import javax.annotation.Nullable;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfo;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfo;
/**
* The Class AclInterface.
type ip-prefix-or-address;
}
}
- }
-
- container port-subnets {
- config false;
- list port-subnet {
- key port-id;
- leaf port-id {
- type string;
- description "Port ID";
+ list subnet-info {
+ key subnet-id;
+ leaf subnet-id {
+ type yang:uuid;
+ description "Subnet ID";
}
- list subnet-info {
- key subnet-id;
- leaf subnet-id {
- type yang:uuid;
- description "Subnet ID";
+ leaf ip-version {
+ description "IP version";
+ type identityref {
+ base "ip-version-base";
}
- leaf ip-version {
- description "IP version";
- type identityref {
- base "ip-version-base";
- }
- }
- leaf ip-prefix {
- type ip-prefix-or-address;
- description "Subnet IP prefix.";
- }
- leaf ipv6-ra-mode {
- description "IPv6 RA mode";
- type identityref {
- base "dhcpv6-base";
- }
- }
- leaf gateway-ip {
- type inet:ip-address;
- description "default gateway used by devices in this subnet";
+ }
+ leaf ip-prefix {
+ type ip-prefix-or-address;
+ description "Subnet IP prefix.";
+ }
+ leaf ipv6-ra-mode {
+ description "IPv6 RA mode";
+ type identityref {
+ base "dhcpv6-base";
}
}
+ leaf gateway-ip {
+ type inet:ip-address;
+ description "default gateway used by devices in this subnet";
+ }
}
}
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionIngress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.SecurityRuleAttr;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfo;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionEgress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfo;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfo;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionIngress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfo;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfo;
import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.match.rev140421.NxmNxReg6;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
import org.slf4j.Logger;
if (aclInterface.getDpId() != null) {
aclServiceManager.notify(aclInterface, null, Action.REMOVE);
}
- aclServiceUtils.deleteSubnetInfo(interfaceId);
}
}
}
if (aclInPort != null) {
sgs = aclInPort.getSecurityGroups();
builder.portSecurityEnabled(aclInPort.isPortSecurityEnabled()).securityGroups(sgs)
- .allowedAddressPairs(aclInPort.getAllowedAddressPairs());
+ .allowedAddressPairs(aclInPort.getAllowedAddressPairs()).subnetInfo(aclInPort.getSubnetInfo());
}
if ((prevAclInterface == null || prevAclInterface.getLPortTag() == null) && interfaceState != null) {
.lPortTag(interfaceState.getIfIndex()).isMarkedForDelete(false);
}
- builder.subnetInfo(aclServiceUtils.getSubnetInfo(interfaceId));
if (prevAclInterface == null || prevAclInterface.getElanId() == null) {
builder.elanId(AclServiceUtils.getElanIdFromInterface(interfaceId, dataBroker));
}
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionEgress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionIngress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfo;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
return;
}
- AclInterface aclInterface = aclInterfaceCache.addOrUpdate(added.getName(), (prevAclInterface, builder) -> {
- builder.dpId(AclServiceUtils.getDpIdFromIterfaceState(added)).lPortTag(added.getIfIndex())
- .isMarkedForDelete(false);
-
- if (AclServiceUtils.isOfInterest(prevAclInterface)) {
- if (prevAclInterface.getSubnetInfo() == null) {
- // For upgrades
- List<SubnetInfo> subnetInfo = aclServiceUtils.getSubnetInfo(added.getName());
- builder.subnetInfo(subnetInfo);
- }
- SortedSet<Integer> ingressRemoteAclTags =
- aclServiceUtils.getRemoteAclTags(prevAclInterface.getSecurityGroups(), DirectionIngress.class);
- SortedSet<Integer> egressRemoteAclTags =
- aclServiceUtils.getRemoteAclTags(prevAclInterface.getSecurityGroups(), DirectionEgress.class);
- builder.ingressRemoteAclTags(ingressRemoteAclTags).egressRemoteAclTags(egressRemoteAclTags);
- }
- });
-
- List<Uuid> aclList = aclInterface.getSecurityGroups();
- if (aclList == null) {
+ if (aclInterfaceCache.get(added.getName()) == null) {
org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces
- .Interface iface = interfaceManager.getInterfaceInfoFromConfigDataStore(added.getName());
+ .Interface iface = interfaceManager.getInterfaceInfoFromConfigDataStore(added.getName());
if (iface == null) {
LOG.error("No interface with name {} available in interfaceConfig, servicing interfaceState ADD"
+ "for ACL failed", added.getName());
added.getName());
return;
}
+ aclInterfaceCache.addOrUpdate(added.getName(), (prevAclInterface, builder) -> {
+ builder.portSecurityEnabled(aclInPort.isPortSecurityEnabled())
+ .securityGroups(aclInPort.getSecurityGroups())
+ .allowedAddressPairs(aclInPort.getAllowedAddressPairs()).subnetInfo(aclInPort.getSubnetInfo());
+ });
}
+ AclInterface aclInterface = aclInterfaceCache.addOrUpdate(added.getName(), (prevAclInterface, builder) -> {
+ builder.dpId(AclServiceUtils.getDpIdFromIterfaceState(added)).lPortTag(added.getIfIndex())
+ .isMarkedForDelete(false);
+ if (AclServiceUtils.isOfInterest(prevAclInterface)) {
+ SortedSet<Integer> ingressRemoteAclTags =
+ aclServiceUtils.getRemoteAclTags(prevAclInterface.getSecurityGroups(), DirectionIngress.class);
+ SortedSet<Integer> egressRemoteAclTags =
+ aclServiceUtils.getRemoteAclTags(prevAclInterface.getSecurityGroups(), DirectionEgress.class);
+ builder.ingressRemoteAclTags(ingressRemoteAclTags).egressRemoteAclTags(egressRemoteAclTags);
+ }
+ });
if (AclServiceUtils.isOfInterest(aclInterface)) {
+ List<Uuid> aclList = aclInterface.getSecurityGroups();
if (aclList != null) {
aclDataUtil.addAclInterfaceMap(aclList, aclInterface);
}
import org.opendaylight.genius.mdsalutil.nxmatches.NxMatchRegister;
import org.opendaylight.genius.mdsalutil.packet.IPProtocols;
import org.opendaylight.infrautils.jobcoordinator.JobCoordinator;
-import org.opendaylight.infrautils.utils.concurrent.ListenableFutures;
import org.opendaylight.netvirt.aclservice.api.AclServiceManager.MatchCriteria;
import org.opendaylight.netvirt.aclservice.api.utils.AclInterface;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.AccessLists;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddressBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpVersionV6;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.PortSubnets;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.SecurityRuleAttr;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.acl.ports.lookup.AclPortsByIp;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.acl.ports.lookup.AclPortsByIpKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.acl.ports.lookup.acl.ports.by.ip.acl.ip.prefixes.PortIdsBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.acl.ports.lookup.acl.ports.by.ip.acl.ip.prefixes.PortIdsKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.PortSubnet;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.PortSubnetKey;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfo;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfo;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.ElanInstances;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.ElanInterfaces;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.elan.instances.ElanInstance;
.child(ElanInstance.class, new ElanInstanceKey(elanInstanceName)).build();
}
- @Nullable
- public List<SubnetInfo> getSubnetInfo(String portId) {
- InstanceIdentifier<PortSubnet> id = InstanceIdentifier.builder(PortSubnets.class)
- .child(PortSubnet.class, new PortSubnetKey(portId)).build();
-
- Optional<PortSubnet> portSubnet = read(dataBroker, LogicalDatastoreType.OPERATIONAL, id);
- if (portSubnet.isPresent()) {
- return portSubnet.get().getSubnetInfo();
- }
- return null;
- }
-
- public void deleteSubnetInfo(String portId) {
- InstanceIdentifier<PortSubnet> id = InstanceIdentifier.builder(PortSubnets.class)
- .child(PortSubnet.class, new PortSubnetKey(portId)).build();
- ListenableFutures.addErrorLogging(txRunner.callWithNewWriteOnlyTransactionAndSubmit(
- OPERATIONAL, tx -> tx.delete(id)), LOG, "Failed to delete subnet info for port: " + portId);
- }
-
public void deleteAcesFromConfigDS(String aclName, List<Ace> deletedAceRules) {
List<List<Ace>> acesParts = Lists.partition(deletedAceRules, AclConstants.ACES_PER_TRANSACTION);
for (List<Ace> acePart : acesParts) {
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpVersionV4;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairsBuilder;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfo;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfoBuilder;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfoKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfo;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfoBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfoKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.elan.instances.ElanInstance;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.elan.instances.ElanInstanceBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.elan.interfaces.ElanInterface;
public void newInterface() throws Exception {
LOG.info("newInterface - start");
- newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
+ Collections.singletonList(SUBNET_INFO_1));
testInterfaceManager.addInterfaceInfo(newInterfaceInfo("port1"));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName("port1").addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
// When
putNewStateInterface(dataBroker, "port1", PORT_MAC_1);
public void newInterfaceWithEtherTypeAcl() throws Exception {
LOG.info("newInterfaceWithEtherTypeAcl - start");
- newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
- newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_1).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_2).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
+ Collections.singletonList(SUBNET_INFO_1));
+ newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2),
+ Collections.singletonList(SUBNET_INFO_1));
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_UNSPECIFIED,
public void newInterfaceWithMultipleAcl() throws Exception {
LOG.info("newInterfaceWithEtherTypeAcl - start");
- newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
- newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_1).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_2).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
+ Collections.singletonList(SUBNET_INFO_1));
+ newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2),
+ Collections.singletonList(SUBNET_INFO_1));
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_UNSPECIFIED,
List<String> sgList = new ArrayList<>();
sgList.add(SG_UUID_1);
sgList.add(SG_UUID_2);
- newAllowedAddressPair(PORT_1, sgList, Collections.singletonList(AAP_PORT_1));
- newAllowedAddressPair(PORT_2, sgList, Collections.singletonList(AAP_PORT_2));
+ newAllowedAddressPair(PORT_1, sgList, Collections.singletonList(AAP_PORT_1),
+ Collections.singletonList(SUBNET_INFO_1));
+ newAllowedAddressPair(PORT_2, sgList, Collections.singletonList(AAP_PORT_2),
+ Collections.singletonList(SUBNET_INFO_1));
asyncEventsWaiter.awaitEventsConsumption();
newInterfaceWithMultipleAclCheck();
public void newInterfaceWithTcpDstAcl() throws Exception {
LOG.info("newInterfaceWithTcpDstAcl - start");
- newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
- newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_1).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_2).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
+ Collections.singletonList(SUBNET_INFO_1));
+ newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2),
+ Collections.singletonList(SUBNET_INFO_1));
// Given
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
public void newInterfaceWithUdpDstAcl() throws Exception {
LOG.info("newInterfaceWithUdpDstAcl - start");
- newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
- newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_1).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_2).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
+ Collections.singletonList(SUBNET_INFO_1));
+ newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2),
+ Collections.singletonList(SUBNET_INFO_1));
// Given
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
public void newInterfaceWithIcmpAcl() throws Exception {
LOG.info("newInterfaceWithIcmpAcl - start");
- newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
- newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_1).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_2).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
+ Collections.singletonList(SUBNET_INFO_1));
+ newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2),
+ Collections.singletonList(SUBNET_INFO_1));
// Given
prepareInterfaceWithIcmpAcl();
public void newInterfaceWithDstPortRange() throws Exception {
LOG.info("newInterfaceWithDstPortRange - start");
- newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_1).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
+ Collections.singletonList(SUBNET_INFO_1));
// Given
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, 333, 777, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
public void newInterfaceWithDstAllPorts() throws Exception {
LOG.info("newInterfaceWithDstAllPorts - start");
- newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_1).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
+ Collections.singletonList(SUBNET_INFO_1));
// Given
Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, 1, 65535, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
public void newInterfaceWithTwoAclsHavingSameRules() throws Exception {
LOG.info("newInterfaceWithTwoAclsHavingSameRules - start");
- newAllowedAddressPair(PORT_3, Arrays.asList(SG_UUID_1, SG_UUID_2), Collections.singletonList(AAP_PORT_3));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_3).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
+ newAllowedAddressPair(PORT_3, Arrays.asList(SG_UUID_1, SG_UUID_2), Collections.singletonList(AAP_PORT_3),
+ Collections.singletonList(SUBNET_INFO_1));
// Given
Matches icmpEgressMatches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_2,
@Test
public void newInterfaceWithIcmpAclHavingOverlappingMac() throws Exception {
- newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
- newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_1).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_2).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
+ Collections.singletonList(SUBNET_INFO_1));
+ newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2),
+ Collections.singletonList(SUBNET_INFO_1));
// Given
prepareInterfaceWithIcmpAcl();
@Test
public void newInterfaceWithAapIpv4All() throws Exception {
LOG.info("newInterfaceWithAapIpv4All test - start");
- newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
+ Collections.singletonList(SUBNET_INFO_1));
List<AllowedAddressPairs> aapList = new ArrayList<>();
aapList.add(AAP_PORT_2);
aapList.add(buildAap("0.0.0.0/0", PORT_MAC_2));
- newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), aapList);
-
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_1).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_2).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
+ newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), aapList,
+ Collections.singletonList(SUBNET_INFO_1));
prepareInterfaceWithIcmpAcl();
// When
public void newInterfaceWithAap() throws Exception {
LOG.info("newInterfaceWithAap test - start");
- newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1));
+ newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
+ Collections.singletonList(SUBNET_INFO_1));
newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1),
- Arrays.asList(AAP_PORT_2, AAP_PORT_100, AAP_PORT_101));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_1).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
- dataBrokerUtil.put(new IdentifiedPortSubnetBuilder().interfaceName(PORT_2).addAllSubnetInfo(
- Collections.singletonList(SUBNET_INFO_1)));
+ Arrays.asList(AAP_PORT_2, AAP_PORT_100, AAP_PORT_101), Collections.singletonList(SUBNET_INFO_1));
prepareInterfaceWithIcmpAcl();
// When
.newMatches(matches).newDirection(DirectionIngress.class).build());
}
- protected void newAllowedAddressPair(String portName, List<String> sgUuidList, List<AllowedAddressPairs> aapList)
+ protected void newAllowedAddressPair(String portName, List<String> sgUuidList, List<AllowedAddressPairs> aapList,
+ List<SubnetInfo> subnetInfo)
throws TransactionCommitFailedException {
List<Uuid> sgList = sgUuidList.stream().map(Uuid::new).collect(Collectors.toList());
Pair<DataTreeIdentifier<Interface>, Interface> port = new IdentifiedInterfaceWithAclBuilder()
.interfaceName(portName)
.portSecurity(true)
.addAllNewSecurityGroups(sgList)
- .addAllIfAllowedAddressPairs(aapList).build();
+ .addAllIfAllowedAddressPairs(aapList)
+ .addAllIfSubnetInfo(subnetInfo).build();
dataBrokerUtil.put(port);
testInterfaceManager.addInterface(port.getValue());
}
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAclBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfo;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
@NotThreadSafe
private Boolean portSecurity;
private final List<Uuid> newSecurityGroups = new ArrayList<>();
private final List<AllowedAddressPairs> ifAllowedAddressPairs = new ArrayList<>();
+ private final List<SubnetInfo> ifSubnetInfo = new ArrayList<>();
@Override
public LogicalDatastoreType type() {
.setPortSecurityEnabled(portSecurity)
.setSecurityGroups(newSecurityGroups)
.setAllowedAddressPairs(ifAllowedAddressPairs)
+ .setSubnetInfo(ifSubnetInfo)
.build())
.setName(interfaceName)
.setType(L2vlan.class)
return this;
}
+ public IdentifiedInterfaceWithAclBuilder addAllIfSubnetInfo(List<SubnetInfo> addToIfSubnetInfo) {
+ this.ifSubnetInfo.addAll(addToIfSubnetInfo);
+ return this;
+ }
}
+++ /dev/null
-/*
- * Copyright (c) 2017 Red Hat, Inc. and others. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- */
-package org.opendaylight.netvirt.aclservice.tests;
-
-import static org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType.OPERATIONAL;
-
-import java.util.ArrayList;
-import java.util.List;
-import javax.annotation.concurrent.NotThreadSafe;
-import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
-import org.opendaylight.netvirt.aclservice.tests.infra.DataTreeIdentifierDataObjectPairBuilder;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.PortSubnets;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.PortSubnet;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.PortSubnetBuilder;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.PortSubnetKey;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfo;
-import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
-
-@NotThreadSafe
-public class IdentifiedPortSubnetBuilder implements DataTreeIdentifierDataObjectPairBuilder<PortSubnet> {
-
- private String newInterfaceName;
- private final List<SubnetInfo> subnetInfoList = new ArrayList<>();
-
- @Override
- public PortSubnet dataObject() {
- return new PortSubnetBuilder()
- .withKey(new PortSubnetKey(newInterfaceName))
- .setPortId(newInterfaceName)
- .setSubnetInfo(subnetInfoList)
- .build();
- }
-
- @Override
- public InstanceIdentifier<PortSubnet> identifier() {
- return InstanceIdentifier.builder(PortSubnets.class)
- .child(PortSubnet.class, new PortSubnetKey(newInterfaceName)).build();
- }
-
- @Override
- public LogicalDatastoreType type() {
- return OPERATIONAL;
- }
-
- public IdentifiedPortSubnetBuilder interfaceName(String interfaceName) {
- this.newInterfaceName = interfaceName;
- return this;
- }
-
- public IdentifiedPortSubnetBuilder addAllSubnetInfo(List<SubnetInfo> addToSubnetInfoList) {
- this.subnetInfoList.addAll(addToSubnetInfoList);
- return this;
- }
-
-}
interfaceAclBuilder.setPortSecurityEnabled(updatedSecurityEnabled);
if (updatedSecurityEnabled) {
// Handle security group enabled
- NeutronvpnUtils.populateInterfaceAclBuilder(interfaceAclBuilder, portUpdated);
- neutronvpnUtils.populateSubnetInfo(portUpdated);
+ neutronvpnUtils.populateInterfaceAclBuilder(interfaceAclBuilder, portUpdated);
} else {
// Handle security group disabled
interfaceAclBuilder.setSecurityGroups(new ArrayList<>());
interfaceAclBuilder.setAllowedAddressPairs(new ArrayList<>());
+ interfaceAclBuilder.setSubnetInfo(new ArrayList<>());
}
} else {
if (updatedSecurityEnabled) {
if (portOriginal.getFixedIps() != null
&& !portOriginal.getFixedIps().equals(portUpdated.getFixedIps())) {
- neutronvpnUtils.populateSubnetInfo(portUpdated);
+ neutronvpnUtils.populateSubnetInfo(interfaceAclBuilder, portUpdated);
}
}
}
if (NeutronvpnUtils.getPortSecurityEnabled(port)) {
InterfaceAclBuilder interfaceAclBuilder = new InterfaceAclBuilder();
interfaceAclBuilder.setPortSecurityEnabled(true);
- NeutronvpnUtils.populateInterfaceAclBuilder(interfaceAclBuilder, port);
+ neutronvpnUtils.populateInterfaceAclBuilder(interfaceAclBuilder, port);
interfaceBuilder.addAugmentation(InterfaceAcl.class, interfaceAclBuilder.build());
- neutronvpnUtils.populateSubnetInfo(port);
}
return interfaceBuilder.build();
}
import org.opendaylight.controller.md.sal.binding.api.ReadOnlyTransaction;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
import org.opendaylight.controller.md.sal.common.api.data.ReadFailedException;
-import org.opendaylight.controller.md.sal.common.api.data.TransactionCommitFailedException;
import org.opendaylight.genius.datastoreutils.SingleTransactionDataBroker;
import org.opendaylight.genius.infra.Datastore;
import org.opendaylight.genius.infra.ManagedNewTransactionRunner;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAclBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpVersionBase;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.PortSubnets;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairsBuilder;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.PortSubnet;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.PortSubnetBuilder;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.PortSubnetKey;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfo;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfoBuilder;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.port.subnets.port.subnet.SubnetInfoKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfo;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfoBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfoKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.SegmentTypeBase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.SegmentTypeFlat;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.SegmentTypeGre;
* @param interfaceAclBuilder the interface acl builder
* @param port the port
*/
- protected static void populateInterfaceAclBuilder(InterfaceAclBuilder interfaceAclBuilder, Port port) {
+ protected void populateInterfaceAclBuilder(InterfaceAclBuilder interfaceAclBuilder, Port port) {
// Handle security group enabled
List<Uuid> securityGroups = port.getSecurityGroups();
if (securityGroups != null) {
aclAllowedAddressPairs.addAll(NeutronvpnUtils.getAllowedAddressPairsForAclService(portAllowedAddressPairs));
}
interfaceAclBuilder.setAllowedAddressPairs(aclAllowedAddressPairs);
+
+ populateSubnetInfo(interfaceAclBuilder, port);
}
- protected void populateSubnetInfo(Port port) {
+ protected void populateSubnetInfo(InterfaceAclBuilder interfaceAclBuilder, Port port) {
List<SubnetInfo> portSubnetInfo = getSubnetInfo(port);
if (portSubnetInfo != null) {
- String portId = port.getUuid().getValue();
- InstanceIdentifier<PortSubnet> portSubnetIdentifier = buildPortSubnetIdentifier(portId);
-
- PortSubnetBuilder portSubnetBuilder = new PortSubnetBuilder().withKey(new PortSubnetKey(portId))
- .setPortId(portId).setSubnetInfo(portSubnetInfo);
- try {
- SingleTransactionDataBroker.syncWrite(dataBroker, LogicalDatastoreType.OPERATIONAL,
- portSubnetIdentifier, portSubnetBuilder.build());
- } catch (TransactionCommitFailedException e) {
- LOG.error("Failed to populate subnet info for port={}", portId, e);
- }
- LOG.debug("Created Subnet info for port={}", portId);
+ interfaceAclBuilder.setSubnetInfo(portSubnetInfo);
}
}
FloatingIpIdToPortMappingKey(floatingIpId)).build();
}
- static InstanceIdentifier<PortSubnet> buildPortSubnetIdentifier(String portId) {
+ /*static InstanceIdentifier<PortSubnet> buildPortSubnetIdentifier(String portId) {
InstanceIdentifier<PortSubnet> id = InstanceIdentifier.builder(PortSubnets.class)
.child(PortSubnet.class, new PortSubnetKey(portId)).build();
return id;
- }
+ }*/
// TODO Remove this method entirely
@SuppressWarnings("checkstyle:IllegalCatch")