import java.util.ArrayList;
import java.util.List;
import java.util.Set;
+
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.genius.mdsalutil.ActionInfo;
import org.opendaylight.genius.mdsalutil.ActionType;
private void programAclWithAllowedAddress(BigInteger dpId, List<AllowedAddressPairs> allowedAddresses,
int lportTag, List<Uuid> aclUuidList, Action action, int addOrRemove,
String portId) {
- programFixedRules(dpId, "", allowedAddresses, lportTag, portId, action, addOrRemove);
+ programGeneralFixedRules(dpId, "", allowedAddresses, lportTag, action, addOrRemove);
+ programSpecificFixedRules(dpId, "", allowedAddresses, lportTag, portId, action, addOrRemove);
if (action == Action.ADD || action == Action.REMOVE) {
programAclRules(aclUuidList, dpId, lportTag, addOrRemove, portId);
}
protected abstract void unbindService(String interfaceName);
/**
- * Program the default anti-spoofing rule and the conntrack rules.
+ * Program the default anti-spoofing rules.
+ *
+ * @param dpid the dpid
+ * @param dhcpMacAddress the dhcp mac address.
+ * @param allowedAddresses the allowed addresses
+ * @param lportTag the lport tag
+ * @param action add/modify/remove action
+ * @param addOrRemove addorRemove
+ */
+ protected abstract void programGeneralFixedRules(BigInteger dpid, String dhcpMacAddress,
+ List<AllowedAddressPairs> allowedAddresses, int lportTag, Action action, int addOrRemove);
+
+ /**
+ * Program the default specific rules.
*
* @param dpid the dpid
* @param dhcpMacAddress the dhcp mac address.
* @param allowedAddresses the allowed addresses
* @param lportTag the lport tag
- * @param portId the portId
+ * @param portId the port id
* @param action add/modify/remove action
* @param addOrRemove addorRemove
*/
- protected abstract void programFixedRules(BigInteger dpid, String dhcpMacAddress,
+ protected abstract void programSpecificFixedRules(BigInteger dpid, String dhcpMacAddress,
List<AllowedAddressPairs> allowedAddresses, int lportTag, String portId, Action action, int addOrRemove);
/**
* @param dpId the dpId
* @param lportTag the lport tag
* @param addOrRemove whether to delete or add flow
+ * @param portId the port id
* @return program succeeded
*/
protected abstract boolean programAclRules(List<Uuid> aclUuidList, BigInteger dpId, int lportTag, int addOrRemove,
* @param lportTag the lport tag
* @param addOrRemove whether to delete or add flow
* @param ace rule to be program
+ * @param portId the port id
+ * @param syncAllowedAddresses the allowed addresses
*/
protected abstract void programAceRule(BigInteger dpId, int lportTag, int addOrRemove, Ace ace, String portId,
List<AllowedAddressPairs> syncAllowedAddresses);
}
return oper;
}
+
}
/**
* Initialize the ACL service listener list.
+ * @param ingressAclService ingress acl service
+ * @param egressAclService egress acl service
*/
public AclServiceManagerImpl(final IngressAclServiceImpl ingressAclService,
final EgressAclServiceImpl egressAclService) {
MDSALUtil.syncDelete(dataBroker, LogicalDatastoreType.CONFIGURATION, path);
}
+ /**
+ * Program conntrack rules.
+ *
+ * @param dpid the dpid
+ * @param dhcpMacAddress the dhcp mac address.
+ * @param allowedAddresses the allowed addresses
+ * @param lportTag the lport tag
+ * @param addOrRemove addorRemove
+ */
@Override
- protected void programFixedRules(BigInteger dpid, String dhcpMacAddress,
+ protected void programSpecificFixedRules(BigInteger dpid, String dhcpMacAddress,
List<AllowedAddressPairs> allowedAddresses, int lportTag, String portId, Action action, int addOrRemove) {
+ programEgressAclFixedConntrackRule(dpid, allowedAddresses, lportTag, portId, action, addOrRemove);
+ }
+
+ @Override
+ protected void programGeneralFixedRules(BigInteger dpid, String dhcpMacAddress,
+ List<AllowedAddressPairs> allowedAddresses, int lportTag, Action action, int addOrRemove) {
LOG.info("programFixedRules : adding default rules.");
if (action == Action.ADD || action == Action.REMOVE) {
egressAclIcmpv6DropRouterAdvts(dpid, lportTag, addOrRemove);
}
programArpRule(dpid, allowedAddresses, lportTag, addOrRemove);
- programEgressAclFixedConntrackRule(dpid, allowedAddresses, lportTag, portId, action, addOrRemove);
}
@Override
List<ActionInfo> actionsInfos = new ArrayList<>();
actionsInfos.add(new ActionInfo(ActionType.drop_action, new String[] {}));
String flowName = "Egress_DHCP_Server_v4" + dpId + "_" + lportTag + "_" + dhcpMacAddress + "_Drop_";
- syncFlow(dpId, NwConstants.INGRESS_ACL_TABLE, flowName, AclConstants.PROTO_MATCH_PRIORITY, "ACL", 0,
+ syncFlow(dpId, NwConstants.INGRESS_ACL_TABLE, flowName,
+ AclConstants.PROTO_DHCP_CLIENT_TRAFFIC_MATCH_PRIORITY, "ACL", 0,
0, AclConstants.COOKIE_ACL_BASE, matches, instructions, addOrRemove);
}
List<ActionInfo> actionsInfos = new ArrayList<>();
actionsInfos.add(new ActionInfo(ActionType.drop_action, new String[] {}));
String flowName = "Egress_DHCP_Server_v6" + "_" + dpId + "_" + lportTag + "_" + dhcpMacAddress + "_Drop_";
- syncFlow(dpId, NwConstants.INGRESS_ACL_TABLE, flowName, AclConstants.PROTO_MATCH_PRIORITY, "ACL", 0,
+ syncFlow(dpId, NwConstants.INGRESS_ACL_TABLE, flowName,
+ AclConstants.PROTO_DHCP_CLIENT_TRAFFIC_MATCH_PRIORITY, "ACL", 0,
0, AclConstants.COOKIE_ACL_BASE, matches, instructions, addOrRemove);
}
List<InstructionInfo> instructions = getDispatcherTableResubmitInstructions(new ArrayList<>());
String flowName = "Egress_ARP_" + dpId + "_" + attachMac;
- syncFlow(dpId, NwConstants.INGRESS_ACL_TABLE, flowName, AclConstants.PROTO_MATCH_PRIORITY, "ACL", 0, 0,
+ syncFlow(dpId, NwConstants.INGRESS_ACL_TABLE, flowName,
+ AclConstants.PROTO_ARP_TRAFFIC_MATCH_PRIORITY, "ACL", 0, 0,
AclConstants.COOKIE_ACL_BASE, matches, instructions, addOrRemove);
}
}
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
+
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
import org.opendaylight.genius.mdsalutil.ActionInfo;
MDSALUtil.syncDelete(dataBroker, LogicalDatastoreType.CONFIGURATION, path);
}
+ /**
+ * Program conntrack rules.
+ *
+ * @param dpid the dpid
+ * @param dhcpMacAddress the dhcp mac address.
+ * @param allowedAddresses the allowed addresses
+ * @param lportTag the lport tag
+ * @param addOrRemove add or remove the flow
+ */
@Override
- protected void programFixedRules(BigInteger dpid, String dhcpMacAddress, List<AllowedAddressPairs> allowedAddresses,
- int lportTag, String portId, Action action, int addOrRemove) {
+ protected void programSpecificFixedRules(BigInteger dpid, String dhcpMacAddress,
+ List<AllowedAddressPairs> allowedAddresses, int lportTag, String portId, Action action, int addOrRemove) {
+ programIngressAclFixedConntrackRule(dpid, allowedAddresses, portId, action, addOrRemove);
+ }
+
+ @Override
+ protected void programGeneralFixedRules(BigInteger dpid, String dhcpMacAddress,
+ List<AllowedAddressPairs> allowedAddresses, int lportTag, Action action, int addOrRemove) {
LOG.info("programFixedRules : adding default rules.");
if (action == Action.ADD || action == Action.REMOVE) {
ingressAclIcmpv6AllowedTraffic(dpid, lportTag, addOrRemove);
}
programArpRule(dpid, lportTag, addOrRemove);
- programIngressAclFixedConntrackRule(dpid, allowedAddresses, portId, action, addOrRemove);
}
@Override
List<InstructionInfo> instructions = getDispatcherTableResubmitInstructions(new ArrayList<>());
String flowName = "Ingress_ARP_" + dpId + "_" + lportTag;
- syncFlow(dpId, NwConstants.EGRESS_ACL_TABLE, flowName, AclConstants.PROTO_MATCH_PRIORITY, "ACL", 0, 0,
+ syncFlow(dpId, NwConstants.EGRESS_ACL_TABLE, flowName,
+ AclConstants.PROTO_ARP_TRAFFIC_MATCH_PRIORITY, "ACL", 0, 0,
AclConstants.COOKIE_ACL_BASE, matches, instructions, addOrRemove);
}
}
@Override
- protected void programFixedRules(BigInteger dpid, String dhcpMacAddress,
+ protected void programSpecificFixedRules(BigInteger dpid, String dhcpMacAddress,
List<AllowedAddressPairs> allowedAddresses, int lportTag, String portId, Action action, int addOrRemove) {
- LOG.info("programFixedRules : adding default rules.");
- if (action == Action.ADD || action == Action.REMOVE) {
- egressAclDhcpDropServerTraffic(dpid, dhcpMacAddress, lportTag, addOrRemove);
- egressAclDhcpv6DropServerTraffic(dpid, dhcpMacAddress, lportTag, addOrRemove);
- }
- programArpRule(dpid, allowedAddresses, lportTag, addOrRemove);
}
@Override
List<ActionInfo> actionsInfos = new ArrayList<>();
addLearnActions(flowMatches, actionsInfos);
+ actionsInfos.add(new ActionInfo(ActionType.nx_resubmit,
+ new String[] {Short.toString(NwConstants.LPORT_DISPATCHER_TABLE)}));
+
List<InstructionInfo> instructions = new ArrayList<>();
instructions.add(new InstructionInfo(InstructionType.apply_actions, actionsInfos));
addTcpLearnActions(actionsInfos);
} else if (isUdp) {
addUdpLearnActions(actionsInfos);
- } else if (actionsInfos.isEmpty()) {
- addAllowAllLearnActions(actionsInfos);
} else {
addOtherProtocolsLearnActions(actionsInfos);
}
actionsInfos.add(new ActionInfo(ActionType.learn, header, flowMod));
}
- private void addAllowAllLearnActions(List<ActionInfo> actionsInfos) {
- String[][] flowMod = new String[5][];
-
- flowMod[0] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_VALUE.name(),
- Integer.toString(NwConstants.ETHTYPE_IPV4),
- NwConstants.NxmOfFieldType.NXM_OF_ETH_TYPE.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_ETH_TYPE.getFlowModHeaderLen() };
- flowMod[1] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
- NwConstants.NxmOfFieldType.NXM_OF_IP_DST.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_IP_SRC.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_IP_SRC.getFlowModHeaderLen() };
- flowMod[2] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
- NwConstants.NxmOfFieldType.NXM_OF_ETH_DST.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getFlowModHeaderLen() };
- flowMod[3] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
- NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getFlowModHeaderLen() };
- flowMod[4] = new String[] {
- NwConstants.LearnFlowModsType.COPY_FROM_VALUE.name(), AclConstants.LEARN_MATCH_REG_VALUE,
- NwConstants.NxmOfFieldType.NXM_NX_REG0.getHexType(), "8" };
-
- String[] header = new String[] {
- AclConstants.getGlobalConf(AclConstants.SECURITY_GROUP_UDP_IDLE_TO_KEY, "60"),
- AclConstants.getGlobalConf(AclConstants.SECURITY_GROUP_UDP_HARD_TO_KEY, "60"),
- AclConstants.PROTO_MATCH_PRIORITY.toString(),
- AclConstants.COOKIE_ACL_BASE.toString(), "0",
- Short.toString(NwConstants.EGRESS_LEARN_TABLE), "0", "0" };
- actionsInfos.add(new ActionInfo(ActionType.learn, header, flowMod));
- }
-
private void addTcpLearnActions(List<ActionInfo> actionsInfos) {
String[][] flowMod = new String[6][];
}
@Override
- protected void programFixedRules(BigInteger dpid, String dhcpMacAddress, List<AllowedAddressPairs> allowedAddresses,
- int lportTag, String portId, Action action, int addOrRemove) {
- LOG.info("programFixedRules : adding default rules.");
-
- ingressAclDhcpAllowServerTraffic(dpid, dhcpMacAddress, lportTag, addOrRemove,
- AclConstants.PROTO_PREFIX_MATCH_PRIORITY);
- ingressAclDhcpv6AllowServerTraffic(dpid, dhcpMacAddress, lportTag, addOrRemove,
- AclConstants.PROTO_PREFIX_MATCH_PRIORITY);
- programArpRule(dpid, lportTag, addOrRemove);
+ protected void programSpecificFixedRules(BigInteger dpid, String dhcpMacAddress,
+ List<AllowedAddressPairs> allowedAddresses, int lportTag, String portId, Action action, int addOrRemove) {
+
}
@Override
List<ActionInfo> actionsInfos = new ArrayList<>();
addLearnActions(flowMatches, actionsInfos);
+ actionsInfos.add(new ActionInfo(ActionType.nx_resubmit,
+ new String[] {Short.toString(NwConstants.EGRESS_LPORT_DISPATCHER_TABLE)}));
+
List<InstructionInfo> instructions = new ArrayList<>();
instructions.add(new InstructionInfo(InstructionType.apply_actions, actionsInfos));
addTcpLearnActions(actionsInfos);
} else if (isUdp) {
addUdpLearnActions(actionsInfos);
- } else if (actionsInfos.isEmpty()) {
- addAllowAllLearnActions(actionsInfos);
} else {
addOtherProtocolsLearnActions(actionsInfos);
}
actionsInfos.add(new ActionInfo(ActionType.learn, header, flowMod));
}
- private void addAllowAllLearnActions(List<ActionInfo> actionsInfos) {
- String[][] flowMod = new String[5][];
-
- flowMod[0] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_VALUE.name(),
- Integer.toString(NwConstants.ETHTYPE_IPV4),
- NwConstants.NxmOfFieldType.NXM_OF_ETH_TYPE.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_ETH_TYPE.getFlowModHeaderLen() };
- flowMod[1] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
- NwConstants.NxmOfFieldType.NXM_OF_IP_SRC.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_IP_DST.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_IP_SRC.getFlowModHeaderLen() };
- flowMod[2] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
- NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_ETH_DST.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getFlowModHeaderLen() };
- flowMod[3] = new String[] { NwConstants.LearnFlowModsType.MATCH_FROM_FIELD.name(),
- NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getHexType(),
- NwConstants.NxmOfFieldType.NXM_OF_IP_PROTO.getFlowModHeaderLen() };
- flowMod[4] = new String[] {
- NwConstants.LearnFlowModsType.COPY_FROM_VALUE.name(), AclConstants.LEARN_MATCH_REG_VALUE,
- NwConstants.NxmOfFieldType.NXM_NX_REG0.getHexType(), "8" };
-
- String[] header = new String[] {
- AclConstants.getGlobalConf(AclConstants.SECURITY_GROUP_UDP_IDLE_TO_KEY, "60"),
- AclConstants.getGlobalConf(AclConstants.SECURITY_GROUP_UDP_HARD_TO_KEY, "60"),
- AclConstants.PROTO_MATCH_PRIORITY.toString(),
- AclConstants.COOKIE_ACL_BASE.toString(), "0",
- Short.toString(NwConstants.INGRESS_LEARN_TABLE), "0", "0" };
- actionsInfos.add(new ActionInfo(ActionType.learn, header, flowMod));
- }
-
private void addTcpLearnActions(List<ActionInfo> actionsInfos) {
String[][] flowMod = new String[6][];
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
+
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.genius.mdsalutil.ActionInfo;
import org.opendaylight.genius.mdsalutil.InstructionInfo;
}
@Override
- protected void programFixedRules(BigInteger dpid, String dhcpMacAddress, List<AllowedAddressPairs> allowedAddresses,
- int lportTag, String portId, Action action, int addOrRemove) {
+ protected void programSpecificFixedRules(BigInteger dpid, String dhcpMacAddress,
+ List<AllowedAddressPairs> allowedAddresses, int lportTag, String portId, Action action, int addOrRemove) {
}
@Override
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
+
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.genius.mdsalutil.ActionInfo;
import org.opendaylight.genius.mdsalutil.InstructionInfo;
}
@Override
- protected void programFixedRules(BigInteger dpid, String dhcpMacAddress, List<AllowedAddressPairs> allowedAddresses,
- int lportTag, String portId, Action action, int addOrRemove) {
+ protected void programSpecificFixedRules(BigInteger dpid, String dhcpMacAddress,
+ List<AllowedAddressPairs> allowedAddresses, int lportTag, String portId, Action action, int addOrRemove) {
}
@Override
import java.math.BigInteger;
import java.util.List;
+
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager;
import org.opendaylight.netvirt.aclservice.api.AclServiceManager.Action;
/**
* Provides the transparent implementation for egress (w.r.t VM) ACL service.
*
- * <p>
*/
public class TransparentEgressAclServiceImpl extends EgressAclServiceImpl {
}
@Override
- protected void programFixedRules(BigInteger dpid, String dhcpMacAddress, List<AllowedAddressPairs> allowedAddresses,
- int lportTag, String portId, Action action, int addOrRemove) {
+ protected void programSpecificFixedRules(BigInteger dpid, String dhcpMacAddress,
+ List<AllowedAddressPairs> allowedAddresses, int lportTag, String portId, Action action, int addOrRemove) {
}
@Override
import java.math.BigInteger;
import java.util.List;
+
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager;
import org.opendaylight.netvirt.aclservice.api.AclServiceManager.Action;
}
@Override
- protected void programFixedRules(BigInteger dpid, String dhcpMacAddress, List<AllowedAddressPairs> allowedAddresses,
- int lportTag, String portId, Action action, int addOrRemove) {
+ protected void programSpecificFixedRules(BigInteger dpid, String dhcpMacAddress,
+ List<AllowedAddressPairs> allowedAddresses, int lportTag, String portId, Action action, int addOrRemove) {
}
@Override
public static final Integer PROTO_IPV6_ALLOWED_PRIORITY = 63010;
public static final Integer PROTO_DHCP_SERVER_MATCH_PRIORITY = 63010;
public static final Integer PROTO_DHCP_CLIENT_TRAFFIC_MATCH_PRIORITY = 63010;
+ public static final Integer PROTO_ARP_TRAFFIC_MATCH_PRIORITY = 63010;
public static final Integer PROTO_MATCH_PRIORITY = 61010;
public static final Integer PREFIX_MATCH_PRIORITY = 61009;
public static final Integer PROTO_PREFIX_MATCH_PRIORITY = 61008;
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubTcpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 80);
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(4, installFlowValueSaver.getNumOfInvocations());
+ assertEquals(8, installFlowValueSaver.getNumOfInvocations());
- FlowEntity flow = (FlowEntity) installFlowValueSaver.getInvocationParams(3).get(0);
+ FlowEntity flow = (FlowEntity) installFlowValueSaver.getInvocationParams(7).get(0);
AclServiceTestUtils.verifyMatchInfo(flow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "80", "65535");
AclServiceTestUtils.verifyActionTypeExist(flow.getInstructionInfoList().get(0).getActionInfos(),
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubAllowAllInterface(sgUuid, "if_name");
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(4, installFlowValueSaver.getNumOfInvocations());
+ assertEquals(8, installFlowValueSaver.getNumOfInvocations());
- FlowEntity flow = (FlowEntity) installFlowValueSaver.getInvocationParams(3).get(0);
+ FlowEntity flow = (FlowEntity) installFlowValueSaver.getInvocationParams(7).get(0);
AclServiceTestUtils.verifyActionTypeExist(flow.getInstructionInfoList().get(0).getActionInfos(),
ActionType.learn);
}
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubTcpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 84);
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(5, installFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(3).get(0);
+ assertEquals(9, installFlowValueSaver.getNumOfInvocations());
+ FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(7).get(0);
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "80", "65532");
- FlowEntity secondRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(4).get(0);
+ FlowEntity secondRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(8).get(0);
AclServiceTestUtils.verifyMatchInfo(secondRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "84", "65535");
}
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubUdpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 80);
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(4, installFlowValueSaver.getNumOfInvocations());
- FlowEntity flow = (FlowEntity) installFlowValueSaver.getInvocationParams(3).get(0);
+ assertEquals(8, installFlowValueSaver.getNumOfInvocations());
+ FlowEntity flow = (FlowEntity) installFlowValueSaver.getInvocationParams(7).get(0);
AclServiceTestUtils.verifyMatchInfo(flow.getMatchInfoList(),
NxMatchFieldType.nx_udp_dst_with_mask, "80", "65535");
AclServiceTestUtils.verifyActionTypeExist(flow.getInstructionInfoList().get(0).getActionInfos(),
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubTcpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 80);
assertEquals(true, testedService.removeAcl(ai));
- assertEquals(1, removeFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) removeFlowValueSaver.getInvocationParams(0).get(0);
+ assertEquals(5, removeFlowValueSaver.getNumOfInvocations());
+ FlowEntity firstRangeFlow = (FlowEntity) removeFlowValueSaver.getInvocationParams(4).get(0);
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "80", "65535");
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubTcpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 80);
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(1, installFlowValueSaver.getNumOfInvocations());
+ assertEquals(8, installFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(0).get(0);
+ FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(7).get(0);
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "80", "65535");
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubAllowAllInterface(sgUuid, "if_name");
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(1, installFlowValueSaver.getNumOfInvocations());
+ assertEquals(8, installFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(0).get(0);
+ FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(7).get(0);
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
AclServiceTestUtils.verifyActionInfo(firstRangeFlow.getInstructionInfoList().get(0).getActionInfos(),
ActionType.nx_resubmit, "" + NwConstants.LPORT_DISPATCHER_TABLE);
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubTcpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 84);
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(2, installFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(0).get(0);
+ assertEquals(9, installFlowValueSaver.getNumOfInvocations());
+ FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(7).get(0);
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "80", "65532");
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
- FlowEntity secondRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(1).get(0);
+ FlowEntity secondRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(8).get(0);
AclServiceTestUtils.verifyMatchInfo(secondRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "84", "65535");
AclServiceTestUtils.verifyMatchInfo(secondRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubUdpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 80);
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(0, installFlowValueSaver.getNumOfInvocations());
+ assertEquals(7, installFlowValueSaver.getNumOfInvocations());
}
@Test
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubTcpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 80);
assertEquals(true, testedService.removeAcl(ai));
- assertEquals(1, removeFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) removeFlowValueSaver.getInvocationParams(0).get(0);
+ assertEquals(8, removeFlowValueSaver.getNumOfInvocations());
+ FlowEntity firstRangeFlow = (FlowEntity) removeFlowValueSaver.getInvocationParams(7).get(0);
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "80", "65535");
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubTcpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 80);
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(1, installFlowValueSaver.getNumOfInvocations());
+ assertEquals(7, installFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(0).get(0);
+ FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(6).get(0);
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "80", "65535");
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubAllowAllInterface(sgUuid, "if_name");
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(1, installFlowValueSaver.getNumOfInvocations());
+ assertEquals(7, installFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(0).get(0);
+ FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(6).get(0);
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
AclServiceTestUtils.verifyActionInfo(firstRangeFlow.getInstructionInfoList().get(0).getActionInfos(),
ActionType.nx_resubmit, "" + NwConstants.EGRESS_LPORT_DISPATCHER_TABLE);
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubTcpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 84);
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(2, installFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(0).get(0);
+ assertEquals(8, installFlowValueSaver.getNumOfInvocations());
+ FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(6).get(0);
// should have been 80-83 will be fixed as part of the port range support
// https://bugs.opendaylight.org/show_bug.cgi?id=6200
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "80", "65532");
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
- FlowEntity secondRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(1).get(0);
+ FlowEntity secondRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(7).get(0);
AclServiceTestUtils.verifyMatchInfo(secondRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "84", "65535");
AclServiceTestUtils.verifyMatchInfo(secondRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubUdpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 80);
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(0, installFlowValueSaver.getNumOfInvocations());
+ assertEquals(6, installFlowValueSaver.getNumOfInvocations());
}
@Test
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubTcpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 80);
assertEquals(true, testedService.removeAcl(ai));
- assertEquals(1, removeFlowValueSaver.getNumOfInvocations());
- FlowEntity firstSynFlow = (FlowEntity) removeFlowValueSaver.getInvocationParams(0).get(0);
+ assertEquals(7, removeFlowValueSaver.getNumOfInvocations());
+ FlowEntity firstSynFlow = (FlowEntity) removeFlowValueSaver.getInvocationParams(6).get(0);
AclServiceTestUtils.verifyMatchInfo(firstSynFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "80", "65535");
AclServiceTestUtils.verifyMatchInfo(firstSynFlow.getMatchInfoList(), MatchFieldType.tcp_flags,
Code Review / netvirt.git / commitdiff