def test_create_flows_for_ip_address_egress(self):
expected_template = {
'table': ovs_consts.RULES_EGRESS_TABLE,
'priority': 72,
'dl_type': constants.ETHERTYPE_IP,
'reg_net': 0x123,
'nw_dst': '192.168.0.1/32'
}
conj_ids = [12, 20]
flows = rules.create_flows_for_ip_address(
'192.168.0.1', constants.EGRESS_DIRECTION, constants.IPv4,
0x123, conj_ids)
self.assertEqual(2, len(flows))
self.assertEqual(ovsfw_consts.OF_STATE_ESTABLISHED_NOT_REPLY,
flows[0]['ct_state'])
self.assertEqual(ovsfw_consts.OF_STATE_NEW_NOT_ESTABLISHED,
flows[1]['ct_state'])
for i in range(2):
self.assertEqual(self._generate_conjuncion_actions(conj_ids, i),
flows[i]['actions'])
for f in flows:
del f['actions']
del f['ct_state']
self.assertEqual(expected_template, f)
def test_create_flows_for_ip_address_egress(self):
expected_template = {
'table': ovs_consts.RULES_EGRESS_TABLE,
'priority': 70,
'dl_type': n_const.ETHERTYPE_IP,
'reg_net': 0x123,
'nw_dst': '192.168.0.1/32'
}
conj_ids = [12, 20]
flows = rules.create_flows_for_ip_address('192.168.0.1',
firewall.EGRESS_DIRECTION,
constants.IPv4, 0x123,
conj_ids)
self.assertEqual(2, len(flows))
self.assertEqual(ovsfw_consts.OF_STATE_ESTABLISHED_NOT_REPLY,
flows[0]['ct_state'])
self.assertEqual(ovsfw_consts.OF_STATE_NEW_NOT_ESTABLISHED,
flows[1]['ct_state'])
self.assertEqual(self._generate_conjuncion_actions(conj_ids, 0),
flows[0]['actions'])
self.assertEqual(self._generate_conjuncion_actions(conj_ids, 1),
flows[1]['actions'])
for f in flows:
del f['actions']
del f['ct_state']
self.assertEqual(expected_template, f)
def _update_flows_for_vlan_subr(self, direction, ethertype, vlan_tag,
flow_state, addr_to_conj):
"""Do the actual flow updates for given direction and ethertype."""
current_ips = set(flow_state.keys())
self.driver.delete_flows_for_ip_addresses(
current_ips - set(addr_to_conj.keys()), direction, ethertype,
vlan_tag)
for addr, conj_ids in addr_to_conj.items():
conj_ids.sort()
if flow_state.get(addr) == conj_ids:
continue
for flow in rules.create_flows_for_ip_address(
addr, direction, ethertype, vlan_tag, conj_ids):
self.driver._add_flow(**flow)
def delete_flows_for_ip_addresses(self, ip_addresses, direction, ethertype,
vlan_tag):
for ip_addr in ip_addresses:
# Generate deletion template with bogus conj_id.
flows = rules.create_flows_for_ip_address(ip_addr, direction,
ethertype, vlan_tag, [0])
for f in flows:
# The following del statements are partly for
# complying the OpenFlow spec. It forbids the use of
# these field in non-strict delete flow messages, and
# the actions field is bogus anyway.
del f['actions']
del f['priority']
self._delete_flows(**f)
def delete_flows_for_ip_addresses(
self, ip_addresses, direction, ethertype, vlan_tag):
for ip_addr in ip_addresses:
# Generate deletion template with bogus conj_id.
flows = rules.create_flows_for_ip_address(
ip_addr, direction, ethertype, vlan_tag, [0])
for f in flows:
# The following del statements are partly for
# complying the OpenFlow spec. It forbids the use of
# these field in non-strict delete flow messages, and
# the actions field is bogus anyway.
del f['actions']
del f['priority']
self._delete_flows(**f)
def _update_flows_for_vlan_subr(self, direction, ethertype, vlan_tag,
flow_state, addr_to_conj):
"""Do the actual flow updates for given direction and ethertype."""
current_ips = set(flow_state.keys())
self.driver.delete_flows_for_ip_addresses(
current_ips - set(addr_to_conj.keys()),
direction, ethertype, vlan_tag)
for addr, conj_ids in addr_to_conj.items():
conj_ids.sort()
if flow_state.get(addr) == conj_ids:
continue
for flow in rules.create_flows_for_ip_address(
addr, direction, ethertype, vlan_tag, conj_ids):
self.driver._add_flow(**flow)
