,
             List<AllowedAddressPairs> allowedAddresses, int lportTag, String portId, Action action, int addOrRemove) {
-        LOG.info("programFixedRules :  adding default rules.");
 
-        if (action == Action.ADD || action == Action.REMOVE) {
-            egressAclDhcpDropServerTraffic(dpid, dhcpMacAddress, lportTag, addOrRemove);
-            egressAclDhcpv6DropServerTraffic(dpid, dhcpMacAddress, lportTag, addOrRemove);
-        }
-        programArpRule(dpid, allowedAddresses, lportTag, addOrRemove);
     }
 
     @Override
@@ -89,6 +83,9 @@ public class LearnEgressAclServiceImpl extends EgressAclServiceImpl {
             List<ActionInfo> actionsInfos = new ArrayList<>();
             addLearnActions(flowMatches, actionsInfos);
 
+            actionsInfos.add(new ActionInfo(ActionType.nx_resubmit,
+                    new String[] {Short.toString(NwConstants.LPORT_DISPATCHER_TABLE)}));
+
             List<InstructionInfo> instructions = new ArrayList<>();
             instructions.add(new InstructionInfo(InstructionType.apply_actions, actionsInfos));
 
@@ -114,8 +111,6 @@ public class LearnEgressAclServiceImpl extends EgressAclServiceImpl {
             addTcpLearnActions(actionsInfos);
         } else if (isUdp) {
             addUdpLearnActions(actionsInfos);
-        } else if (actionsInfos.isEmpty()) {
-            addAllowAllLearnActions(actionsInfos);
         } else {
             addOtherProtocolsLearnActions(actionsInfos);
         }
@@ -153,38 +148,6 @@ public class LearnEgressAclServiceImpl extends EgressAclServiceImpl {
         actionsInfos.add(new ActionInfo(ActionType.learn, header, flowMod));
     }
 
-    private void addAllowAllLearnActions(List<ActionInfo> actionsInfos) {
-        String[][] flowMod = new String[5][];
-
-        flowMod[0] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_VALUE.name(),
-                Integer.toString(NwConstants.ETHTYPE_IPV4),
-                NwConstants.NxmOfFieldType.NXM_OF_ETH_TYPE.getHexType(),
-                NwConstants.NxmOfFieldType.NXM_OF_ETH_TYPE.getFlowModHeaderLen() };
-        flowMod[1] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
-                NwConstants.NxmOfFieldType.NXM_OF_IP_DST.getHexType(),
-                NwConstants.NxmOfFieldType.NXM_OF_IP_SRC.getHexType(),
-                NwConstants.NxmOfFieldType.NXM_OF_IP_SRC.getFlowModHeaderLen() };
-        flowMod[2] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
-                NwConstants.NxmOfFieldType.NXM_OF_ETH_DST.getHexType(),
-                NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getHexType(),
-                NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getFlowModHeaderLen() };
-        flowMod[3] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
-                NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getHexType(),
-                NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getHexType(),
-                NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getFlowModHeaderLen() };
-        flowMod[4] = new String[] {
-                NwConstants.LearnFlowModsType.COPY_FROM_VALUE.name(), AclConstants.LEARN_MATCH_REG_VALUE,
-                NwConstants.NxmOfFieldType.NXM_NX_REG0.getHexType(), "8" };
-
-        String[] header = new String[] {
-                AclConstants.getGlobalConf(AclConstants.SECURITY_GROUP_UDP_IDLE_TO_KEY, "60"),
-                AclConstants.getGlobalConf(AclConstants.SECURITY_GROUP_UDP_HARD_TO_KEY, "60"),
-                AclConstants.PROTO_MATCH_PRIORITY.toString(),
-                AclConstants.COOKIE_ACL_BASE.toString(), "0",
-                Short.toString(NwConstants.EGRESS_LEARN_TABLE), "0", "0" };
-        actionsInfos.add(new ActionInfo(ActionType.learn, header, flowMod));
-    }
-
     private void addTcpLearnActions(List<ActionInfo> actionsInfos) {
         String[][] flowMod = new String[6][];
 
NetVirt - Archived