description "Augmentations to interfaces model to apply acls exposed by acl plugin of vpp";
- grouping vpp-acl-base-attributes {
- leaf tag {
- type yang:hex-string {
- length 64;
- }
- description
- "Placeholder for ACL metadata. Value is stored in vpp, and returned in read requests. No processing involved.";
- }
- }
-
grouping vpp-acls-base-attributes {
description
"List of ACLs of vpp-acl type"; // TODO express constraint in the model if possible
leaf name {
type acl:access-control-list-ref;
}
-
- uses vpp-acl-base-attributes;
}
}
leaf name {
type acl:access-control-list-ref;
}
-
- uses vpp-acl-base-attributes;
}
}
}
}
}
+
+ augment /acl:access-lists/acl:acl {
+ ext:augment-identifier "vpp-acl-augmentation";
+ leaf tag {
+ type string {
+ length 1..63;
+ }
+ description
+ "ASCII tag that can be used as a placeholder for ACL metadata. Value is stored in vpp,
+ and returned in read requests. No processing involved.";
+ }
+ }
}
\ No newline at end of file
import io.fd.honeycomb.translate.util.read.cache.DumpCacheManager.DumpCacheManagerBuilder;
import io.fd.honeycomb.translate.util.read.cache.EntityDumpExecutor;
import io.fd.honeycomb.translate.util.read.cache.TypeAwareIdentifierCacheKeyFactory;
-import io.fd.vpp.jvpp.acl.dto.AclDetails;
import io.fd.vpp.jvpp.acl.dto.AclDetailsReplyDump;
import io.fd.vpp.jvpp.acl.dto.AclDump;
import io.fd.vpp.jvpp.acl.dto.AclInterfaceListDetails;
import javax.annotation.Nonnull;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.Interfaces;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.state.Interface;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.HexString;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang._interface.acl.rev161214.VppAclInterfaceAugmentation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang._interface.acl.rev161214._interface.acl.attributes.Acl;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang._interface.acl.rev161214.vpp.acls.base.attributes.VppAcls;
aclDumpManager.getDump(id, ctx.getModificationCache(), aclIndex);
if (dumpReply.isPresent() && !dumpReply.get().aclDetails.isEmpty()) {
- // TODO(HONEYCOMB-330): (model expects hex string, but tag is written and read as ascii string)
- // decide how tag should be handled (model change might be needed).
builder.setName(aclName);
builder.setType(vppAclsKey.getType());
- final AclDetails aclDetails = dumpReply.get().aclDetails.get(0);
- if (aclDetails.tag != null && aclDetails.tag.length > 0) {
- builder.setTag(new HexString(printHexBinary(aclDetails.tag)));
- }
} else {
throw new ReadFailedException(id,
new IllegalArgumentException(String.format("Acl with name %s not found", aclName)));
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.AccessListsBuilder;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.AclBase;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.Acl;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.AclKey;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.AccessListEntriesBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.VppAcl;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.VppAclAugmentation;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.VppAclAugmentationBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.VppMacipAcl;
import org.opendaylight.yangtools.concepts.Builder;
import org.opendaylight.yangtools.yang.binding.DataObject;
final java.util.Optional<AclDetails> detail = dump.get().aclDetails.stream()
.filter(acl -> acl.aclIndex == index).findFirst();
if (detail.isPresent()) {
+ final AclDetails aclDetails = detail.get();
+ setTag(builder, aclDetails.tag);
builder.setAccessListEntries(new AccessListEntriesBuilder()
- .setAce(toStandardAces(name, detail.get().r, standardAclContext, ctx.getMappingContext()))
+ .setAce(toStandardAces(name, aclDetails.r, standardAclContext, ctx.getMappingContext()))
.build());
}
}
if (dump.isPresent() && !dump.get().macipAclDetails.isEmpty()) {
final java.util.Optional<MacipAclDetails> detail =
dump.get().macipAclDetails.stream().filter(acl -> acl.aclIndex == index).findFirst();
+ final MacipAclDetails macipAclDetails = detail.get();
+ setTag(builder, macipAclDetails.tag);
if (detail.isPresent()) {
builder.setAccessListEntries(new AccessListEntriesBuilder()
- .setAce(toMacIpAces(name, detail.get().r, macipAclContext, ctx.getMappingContext()))
+ .setAce(toMacIpAces(name, macipAclDetails.r, macipAclContext, ctx.getMappingContext()))
.build());
}
}
throw new IllegalArgumentException("Unsupported acl type: " + aclType);
}
}
+
+ private void setTag(@Nonnull final AclBuilder builder, @Nullable final byte[] tag) {
+ if (tag != null) {
+ final String strTag = toString(tag);
+ if (strTag.length() > 0) {
+ builder.addAugmentation(
+ VppAclAugmentation.class, new VppAclAugmentationBuilder().setTag(strTag).build()
+ );
+ }
+ }
+ }
}
import io.fd.honeycomb.translate.util.RWUtils;
import io.fd.honeycomb.translate.util.read.cache.DumpCacheManager;
import io.fd.honeycomb.translate.util.read.cache.EntityDumpExecutor;
-import io.fd.vpp.jvpp.acl.dto.MacipAclDetails;
import io.fd.vpp.jvpp.acl.dto.MacipAclDetailsReplyDump;
import io.fd.vpp.jvpp.acl.dto.MacipAclDump;
import io.fd.vpp.jvpp.acl.dto.MacipAclInterfaceGet;
import io.fd.vpp.jvpp.acl.future.FutureJVppAclFacade;
import javax.annotation.Nonnull;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.state.Interface;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.HexString;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang._interface.acl.rev161214._interface.acl.attributes.Acl;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang._interface.acl.rev161214._interface.acl.attributes.acl.Ingress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang._interface.acl.rev161214._interface.acl.attributes.acl.IngressBuilder;
macIpAclDumpManager.getDump(id, modificationCache, aclIndex);
if (macIpDumpReply.isPresent() && !macIpDumpReply.get().macipAclDetails.isEmpty()) {
- final MacipAclDetails details = macIpDumpReply.get().macipAclDetails.get(0);
-
builder.setName(macIpAclContext.getAclName(aclIndex, mappingContext));
builder.setType(
org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.VppMacipAcl.class);
- if (details.tag != null && details.tag.length > 0) {
- builder.setTag(new HexString(printHexBinary(details.tag)));
- }
} else {
// this is invalid state(Interface in VPP will act as "deny-all" for security reasons), but generally
// it should not happen
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.Acl;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.Ace;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.Matches;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.VppAclAugmentation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.VppAce;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.VppMacipAce;
}
/**
- * Convert {@link Acl} name to byte array as UTF_8
+ * Convert {@link Acl} tag to byte array in US_ASCII
*/
- default byte[] getAclNameAsBytes(@Nonnull final Acl acl) {
- return Optional.ofNullable(acl.getAclName())
- .orElseThrow(() -> new IllegalArgumentException("Unable to extract bytes for null"))
- .getBytes(StandardCharsets.UTF_8);
+ default byte[] getAclTag(@Nonnull final Acl acl) {
+ final VppAclAugmentation augmentation = acl.getAugmentation(VppAclAugmentation.class);
+ if (augmentation != null && augmentation.getTag() != null) {
+ return augmentation.getTag().getBytes(StandardCharsets.US_ASCII);
+ }
+ return new byte[0];
}
}
final AclAddReplace request = new AclAddReplace();
- request.tag = getAclNameAsBytes(acl);
+ request.tag = getAclTag(acl);
request.aclIndex = ACL_INDEX_CREATE_NEW;
final List<Ace> aces = getAces(acl);
final AclAddReplace request = new AclAddReplace();
- request.tag = getAclNameAsBytes(acl);
+ request.tag = getAclTag(acl);
// by setting existing index, request is resolved as update
request.aclIndex = standardAclContext.getAclIndex(acl.getAclName(), mappingContext);
@Nonnull final MappingContext mappingContext) throws WriteFailedException {
final MacipAclAdd request = new MacipAclAdd();
- request.tag = getAclNameAsBytes(acl);
+ request.tag = getAclTag(acl);
final List<Ace> aces = getAces(acl);
request.r = toMacIpAclRules(aces);
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.Matches;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.acl.transport.header.fields.DestinationPortRange;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.acl.transport.header.fields.SourcePortRange;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.VppAclAugmentation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.ace.VppAceNodes;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.vpp.macip.ace.VppMacipAceNodes;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.acl.icmp.header.fields.IcmpCodeRange;
default Set<InstanceIdentifier<?>> vppAclChildren(final InstanceIdentifier<Acl> parentId) {
final InstanceIdentifier<Matches> matchesIid =
parentId.child(AccessListEntries.class).child(Ace.class).child(Matches.class);
- return ImmutableSet.of(parentId.child(AccessListEntries.class),
+ return ImmutableSet.of(
+ parentId.augmentation(VppAclAugmentation.class),
+ parentId.child(AccessListEntries.class),
parentId.child(AccessListEntries.class).child(Ace.class),
parentId.child(AccessListEntries.class).child(Ace.class).child(Matches.class),
parentId.child(AccessListEntries.class).child(Ace.class).child(Actions.class),
import io.fd.vpp.jvpp.acl.future.FutureJVppAclFacade;
import io.fd.vpp.jvpp.acl.types.AclRule;
import io.fd.vpp.jvpp.acl.types.MacipAclRule;
+import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import org.junit.Test;
import org.junit.runner.RunWith;
final MacipAclAdd request = macipAclAddReplaceRequestCaptor.getValue();
assertEquals(1, request.count);
- assertTrue(Arrays.equals("macip-acl".getBytes(), request.tag));
+ assertEquals("macip-tag-value", new String(request.tag, StandardCharsets.US_ASCII));
final MacipAclRule rule = request.r[0];
final AclAddReplace request = aclAddReplaceRequestCaptor.getValue();
assertEquals(aclIndex, request.aclIndex);
assertEquals(1, request.count);
- assertTrue(Arrays.equals("standard-acl".getBytes(), request.tag));
+ assertEquals("udp-tag-value", new String(request.tag, StandardCharsets.US_ASCII));
final AclRule udpRule = request.r[0];
final AclAddReplace request = aclAddReplaceRequestCaptor.getValue();
assertEquals(aclIndex, request.aclIndex);
assertEquals(1, request.count);
- assertTrue(Arrays.equals("standard-acl".getBytes(), request.tag));
+ assertEquals("tcp-tag-value", new String(request.tag, StandardCharsets.US_ASCII));
final AclRule tcpRule = request.r[0];
final AclAddReplace request = aclAddReplaceRequestCaptor.getValue();
assertEquals(aclIndex, request.aclIndex);
assertEquals(1, request.count);
- assertTrue(Arrays.equals("standard-acl".getBytes(), request.tag));
+ assertEquals("icmp-v6-tag-value", new String(request.tag, StandardCharsets.US_ASCII));
+
final AclRule icmpv6Rule = request.r[0];
final AclAddReplace request = aclAddReplaceRequestCaptor.getValue();
assertEquals(aclIndex, request.aclIndex);
assertEquals(1, request.count);
- assertTrue(Arrays.equals("standard-acl".getBytes(), request.tag));
+ assertEquals("icmp-v4-tag-value", new String(request.tag, StandardCharsets.US_ASCII));
final AclRule icmpRule = request.r[0];
{
"acl-name": "macip-acl",
"acl-type": "vpp-acl:vpp-macip-acl",
+ "tag": "macip-tag-value",
"access-list-entries": {
"ace": [
{
{
"acl-name": "standard-acl",
"acl-type": "vpp-acl:vpp-acl",
+ "tag": "icmp-v6-tag-value",
"access-list-entries": {
"ace": [
{
{
"acl-name": "standard-acl",
"acl-type": "vpp-acl:vpp-acl",
+ "tag": "icmp-v4-tag-value",
"access-list-entries": {
"ace": [
{
{
"acl-name": "standard-acl",
"acl-type": "vpp-acl:vpp-acl",
+ "tag": "tcp-tag-value",
"access-list-entries": {
"ace": [
{
{
"acl-name": "standard-acl",
"acl-type": "vpp-acl:vpp-acl",
+ "tag": "udp-tag-value",
"access-list-entries": {
"ace": [
{
Code Review / hc2vpp.git / commitdiff