import static org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType.CONFIGURATION;
import static org.opendaylight.netvirt.aclservice.tests.StateInterfaceBuilderHelper.putNewStateInterface;
+import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import org.opendaylight.infrautils.testutils.LogRule;
import org.opendaylight.netvirt.aclservice.tests.infra.DataBrokerPairsUtil;
import org.opendaylight.netvirt.aclservice.utils.AclConstants;
+import org.opendaylight.netvirt.aclservice.utils.AclServiceTestUtils;
import org.opendaylight.netvirt.aclservice.utils.AclServiceUtils;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.Matches;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.MatchesBuilder;
static final String PORT_2 = "port2";
static final String PORT_3 = "port3";
static final String PORT_4 = "port4";
- static String SG_UUID = "85cc3048-abc3-43cc-89b3-377341426ac5";
+ static String SG_UUID = "85cc3048-abc3-43cc-89b3-377341426ac5";
static String SR_UUID_1 = "85cc3048-abc3-43cc-89b3-377341426ac6";
static String SR_UUID_2 = "85cc3048-abc3-43cc-89b3-377341426ac7";
- static String SG_UUID_1 = "85cc3048-abc3-43cc-89b3-377341426ac5";
- static String SG_UUID_2 = "85cc3048-abc3-43cc-89b3-377341426ac8";
+ static String SG_UUID_1 = "85cc3048-abc3-43cc-89b3-377341426ac5";
+ static String SG_UUID_2 = "85cc3048-abc3-43cc-89b3-377341426ac8";
static String SR_UUID_1_1 = "85cc3048-abc3-43cc-89b3-377341426ac6";
static String SR_UUID_1_2 = "85cc3048-abc3-43cc-89b3-377341426ac7";
static String SR_UUID_2_1 = "85cc3048-abc3-43cc-89b3-377341426a21";
newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
// Given
// putNewInterface(dataBroker, "port1", true, Collections.emptyList(), Collections.emptyList());
- dataBrokerUtil.put(ImmutableIdentifiedInterfaceWithAclBuilder.builder()
- .interfaceName("port1")
- .portSecurity(true).build());
+ dataBrokerUtil.put(
+ new IdentifiedInterfaceWithAclBuilder().interfaceName("port1").portSecurity(true).build());
// When
putNewStateInterface(dataBroker, "port1", PORT_MAC_1);
- asyncEventsWaiter.awaitEventsConsumption();
+ AclServiceTestUtils.waitABit(asyncEventsWaiter);
// Then
newInterfaceCheck();
newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2));
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
- AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_UNSPECIFIED,
- AclConstants.DEST_UPPER_PORT_UNSPECIFIED, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
- AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short)-1);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder()
- .sgUuid(SG_UUID_1)
- .newRuleName(SR_UUID_1_1)
- .newMatches(matches)
- .newDirection(DirectionEgress.class)
- .build());
-
+ AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_UNSPECIFIED,
+ AclConstants.DEST_UPPER_PORT_UNSPECIFIED, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
+ AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) -1);
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
+ .newMatches(matches).newDirection(DirectionEgress.class).build());
matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
- AclConstants.DEST_LOWER_PORT_UNSPECIFIED, AclConstants.DEST_UPPER_PORT_UNSPECIFIED,
- AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED, (short)-1);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder()
- .sgUuid(SG_UUID_1)
- .newRuleName(SR_UUID_1_2)
- .newMatches(matches)
- .newDirection(DirectionIngress.class)
- .newRemoteGroupId(new Uuid(SG_UUID_1)).build());
-
+ AclConstants.DEST_LOWER_PORT_UNSPECIFIED, AclConstants.DEST_UPPER_PORT_UNSPECIFIED,
+ AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
+ (short) -1);
+ dataBrokerUtil.put(
+ new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2).newMatches(matches)
+ .newDirection(DirectionIngress.class).newRemoteGroupId(new Uuid(SG_UUID_1)).build());
// When
putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
- asyncEventsWaiter.awaitEventsConsumption();
+ AclServiceTestUtils.waitABit(asyncEventsWaiter);
// Then
newInterfaceWithEtherTypeAclCheck();
abstract void newInterfaceWithEtherTypeAclCheck();
+ @Test
+ public void newInterfaceWithMultipleAcl() throws Exception {
+ LOG.info("newInterfaceWithEtherTypeAcl - start");
+
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
+ newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2));
+
+ Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
+ AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_UNSPECIFIED,
+ AclConstants.DEST_UPPER_PORT_UNSPECIFIED, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
+ AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) -1);
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
+ .newMatches(matches).newDirection(DirectionEgress.class).build());
+ matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
+ AclConstants.DEST_LOWER_PORT_UNSPECIFIED, AclConstants.DEST_UPPER_PORT_UNSPECIFIED,
+ AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
+ (short) -1);
+ dataBrokerUtil.put(
+ new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2).newMatches(matches)
+ .newDirection(DirectionIngress.class).newRemoteGroupId(new Uuid(SG_UUID_1)).build());
+ // When
+ putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
+ putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
+
+ AclServiceTestUtils.waitABit(asyncEventsWaiter);
+
+ // Then
+ newInterfaceWithEtherTypeAclCheck();
+
+ LOG.info("newInterfaceWithEtherTypeAcl - end");
+
+ // Given
+ matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
+ AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_HTTP,
+ AclConstants.DEST_UPPER_PORT_HTTP, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
+ AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_TCP);
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_2).newRuleName(SR_UUID_2_1)
+ .newMatches(matches).newDirection(DirectionEgress.class).newRemoteGroupId(new Uuid(SG_UUID_2)).build());
+ matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
+ AclConstants.DEST_LOWER_PORT_HTTP, AclConstants.DEST_UPPER_PORT_HTTP,
+ AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
+ (short) NwConstants.IP_PROT_TCP);
+
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_2).newRuleName(SR_UUID_2_2)
+ .newMatches(matches).newDirection(DirectionIngress.class).build());
+ List<String> sgList = new ArrayList<>();
+ sgList.add(SG_UUID_1);
+ sgList.add(SG_UUID_2);
+ newAllowedAddressPair(PORT_1, sgList, Collections.singletonList(AAP_PORT_1));
+ newAllowedAddressPair(PORT_2, sgList, Collections.singletonList(AAP_PORT_2));
+
+ AclServiceTestUtils.waitABit(asyncEventsWaiter);
+ newInterfaceWithMultipleAclCheck();
+ Thread.sleep(10000);
+
+ }
+
+ abstract void newInterfaceWithMultipleAclCheck();
+
@Test
public void newInterfaceWithTcpDstAcl() throws Exception {
LOG.info("newInterfaceWithTcpDstAcl - start");
// Given
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
- AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_HTTP,
- AclConstants.DEST_UPPER_PORT_HTTP, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
- AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short)NwConstants.IP_PROT_TCP);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder()
- .sgUuid(SG_UUID_1)
- .newRuleName(SR_UUID_1_1)
- .newMatches(matches)
- .newDirection(DirectionEgress.class)
- .newRemoteGroupId(new Uuid(SG_UUID_1)).build());
+ AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_HTTP,
+ AclConstants.DEST_UPPER_PORT_HTTP, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
+ AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_TCP);
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
+ .newMatches(matches).newDirection(DirectionEgress.class).newRemoteGroupId(new Uuid(SG_UUID_1)).build());
matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
- AclConstants.DEST_LOWER_PORT_HTTP, AclConstants.DEST_UPPER_PORT_HTTP,
- AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
- (short)NwConstants.IP_PROT_TCP);
+ AclConstants.DEST_LOWER_PORT_HTTP, AclConstants.DEST_UPPER_PORT_HTTP,
+ AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
+ (short) NwConstants.IP_PROT_TCP);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder()
- .sgUuid(SG_UUID_1)
- .newRuleName(SR_UUID_1_2)
- .newMatches(matches)
- .newDirection(DirectionIngress.class)
- .build());
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2)
+ .newMatches(matches).newDirection(DirectionIngress.class).build());
// When
putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
- asyncEventsWaiter.awaitEventsConsumption();
+ AclServiceTestUtils.waitABit(asyncEventsWaiter);
// Then
newInterfaceWithTcpDstAclCheck();
abstract void newInterfaceWithTcpDstAclCheck();
+ @Ignore
@Test
public void newInterfaceWithUdpDstAcl() throws Exception {
LOG.info("newInterfaceWithUdpDstAcl - start");
newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2));
// Given
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
- AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_HTTP,
- AclConstants.DEST_UPPER_PORT_HTTP, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
- AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short)NwConstants.IP_PROT_UDP);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder()
- .sgUuid(SG_UUID_1)
- .newRuleName(SR_UUID_1_1)
- .newMatches(matches)
- .newDirection(DirectionEgress.class)
- .build());
+ AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_HTTP,
+ AclConstants.DEST_UPPER_PORT_HTTP, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
+ AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_UDP);
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
+ .newMatches(matches).newDirection(DirectionEgress.class).build());
matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
- AclConstants.DEST_LOWER_PORT_HTTP, AclConstants.DEST_UPPER_PORT_HTTP,
- AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
- (short)NwConstants.IP_PROT_UDP);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder()
- .sgUuid(SG_UUID_1)
- .newRuleName(SR_UUID_1_2)
- .newMatches(matches)
- .newDirection(DirectionIngress.class)
- .newRemoteGroupId(new Uuid(SG_UUID_1)).build());
+ AclConstants.DEST_LOWER_PORT_HTTP, AclConstants.DEST_UPPER_PORT_HTTP,
+ AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
+ (short) NwConstants.IP_PROT_UDP);
+ dataBrokerUtil.put(
+ new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2).newMatches(matches)
+ .newDirection(DirectionIngress.class).newRemoteGroupId(new Uuid(SG_UUID_1)).build());
// When
putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
- asyncEventsWaiter.awaitEventsConsumption();
+ AclServiceTestUtils.waitABit(asyncEventsWaiter);
// Then
newInterfaceWithUdpDstAclCheck();
putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
- asyncEventsWaiter.awaitEventsConsumption();
+ AclServiceTestUtils.waitABit(asyncEventsWaiter);
// Then
newInterfaceWithIcmpAclCheck();
newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
// Given
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
- AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, 333, 777,
- AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED,
- (short)NwConstants.IP_PROT_TCP);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder()
- .sgUuid(SG_UUID_1)
- .newRuleName(SR_UUID_1_1)
- .newMatches(matches)
- .newDirection(DirectionEgress.class)
- .build());
- matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
- 2000, 2003, AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED,
- AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED, (short)NwConstants.IP_PROT_UDP);
+ AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, 333, 777, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
+ AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_TCP);
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
+ .newMatches(matches).newDirection(DirectionEgress.class).build());
+ matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, 2000,
+ 2003, AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
+ (short) NwConstants.IP_PROT_UDP);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder()
- .sgUuid(SG_UUID_1)
- .newRuleName(SR_UUID_1_2)
- .newMatches(matches)
- .newDirection(DirectionIngress.class)
- .build());
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2)
+ .newMatches(matches).newDirection(DirectionIngress.class).build());
// When
putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
- asyncEventsWaiter.awaitEventsConsumption();
+ AclServiceTestUtils.waitABit(asyncEventsWaiter);
// Then
newInterfaceWithDstPortRangeCheck();
newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
// Given
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
- AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, 1, 65535,
- AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED,
- (short)NwConstants.IP_PROT_TCP);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder()
- .sgUuid(SG_UUID_1)
- .newRuleName(SR_UUID_1_1)
- .newMatches(matches)
- .newDirection(DirectionEgress.class)
- .build());
- matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
- 1, 65535, AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED,
- AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED, (short)NwConstants.IP_PROT_UDP);
+ AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, 1, 65535, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
+ AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_TCP);
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
+ .newMatches(matches).newDirection(DirectionEgress.class).build());
+ matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, 1,
+ 65535, AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
+ (short) NwConstants.IP_PROT_UDP);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder()
- .sgUuid(SG_UUID_1)
- .newRuleName(SR_UUID_1_2)
- .newMatches(matches)
- .newDirection(DirectionIngress.class)
- .build());
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2)
+ .newMatches(matches).newDirection(DirectionIngress.class).build());
// When
putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
- asyncEventsWaiter.awaitEventsConsumption();
+ AclServiceTestUtils.waitABit(asyncEventsWaiter);
// Then
newInterfaceWithDstAllPortsCheck();
newAllowedAddressPair(PORT_3, Arrays.asList(SG_UUID_1, SG_UUID_2), Collections.singletonList(AAP_PORT_3));
// Given
Matches icmpEgressMatches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
- AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_2, AclConstants.DEST_UPPER_PORT_3,
- AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED,
- (short) NwConstants.IP_PROT_ICMP);
+ AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_2,
+ AclConstants.DEST_UPPER_PORT_3, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
+ AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_ICMP);
Matches icmpIngressMatches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
- AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_2, AclConstants.DEST_UPPER_PORT_3,
- AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
- (short) NwConstants.IP_PROT_ICMP);
+ AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_2,
+ AclConstants.DEST_UPPER_PORT_3, AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED,
+ AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED, (short) NwConstants.IP_PROT_ICMP);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
.newMatches(icmpEgressMatches).newDirection(DirectionEgress.class).build());
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2)
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2)
.newMatches(icmpIngressMatches).newDirection(DirectionIngress.class).build());
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder().sgUuid(SG_UUID_2).newRuleName(SR_UUID_2_1)
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_2).newRuleName(SR_UUID_2_1)
.newMatches(icmpEgressMatches).newDirection(DirectionEgress.class).build());
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder().sgUuid(SG_UUID_2).newRuleName(SR_UUID_2_2)
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_2).newRuleName(SR_UUID_2_2)
.newMatches(icmpIngressMatches).newDirection(DirectionIngress.class).build());
// When
putNewStateInterface(dataBroker, PORT_3, PORT_MAC_3);
- asyncEventsWaiter.awaitEventsConsumption();
+ AclServiceTestUtils.waitABit(asyncEventsWaiter);
// Then
newInterfaceWithTwoAclsHavingSameRulesCheck();
putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
putNewStateInterface(dataBroker, PORT_2, PORT_MAC_1);
- asyncEventsWaiter.awaitEventsConsumption();
+ AclServiceTestUtils.waitABit(asyncEventsWaiter);
// Then
newInterfaceWithIcmpAclCheck();
}
/**
- * Test new interface with allowed-address-pair (AAP) having IP prefix
- * 0.0.0.0/0.
+ * Test new interface with allowed-address-pair (AAP) having IP prefix 0.0.0.0/0.
* <p>
- * FIXME: This TC works locally but is failing in Jenkins, hence disabling
- * TC for now. This is related to ordering issue (with FlowEntity objects)
- * with test infra (AssertDataObjects.assertEqualBeans) which needs to be
- * fixed.
+ * FIXME: This TC works locally but is failing in Jenkins, hence disabling TC for now. This is related to ordering
+ * issue (with FlowEntity objects) with test infra (AssertDataObjects.assertEqualBeans) which needs to be fixed.
* </p>
*
- * @throws Exception the exception
+ * @throws Exception
+ * the exception
*/
@Test
@Ignore
putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
- asyncEventsWaiter.awaitEventsConsumption();
+ AclServiceTestUtils.waitABit(asyncEventsWaiter);
// Then
newInterfaceWithAapIpv4AllCheck();
abstract void newInterfaceWithAapIpv4AllCheck();
+ @Test
+ public void newInterfaceWithAap() throws Exception {
+ LOG.info("newInterfaceWithAap test - start");
+
+ // AAP with same MAC and different IP
+ AllowedAddressPairs aapWithSameMac = buildAap("10.0.0.100/32", PORT_MAC_2);
+ // AAP with different MAC and different IP
+ AllowedAddressPairs aapWithDifferentMac = buildAap("10.0.0.101/32", "0D:AA:D8:42:30:A4");
+
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
+ newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1),
+ Arrays.asList(AAP_PORT_2, aapWithSameMac, aapWithDifferentMac));
+
+ prepareInterfaceWithIcmpAcl();
+ // When
+ putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
+ putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
+
+ asyncEventsWaiter.awaitEventsConsumption();
+
+ // Then
+ newInterfaceWithAapCheck();
+ LOG.info("newInterfaceWithAap test - end");
+ }
+
+ abstract void newInterfaceWithAapCheck();
+
protected void assertFlowsInAnyOrder(Iterable<FlowEntity> expectedFlows) {
asyncEventsWaiter.awaitEventsConsumption();
coordinatorEventsWaiter.awaitEventsConsumption();
protected void prepareInterfaceWithIcmpAcl() throws TransactionCommitFailedException {
// Given
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
- AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_2, AclConstants.DEST_UPPER_PORT_3,
- AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED,
- (short)NwConstants.IP_PROT_ICMP);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder()
- .sgUuid(SG_UUID_1)
- .newRuleName(SR_UUID_1_1)
- .newMatches(matches)
- .newDirection(DirectionEgress.class)
- .newRemoteGroupId(new Uuid(SG_UUID_1)).build());
+ AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_2,
+ AclConstants.DEST_UPPER_PORT_3, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
+ AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_ICMP);
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
+ .newMatches(matches).newDirection(DirectionEgress.class).newRemoteGroupId(new Uuid(SG_UUID_1)).build());
matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
- AclConstants.DEST_LOWER_PORT_2, AclConstants.DEST_UPPER_PORT_3,
- AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
- (short)NwConstants.IP_PROT_ICMP);
- dataBrokerUtil.put(ImmutableIdentifiedAceBuilder.builder()
- .sgUuid(SG_UUID_1)
- .newRuleName(SR_UUID_1_2)
- .newMatches(matches)
- .newDirection(DirectionIngress.class)
- .build());
+ AclConstants.DEST_LOWER_PORT_2, AclConstants.DEST_UPPER_PORT_3,
+ AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
+ (short) NwConstants.IP_PROT_ICMP);
+ dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2)
+ .newMatches(matches).newDirection(DirectionIngress.class).build());
}
protected void newAllowedAddressPair(String portName, List<String> sgUuidList, List<AllowedAddressPairs> aapList)
throws TransactionCommitFailedException {
List<Uuid> sgList = sgUuidList.stream().map(Uuid::new).collect(Collectors.toList());
- dataBrokerUtil.put(ImmutableIdentifiedInterfaceWithAclBuilder.builder()
- .interfaceName(portName)
- .portSecurity(true)
- .addAllNewSecurityGroups(sgList)
- .addAllIfAllowedAddressPairs(aapList).build());
+ dataBrokerUtil.put(new IdentifiedInterfaceWithAclBuilder().interfaceName(portName)
+ .portSecurity(true).addAllNewSecurityGroups(sgList).addAllIfAllowedAddressPairs(aapList).build());
}
protected void newElan(String elanName, long elanId) throws TransactionCommitFailedException {
ElanInstance elan = new ElanInstanceBuilder().setElanInstanceName(elanName).setElanTag(5000L).build();
singleTransactionDataBroker.syncWrite(CONFIGURATION,
- AclServiceUtils.getElanInstanceConfigurationDataPath(elanName),
- elan);
+ AclServiceUtils.getElanInstanceConfigurationDataPath(elanName), elan);
}
protected void newElanInterface(String elanName, String portName, boolean isWrite)
throws TransactionCommitFailedException {
- ElanInterface elanInterface = new ElanInterfaceBuilder().setName(portName)
- .setElanInstanceName(elanName).build();
+ ElanInterface elanInterface =
+ new ElanInterfaceBuilder().setName(portName).setElanInstanceName(elanName).build();
InstanceIdentifier<ElanInterface> id = AclServiceUtils.getElanInterfaceConfigurationDataPathId(portName);
if (isWrite) {
singleTransactionDataBroker.syncWrite(CONFIGURATION, id, elanInterface);
protected void setUpData() throws Exception {
newElan(ELAN, ELAN_TAG);
- newElanInterface(ELAN, PORT_1 ,true);
+ newElanInterface(ELAN, PORT_1, true);
newElanInterface(ELAN, PORT_2, true);
newElanInterface(ELAN, PORT_3, true);
newElanInterface(ELAN, PORT_4, true);
Code Review / netvirt.git / blobdiff