X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?a=blobdiff_plain;f=vpnservice%2Faclservice%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fopendaylight%2Fnetvirt%2Faclservice%2FStatelessEgressAclServiceImpl.java;h=db7dc3eacd6dd9d4f866beb2ad0ffaf65d072bcd;hb=6021420e09fcdd32586b974c4d17811e72504576;hp=cf57f38187fb67bb39045d219bb4ca53084a07d5;hpb=7028dfce941fe4dbf8b9d4d61ffd52edf9390fdb;p=netvirt.git

diff --git a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/StatelessEgressAclServiceImpl.java b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/StatelessEgressAclServiceImpl.java
index cf57f38187..db7dc3eacd 100644
--- a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/StatelessEgressAclServiceImpl.java
+++ b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/StatelessEgressAclServiceImpl.java
@@ -11,17 +11,18 @@ import java.math.BigInteger;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
 import org.opendaylight.genius.mdsalutil.ActionInfo;
 import org.opendaylight.genius.mdsalutil.InstructionInfo;
-import org.opendaylight.genius.mdsalutil.MatchFieldType;
-import org.opendaylight.genius.mdsalutil.MatchInfo;
 import org.opendaylight.genius.mdsalutil.MatchInfoBase;
 import org.opendaylight.genius.mdsalutil.NwConstants;
 import org.opendaylight.genius.mdsalutil.NxMatchFieldType;
 import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager;
+import org.opendaylight.genius.mdsalutil.matches.MatchTcpFlags;
 import org.opendaylight.netvirt.aclservice.api.AclServiceManager.Action;
 import org.opendaylight.netvirt.aclservice.utils.AclConstants;
+import org.opendaylight.netvirt.aclservice.utils.AclDataUtil;
 import org.opendaylight.netvirt.aclservice.utils.AclServiceOFFlowBuilder;
 import org.opendaylight.netvirt.aclservice.utils.AclServiceUtils;
 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.Ace;
@@ -41,23 +42,30 @@ import org.slf4j.LoggerFactory;
  * Note: Table names used are w.r.t switch. Hence, switch ingress is VM egress
  * and vice versa.
  */
-public class StatelessEgressAclServiceImpl extends EgressAclServiceImpl {
+public class StatelessEgressAclServiceImpl extends AbstractEgressAclServiceImpl {
 
     private static final Logger LOG = LoggerFactory.getLogger(StatelessEgressAclServiceImpl.class);
 
-    public StatelessEgressAclServiceImpl(DataBroker dataBroker,
-            IMdsalApiManager mdsalManager) {
-        super(dataBroker, mdsalManager);
+    public StatelessEgressAclServiceImpl(DataBroker dataBroker, IMdsalApiManager mdsalManager, AclDataUtil aclDataUtil,
+            AclServiceUtils aclServiceUtils) {
+        super(dataBroker, mdsalManager, aclDataUtil, aclServiceUtils);
     }
 
     @Override
-    protected void programFixedRules(BigInteger dpid, String dhcpMacAddress, List<AllowedAddressPairs> allowedAddresses,
-            int lportTag, Action action, int addOrRemove) {
+    protected void programSpecificFixedRules(BigInteger dpid, String dhcpMacAddress,
+            List<AllowedAddressPairs> allowedAddresses, int lportTag, String portId, Action action, int addOrRemove) {
     }
 
     @Override
-    protected void programAceRule(BigInteger dpId, int lportTag, int addOrRemove, Ace ace, String portId,
-            List<AllowedAddressPairs> syncAllowedAddresses) {
+    protected String syncSpecificAclFlow(BigInteger dpId, int lportTag, int addOrRemove, int priority, Ace ace,
+            String portId, Map<String, List<MatchInfoBase>> flowMap, String flowName) {
+        // Not in use here. programAceRule function is overridden.
+        return null;
+    }
+
+    @Override
+    protected void programAceRule(BigInteger dpId, int lportTag, int addOrRemove, String aclName, Ace ace,
+            String portId, List<AllowedAddressPairs> syncAllowedAddresses) {
         SecurityRuleAttr aceAttr = AclServiceUtils.getAccesssListAttributes(ace);
         if (!aceAttr.getDirection().equals(DirectionEgress.class)) {
             return;
@@ -78,22 +86,25 @@ public class StatelessEgressAclServiceImpl extends EgressAclServiceImpl {
         for (Map.Entry<String, List<MatchInfoBase>> flow : flowMap.entrySet()) {
             String flowName = flow.getKey();
             List<MatchInfoBase> flowMatches = flow.getValue();
-            boolean hasTcpDstMatch = AclServiceUtils.containsMatchFieldType(flowMatches,
-                    NxMatchFieldType.nx_tcp_dst_with_mask);
-            if (hasTcpDstMatch || protocol == null) {
+            boolean hasTcpMatch = AclServiceUtils.containsMatchFieldType(flowMatches,
+                    NxMatchFieldType.nx_tcp_dst_with_mask) || AclServiceUtils.containsMatchFieldType(flowMatches,
+                            NxMatchFieldType.nx_tcp_src_with_mask);
+            if (hasTcpMatch || protocol == null) {
                 flowName += "Egress" + lportTag + ace.getKey().getRuleName();
                 flowMatches.add(AclServiceUtils.buildLPortTagMatch(lportTag));
 
-                programAllowSynRules(dpId, flowName, flowMatches, addOrRemove);
+                programAllowSynRules(dpId, flowName, flowMatches, addOrRemove, protocol);
             }
         }
     }
 
     private void programAllowSynRules(BigInteger dpId, String origFlowName,
-            List<MatchInfoBase> origFlowMatches, int addFlow) {
+            List<MatchInfoBase> origFlowMatches, int addFlow, Short protocol) {
         List<MatchInfoBase> flowMatches = new ArrayList<>();
         flowMatches.addAll(origFlowMatches);
-        flowMatches.add(new MatchInfo(MatchFieldType.tcp_flags, new long[] { AclConstants.TCP_FLAG_SYN }));
+        if (new Short((short) NwConstants.IP_PROT_TCP).equals(protocol)) {
+            flowMatches.add(MatchTcpFlags.SYN);
+        }
 
         List<ActionInfo> actionsInfos = new ArrayList<>();
         List<InstructionInfo> instructions = getDispatcherTableResubmitInstructions(actionsInfos);