def nat_actions(self, eth_type, nfvip, nat_offset): ip_ver = nfvip.ip.version ip_src_nxm = 'ipv%u_src_nxm' % ip_ver ip_dst_nxm = 'ipv%u_dst_nxm' % ip_ver ipbits = nfvip.ip.max_prefixlen # pylint: disable=no-member return [ parser.NXActionRegMove(src_field='ipv%u_src' % ip_ver, dst_field=self.AREG, n_bits=nat_offset, src_ofs=0, dst_ofs=nat_offset), parser.NXActionRegMove(src_field='ipv%u_dst' % ip_ver, dst_field=self.AREG, n_bits=nat_offset, src_ofs=0, dst_ofs=0), # we have to load output port numbers into reg1 and reg2 because NXFlowSpecOutput() won't take a literal. parser.NXActionRegLoad(value=self.FAKEPORT, dst=self.FAKEPORTREG, ofs_nbits=nicira_ext.ofs_nbits(0, 15)), parser.NXActionRegLoad(value=self.COPROPORT, dst=self.COPROPORTREG, ofs_nbits=nicira_ext.ofs_nbits(0, 15)), # now program an inbound flow to perform NAT. parser.NXActionLearn( table_id=self.FROM_COPRO_TABLE, priority=2, hard_timeout=self.IDLE, specs=[ parser.NXFlowSpecMatch(src=eth_type, dst=('eth_type_nxm', 0), n_bits=16), parser.NXFlowSpecMatch(src=(ip_src_nxm, 0), dst=(ip_src_nxm, 0), n_bits=ipbits), parser.NXFlowSpecMatch(src=(ip_dst_nxm, 0), dst=(ip_dst_nxm, 0), n_bits=ipbits), parser.NXFlowSpecLoad(src=int(self.FAKECLIENTMAC), dst=('eth_src_nxm', 0), n_bits=48), parser.NXFlowSpecLoad(src=int(self.FAKESERVERMAC), dst=('eth_dst_nxm', 0), n_bits=48), ] + self.reg_copy(self.AREG, ip_src_nxm, ipbits) + [ parser.NXFlowSpecLoad(src=int(nfvip.ip), dst=(ip_dst_nxm, 0), n_bits=ipbits), parser.NXFlowSpecOutput(src=(self.FAKEPORTREG, 0), dst='', n_bits=16), ]), # now program outbound an outbound flow. parser.NXActionLearn( table_id=self.TO_COPRO_TABLE, priority=2, idle_timeout=self.IDLE, specs=[ parser.NXFlowSpecMatch(src=eth_type, dst=('eth_type_nxm', 0), n_bits=16), parser.NXFlowSpecMatch(src=int(nfvip.ip), dst=(ip_src_nxm, 0), n_bits=ipbits), ] + self.reg_copy(self.AREG, ip_dst_nxm, ipbits) + [ parser.NXFlowSpecLoad(src=('eth_dst_nxm', 0), dst=('eth_src_nxm', 0), n_bits=48), parser.NXFlowSpecLoad(src=('eth_src_nxm', 0), dst=('eth_dst_nxm', 0), n_bits=48), parser.NXFlowSpecLoad(src=(ip_dst_nxm, 0), dst=(ip_src_nxm, 0), n_bits=ipbits), parser.NXFlowSpecLoad(src=(ip_src_nxm, 0), dst=(ip_dst_nxm, 0), n_bits=ipbits), parser.NXFlowSpecOutput(src=(self.COPROPORTREG, 0), dst='', n_bits=16), ]), # now that future flows are programmed, handle the packet we have. parser.OFPActionSetField(eth_src=self.FAKECLIENTMAC), parser.OFPActionSetField(eth_dst=self.FAKESERVERMAC), parser.NXActionRegMove(src_field=self.AREG, dst_field=('ipv%u_src' % ip_ver), n_bits=ipbits, src_ofs=0, dst_ofs=0), parser.OFPActionSetField(**{'ipv%u_dst' % ip_ver: str(nfvip.ip)}), parser.OFPActionOutput(self.FAKEPORT) ]
def test_flowspec_src_1_dst_0(self): user = ofpp.NXFlowSpecMatch(src=99, dst=('in_port', 0), n_bits=16) on_wire = (b'\x20\x10' b'\x00\x63' b'\x80\x00\x00\x04\x00\x00') self.assertEqual(on_wire, user.serialize()) (o, rest) = ofpp._NXFlowSpec.parse(on_wire) self.assertEqual(user.to_jsondict(), o.to_jsondict()) self.assertEqual(str(user), str(o)) self.assertEqual(b'', rest)