def __init__1(self, vrf, afi, safi, topology):
super(L3UnicastScope, self).__init__()
if vrf is not None and not isinstance(vrf, str):
raise OnepIllegalArgumentException('vrf', 'invalid')
if vrf is None:
self._vrf = ''
else:
self._vrf = vrf
if afi == None:
self._afi = self.AFIType.IPV4
elif not isinstance(afi, int):
raise OnepIllegalArgumentException('afi', 'invalid')
if afi < self.AFIType.UNKNOWN or afi > self.AFIType.IPV6:
raise OnepIllegalArgumentException('afi', 'invalid')
self._afi = afi
if safi == None:
self._safi = self.SAFIType.UNICAST
elif not isinstance(safi, int):
raise OnepIllegalArgumentException('safi', 'invalid')
if safi < self.SAFIType.UNKNOWN or safi > self.SAFIType.MULTICAST:
raise OnepIllegalArgumentException('safi', 'invalid')
self._safi = safi
if topology is None:
self._topology = ''
else:
self._topology = topology
def _validate_port_operator(self, operator, src_dst):
if operator == None:
raise OnepIllegalArgumentException(src_dst + ' port operator',
'None')
if self._port_operator_in_range(operator) == False:
raise OnepIllegalArgumentException(src_dst +
' port operator is invalid')
def _validate_sequence(self, sequence):
if sequence == None:
raise OnepIllegalArgumentException('sequence number', 'None')
if not isinstance(sequence, (int, long)):
raise OnepIllegalArgumentException('sequence number', str(sequence))
if sequence < 0:
raise OnepIllegalArgumentException('sequence', 'negative')
def _add_policy_statistic_listener(self, event_id, listener, app_context,
filters):
"""
Add a PolicyEventListener class to event manager for asynchronous
statistic operation. Client creates handle_event callback in listener.
Listener handle_event will be called when statistic filter specifications are met.
@param event_id: ID retrieved from BulkService.get_event_id()
@type event_id: C{int}
@param listener: Custom PolicyStatsListener class with callback
@type listener: {PolicyStatsListener<onep.policyservice.PolicyMap.PolicyStatsListener>}
@param app_context: Optional client data returned with listener response
@type app_context: Any object
"""
if not isinstance(listener, PolicyStatsListener):
raise OnepIllegalArgumentException(listener, PolicyStatsListener)
if self._element.event_manager.bulk_listener_map.has_key(event_id):
raise OnepIllegalArgumentException(
'Listener exists with this event_id')
self._element.event_manager.bulk_listener_map[event_id] = (listener,
app_context,
filters)
def __init__(self, ne, username, password):
"""
Create a User instance.
@param ne: Network Element which is used to access AAA server.
@param username: User name.
@param password: User password.
@raise OnepIllegalArgumentException: if username, password or network element is null
@raise OnepException: if application is not connected to network element
"""
self.server = None
self.userID = 0
self.is_auto_acct_enabled = False
self.attr_original = []
self.auth_profile = []
User.log = logging.getLogger(__name__)
if ne == None:
raise OnepIllegalArgumentException('ne')
if username == None:
raise OnepIllegalArgumentException('username')
if password == None:
raise OnepIllegalArgumentException('password')
if not ne.is_connected():
raise OnepException('Application is not connected to ' +
ne.host_address)
self.network_element = ne
self.username = username
self.password = password
self.user_client = AaaIDL.Client(ne.api_protocol)
def _validate_sequence(self, sequence):
if sequence == None:
raise OnepIllegalArgumentException('Sequence number', 'None')
if not isinstance(sequence, int):
raise OnepIllegalArgumentException('Sequence number is not of type int')
if sequence < 0:
raise OnepIllegalArgumentException('Sequence number', 'negative')
def add_action(self, *actions):
"""
Adds actions to the Entry class.
@param actions: One or more Action classes
@type actions: L{Action<action.Action>}
"""
if not actions:
raise OnepIllegalArgumentException('Missing actions parameter')
for action in actions:
if isinstance(action, Action) and action not in self._action_list:
if not action.check_action_support(self.cap_actions):
raise OnepNotSupportedException(
'Action ' +
ActionType.enumval(action.get_action_type()))
else:
raise OnepIllegalArgumentException(type(Action), type(action))
for action in actions:
if action.dependent_action:
action.dependent_action.op_code = Action.ActionOpCode.CREATE
self._action_list.append(action.dependent_action)
self.log.info('Entry.add_action dependent ' + str(action))
action.op_code = Action.ActionOpCode.CREATE
self._action_list.append(action)
self.log.info('Entry.add_action ' + str(action))
def __init__(self, element):
""" Constructor of class Acl.
Instantiate a new Access Control List.
@param element: Network Element instance.
@type element: L{NetworkElement<onep.element.NetworkElement.NetworkElement>}
@raise OnepIllegalArgumentException: If element is invalid.
"""
self.log = logging.getLogger(__name__)
if element == None:
raise OnepIllegalArgumentException('element', 'None')
if not isinstance(element, NetworkElement):
raise OnepIllegalArgumentException('Constructor argument element is not of type NetworkElement')
self._element = element
self._nif_acl_info = []
self._api_transport = None
self._evt_transport = None
self._api_protocol = None
self._evt_protocol = None
self._acl_client = None
self._acl_handle = 0
self._acl_name = None
self._acl_header = None
def remove_change_listener(self, event_handle):
"""
Remove location change event listener. This method will remove the listener
associated with the given event_handle and the corresponding registered
event on the Location will be removed as well
@param event_handle
Registered event identifier.
@throws OnepIllegalArgumentException
This exception is thrown when eventHandle is not valid or is
unregistered already.
<p><b>Example:</b></p>
<pre>
location = ne.get_location();
eh = locA.add_change_listener(listener, filter, null);
location.remove_changeListener(eh);
</pre>
"""
if not event_handle:
raise OnepIllegalArgumentException('event_handle', 'None')
if not isinstance(event_handle, int):
raise OnepIllegalArgumentException('event_handle', 'int')
if event_handle:
self._event_manager.remove_listener(event_handle)
def add_custom_location(self, name, value):
"""
This method adds one Cisco Custom Address information tuple
associated with the Location, specifying the name and value
for the new element.
Each element of the Custom Address information is represented as a
(name,value) tuple, where both are strings.
@param name Name of the custom location element, which is
case-sensitive.
@param value A string representing the Custom location info.
@throws OnepIllegalArgumentException
The exception is thrown when input parameter is invalid,
or if the input name already exist in this Location instance.
If the name is already present, it cannot be added again, but
must be removed first.
"""
if not name:
raise OnepIllegalArgumentException('name', 'None')
if not value:
raise OnepIllegalArgumentException('value', 'None')
if not self._custom_list:
self._custom_list = []
else:
for lc in self._custom_list:
if lc and lc._name and lc._name == name:
raise OnepIllegalArgumentException('name aleady exist')
self._custom_list.append(CustomLocation(name, value))
def add_civic_location(self, catype, value):
"""
This method adds one standardized Civic Address information element
associated with the Location, indexed by catype and specifying the value
for the new element.
@param catype RFC4776 standard CAtype for the new civic location element.
@param value A string representing the civic location info. A None for the
value is considered a parameter error.
@throws OnepIllegalArgumentException
The exception is thrown when input catype parameter is invalid, or
if the input catype already exist in this Location instance.
If the "catype" is already present, it cannot be added again, but
must be removed first.
"""
if catype == None:
raise OnepIllegalArgumentException('catype', 'None')
if value == None or len(value) == 0:
raise OnepIllegalArgumentException('value', 'None')
if not self._civic_list:
self._civic_list = []
else:
for lct in self._civic_list:
if lct and lct._catype == catype:
raise OnepIllegalArgumentException('catype aleady exist')
self._civic_list.append(CivicLocation(catype, value))
def add_ace(self, ace):
""" Add a L3 Access Control Element(ACE) to the L3 Access Control List(ACL).
Already added L3-ACE cannot be added in the same L3-ACL again.
@param ace: L3 ACE instance to be added in L3 ACL.
@type ace: L{L3Ace<onep.policy.L3Ace.L3Ace>}
@raise OnepIllegalArgumentException: If ace/ace parameter is invalid.
@raise OnepRemoteProcedureException: If error occurs when remote procedure call is made to network element.
@raise OnepConnectionException: If connection to network element fails.
"""
try:
self._validate_ace(ace)
except OnepIllegalArgumentException as e:
raise e
if not ace._acl == None:
raise OnepIllegalArgumentException('Ace already added to an Acl')
if self._duplicate_ace(ace, self._l3_ace_list) != False:
raise OnepIllegalArgumentException('Ace with same sequence number already exists in Acl')
ret_val = ace._check_proto()
if ret_val == 1:
raise OnepIllegalArgumentException('Ace does not have valid protocol')
try:
ace._add_to_acl(self)
except OnepIllegalArgumentException as e:
raise e
except OnepConnectionException as e:
raise e
except OnepRemoteProcedureException as e:
raise e
def __init__(self, target, location=None):
"""
Constructor of class Target.
Throws on error
OnepIllegalArgumentException - target not proper class
Keyword arguments
target -- NetworkInterface class or FirewallZonePair class
location -- Target.TargetLocation
HARDWARE_DEFINED_INPUT
HARDWARE_DEFINED_OUTPUT
HARDWARE_DEFINED_BOTH
"""
self.network_interface = None
self.zone_pair = None
self.log = logging.getLogger(__name__)
if not target:
raise OnepIllegalArgumentException('No target')
if isinstance(target, NetworkInterface):
try:
validate(target, NetworkInterface)
except OnepIllegalArgumentException as e:
raise e
self.network_interface = target
self.xoshandle = target.xos_handle
if location and not self.TargetLocation._is_valid(location):
raise OnepIllegalArgumentException(
'Passed location parameter value ' + str(location) +
' is invalid.')
self.location = location
def _validate_prefix(self, prefix, src_dst):
if prefix == None:
raise OnepIllegalArgumentException(src_dst + ' prefix', 'None')
if not isinstance(prefix, str):
raise OnepIllegalArgumentException(src_dst + ' prefix is not of type str')
addr_type = self._af_check(prefix)
if addr_type == -1:
raise OnepIllegalArgumentException(src_dst + ' prefix is set to invalid address')
def _validate_policy_filter(self, filter):
if not isinstance(filter, PolicyFilter):
self.log.error('PolicyFilter class required')
raise OnepIllegalArgumentException('PolicyFilter class required')
if not filter.policy_type:
self.log.error('Filter type not set')
raise OnepIllegalArgumentException('PolicyFilter type not set')
return True
def set_sync(self, sync):
if sync < 0:
raise OnepIllegalArgumentException(
'Skip value can not be negative.')
if self._skip > 0 and sync > 0:
raise OnepIllegalArgumentException(
'Both skip and sync value cannot be true.')
self._sync = sync
def _set_protocol(self, protocol):
if protocol == None:
raise OnepIllegalArgumentException('protocol', 'None')
if not isinstance(protocol, int):
raise OnepIllegalArgumentException('protocol is not of type int')
if protocol < 0 or protocol > 256:
raise OnepIllegalArgumentException('protocol is out of range')
self._protocol = protocol
def add_replay_route_event_listener(self, listener, scope, client_data):
"""
Adds a replay route event listener to the RIB object.
@param listener: The ReplayRouteEventListener object that
handles the events.
@type listener: L{ReplayRouteEventListener<onep.routing.ReplayRouteEventListener>}
@param scope: Indicate which table in the Application Route Table get
notification from.
@type scope: L{L3UnicastScope<onep.routing.L3UnicastScope>}
@param client_data: The client data associated with the listener. This
client data will be part of input parameters when the
handleEvent method in the listener is invoked.
@return: EventHandle, a numeric ID associated with this event
registration. The eventHandle is used to unregister
the listener using the remove_route_state_listener method
If registration fails, -1 is returned.
@rtype: C{int}
@raise OnepIllegalArgumentException: The exception is thrown when the
listener or other parameters is not valid.
@raise OnepConnectionException: The exception is thrown when
connection to a network element has failed.
@raise OnepRemoteProcedureException: The exception is thrown when
an error has occurred in the remote procedure call made to a
network element
"""
if listener == None:
raise OnepIllegalArgumentException('ReplayRouteEventListener',
'null')
scopeIdl = None
if isinstance(scope, (L3UnicastScope, )):
scopeIdl = scope._to_idl()
if scopeIdl == None:
raise OnepIllegalArgumentException('scope', 'invalid')
try:
eventProp = self._parent_rss._routing_client.RoutingReplayRouteEvent_registerIDL(
self._parent_rss.network_element.session_handle._id, scopeIdl)
self.log.info(
'Returning from RoutingReplayRouteEvent_registerIDL ')
if eventProp != None:
self._parent_rss.network_element.event_manager.add_listener(
eventProp.eventHandle, listener, client_data)
self.log.debug(
'Registered ReplayRouteEventListener listener, eventHandle='
+ str(eventProp.eventHandle))
return eventProp.eventHandle
raise OnepException(
'Internal error while registering the Listener')
except ExceptionIDL as e:
raise OnepRemoteProcedureException(e)
except TException as e:
raise OnepConnectionException(e)
def _validate_port(self, port, src_dst):
if port == None:
raise OnepIllegalArgumentException(src_dst + ' port', 'None')
if not isinstance(port, int):
raise OnepIllegalArgumentException(src_dst + ' port is not of type int')
if port < 0:
raise OnepIllegalArgumentException(src_dst + ' port < 0')
if port > 65535:
raise OnepIllegalArgumentException(src_dst + ' port > 65535')
def _validate_nif_and_dir(self, nif, nif_direction):
if nif == None:
raise OnepIllegalArgumentException('nif', 'None')
if not isinstance(nif, NetworkInterface):
raise OnepIllegalArgumentException('nif is not of type NetworkInterface')
if nif_direction == None:
raise OnepIllegalArgumentException('nif_direction', 'None')
if nif_direction != self.Direction.ONEP_DIRECTION_IN and nif_direction != self.Direction.ONEP_DIRECTION_OUT and nif_direction != self.Direction.ONEP_DIRECTION_BOTH:
raise OnepIllegalArgumentException('Invalid nif_direction')
def _validate_ttl(self, ttl):
if ttl == None:
raise OnepIllegalArgumentException('ttl', 'None')
if not isinstance(ttl, int):
raise OnepIllegalArgumentException('ttl is not of type int')
if ttl < 0:
raise OnepIllegalArgumentException('ttl is set to negative value')
if ttl > 255:
raise OnepIllegalArgumentException('ttl cannot be set to a value greater than 255')
def _validate_mac_mask(self, mask, src_dst):
if mask == None:
raise OnepIllegalArgumentException(src_dst + ' Mac address mask',
'None')
if not isinstance(mask, list) and not isinstance(mask, array):
raise OnepIllegalArgumentException(
src_dst + ' Mac address mask is not of type list or array')
if len(mask) != 6:
raise OnepIllegalArgumentException('Invalid ' + src_dst +
' mac address mask length')
def _validate_mac(self, addr, src_dst):
if addr == None:
raise OnepIllegalArgumentException(src_dst + ' Mac address',
'None')
if not isinstance(addr, list) and not isinstance(addr, array):
raise OnepIllegalArgumentException(
src_dst + ' Mac address is not of type list or array')
if len(addr) != 6:
raise OnepIllegalArgumentException('Invalid ' + src_dst +
' mac address length')
def _validate_class_filter(self, filter):
if not isinstance(filter, ClassFilter):
self.log.error('ClassFilter class required')
raise OnepIllegalArgumentException('ClassFilter required')
if not filter.class_type:
self.log.error('Filter type not set')
raise OnepIllegalArgumentException('ClassFilter type not set')
if not filter.class_handle:
self.log.error('ClassFilter handle not set')
raise OnepIllegalArgumentException('ClassFilter handle not set')
return True
def _validate_prefix_len(self, prefix_len, src_dst, is_IPv4 = False):
if prefix_len == None:
return
if not isinstance(prefix_len, int):
raise OnepIllegalArgumentException(src_dst + ' prefix length is not of type int')
if prefix_len < 0:
raise OnepIllegalArgumentException(src_dst + ' prefix length is negative')
if is_IPv4 and prefix_len > 32:
raise OnepIllegalArgumentException(src_dst + ' prefix length is beyond the IPv4 prefix range.')
if prefix_len > 128:
raise OnepIllegalArgumentException(src_dst + ' prefix length is beyond the IPv6 prefix range.')
def targets(self, tgts):
for (i, tgt,) in enumerate(tgts):
if not isinstance(tgt, Target):
raise OnepIllegalArgumentException('target at index %d is not Target class' % i)
if not Target.TargetLocation._is_valid(tgt.location):
raise OnepIllegalArgumentException('target direction is invalid')
if not self._direction:
self._direction = tgt.location
elif self._direction != tgt.location:
raise OnepIllegalArgumentException('target direction must be same for all targets')
self._targets = tgts
def _validate_capability(self, type, element):
if not PolicyCapabilitiesType._is_valid(type):
raise OnepIllegalArgumentException(type, 'PolicyCapabilitiesType')
if not hasattr(element, 'session_handle'):
raise OnepIllegalArgumentException('Invalid NetworkElement')
for cap in self._caps:
if cap.policy_type == type:
return cap
new_cap = PolicyCapabilities(type, element)
self._caps.append(new_cap)
return new_cap
def submit_policy_map(self, *policy_maps):
""" Submits a list of policy maps.
This will create the policy maps in the network element.
@param policy_maps: The policy maps.
@type policy_maps: Variable length argument list of L{PolicyMap<onep.policyservice.PolicyMap.PolicyMap>}
@raise OnepIllegalArgumentException: If an PolicyMap in *policy_maps is invalid.
@raise OnepRemoteProcedureException: If error occurs when remote procedure call is made to network element.
@raise OnepConnectionException: If connection to network element fails.
"""
try:
pmap_idl_list = []
policy_type = 0
for policy_map in policy_maps:
self._check_element(policy_map._element)
if not isinstance(policy_map, PolicyMap):
raise OnepIllegalArgumentException(
'Invalid policy map in *policy_maps.')
if policy_type and policy_type != policy_map.capabilities.policy_type:
raise OnepIllegalArgumentException(
'Cannot submit policies with differing capabilities')
policy_type = policy_map.capabilities.policy_type
policy_map._op_code = PolicyMap.PolicyOperation.ONEP_POLICY_OP_CREATE
pmap_idl_list.append(policy_map._to_idl())
entries = policy_map.get_entry_list()
if len(pmap_idl_list) == 0:
raise OnepIllegalArgumentException(
'*policy_maps has no valid PolicyMap.')
self.log.info('submit_policy_map: pmap_idl_list:%s',
str(pmap_idl_list))
results = self._class_client.Policy_submitPmapBulkIDL(
self._session_id, policy_type, pmap_idl_list)
self.log.info('submit_policy_map: idl results:%s', str(results))
if results:
for (
i,
policy_map,
) in enumerate(policy_maps):
policy_map._set_result_idl(results[i])
self.log.info('submit_policy_map executed with success.')
else:
self.log.error('no results for submit policy map')
except OnepIllegalArgumentException as e:
raise e
except ExceptionIDL as e:
raise OnepRemoteProcedureException(e)
except TException as e:
raise OnepConnectionException(e.message, e)
def fromIDL(idl):
"""
Convert from NetworkLocationIDL to Location. For internal use only
"""
if idl == None:
raise OnepIllegalArgumentException('idl', 'None')
if not isinstance(idl, NetworkLocationIDL):
raise OnepIllegalArgumentException('idl', 'NetworkLocationIDL')
else:
cv_list = CivicLocation._fromIDLList(idl.civic)
cu_list = CustomLocation._fromIDLList(idl.custom)
geo = GeoLocation._fromIDL(idl.geo)
return Location(elin=idl.elin, civic_list=cv_list, custom_list=cu_list, geo=geo)
def set_tcp_flags(self, value, mask, match):
""" Set TCP flags. A match bit field value, mask and a match type are used to set up the matching of TCP flags.
The mask field selects which flags are to be used in the match.
The match type determines the combination of selected TCP flags that will cause a match, i.e., either all TCP flags
must match the selected flag values, or any one of the TCP flags must match the selected flag values.
For example to match on all TCP flag bits being FIN = 1, SYN = 1, PSH = 0, ACK = 0 ::
value = [TcpFlags.ONEP_TCP_FIN, TcpFlags.ONEP_TCP_SYN]
mask = [TcpFlags.ONEP_TCP_FIN, TcpFlags.ONEP_TCP_SYN, TcpFlags.ONEP_TCP_PSH, TcpFlags.ONEP_TCP_ACK]
match = [TcpFlagMatch.ONEP_MATCH_ALL]
Note: PSH and ACK are not passed in 'value' as all tcp flags have 0 bit value by default.
@param value: pass list of tcp flags for which bit value 1 is to be matched.
@type value: C{list}
@param mask: list of tcp flags are to be used in the match.
@type mask: C{list}
@param match: all or any one of the tcp flags must match selected flag values.
@type match: C{list}
@raise OnepIllegalArgumentException: If value,mask or match is invalid.
"""
if self._protocol != 6:
raise OnepIllegalArgumentException('protocol != TCP')
if value == None:
raise OnepIllegalArgumentException('value', 'none')
if mask == None:
raise OnepIllegalArgumentException('mask', 'none')
if match == None:
raise OnepIllegalArgumentException('match', 'none')
if not isinstance(value, list):
raise OnepIllegalArgumentException('value is not of type list')
if not isinstance(mask, list):
raise OnepIllegalArgumentException('mask is not of type list')
if match != self.TcpFlagMatch.ONEP_MATCH_ANY and match != self.TcpFlagMatch.ONEP_MATCH_ALL:
raise OnepIllegalArgumentException('match is invalid')
i = 0
for val in value:
i += 1
if self._validate_tcp_flag(val) == False:
raise OnepIllegalArgumentException(
'Element ' + str(i) +
" in 'value' list is not valid tcpflag")
self._tcp_flag_value = self._tcp_flag_value | val
i = 0
for msk in mask:
i += 1
if self._validate_tcp_flag(msk) == False:
raise OnepIllegalArgumentException(
'Element ' + str(i) +
" in 'mask' list is not valid tcpflag")
self._tcp_flag_mask = self._tcp_flag_mask | msk
self._tcp_flag_match = match
