def test_port_rule_masking(self): compare_rules = lambda x, y: set(x) == set(y) and len(x) == len(y) # Test 1. port_min = 5 port_max = 12 expected_rules = ['0x0005', '0x000c', '0x0006/0xfffe', '0x0008/0xfffc'] rules = utils.port_rule_masking(port_min, port_max) self.assertTrue(compare_rules(rules, expected_rules)) # Test 2. port_min = 20 port_max = 130 expected_rules = [ '0x0014/0xfffe', '0x0016/0xfffe', '0x0018/0xfff8', '0x0020/0xffe0', '0x0040/0xffc0', '0x0080/0xfffe', '0x0082' ] rules = utils.port_rule_masking(port_min, port_max) self.assertEqual(expected_rules, rules) # Test 3. port_min = 4501 port_max = 33057 expected_rules = [ '0x1195', '0x1196/0xfffe', '0x1198/0xfff8', '0x11a0/0xffe0', '0x11c0/0xffc0', '0x1200/0xfe00', '0x1400/0xfc00', '0x1800/0xf800', '0x2000/0xe000', '0x4000/0xc000', '0x8021/0xff00', '0x8101/0xffe0', '0x8120/0xfffe' ] rules = utils.port_rule_masking(port_min, port_max) self.assertEqual(expected_rules, rules)
def test_port_rule_masking(self): compare_rules = lambda x, y: set(x) == set(y) and len(x) == len(y) # Test 1. port_min = 5 port_max = 12 expected_rules = ['0x0005', '0x000c', '0x0006/0xfffe', '0x0008/0xfffc'] rules = utils.port_rule_masking(port_min, port_max) self.assertTrue(compare_rules(rules, expected_rules)) # Test 2. port_min = 20 port_max = 130 expected_rules = ['0x0014/0xfffe', '0x0016/0xfffe', '0x0018/0xfff8', '0x0020/0xffe0', '0x0040/0xffc0', '0x0080/0xfffe', '0x0082'] rules = utils.port_rule_masking(port_min, port_max) self.assertEqual(expected_rules, rules) # Test 3. port_min = 4501 port_max = 33057 expected_rules = ['0x1195', '0x1196/0xfffe', '0x1198/0xfff8', '0x11a0/0xffe0', '0x11c0/0xffc0', '0x1200/0xfe00', '0x1400/0xfc00', '0x1800/0xf800', '0x2000/0xe000', '0x4000/0xc000', '0x8021/0xff00', '0x8101/0xffe0', '0x8120/0xfffe'] rules = utils.port_rule_masking(port_min, port_max) self.assertEqual(expected_rules, rules)
def test_port_rule_masking(self): if (inspect.isclass(self.expected) and issubclass(self.expected, Exception)): with testtools.ExpectedException(self.expected): utils.port_rule_masking(self.port_min, self.port_max) else: rules = utils.port_rule_masking(self.port_min, self.port_max) self.assertItemsEqual(self.expected, rules)
def create_port_range_flows(flow_template, rule): protocol = fwaas_ovs_consts.REVERSE_IP_PROTOCOL_MAP_WITH_PORTS.get( rule.get('protocol')) if protocol is None: return [] flows = [] src_port_match = '{:s}_src'.format(protocol) src_port_min = rule.get('source_port_range_min') src_port_max = rule.get('source_port_range_max') dst_port_match = '{:s}_dst'.format(protocol) dst_port_min = rule.get('port_range_min') dst_port_max = rule.get('port_range_max') dst_port_range = [] if dst_port_min and dst_port_max: dst_port_range = utils.port_rule_masking(dst_port_min, dst_port_max) src_port_range = [] if src_port_min and src_port_max: src_port_range = utils.port_rule_masking(src_port_min, src_port_max) for port in src_port_range: flow = flow_template.copy() flow[src_port_match] = port if dst_port_range: for port in dst_port_range: dst_flow = flow.copy() dst_flow[dst_port_match] = port flows.append(dst_flow) else: flows.append(flow) else: for port in dst_port_range: flow = flow_template.copy() flow[dst_port_match] = port flows.append(flow) return flows
def create_port_range_flows(flow_template, rule): protocol = ovsfw_consts.REVERSE_IP_PROTOCOL_MAP_WITH_PORTS.get( rule.get('protocol')) if protocol is None: return [] flows = [] src_port_match = '{:s}_src'.format(protocol) src_port_min = rule.get('source_port_range_min') src_port_max = rule.get('source_port_range_max') dst_port_match = '{:s}_dst'.format(protocol) dst_port_min = rule.get('port_range_min') dst_port_max = rule.get('port_range_max') dst_port_range = [] if dst_port_min and dst_port_max: dst_port_range = utils.port_rule_masking(dst_port_min, dst_port_max) src_port_range = [] if src_port_min and src_port_max: src_port_range = utils.port_rule_masking(src_port_min, src_port_max) for port in src_port_range: flow = flow_template.copy() flow[src_port_match] = port if dst_port_range: for port in dst_port_range: dst_flow = flow.copy() dst_flow[dst_port_match] = port flows.append(dst_flow) else: flows.append(flow) else: for port in dst_port_range: flow = flow_template.copy() flow[dst_port_match] = port flows.append(flow) return flows
def _add_rules_flows(self, port): rules = self._select_sg_rules_for_port(port) for rule in rules: ethertype = rule['ethertype'] direction = rule['direction'] protocol = rule.get('protocol') port_range_min = rule.get('port_range_min') port_range_max = rule.get('port_range_max') source_ip_prefix = rule.get('source_ip_prefix') dest_ip_prefix = rule.get('dest_ip_prefix') flow = {} # Direcction. if direction == EGRESS_DIRECTION: flow['priority'] = OF_EGRESS_PORT_RULE_PRIO flow['table'] = OF_EGRESS_TABLE flow["dl_src"] = port["mac_address"] elif direction == INGRESS_DIRECTION: flow['priority'] = OF_INGRESS_PORT_RULE_PRIO flow['table'] = OF_INGRESS_TABLE flow["dl_dst"] = port["mac_address"] # Protocol. flow['proto'] = self._write_proto(ethertype, protocol) # Port range. port_match = "" if (port_range_min and port_range_max and protocol in [constants.PROTO_NAME_TCP, constants.PROTO_NAME_UDP]): port_match = "%s_dst" % protocol if port_range_max > port_range_min: flow[port_match] = neutron_utils.port_rule_masking( port_range_min, port_range_max) else: flow[port_match] = int(port_range_min) # Destination and source address. if dest_ip_prefix and dest_ip_prefix != "0.0.0.0/0": flow[OF_MNEMONICS[ethertype]["ip_dst"]] = dest_ip_prefix if source_ip_prefix and source_ip_prefix != "0.0.0.0/0": flow[OF_MNEMONICS[ethertype]["ip_src"]] = source_ip_prefix # Write flow. self._write_flows_per_ip(flow, rule, port, port_match, protocol)
def compare_port_ranges_results(self, port_min, port_max): observed = utils.port_rule_masking(port_min, port_max) expected = _port_rule_masking(port_min, port_max) self.assertCountEqual(expected, observed)
def test_port_rule_wrong_input(self): with testtools.ExpectedException(ValueError): utils.port_rule_masking(12, 5)
def test_port_rule_masking_min_higher_than_max(self): port_min = 10 port_max = 5 with testtools.ExpectedException(ValueError): utils.port_rule_masking(port_min, port_max)
def compare_port_ranges_results(self, port_min, port_max): observed = utils.port_rule_masking(port_min, port_max) expected = _port_rule_masking(port_min, port_max) self.assertItemsEqual(expected, observed)