import org.opendaylight.ovsdb.utils.mdsal.openflow.InstructionUtils;
import org.opendaylight.ovsdb.utils.mdsal.openflow.MatchUtils;
import org.opendaylight.ovsdb.utils.servicehelper.ServiceHelper;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpPrefix;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpPrefixBuilder;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv4Prefix;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv6Prefix;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.PortNumber;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev100924.MacAddress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.list.Action;
import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.list.ActionBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.list.ActionKey;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.FlowId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.FlowBuilder;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.FlowKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.InstructionsBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.MatchBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.list.Instruction;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import java.math.BigInteger;
import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress;
private static final int DHCPV6_DESTINATION_PORT = 546;
private static final String HOST_MASK = "/32";
private static final String V6_HOST_MASK = "/128";
- private static final String IP_VERSION_4 = "IPv4";
- private static final String IP_VERSION_6 = "IPv6";
private static final int PORT_RANGE_MIN = 1;
private static final int PORT_RANGE_MAX = 65535;
continue;
}
- if (portSecurityRule.getSecurityRuleDirection().equals("egress")) {
+ if (NeutronSecurityRule.DIRECTION_EGRESS.equals(portSecurityRule.getSecurityRuleDirection())) {
LOG.debug("programPortSecurityGroup: Acl Rule matching IP and ingress is: {} ", portSecurityRule);
if (null != portSecurityRule.getSecurityRemoteGroupID()) {
//Remote Security group is selected
long localPort, NeutronSecurityRule portSecurityRule,
Neutron_IPs vmIp, boolean write) {
String securityRuleEtherType = portSecurityRule.getSecurityRuleEthertype();
- boolean isIpv6 = securityRuleEtherType.equals(IP_VERSION_6);
- if (!securityRuleEtherType.equals(IP_VERSION_6) && !securityRuleEtherType.equals(IP_VERSION_4)) {
+ boolean isIpv6 = NeutronSecurityRule.ETHERTYPE_IPV6.equals(securityRuleEtherType);
+ if (!isIpv6 && !NeutronSecurityRule.ETHERTYPE_IPV4.equals(securityRuleEtherType)) {
LOG.debug("programPortSecurityRule: SecurityRuleEthertype {} does not match IPv4/v6.", securityRuleEtherType);
return;
}
boolean portRange = false;
MatchBuilder matchBuilder = new MatchBuilder();
String flowId = "Egress_TCP_" + segmentationId + "_" + srcMac + "_";
- boolean isIpv6 = portSecurityRule.getSecurityRuleEthertype().equals(IP_VERSION_6);
+ boolean isIpv6 = NeutronSecurityRule.ETHERTYPE_IPV6.equals(portSecurityRule.getSecurityRuleEthertype());
if (isIpv6) {
matchBuilder = MatchUtils.createV6EtherMatchWithType(matchBuilder,srcMac,null);
} else {
NeutronSecurityRule portSecurityRule, String dstAddress,
boolean write, Integer protoPortMatchPriority) {
- boolean isIpv6 = portSecurityRule.getSecurityRuleEthertype().equals(IP_VERSION_6);
+ boolean isIpv6 = NeutronSecurityRule.ETHERTYPE_IPV6.equals(portSecurityRule.getSecurityRuleEthertype());
if (isIpv6) {
egressAclIcmpV6(dpidLong, segmentationId, srcMac, portSecurityRule, dstAddress, write, protoPortMatchPriority);
} else {
boolean portRange = false;
MatchBuilder matchBuilder = new MatchBuilder();
String flowId = "Egress_UDP_" + segmentationId + "_" + srcMac + "_";
- boolean isIpv6 = portSecurityRule.getSecurityRuleEthertype().equals(IP_VERSION_6);
+ boolean isIpv6 = NeutronSecurityRule.ETHERTYPE_IPV6.equals(portSecurityRule.getSecurityRuleEthertype());
if (isIpv6) {
matchBuilder = MatchUtils.createV6EtherMatchWithType(matchBuilder,srcMac,null);
} else {
private volatile SecurityGroupCacheManger securityGroupCacheManger;
private static final int PORT_RANGE_MIN = 1;
private static final int PORT_RANGE_MAX = 65535;
- private static final String IP_VERSION_4 = "IPv4";
- private static final String IP_VERSION_6 = "IPv6";
public IngressAclService() {
super(Service.INGRESS_ACL);
continue;
}
- if ("ingress".equals(portSecurityRule.getSecurityRuleDirection())) {
+ if (NeutronSecurityRule.DIRECTION_INGRESS.equals(portSecurityRule.getSecurityRuleDirection())) {
LOG.debug("programPortSecurityGroup: Rule matching IP and ingress is: {} ", portSecurityRule);
if (null != portSecurityRule.getSecurityRemoteGroupID()) {
//Remote Security group is selected
long localPort, NeutronSecurityRule portSecurityRule,
Neutron_IPs vmIp, boolean write) {
String securityRuleEtherType = portSecurityRule.getSecurityRuleEthertype();
- boolean isIpv6 = securityRuleEtherType.equals(IP_VERSION_6);
- if (!securityRuleEtherType.equals(IP_VERSION_6) && !securityRuleEtherType.equals(IP_VERSION_4)) {
+ boolean isIpv6 = NeutronSecurityRule.ETHERTYPE_IPV6.equals(securityRuleEtherType);
+ if (!isIpv6 && !NeutronSecurityRule.ETHERTYPE_IPV4.equals(securityRuleEtherType)) {
LOG.debug("programPortSecurityRule: SecurityRuleEthertype {} does not match IPv4/v6.", securityRuleEtherType);
return;
}
boolean portRange = false;
MatchBuilder matchBuilder = new MatchBuilder();
String flowId = "Ingress_TCP_" + segmentationId + "_" + dstMac + "_";
- boolean isIpv6 = portSecurityRule.getSecurityRuleEthertype().equals(IP_VERSION_6);
+ boolean isIpv6 = NeutronSecurityRule.ETHERTYPE_IPV6.equals(portSecurityRule.getSecurityRuleEthertype());
if (isIpv6) {
matchBuilder = MatchUtils.createV6EtherMatchWithType(matchBuilder,null,dstMac);
} else {
NeutronSecurityRule portSecurityRule, String srcAddress,
boolean write, Integer protoPortMatchPriority ) {
boolean portRange = false;
- boolean isIpv6 = portSecurityRule.getSecurityRuleEthertype().equals(IP_VERSION_6);
+ boolean isIpv6 = NeutronSecurityRule.ETHERTYPE_IPV6.equals(portSecurityRule.getSecurityRuleEthertype());
MatchBuilder matchBuilder = new MatchBuilder();
String flowId = "Ingress_UDP_" + segmentationId + "_" + dstMac + "_";
if (isIpv6) {
NeutronSecurityRule portSecurityRule, String srcAddress,
boolean write, Integer protoPortMatchPriority) {
- boolean isIpv6 = portSecurityRule.getSecurityRuleEthertype().equals(IP_VERSION_6);
+ boolean isIpv6 = NeutronSecurityRule.ETHERTYPE_IPV6.equals(portSecurityRule.getSecurityRuleEthertype());
if (isIpv6) {
ingressAclIcmpV6(dpidLong, segmentationId, dstMac, portSecurityRule, srcAddress, write, protoPortMatchPriority);
} else {
portSecurityRule = mock(NeutronSecurityRule.class);
portSecurityIpv6Rule = mock(NeutronSecurityRule.class);
- when(portSecurityRule.getSecurityRuleEthertype()).thenReturn("IPv4");
- when(portSecurityRule.getSecurityRuleDirection()).thenReturn("egress");
- when(portSecurityIpv6Rule.getSecurityRuleEthertype()).thenReturn("IPv6");
- when(portSecurityIpv6Rule.getSecurityRuleDirection()).thenReturn("egress");
+ when(portSecurityRule.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
+ when(portSecurityRule.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_EGRESS);
+ when(portSecurityIpv6Rule.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV6);
+ when(portSecurityIpv6Rule.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_EGRESS);
List<NeutronSecurityRule> portSecurityList = new ArrayList<>();
portSecurityList.add(portSecurityRule);
@Test
public void testProgramPortSecurityGroupWithIncompleteRule() throws Exception {
NeutronSecurityRule portSecurityRule1 = mock(NeutronSecurityRule.class);
- when(portSecurityRule1.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(portSecurityRule1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
when(portSecurityRule1.getSecurityRuleDirection()).thenReturn("not_egress"); // other direction
NeutronSecurityRule portSecurityRule2 = mock(NeutronSecurityRule.class);
when(portSecurityRule2.getSecurityRuleEthertype()).thenReturn(null);
- when(portSecurityRule2.getSecurityRuleDirection()).thenReturn("egress");
+ when(portSecurityRule2.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_EGRESS);
NeutronSecurityRule portSecurityRule3 = mock(NeutronSecurityRule.class);
- when(portSecurityRule3.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(portSecurityRule3.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
when(portSecurityRule3.getSecurityRuleDirection()).thenReturn(null);
NeutronSecurityRule portSecurityRule4 = mock(NeutronSecurityRule.class);
*/
@Test
public void testProgramPortSecurityACLRuleAddTcp1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(20);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(20);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddTcp1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(20);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(20);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveTcp1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(30);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(30);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveTcp1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(30);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(30);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddTcp2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(40);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(40);
when(portSecurityRule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddTcp2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(40);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(40);
when(portSecurityIpv6Rule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveTcp2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityRule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveTcp2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleAddTcpAll1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddTcpAll1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveTcpAll1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveTcpAll1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddTcpAll2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddTcpAll2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveTcpAll2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveTcpAll2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleAddUdp1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddUdp1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveUdp1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveUdp1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddUdp2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddUdp2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveUdp2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveUdp2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddUdpAll1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddUdpAll1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveUdpAll1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveUdpAll1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddUdpAll2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddUdpAll2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveUdpAll2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveUdpAll2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleAddIcmp1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("icmp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(10);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(10);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddIcmp1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("icmpv6");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMPV6);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(10);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(10);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveIcmp1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("icmp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(20);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(20);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveIcmp1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("icmpv6");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMPV6);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(20);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(20);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddIcmp2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("icmp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(30);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(30);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddIcmp2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("icmpv6");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMPV6);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(30);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(30);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveIcmp2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("icmp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(40);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(40);
when(portSecurityRule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveIcmp2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("icmpv6");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMPV6);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(40);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(40);
when(portSecurityIpv6Rule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleInvalidDirection() throws Exception {
- when(portSecurityRule.getSecurityRuleDirection()).thenReturn("ingress");
+ when(portSecurityRule.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
egressAclServiceSpy.programPortSecurityGroup(Long.valueOf(1554), "2", MAC_ADDRESS, 124, securityGroup,PORT_UUID,false);
when(orchestrator.getNextServiceInPipeline(any(Service.class))).thenReturn(Service.ARP_RESPONDER);
portSecurityRule = mock(NeutronSecurityRule.class);
- when(portSecurityRule.getSecurityRuleEthertype()).thenReturn("IPv4");
- when(portSecurityRule.getSecurityRuleDirection()).thenReturn("ingress");
+ when(portSecurityRule.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
+ when(portSecurityRule.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
List<NeutronSecurityRule> portSecurityList = new ArrayList<>();
portSecurityList.add(portSecurityRule);
neutronDestIpList.add(neutron_ip_dest_2);
portSecurityIpv6Rule = mock(NeutronSecurityRule.class);
- when(portSecurityIpv6Rule.getSecurityRuleEthertype()).thenReturn("IPv6");
- when(portSecurityIpv6Rule.getSecurityRuleDirection()).thenReturn("ingress");
+ when(portSecurityIpv6Rule.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV6);
+ when(portSecurityIpv6Rule.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
List<NeutronSecurityRule> portSecurityIpv6List = new ArrayList<>();
portSecurityIpv6List.add(portSecurityIpv6Rule);
@Test
public void testProgramPortSecurityGroupWithIncompleteRule() throws Exception {
NeutronSecurityRule portSecurityRule1 = mock(NeutronSecurityRule.class);
- when(portSecurityRule1.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(portSecurityRule1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
when(portSecurityRule1.getSecurityRuleDirection()).thenReturn("not_ingress"); // other direction
NeutronSecurityRule portSecurityRule2 = mock(NeutronSecurityRule.class);
when(portSecurityRule2.getSecurityRuleEthertype()).thenReturn(null);
- when(portSecurityRule2.getSecurityRuleDirection()).thenReturn("ingress");
+ when(portSecurityRule2.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
NeutronSecurityRule portSecurityRule3 = mock(NeutronSecurityRule.class);
- when(portSecurityRule3.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(portSecurityRule3.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
when(portSecurityRule3.getSecurityRuleDirection()).thenReturn(null);
NeutronSecurityRule portSecurityRule4 = mock(NeutronSecurityRule.class);
*/
@Test
public void testProgramPortSecurityACLRuleAddTcp1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(20);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(20);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddTcp1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(20);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(20);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveTcp1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(15);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(15);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveTcp1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(15);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(15);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddTcp2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddTcp2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveTcp2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveTcp2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddTcpAll1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddTcpAll1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveTcpAll1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveTcpAll1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddTcpAll2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddTcpAll2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveTcpAll2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveTcpAll2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("tcp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_TCP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleAddUdp1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddUdp1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveUdp1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveUdp1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddUdp2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddUdp2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveUdp2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveUdp2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(50);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddUdpAll1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIPv6AddUdpAll1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveUdpAll1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveUdpAll1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddUdpAll2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddUdpAll2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveUdpAll2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveUdpAll2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("udp");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_UDP);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(PORT_RANGE_MAX);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(PORT_RANGE_MIN);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddIcmp1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("icmp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(10);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(10);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddIcmp1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("icmpv6");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMPV6);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(10);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(10);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveIcmp1() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("icmp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(20);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(20);
when(portSecurityRule.getSecurityRuleRemoteIpPrefix()).thenReturn("0.0.0.0/24");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveIcmp1() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("icmpv6");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMPV6);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(20);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(20);
when(portSecurityIpv6Rule.getSecurityRuleRemoteIpPrefix()).thenReturn("::/64");
*/
@Test
public void testProgramPortSecurityACLRuleAddIcmp2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("icmp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(30);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(30);
when(portSecurityRule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6AddIcmp2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("icmpv6");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMPV6);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(30);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(30);
when(portSecurityIpv6Rule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleRemoveIcmp2() throws Exception {
- when(portSecurityRule.getSecurityRuleProtocol()).thenReturn("icmp");
+ when(portSecurityRule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMP);
when(portSecurityRule.getSecurityRulePortMax()).thenReturn(40);
when(portSecurityRule.getSecurityRulePortMin()).thenReturn(40);
when(portSecurityRule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
*/
@Test
public void testProgramPortSecurityACLRuleIpv6RemoveIcmp2() throws Exception {
- when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn("icmpv6");
+ when(portSecurityIpv6Rule.getSecurityRuleProtocol()).thenReturn(NeutronSecurityRule.PROTOCOL_ICMPV6);
when(portSecurityIpv6Rule.getSecurityRulePortMax()).thenReturn(40);
when(portSecurityIpv6Rule.getSecurityRulePortMin()).thenReturn(40);
when(portSecurityIpv6Rule.getSecurityRemoteGroupID()).thenReturn("85cc3048-abc3-43cc-89b3-377341426ac5");
if (dpid == 0L) {
return;
}
- if ("IPv4".equals(securityRule.getSecurityRuleEthertype())
- && "ingress".equals(securityRule.getSecurityRuleDirection())) {
-
- ingressAclProvider.programPortSecurityRule(dpid, segmentationId, attachedMac, localPort,
- securityRule, vmIp, write);
- } else if (securityRule.getSecurityRuleEthertype().equals("IPv4")
- && securityRule.getSecurityRuleDirection().equals("egress")) {
- egressAclProvider.programPortSecurityRule(dpid, segmentationId, attachedMac, localPort,
- securityRule, vmIp, write);
+ if (NeutronSecurityRule.ETHERTYPE_IPV4.equals(securityRule.getSecurityRuleEthertype())) {
+ if (NeutronSecurityRule.DIRECTION_INGRESS.equals(securityRule.getSecurityRuleDirection())) {
+ ingressAclProvider.programPortSecurityRule(dpid, segmentationId, attachedMac, localPort,
+ securityRule, vmIp, write);
+ } else if (NeutronSecurityRule.DIRECTION_EGRESS.equals(securityRule.getSecurityRuleDirection())) {
+ egressAclProvider.programPortSecurityRule(dpid, segmentationId, attachedMac, localPort,
+ securityRule, vmIp, write);
+ }
}
}
}
@XmlElement(name = "id")
String securityRuleUUID;
+ public static final String DIRECTION_EGRESS = "egress";
+ public static final String DIRECTION_INGRESS = "ingress";
+
@XmlElement(name = "direction")
String securityRuleDirection;
+ public static final String PROTOCOL_ICMP = "icmp";
+ public static final String PROTOCOL_TCP = "tcp";
+ public static final String PROTOCOL_UDP = "udp";
+ public static final String PROTOCOL_ICMPV6 = "icmpv6";
+
@XmlElement(name = "protocol")
String securityRuleProtocol;
@XmlElement(name = "port_range_max")
Integer securityRulePortMax;
+ public static final String ETHERTYPE_IPV4 = "IPv4";
+ public static final String ETHERTYPE_IPV6 = "IPv6";
+
@XmlElement(name = "ethertype")
String securityRuleEthertype;
private static final Logger LOGGER = LoggerFactory.getLogger(NeutronSecurityRuleInterface.class);
- private static final ImmutableBiMap<Class<? extends DirectionBase>,String> DIRECTION_MAP
- = new ImmutableBiMap.Builder<Class<? extends DirectionBase>,String>()
- .put(DirectionEgress.class,"egress")
- .put(DirectionIngress.class,"ingress")
- .build();
- private static final ImmutableBiMap<Class<? extends ProtocolBase>,String> PROTOCOL_MAP
- = new ImmutableBiMap.Builder<Class<? extends ProtocolBase>,String>()
- .put(ProtocolIcmp.class,"icmp")
- .put(ProtocolTcp.class,"tcp")
- .put(ProtocolUdp.class,"udp")
- .put(ProtocolIcmpV6.class,"icmpv6")
- .build();
- private static final ImmutableBiMap<Class<? extends EthertypeBase>,String> ETHERTYPE_MAP
- = new ImmutableBiMap.Builder<Class<? extends EthertypeBase>,String>()
- .put(EthertypeV4.class,"IPv4")
- .put(EthertypeV6.class,"IPv6")
- .build();
+ private static final ImmutableBiMap<Class<? extends DirectionBase>, String> DIRECTION_MAP = ImmutableBiMap.of(
+ DirectionEgress.class, NeutronSecurityRule.DIRECTION_EGRESS,
+ DirectionIngress.class, NeutronSecurityRule.DIRECTION_INGRESS);
+ private static final ImmutableBiMap<Class<? extends ProtocolBase>, String> PROTOCOL_MAP = ImmutableBiMap.of(
+ ProtocolIcmp.class, NeutronSecurityRule.PROTOCOL_ICMP,
+ ProtocolTcp.class, NeutronSecurityRule.PROTOCOL_TCP,
+ ProtocolUdp.class, NeutronSecurityRule.PROTOCOL_UDP,
+ ProtocolIcmpV6.class, NeutronSecurityRule.PROTOCOL_ICMPV6);
+ private static final ImmutableBiMap<Class<? extends EthertypeBase>,String> ETHERTYPE_MAP = ImmutableBiMap.of(
+ EthertypeV4.class, NeutronSecurityRule.ETHERTYPE_IPV4,
+ EthertypeV6.class, NeutronSecurityRule.ETHERTYPE_IPV6);
NeutronSecurityRuleInterface(ProviderContext providerContext) {
super(providerContext);
@Override
public boolean neutronSecurityRuleExists(String uuid) {
SecurityRule rule = readMd(createInstanceIdentifier(toMd(uuid)));
- if (rule == null) {
- return false;
- }
- return true;
+ return rule != null;
}
@Override
}
}
LOGGER.debug("Exiting getSecurityRule, Found {} OpenStackSecurityRule", allSecurityRules.size());
- List<NeutronSecurityRule> ans = new ArrayList<>();
- ans.addAll(allSecurityRules);
- return ans;
+ return new ArrayList<>(allSecurityRules);
}
@Override
answer.setSecurityRuleEthertype(ETHERTYPE_MAP.get(rule.getEthertype()));
}
if (rule.getPortRangeMin() != null) {
- answer.setSecurityRulePortMin(Integer.valueOf(rule.getPortRangeMin()));
+ answer.setSecurityRulePortMin(rule.getPortRangeMin());
}
if (rule.getPortRangeMax() != null) {
- answer.setSecurityRulePortMax(Integer.valueOf(rule.getPortRangeMax()));
+ answer.setSecurityRulePortMax(rule.getPortRangeMax());
}
if (rule.getId() != null) {
answer.setID(rule.getId().getValue());
securityRuleBuilder.setEthertype(mapper.get(securityRule.getSecurityRuleEthertype()));
}
if (securityRule.getSecurityRulePortMin() != null) {
- securityRuleBuilder.setPortRangeMin(Integer.valueOf(securityRule.getSecurityRulePortMin()));
+ securityRuleBuilder.setPortRangeMin(securityRule.getSecurityRulePortMin());
}
if (securityRule.getSecurityRulePortMax() != null) {
- securityRuleBuilder.setPortRangeMax(Integer.valueOf(securityRule.getSecurityRulePortMax()));
+ securityRuleBuilder.setPortRangeMax(securityRule.getSecurityRulePortMax());
}
if (securityRule.getID() != null) {
securityRuleBuilder.setId(toUuid(securityRule.getID()));
private static final Logger LOG = LoggerFactory.getLogger(NeutronSecurityRuleDataChangeListener.class);
- private static final ImmutableBiMap<Class<? extends DirectionBase>, String> DIRECTION_MAP
- = new ImmutableBiMap.Builder<Class<? extends DirectionBase>, String>()
- .put(DirectionEgress.class, "egress")
- .put(DirectionIngress.class, "ingress").build();
- private static final ImmutableBiMap<Class<? extends ProtocolBase>,String> PROTOCOL_MAP
- = new ImmutableBiMap.Builder<Class<? extends ProtocolBase>,String>()
- .put(ProtocolIcmp.class,"icmp")
- .put(ProtocolTcp.class,"tcp")
- .put(ProtocolUdp.class,"udp")
- .put(ProtocolIcmpV6.class,"icmpv6")
- .build();
- private static final ImmutableBiMap<Class<? extends EthertypeBase>,String> ETHERTYPE_MAP
- = new ImmutableBiMap.Builder<Class<? extends EthertypeBase>,String>()
- .put(EthertypeV4.class,"IPv4")
- .put(EthertypeV6.class,"IPv6")
- .build();
+ private static final ImmutableBiMap<Class<? extends DirectionBase>, String> DIRECTION_MAP = ImmutableBiMap.of(
+ DirectionEgress.class, NeutronSecurityRule.DIRECTION_EGRESS,
+ DirectionIngress.class, NeutronSecurityRule.DIRECTION_INGRESS);
+ private static final ImmutableBiMap<Class<? extends ProtocolBase>, String> PROTOCOL_MAP = ImmutableBiMap.of(
+ ProtocolIcmp.class, NeutronSecurityRule.PROTOCOL_ICMP,
+ ProtocolTcp.class, NeutronSecurityRule.PROTOCOL_TCP,
+ ProtocolUdp.class, NeutronSecurityRule.PROTOCOL_UDP,
+ ProtocolIcmpV6.class, NeutronSecurityRule.PROTOCOL_ICMPV6);
+ private static final ImmutableBiMap<Class<? extends EthertypeBase>,String> ETHERTYPE_MAP = ImmutableBiMap.of(
+ EthertypeV4.class, NeutronSecurityRule.ETHERTYPE_IPV4,
+ EthertypeV6.class, NeutronSecurityRule.ETHERTYPE_IPV6);
private ListenerRegistration<DataChangeListener> registration;
- private DataBroker db;
public NeutronSecurityRuleDataChangeListener(DataBroker db) {
- this.db = db;
InstanceIdentifier<SecurityRule> path = InstanceIdentifier
.create(Neutron.class).child(SecurityRules.class)
.child(SecurityRule.class);
LOG.debug("Register listener for Neutron Secutiry rules model data changes");
- registration = this.db.registerDataChangeListener(
+ registration = db.registerDataChangeListener(
LogicalDatastoreType.CONFIGURATION, path, this,
DataChangeScope.ONE);
.getEthertype()));
}
if (rule.getPortRangeMin() != null) {
- answer.setSecurityRulePortMin(Integer.valueOf(rule
- .getPortRangeMin()));
+ answer.setSecurityRulePortMin(rule.getPortRangeMin());
}
if (rule.getPortRangeMax() != null) {
- answer.setSecurityRulePortMax(Integer.valueOf(rule
- .getPortRangeMax()));
+ answer.setSecurityRulePortMax(rule.getPortRangeMax());
}
if (rule.getId() != null) {
answer.setID(rule.getId().getValue());
}
/**
- * Test method {@link SecurityServicesImpl#isPortSecurityReady(Interface)}
+ * Test method {@link SecurityServicesImpl#isPortSecurityReady(OvsdbTerminationPointAugmentation)}
*/
@Test
public void testIsPortSecurityReady(){
}
/**
- * Test method {@link SecurityServicesImpl#getSecurityGroupInPortList(Interface)}
+ * Test method {@link SecurityServicesImpl#getSecurityGroupInPortList(OvsdbTerminationPointAugmentation)}
*/
@Test
public void testSecurityGroupInPort(){
public void testSyncSecurityRuleAdditionEgress() {
List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
securityRuleList.add(neutronSecurityRule_1);
- when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("egress");
- when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_EGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
}
public void testSyncSecurityRuleAdditionIngress() {
List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
securityRuleList.add(neutronSecurityRule_1);
- when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
- when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
}
public void testSyncSecurityRuleDeletionEgress() {
List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
securityRuleList.add(neutronSecurityRule_1);
- when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("egress");
- when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_EGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
}
public void testSyncSecurityRuleDeletionIngress() {
List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
securityRuleList.add(neutronSecurityRule_1);
- when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
- when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
}
public void testSyncSecurityRuleDeletionIngressPortNull() {
List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
securityRuleList.add(neutronSecurityRule_1);
- when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
- when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
securityServicesImpl.syncSecurityRule(null, neutronSecurityRule_1, neutron_ip_1, false);
verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
}
List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
securityRuleList.add(neutronSecurityRule_1);
when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
- when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
- when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
}
public void testSyncSecurityRuleDeletionIngressAttachedMacNull() {
List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
securityRuleList.add(neutronSecurityRule_1);
- when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
- when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
public void testSyncSecurityRuleDeletionIngressNonIpV4() {
List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
securityRuleList.add(neutronSecurityRule_1);
- when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
- when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv6");
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV6);
securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
}
List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
securityRuleList.add(neutronSecurityRule_1);
when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("outgress");
- when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
}