Code Review / netvirt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
MRI version bumpup for Aluminium
[netvirt.git] / aclservice / impl / src / test / java / org / opendaylight / netvirt / aclservice / tests / AclServiceTestBase.java
1 /*
2  * Copyright © 2016, 2017 Red Hat, Inc. and others. All rights reserved.
3  *
4  * This program and the accompanying materials are made available under the
5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6  * and is available at http://www.eclipse.org/legal/epl-v10.html
7  */
8 package org.opendaylight.netvirt.aclservice.tests;
9
10 import static org.opendaylight.mdsal.common.api.LogicalDatastoreType.CONFIGURATION;
11 import static org.opendaylight.netvirt.aclservice.tests.StateInterfaceBuilderHelper.putNewStateInterface;
12
13 import java.math.BigInteger;
14 import java.util.ArrayList;
15 import java.util.Arrays;
16 import java.util.Collections;
17 import java.util.List;
18 import java.util.stream.Collectors;
19 import javax.inject.Inject;
20 import org.eclipse.xtext.xbase.lib.Pair;
21 import org.junit.Before;
22 import org.junit.Ignore;
23 import org.junit.Rule;
24 import org.junit.Test;
25 import org.opendaylight.genius.datastoreutils.SingleTransactionDataBroker;
26 import org.opendaylight.genius.datastoreutils.testutils.AsyncEventsWaiter;
27 import org.opendaylight.genius.datastoreutils.testutils.JobCoordinatorEventsWaiter;
28 import org.opendaylight.genius.interfacemanager.globals.InterfaceInfo;
29 import org.opendaylight.genius.mdsalutil.FlowEntity;
30 import org.opendaylight.genius.mdsalutil.NwConstants;
31 import org.opendaylight.genius.mdsalutil.interfaces.testutils.TestIMdsalApiManager;
32 import org.opendaylight.genius.testutils.TestInterfaceManager;
33 import org.opendaylight.infrautils.testutils.LogCaptureRule;
34 import org.opendaylight.infrautils.testutils.LogRule;
35 import org.opendaylight.mdsal.binding.api.DataBroker;
36 import org.opendaylight.mdsal.binding.api.DataTreeIdentifier;
37 import org.opendaylight.mdsal.common.api.TransactionCommitFailedException;
38 import org.opendaylight.netvirt.aclservice.tests.infra.DataBrokerPairsUtil;
39 import org.opendaylight.netvirt.aclservice.utils.AclConstants;
40 import org.opendaylight.netvirt.aclservice.utils.AclServiceUtils;
41 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.Matches;
42 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.MatchesBuilder;
43 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIpBuilder;
44 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.ace.ip.version.AceIpv4Builder;
45 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddressBuilder;
46 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefixBuilder;
47 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Prefix;
48 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
49 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface;
50 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160218.acl.transport.header.fields.DestinationPortRangeBuilder;
51 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress;
52 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
53 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionEgress;
54 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionIngress;
55 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress;
56 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddressBuilder;
57 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpVersionBase;
58 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpVersionV4;
59 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
60 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairsBuilder;
61 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfo;
62 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfoBuilder;
63 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfoKey;
64 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.elan.instances.ElanInstance;
65 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.elan.instances.ElanInstanceBuilder;
66 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.elan.interfaces.ElanInterface;
67 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.elan.interfaces.ElanInterfaceBuilder;
68 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
69 import org.opendaylight.yangtools.yang.common.Uint64;
70 import org.slf4j.Logger;
71 import org.slf4j.LoggerFactory;
72
73 public abstract class AclServiceTestBase {
74     private static final Logger LOG = LoggerFactory.getLogger(AclServiceTestBase.class);
75
76     public @Rule LogRule logRule = new LogRule();
77     public @Rule LogCaptureRule logCaptureRule = new LogCaptureRule();
78
79     // public static @ClassRule RunUntilFailureClassRule classRepeater = new RunUntilFailureClassRule();
80     // public @Rule RunUntilFailureRule repeater = new RunUntilFailureRule(classRepeater);
81
82     static final String PORT_MAC_1 = "0D:AA:D8:42:30:F3";
83     static final String PORT_MAC_2 = "0D:AA:D8:42:30:F4";
84     static final String PORT_MAC_3 = "0D:AA:D8:42:30:F5";
85     static final String PORT_MAC_4 = "0D:AA:D8:42:30:F6";
86     static final String PORT_1 = "port1";
87     static final String PORT_2 = "port2";
88     static final String PORT_3 = "port3";
89     static final String PORT_4 = "port4";
90     static String SG_UUID = "85cc3048-abc3-43cc-89b3-377341426ac5";
91     static String SR_UUID_1 = "85cc3048-abc3-43cc-89b3-377341426ac6";
92     static String SR_UUID_2 = "85cc3048-abc3-43cc-89b3-377341426ac7";
93     static String SG_UUID_1 = "85cc3048-abc3-43cc-89b3-377341426ac5";
94     static String SG_UUID_2 = "85cc3048-abc3-43cc-89b3-377341426ac8";
95     static String SR_UUID_1_1 = "85cc3048-abc3-43cc-89b3-377341426ac6";
96     static String SR_UUID_1_2 = "85cc3048-abc3-43cc-89b3-377341426ac7";
97     static String SR_UUID_2_1 = "85cc3048-abc3-43cc-89b3-377341426a21";
98     static String SR_UUID_2_2 = "85cc3048-abc3-43cc-89b3-377341426a22";
99     static String ELAN = "elan1";
100     static String IP_PREFIX_1 = "10.0.0.1/32";
101     static String IP_PREFIX_2 = "10.0.0.2/32";
102     static String IP_PREFIX_3 = "10.0.0.3/32";
103     static String IP_PREFIX_4 = "10.0.0.4/32";
104     static String IP_100_PREFIX = "10.0.0.100/32";
105     static String IP_101_PREFIX = "10.0.0.101/32";
106     static long ELAN_TAG = 5000L;
107
108     static String SUBNET_IP_PREFIX_1 = "10.0.0.0/24";
109     static Uuid SUBNET_ID_1 = new Uuid("39add98b-63b7-42e6-8368-ff807eee165e");
110     static SubnetInfo SUBNET_INFO_1 = buildSubnetInfo(SUBNET_ID_1, SUBNET_IP_PREFIX_1, IpVersionV4.class, "10.0.0.1");
111
112     static AllowedAddressPairs AAP_PORT_1;
113     static AllowedAddressPairs AAP_PORT_2;
114     static AllowedAddressPairs AAP_PORT_3;
115     static AllowedAddressPairs AAP_PORT_4;
116     static AllowedAddressPairs AAP_PORT_100;
117     static AllowedAddressPairs AAP_PORT_101;
118
119     @Inject DataBroker dataBroker;
120     @Inject DataBrokerPairsUtil dataBrokerUtil;
121     SingleTransactionDataBroker singleTransactionDataBroker;
122     @Inject TestIMdsalApiManager mdsalApiManager;
123     @Inject AsyncEventsWaiter asyncEventsWaiter;
124     @Inject JobCoordinatorEventsWaiter coordinatorEventsWaiter;
125     @Inject TestInterfaceManager testInterfaceManager;
126
127     @Before
128     public void beforeEachTest() throws Exception {
129         singleTransactionDataBroker = new SingleTransactionDataBroker(dataBroker);
130         setUpData();
131     }
132
133     private InterfaceInfo newInterfaceInfo(String testInterfaceName) {
134         InterfaceInfo interfaceInfo = new InterfaceInfo(Uint64.valueOf(BigInteger.valueOf(789)), "port1");
135         interfaceInfo.setInterfaceName(testInterfaceName);
136         return interfaceInfo;
137     }
138
139     @Test
140     public void newInterface() throws Exception {
141         LOG.info("newInterface - start");
142
143         newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
144                 Collections.singletonList(SUBNET_INFO_1));
145         testInterfaceManager.addInterfaceInfo(newInterfaceInfo("port1"));
146
147         // When
148         putNewStateInterface(dataBroker, "port1", PORT_MAC_1);
149
150         asyncEventsWaiter.awaitEventsConsumption();
151
152         // Then
153         newInterfaceCheck();
154         LOG.info("newInterface - end");
155     }
156
157     abstract void newInterfaceCheck();
158
159     @Test
160     @Ignore
161     public void newInterfaceWithEtherTypeAcl() throws Exception {
162         LOG.info("newInterfaceWithEtherTypeAcl - start");
163
164         newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
165                 Collections.singletonList(SUBNET_INFO_1));
166         asyncEventsWaiter.awaitEventsConsumption();
167         newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2),
168                 Collections.singletonList(SUBNET_INFO_1));
169         asyncEventsWaiter.awaitEventsConsumption();
170
171         Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
172                 AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_UNSPECIFIED,
173                 AclConstants.DEST_UPPER_PORT_UNSPECIFIED, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
174                 AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) -1);
175         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
176                 .newMatches(matches).newDirection(DirectionEgress.class).build());
177         asyncEventsWaiter.awaitEventsConsumption();
178         matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
179                 AclConstants.DEST_LOWER_PORT_UNSPECIFIED, AclConstants.DEST_UPPER_PORT_UNSPECIFIED,
180                 AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
181                 (short) -1);
182         dataBrokerUtil.put(
183                 new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2).newMatches(matches)
184                         .newDirection(DirectionIngress.class).newRemoteGroupId(new Uuid(SG_UUID_1)).build());
185         asyncEventsWaiter.awaitEventsConsumption();
186         // When
187         putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
188         asyncEventsWaiter.awaitEventsConsumption();
189         putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
190         asyncEventsWaiter.awaitEventsConsumption();
191
192         asyncEventsWaiter.awaitEventsConsumption();
193
194         // Then
195         newInterfaceWithEtherTypeAclCheck();
196         LOG.info("newInterfaceWithEtherTypeAcl - end");
197     }
198
199     abstract void newInterfaceWithEtherTypeAclCheck();
200
201     @Test
202     public void newInterfaceWithMultipleAcl() throws Exception {
203         LOG.info("newInterfaceWithEtherTypeAcl - start");
204
205         newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
206                 Collections.singletonList(SUBNET_INFO_1));
207         asyncEventsWaiter.awaitEventsConsumption();
208         newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2),
209                 Collections.singletonList(SUBNET_INFO_1));
210         asyncEventsWaiter.awaitEventsConsumption();
211
212         Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
213                 AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_UNSPECIFIED,
214                 AclConstants.DEST_UPPER_PORT_UNSPECIFIED, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
215                 AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) -1);
216         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
217                 .newMatches(matches).newDirection(DirectionEgress.class).build());
218         asyncEventsWaiter.awaitEventsConsumption();
219         matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
220                 AclConstants.DEST_LOWER_PORT_UNSPECIFIED, AclConstants.DEST_UPPER_PORT_UNSPECIFIED,
221                 AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
222                 (short) -1);
223         dataBrokerUtil.put(
224                 new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2).newMatches(matches)
225                         .newDirection(DirectionIngress.class).newRemoteGroupId(new Uuid(SG_UUID_1)).build());
226         asyncEventsWaiter.awaitEventsConsumption();
227         // When
228         putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
229         asyncEventsWaiter.awaitEventsConsumption();
230         putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
231         asyncEventsWaiter.awaitEventsConsumption();
232
233         asyncEventsWaiter.awaitEventsConsumption();
234
235         // Then
236         newInterfaceWithEtherTypeAclCheck();
237
238         LOG.info("newInterfaceWithEtherTypeAcl - end");
239
240         // Given
241         matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
242                 AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_HTTP,
243                 AclConstants.DEST_UPPER_PORT_HTTP, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
244                 AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_TCP);
245         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_2).newRuleName(SR_UUID_2_1)
246                 .newMatches(matches).newDirection(DirectionEgress.class).newRemoteGroupId(new Uuid(SG_UUID_2)).build());
247         asyncEventsWaiter.awaitEventsConsumption();
248         matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
249                 AclConstants.DEST_LOWER_PORT_HTTP, AclConstants.DEST_UPPER_PORT_HTTP,
250                 AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
251                 (short) NwConstants.IP_PROT_TCP);
252
253         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_2).newRuleName(SR_UUID_2_2)
254                 .newMatches(matches).newDirection(DirectionIngress.class).build());
255         asyncEventsWaiter.awaitEventsConsumption();
256         List<String> sgList = new ArrayList<>();
257         sgList.add(SG_UUID_1);
258         sgList.add(SG_UUID_2);
259         newAllowedAddressPair(PORT_1, sgList, Collections.singletonList(AAP_PORT_1),
260                 Collections.singletonList(SUBNET_INFO_1));
261         asyncEventsWaiter.awaitEventsConsumption();
262         newAllowedAddressPair(PORT_2, sgList, Collections.singletonList(AAP_PORT_2),
263                 Collections.singletonList(SUBNET_INFO_1));
264         asyncEventsWaiter.awaitEventsConsumption();
265
266         asyncEventsWaiter.awaitEventsConsumption();
267         newInterfaceWithMultipleAclCheck();
268     }
269
270     abstract void newInterfaceWithMultipleAclCheck();
271
272     @Test
273     public void newInterfaceWithTcpDstAcl() throws Exception {
274         LOG.info("newInterfaceWithTcpDstAcl - start");
275
276         newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
277                 Collections.singletonList(SUBNET_INFO_1));
278         asyncEventsWaiter.awaitEventsConsumption();
279         newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2),
280                 Collections.singletonList(SUBNET_INFO_1));
281         asyncEventsWaiter.awaitEventsConsumption();
282
283         // Given
284         Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
285                 AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_HTTP,
286                 AclConstants.DEST_UPPER_PORT_HTTP, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
287                 AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_TCP);
288         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
289                 .newMatches(matches).newDirection(DirectionEgress.class).newRemoteGroupId(new Uuid(SG_UUID_1)).build());
290         asyncEventsWaiter.awaitEventsConsumption();
291         matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
292                 AclConstants.DEST_LOWER_PORT_HTTP, AclConstants.DEST_UPPER_PORT_HTTP,
293                 AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
294                 (short) NwConstants.IP_PROT_TCP);
295
296         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2)
297                 .newMatches(matches).newDirection(DirectionIngress.class).build());
298         asyncEventsWaiter.awaitEventsConsumption();
299
300         // When
301         putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
302         asyncEventsWaiter.awaitEventsConsumption();
303         putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
304         asyncEventsWaiter.awaitEventsConsumption();
305
306         asyncEventsWaiter.awaitEventsConsumption();
307
308         // Then
309         newInterfaceWithTcpDstAclCheck();
310         LOG.info("newInterfaceWithTcpDstAcl - end");
311     }
312
313     abstract void newInterfaceWithTcpDstAclCheck();
314
315     @Test
316     public void newInterfaceWithUdpDstAcl() throws Exception {
317         LOG.info("newInterfaceWithUdpDstAcl - start");
318
319         newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
320                 Collections.singletonList(SUBNET_INFO_1));
321         asyncEventsWaiter.awaitEventsConsumption();
322         newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2),
323                 Collections.singletonList(SUBNET_INFO_1));
324         asyncEventsWaiter.awaitEventsConsumption();
325
326         // Given
327         Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
328                 AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_HTTP,
329                 AclConstants.DEST_UPPER_PORT_HTTP, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
330                 AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_UDP);
331         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
332                 .newMatches(matches).newDirection(DirectionEgress.class).build());
333         asyncEventsWaiter.awaitEventsConsumption();
334
335         matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
336                 AclConstants.DEST_LOWER_PORT_HTTP, AclConstants.DEST_UPPER_PORT_HTTP,
337                 AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
338                 (short) NwConstants.IP_PROT_UDP);
339         dataBrokerUtil.put(
340                 new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2).newMatches(matches)
341                         .newDirection(DirectionIngress.class).newRemoteGroupId(new Uuid(SG_UUID_1)).build());
342         asyncEventsWaiter.awaitEventsConsumption();
343
344         // When
345         putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
346         asyncEventsWaiter.awaitEventsConsumption();
347         putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
348         asyncEventsWaiter.awaitEventsConsumption();
349
350         asyncEventsWaiter.awaitEventsConsumption();
351
352         // Then
353         newInterfaceWithUdpDstAclCheck();
354         LOG.info("newInterfaceWithUdpDstAcl - end");
355     }
356
357     abstract void newInterfaceWithUdpDstAclCheck();
358
359     @Test
360     public void newInterfaceWithIcmpAcl() throws Exception {
361         LOG.info("newInterfaceWithIcmpAcl - start");
362
363         newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
364                 Collections.singletonList(SUBNET_INFO_1));
365         asyncEventsWaiter.awaitEventsConsumption();
366         newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2),
367                 Collections.singletonList(SUBNET_INFO_1));
368         asyncEventsWaiter.awaitEventsConsumption();
369         // Given
370         prepareInterfaceWithIcmpAcl();
371
372         // When
373         putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
374         asyncEventsWaiter.awaitEventsConsumption();
375         putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
376         asyncEventsWaiter.awaitEventsConsumption();
377
378         asyncEventsWaiter.awaitEventsConsumption();
379
380         // Then
381         newInterfaceWithIcmpAclCheck();
382         LOG.info("newInterfaceWithIcmpAcl - end");
383     }
384
385     abstract void newInterfaceWithIcmpAclCheck();
386
387     @Test
388     public void newInterfaceWithDstPortRange() throws Exception {
389         LOG.info("newInterfaceWithDstPortRange - start");
390
391         newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
392                 Collections.singletonList(SUBNET_INFO_1));
393         asyncEventsWaiter.awaitEventsConsumption();
394         // Given
395         Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
396                 AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, 333, 777, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
397                 AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_TCP);
398         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
399                 .newMatches(matches).newDirection(DirectionEgress.class).build());
400         asyncEventsWaiter.awaitEventsConsumption();
401         matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, 2000,
402                 2003, AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
403                 (short) NwConstants.IP_PROT_UDP);
404
405         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2)
406                 .newMatches(matches).newDirection(DirectionIngress.class).build());
407         asyncEventsWaiter.awaitEventsConsumption();
408
409         // When
410         putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
411         asyncEventsWaiter.awaitEventsConsumption();
412
413         asyncEventsWaiter.awaitEventsConsumption();
414
415         // Then
416         newInterfaceWithDstPortRangeCheck();
417         LOG.info("newInterfaceWithDstPortRange - end");
418     }
419
420     abstract void newInterfaceWithDstPortRangeCheck();
421
422     @Test
423     @Ignore
424     public void newInterfaceWithDstAllPorts() throws Exception {
425         LOG.info("newInterfaceWithDstAllPorts - start");
426
427         newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
428                 Collections.singletonList(SUBNET_INFO_1));
429         asyncEventsWaiter.awaitEventsConsumption();
430         // Given
431         Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
432                 AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, 1, 65535, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
433                 AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_TCP);
434         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
435                 .newMatches(matches).newDirection(DirectionEgress.class).build());
436         asyncEventsWaiter.awaitEventsConsumption();
437         matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, 1,
438                 65535, AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
439                 (short) NwConstants.IP_PROT_UDP);
440
441         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2)
442                 .newMatches(matches).newDirection(DirectionIngress.class).build());
443         asyncEventsWaiter.awaitEventsConsumption();
444
445         // When
446         putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
447         asyncEventsWaiter.awaitEventsConsumption();
448
449         asyncEventsWaiter.awaitEventsConsumption();
450
451         // Then
452         newInterfaceWithDstAllPortsCheck();
453         LOG.info("newInterfaceWithDstAllPorts - end");
454     }
455
456     abstract void newInterfaceWithDstAllPortsCheck();
457
458     @Test
459     public void newInterfaceWithTwoAclsHavingSameRules() throws Exception {
460         LOG.info("newInterfaceWithTwoAclsHavingSameRules - start");
461
462         newAllowedAddressPair(PORT_3, Arrays.asList(SG_UUID_1, SG_UUID_2), Collections.singletonList(AAP_PORT_3),
463                 Collections.singletonList(SUBNET_INFO_1));
464         asyncEventsWaiter.awaitEventsConsumption();
465         // Given
466         Matches icmpEgressMatches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
467                 AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_2,
468                 AclConstants.DEST_UPPER_PORT_3, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
469                 AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_ICMP);
470         Matches icmpIngressMatches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
471                 AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_2,
472                 AclConstants.DEST_UPPER_PORT_3, AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED,
473                 AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED, (short) NwConstants.IP_PROT_ICMP);
474
475         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
476                 .newMatches(icmpEgressMatches).newDirection(DirectionEgress.class).build());
477         asyncEventsWaiter.awaitEventsConsumption();
478
479         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2)
480                 .newMatches(icmpIngressMatches).newDirection(DirectionIngress.class).build());
481         asyncEventsWaiter.awaitEventsConsumption();
482
483         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_2).newRuleName(SR_UUID_2_1)
484                 .newMatches(icmpEgressMatches).newDirection(DirectionEgress.class).build());
485         asyncEventsWaiter.awaitEventsConsumption();
486
487         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_2).newRuleName(SR_UUID_2_2)
488                 .newMatches(icmpIngressMatches).newDirection(DirectionIngress.class).build());
489         asyncEventsWaiter.awaitEventsConsumption();
490
491         // When
492         putNewStateInterface(dataBroker, PORT_3, PORT_MAC_3);
493         asyncEventsWaiter.awaitEventsConsumption();
494
495         asyncEventsWaiter.awaitEventsConsumption();
496
497         // Then
498         newInterfaceWithTwoAclsHavingSameRulesCheck();
499         LOG.info("newInterfaceWithTwoAclsHavingSameRules - end");
500     }
501
502     abstract void newInterfaceWithTwoAclsHavingSameRulesCheck();
503
504     @Test
505     public void newInterfaceWithIcmpAclHavingOverlappingMac() throws Exception {
506         newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
507                 Collections.singletonList(SUBNET_INFO_1));
508         asyncEventsWaiter.awaitEventsConsumption();
509         newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_2),
510                 Collections.singletonList(SUBNET_INFO_1));
511         asyncEventsWaiter.awaitEventsConsumption();
512         // Given
513         prepareInterfaceWithIcmpAcl();
514
515         // When
516         putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
517         asyncEventsWaiter.awaitEventsConsumption();
518         putNewStateInterface(dataBroker, PORT_2, PORT_MAC_1);
519         asyncEventsWaiter.awaitEventsConsumption();
520
521         asyncEventsWaiter.awaitEventsConsumption();
522
523         // Then
524         newInterfaceWithIcmpAclCheck();
525     }
526
527     @Test
528     public void newInterfaceWithAapIpv4All() throws Exception {
529         LOG.info("newInterfaceWithAapIpv4All test - start");
530         newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
531                 Collections.singletonList(SUBNET_INFO_1));
532         asyncEventsWaiter.awaitEventsConsumption();
533         List<AllowedAddressPairs> aapList = new ArrayList<>();
534         aapList.add(AAP_PORT_2);
535         aapList.add(buildAap("0.0.0.0/0", PORT_MAC_2));
536         newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1), aapList,
537                 Collections.singletonList(SUBNET_INFO_1));
538         asyncEventsWaiter.awaitEventsConsumption();
539
540         prepareInterfaceWithIcmpAcl();
541         // When
542         putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
543         asyncEventsWaiter.awaitEventsConsumption();
544         putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
545         asyncEventsWaiter.awaitEventsConsumption();
546
547         asyncEventsWaiter.awaitEventsConsumption();
548
549         // Then
550         newInterfaceWithAapIpv4AllCheck();
551         LOG.info("newInterfaceWithAapIpv4All test - end");
552     }
553
554     abstract void newInterfaceWithAapIpv4AllCheck();
555
556     @Test
557     public void newInterfaceWithAap() throws Exception {
558         LOG.info("newInterfaceWithAap test - start");
559
560         newAllowedAddressPair(PORT_1, Collections.singletonList(SG_UUID_1), Collections.singletonList(AAP_PORT_1),
561                 Collections.singletonList(SUBNET_INFO_1));
562         asyncEventsWaiter.awaitEventsConsumption();
563         newAllowedAddressPair(PORT_2, Collections.singletonList(SG_UUID_1),
564                 Arrays.asList(AAP_PORT_2, AAP_PORT_100, AAP_PORT_101), Collections.singletonList(SUBNET_INFO_1));
565         asyncEventsWaiter.awaitEventsConsumption();
566
567         prepareInterfaceWithIcmpAcl();
568         // When
569         putNewStateInterface(dataBroker, PORT_1, PORT_MAC_1);
570         asyncEventsWaiter.awaitEventsConsumption();
571         putNewStateInterface(dataBroker, PORT_2, PORT_MAC_2);
572         asyncEventsWaiter.awaitEventsConsumption();
573
574         asyncEventsWaiter.awaitEventsConsumption();
575
576         // Then
577         newInterfaceWithAapCheck();
578         LOG.info("newInterfaceWithAap test - end");
579     }
580
581     abstract void newInterfaceWithAapCheck();
582
583     protected void assertFlowsInAnyOrder(Iterable<FlowEntity> expectedFlows) {
584         coordinatorEventsWaiter.awaitEventsConsumption();
585         asyncEventsWaiter.awaitEventsConsumption();
586         mdsalApiManager.assertFlowsInAnyOrder(expectedFlows);
587     }
588
589     protected void prepareInterfaceWithIcmpAcl() throws TransactionCommitFailedException {
590         // Given
591         Matches matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED,
592                 AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED, AclConstants.DEST_LOWER_PORT_2,
593                 AclConstants.DEST_UPPER_PORT_3, AclConstants.SOURCE_REMOTE_IP_PREFIX_UNSPECIFIED,
594                 AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED, (short) NwConstants.IP_PROT_ICMP);
595         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_1)
596                 .newMatches(matches).newDirection(DirectionEgress.class).newRemoteGroupId(new Uuid(SG_UUID_1)).build());
597         asyncEventsWaiter.awaitEventsConsumption();
598
599         matches = newMatch(AclConstants.SOURCE_LOWER_PORT_UNSPECIFIED, AclConstants.SOURCE_UPPER_PORT_UNSPECIFIED,
600                 AclConstants.DEST_LOWER_PORT_2, AclConstants.DEST_UPPER_PORT_3,
601                 AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED, AclConstants.DEST_REMOTE_IP_PREFIX_UNSPECIFIED,
602                 (short) NwConstants.IP_PROT_ICMP);
603         dataBrokerUtil.put(new IdentifiedAceBuilder().sgUuid(SG_UUID_1).newRuleName(SR_UUID_1_2)
604                 .newMatches(matches).newDirection(DirectionIngress.class).build());
605         asyncEventsWaiter.awaitEventsConsumption();
606     }
607
608     protected void newAllowedAddressPair(String portName, List<String> sgUuidList, List<AllowedAddressPairs> aapList,
609             List<SubnetInfo> subnetInfo)
610             throws TransactionCommitFailedException {
611         List<Uuid> sgList = sgUuidList.stream().map(Uuid::new).collect(Collectors.toList());
612         Pair<DataTreeIdentifier<Interface>, Interface> port = new IdentifiedInterfaceWithAclBuilder()
613                 .interfaceName(portName)
614                 .portSecurity(true)
615                 .addAllNewSecurityGroups(sgList)
616                 .addAllIfAllowedAddressPairs(aapList)
617                 .addAllIfSubnetInfo(subnetInfo).build();
618         dataBrokerUtil.put(port);
619         testInterfaceManager.addInterface(port.getValue());
620     }
621
622     protected void newElan(String elanName, long elanId) throws TransactionCommitFailedException {
623         ElanInstance elan = new ElanInstanceBuilder().setElanInstanceName(elanName).setElanTag(5000L).build();
624         singleTransactionDataBroker.syncWrite(CONFIGURATION,
625                 AclServiceUtils.getElanInstanceConfigurationDataPath(elanName), elan);
626     }
627
628     protected void newElanInterface(String elanName, String portName, boolean isWrite)
629             throws TransactionCommitFailedException {
630         ElanInterface elanInterface =
631                 new ElanInterfaceBuilder().setName(portName).setElanInstanceName(elanName).build();
632         InstanceIdentifier<ElanInterface> id = AclServiceUtils.getElanInterfaceConfigurationDataPathId(portName);
633         if (isWrite) {
634             singleTransactionDataBroker.syncWrite(CONFIGURATION, id, elanInterface);
635         } else {
636             singleTransactionDataBroker.syncDelete(CONFIGURATION, id);
637         }
638     }
639
640     // TODO refactor this instead of stealing it from org.opendaylight.netvirt.neutronvpn.NeutronSecurityRuleListener
641     protected Matches newMatch(int srcLowerPort, int srcUpperPort, int destLowerPort, int destupperPort,
642             int srcRemoteIpPrefix, int dstRemoteIpPrefix, short protocol) {
643
644         AceIpBuilder aceIpBuilder = new AceIpBuilder();
645         if (destLowerPort != -1) {
646             DestinationPortRangeBuilder destinationPortRangeBuilder = new DestinationPortRangeBuilder();
647             destinationPortRangeBuilder.setLowerPort(new PortNumber(destLowerPort));
648             destinationPortRangeBuilder.setUpperPort(new PortNumber(destupperPort));
649             aceIpBuilder.setDestinationPortRange(destinationPortRangeBuilder.build());
650         }
651         AceIpv4Builder aceIpv4Builder = new AceIpv4Builder();
652         if (srcRemoteIpPrefix == AclConstants.SOURCE_REMOTE_IP_PREFIX_SPECIFIED) {
653             aceIpv4Builder.setSourceIpv4Network(new Ipv4Prefix(AclConstants.IPV4_ALL_NETWORK));
654         }
655         if (dstRemoteIpPrefix == AclConstants.DEST_REMOTE_IP_PREFIX_SPECIFIED) {
656             aceIpv4Builder.setSourceIpv4Network(new Ipv4Prefix(AclConstants.IPV4_ALL_NETWORK));
657         }
658         if (protocol != -1) {
659             aceIpBuilder.setProtocol(protocol);
660         }
661         aceIpBuilder.setAceIpVersion(aceIpv4Builder.build());
662
663         MatchesBuilder matchesBuilder = new MatchesBuilder();
664         matchesBuilder.setAceType(aceIpBuilder.build());
665         return matchesBuilder.build();
666     }
667
668     protected static AllowedAddressPairs buildAap(String ipAddress, String macAddress) {
669         return new AllowedAddressPairsBuilder()
670                 .setIpAddress(new IpPrefixOrAddress(IpPrefixBuilder.getDefaultInstance(ipAddress)))
671                 .setMacAddress(new MacAddress(macAddress)).build();
672     }
673
674     protected static SubnetInfo buildSubnetInfo(Uuid subnetId, String ipPrefix,
675             Class<? extends IpVersionBase> ipVersion, String gwIp) {
676         return new SubnetInfoBuilder().withKey(new SubnetInfoKey(subnetId)).setIpVersion(ipVersion)
677                 .setIpPrefix(IpPrefixOrAddressBuilder.getDefaultInstance(ipPrefix))
678                 .setGatewayIp(IpAddressBuilder.getDefaultInstance(gwIp)).build();
679     }
680
681     protected void setUpData() throws Exception {
682         newElan(ELAN, ELAN_TAG);
683         newElanInterface(ELAN, PORT_1, true);
684         newElanInterface(ELAN, PORT_2, true);
685         newElanInterface(ELAN, PORT_3, true);
686         newElanInterface(ELAN, PORT_4, true);
687
688         AAP_PORT_1 = buildAap(IP_PREFIX_1, PORT_MAC_1);
689         AAP_PORT_2 = buildAap(IP_PREFIX_2, PORT_MAC_2);
690         AAP_PORT_3 = buildAap(IP_PREFIX_3, PORT_MAC_3);
691         AAP_PORT_4 = buildAap(IP_PREFIX_4, PORT_MAC_4);
692         AAP_PORT_100 = buildAap(IP_100_PREFIX, PORT_MAC_2);
693         AAP_PORT_101 = buildAap(IP_101_PREFIX, "0D:AA:D8:42:30:A4");
694     }
695
696 }
NetVirt - Archived