import org.opendaylight.genius.mdsalutil.MetaDataUtil;
import org.opendaylight.genius.mdsalutil.NwConstants;
import org.opendaylight.genius.mdsalutil.packet.IPProtocols;
+import org.opendaylight.netvirt.aclservice.api.utils.AclInterface;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.AccessLists;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.Ipv4Acl;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.Acl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-public class AclServiceUtils {
+public final class AclServiceUtils {
private static final Logger LOG = LoggerFactory.getLogger(AclServiceUtils.class);
* @param port the port.
* @return the port security is enabled/not.
*/
- public static boolean isPortSecurityEnabled(Interface port) {
- if (port == null) {
- LOG.error("Port is Null");
- return false;
- }
- InterfaceAcl aclInPort = port.getAugmentation(InterfaceAcl.class);
- if (aclInPort == null) {
- LOG.error("getSecurityGroupInPortList: no security group associated to Interface port: {}", port.getName());
- return false;
- }
- return aclInPort.isPortSecurityEnabled();
+ public static boolean isPortSecurityEnabled(AclInterface port) {
+ return port.isPortSecurityEnabled();
}
/**
/**
* Returns the DHCP match.
+ *
* @param srcPort the source port.
- * @param dscPort the destination port.
+ * @param dstPort the destination port.
+ * @param lportTag the lport tag
* @return list of matches.
*/
- public static List<MatchInfoBase> programDhcpMatches(int srcPort, int dscPort) {
- List<MatchInfoBase> matches = new ArrayList<>();
+ public static List<MatchInfoBase> buildDhcpMatches(int srcPort, int dstPort, int lportTag) {
+ List<MatchInfoBase> matches = new ArrayList<>(6);
matches.add(new MatchInfo(MatchFieldType.eth_type,
new long[] { NwConstants.ETHTYPE_IPV4 }));
matches.add(new MatchInfo(MatchFieldType.ip_proto,
new long[] { IPProtocols.UDP.intValue() }));
matches.add(new MatchInfo(MatchFieldType.udp_dst,
- new long[] { srcPort }));
+ new long[] { dstPort }));
matches.add(new MatchInfo(MatchFieldType.udp_src,
- new long[] { dscPort}));
+ new long[] { srcPort}));
+ matches.add(AclServiceUtils.buildLPortTagMatch(lportTag));
return matches;
}
.addAugmentation(StypeOpenflow.class, augBuilder.build()).build();
}
- public static List<Uuid> getUpdatedAclList(Interface updatedPort, Interface currentPort) {
- if (updatedPort == null) {
+ public static List<Uuid> getUpdatedAclList(List<Uuid> updatedAclList, List<Uuid> currentAclList) {
+ if (updatedAclList == null) {
return null;
}
- List<Uuid> updatedAclList = new ArrayList<>(AclServiceUtils.getInterfaceAcls(updatedPort));
- if (currentPort == null) {
- return updatedAclList;
+ List<Uuid> newAclList = new ArrayList<>(updatedAclList);
+ if (currentAclList == null) {
+ return newAclList;
}
- List<Uuid> currentAclList = new ArrayList<>(AclServiceUtils.getInterfaceAcls(currentPort));
- for (Iterator<Uuid> iterator = updatedAclList.iterator(); iterator.hasNext();) {
+ List<Uuid> origAclList = new ArrayList<>(currentAclList);
+ for (Iterator<Uuid> iterator = newAclList.iterator(); iterator.hasNext();) {
Uuid updatedAclUuid = iterator.next();
- for (Uuid currentAclUuid :currentAclList) {
+ for (Uuid currentAclUuid :origAclList) {
if (updatedAclUuid.getValue().equals(currentAclUuid.getValue())) {
iterator.remove();
}
}
}
- return updatedAclList;
+ return newAclList;
}
- public static List<AllowedAddressPairs> getUpdatedAllowedAddressPairs(Interface updatedPort,
- Interface currentPort) {
- if (updatedPort == null) {
+ public static List<AllowedAddressPairs> getUpdatedAllowedAddressPairs(
+ List<AllowedAddressPairs> updatedAllowedAddressPairs,
+ List<AllowedAddressPairs> currentAllowedAddressPairs) {
+ if (updatedAllowedAddressPairs == null) {
return null;
}
- List<AllowedAddressPairs> updatedAllowedAddressPairs =
- new ArrayList<>(AclServiceUtils.getPortAllowedAddresses(updatedPort));
- if (currentPort == null) {
- return updatedAllowedAddressPairs;
+ List<AllowedAddressPairs> newAllowedAddressPairs = new ArrayList<>(updatedAllowedAddressPairs);
+ if (currentAllowedAddressPairs == null) {
+ return newAllowedAddressPairs;
}
- List<AllowedAddressPairs> currentAllowedAddressPairs =
- new ArrayList<>(AclServiceUtils.getPortAllowedAddresses(currentPort));
- for (Iterator<AllowedAddressPairs> iterator = updatedAllowedAddressPairs.iterator(); iterator.hasNext();) {
+ List<AllowedAddressPairs> origAllowedAddressPairs = new ArrayList<>(currentAllowedAddressPairs);
+ for (Iterator<AllowedAddressPairs> iterator = newAllowedAddressPairs.iterator(); iterator.hasNext();) {
AllowedAddressPairs updatedAllowedAddressPair = iterator.next();
- for (AllowedAddressPairs currentAllowedAddressPair : currentAllowedAddressPairs) {
+ for (AllowedAddressPairs currentAllowedAddressPair : origAllowedAddressPairs) {
if (updatedAllowedAddressPair.getKey().equals(currentAllowedAddressPair.getKey())) {
iterator.remove();
break;
}
}
}
- return updatedAllowedAddressPairs;
+ return newAllowedAddressPairs;
}
public static List<AllowedAddressPairs> getPortAllowedAddresses(Interface port) {
return dpId;
}
- public static List<MatchInfoBase> getAllowedIpMatches(IpPrefixOrAddress allowedIp, MatchFieldType ipv4MatchType) {
+ /**
+ * Builds the ip matches.
+ *
+ * @param ipPrefixOrAddress the ip prefix or address
+ * @param ipv4MatchType the ipv4 match type
+ * @return the list
+ */
+ public static List<MatchInfoBase> buildIpMatches(IpPrefixOrAddress ipPrefixOrAddress,
+ MatchFieldType ipv4MatchType) {
List<MatchInfoBase> flowMatches = new ArrayList<>();
- flowMatches.add(new MatchInfo(MatchFieldType.eth_type, new long[] { NwConstants.ETHTYPE_IPV4 }));
- IpPrefix ipPrefix = allowedIp.getIpPrefix();
+ flowMatches.add(new MatchInfo(MatchFieldType.eth_type, new long[] {NwConstants.ETHTYPE_IPV4}));
+ IpPrefix ipPrefix = ipPrefixOrAddress.getIpPrefix();
if (ipPrefix != null) {
if (ipPrefix.getIpv4Prefix().getValue() != null) {
String[] ipaddressValues = ipPrefix.getIpv4Prefix().getValue().split("/");
// Handle IPv6
}
} else {
- IpAddress ipAddress = allowedIp.getIpAddress();
+ IpAddress ipAddress = ipPrefixOrAddress.getIpAddress();
if (ipAddress.getIpv4Address() != null) {
- flowMatches.add(new MatchInfo(ipv4MatchType,
- new String[] {ipAddress.getIpv4Address().getValue(), "32"}));
+ flowMatches
+ .add(new MatchInfo(ipv4MatchType, new String[] {ipAddress.getIpv4Address().getValue(), "32"}));
} else {
// Handle IPv6
}
return flowMatches;
}
- public static List<MatchInfo> getLPortTagMatches(int lportTag) {
- List<MatchInfo> mkMatches = new ArrayList<MatchInfo>();
- // Matching metadata
- mkMatches.add(new MatchInfo(MatchFieldType.metadata, new BigInteger[] {
- MetaDataUtil.getLportTagMetaData(lportTag),
- MetaDataUtil.METADATA_MASK_LPORT_TAG }));
- mkMatches.add(new MatchInfo(MatchFieldType.tunnel_id, new BigInteger[] {BigInteger.valueOf(lportTag)}));
- return mkMatches;
+ /**
+ * Gets the lport tag match.
+ *
+ * @param lportTag the lport tag
+ * @return the lport tag match
+ */
+ public static MatchInfo buildLPortTagMatch(int lportTag) {
+ return new MatchInfo(MatchFieldType.metadata,
+ new BigInteger[] {MetaDataUtil.getLportTagMetaData(lportTag), MetaDataUtil.METADATA_MASK_LPORT_TAG});
}
}