def get_port_acls(self, valve, dot1x_port):
"""Setup the dot1x forward port acls.
Args:
dot1x_port:
valve:
Returns:
list of flowmods
"""
port_acl_table = valve.dp.tables['port_acl']
nfv_sw_port = valve.dp.dot1x['nfv_sw_port']
valve_index = self.dp_id_to_valve_index[valve.dp.dp_id]
mac = get_mac_str(valve_index, dot1x_port.number)
ofmsgs = []
ofmsgs.append(port_acl_table.flowmod(
port_acl_table.match(
in_port=dot1x_port.number,
eth_type=valve_packet.ETH_EAPOL),
priority=valve.dp.highest_priority,
inst=[valve_of.apply_actions([
valve_of.set_field(eth_dst=mac),
valve_of.output_port(nfv_sw_port)])]))
ofmsgs.append(port_acl_table.flowmod(
port_acl_table.match(
in_port=nfv_sw_port,
eth_type=valve_packet.ETH_EAPOL,
eth_src=mac),
priority=valve.dp.highest_priority,
inst=[valve_of.apply_actions([
valve_of.set_field(eth_src=EAPOL_DST),
valve_of.output_port(dot1x_port.number)])]))
return ofmsgs
def create_flow_pair(self, dot1x_port, nfv_sw_port, valve):
"""Creates the pair of flows that redirects the eapol packets to/from the supplicant and
nfv port
Args:
dot1x_port (Port):
nfv_sw_port (int):
valve (Valve):
Returns:
list
"""
port_acl_table = valve.dp.tables['port_acl']
valve_index = self.dp_id_to_valve_index[valve.dp.dp_id]
mac = get_mac_str(valve_index, dot1x_port.number)
if dot1x_port.running():
return [
port_acl_table.flowmod(
inst=[valve_of.apply_actions([
valve_of.set_field(eth_dst=mac),
valve_of.output_port(nfv_sw_port)])],
**FaucetDot1x.get_dot1x_port_match_priority(dot1x_port, port_acl_table, valve)),
port_acl_table.flowmod(
inst=[valve_of.apply_actions([
valve_of.set_field(eth_src=EAPOL_DST),
valve_of.output_port(dot1x_port.number)])],
**FaucetDot1x.get_nfv_sw_port_match_priority(mac, nfv_sw_port,
port_acl_table, valve)
)]
return []
def set_field(self, **kwds):
"""Return set field action."""
for field in list(kwds.keys()):
assert (self.table_id == valve_of.ofp.OFPTT_ALL or
field in self.set_fields), (
'%s not configured as set field in %s' % (field, self.name))
return valve_of.set_field(**kwds)
def set_field(self, **kwds):
"""Return set field action."""
for field in kwds.keys():
assert (self.table_id == valve_of.ofp.OFPTT_ALL or
(self.set_fields and field in self.set_fields)), (
'%s not configured as set field in %s' % (field, self.name))
return valve_of.set_field(**kwds)
def build_output_actions(output_dict):
"""Implement actions to alter packet/output."""
output_actions = []
output_port = None
ofmsgs = []
# rewrite any VLAN headers first always
vlan_actions = rewrite_vlan(output_dict)
if vlan_actions:
output_actions.extend(vlan_actions)
if 'set_fields' in output_dict:
for set_fields in output_dict['set_fields']:
output_actions.append(valve_of.set_field(**set_fields))
if 'port' in output_dict:
output_port = output_dict['port']
output_actions.append(valve_of.output_port(output_port))
if 'ports' in output_dict:
for output_port in output_dict['ports']:
output_actions.append(valve_of.output_port(output_port))
if 'failover' in output_dict:
failover = output_dict['failover']
group_id = failover['group_id']
buckets = []
for port in failover['ports']:
buckets.append(
valve_of.bucket(watch_port=port,
actions=[valve_of.output_port(port)]))
ofmsgs.append(valve_of.groupdel(group_id=group_id))
ofmsgs.append(valve_of.groupadd_ff(group_id=group_id, buckets=buckets))
output_actions.append(valve_of.group_act(group_id=group_id))
return (output_port, output_actions, ofmsgs)
def set_field(**kwds):
"""Return set field action."""
# raise exception if unknown set field.
valve_of.match_from_dict(kwds)
return valve_of.set_field(**kwds)
