def add_static_flow(url, param):
flow = _xlate_to_sfp_in(param)
x = floodlight_rest.FloodlightRest(url=url)
result = x.post('config_static_flow', flow)
result["success"] = _ADD_FLOW_STATUS_REGEX.match(result.get(
"status", None)) is not None
return result
def clear_static_flows(url, switch_id="all"):
if switch_id != "all":
switch_id = openflow_utils.datapath_to_dpid(switch_id)
x = floodlight_rest.FloodlightRest(url=url)
result = x.get('clear_static_flow', switch_id=switch_id)
result["success"] = _CLEAR_FLOW_STATUS_REGEX.match(result.get(
"status", "")) is not None
return result
def delete_rule(url, action, param):
ruleid = find_ruleid(url, action, param)
if ruleid:
x = floodlight_rest.FloodlightRest(url=url)
result = x.delete('firewall_rules', {"ruleid": ruleid})
result["success"] = result.get("status", None) == u'Rule deleted'
else:
result = {"success": False, "status": u"Rule not found"}
return result
def add_rule(url, action, param):
# Remove any pre-existing rule that is the OPPOSITE of the rule being added
delete_rule(url, "DENY" if _normalize_action_name(action) == "ALLOW" else "ALLOW", param)
x = floodlight_rest.FloodlightRest(url=url)
rule = _params_to_firewall_in(action, param)
result = x.post('firewall_rules', rule)
result["success"] = result.get("status", None) == u'Rule added'
# Floodlight is very inconsistent in its field naming. In this one place they use 'rule-id' instead of 'ruleid'
if "rule-id" in result:
result["activityid"] = ruleid_to_activityid(int(result.pop("rule-id")))
return result
def list_static_flows(url, switch_id="all"):
if switch_id != "all":
switch_id = openflow_utils.datapath_to_dpid(switch_id)
flows_out = []
x = floodlight_rest.FloodlightRest(url=url)
flowdict = x.get('list_static_flow', switch_id=switch_id)
for (dpid, dpflows) in flowdict.items():
for flow in dpflows:
flows_out.extend(_xlate_from_sfp_out(dpid, flow))
return {"flows": flows_out, "success": True}
def find_ruleid(url, action, param):
x = floodlight_rest.FloodlightRest(url=url)
rules = x.get('firewall_rules')
if "activityid" in param:
target_ruleid = activityid_to_ruleid(param["activityid"])
for r in rules:
if r["ruleid"] == target_ruleid:
return r["ruleid"]
else:
converted_rule = _params_to_firewall_out(action, param)
for r in rules:
if _match_rules(r, converted_rule):
return r["ruleid"]
return None
def disable_firewall(url):
x = floodlight_rest.FloodlightRest(url=url)
result = x.put('firewall_disable', None)
result["success"] = result.get("status", None) == u'success'
return result
def get_firewall_status(url):
x = floodlight_rest.FloodlightRest(url=url)
result = x.get('firewall_status')
result["enabled"] = result.get("result", None) == u'firewall enabled'
return result
def list_rules(url):
x = floodlight_rest.FloodlightRest(url=url)
rules = x.get('firewall_rules')
rules_out = [_firewall_out_to_params(rule) for rule in rules]
return None if rules_out is None else {"firewall_rules": rules_out}
def delete_static_flow(url, name):
x = floodlight_rest.FloodlightRest(url=url)
result = x.delete('config_static_flow', {"name": name})
result["success"] = _DELETE_FLOW_STATUS_REGEX.match(
result.get("status", "")) is not None
return result