def test_merge_port_ranges_no_port_ranges_same_conj_id(self): result = rules.merge_port_ranges([ (dict(self.rule_tmpl), 10), (dict(self.rule_tmpl), 12), (dict([('port_range_min', 30), ('port_range_max', 30)] + self.rule_tmpl), 10) ]) self._test_merge_port_ranges_helper([(None, None, {10, 12})], result)
def test_merge_port_ranges_nonoverlapping(self): result = rules.merge_port_ranges( [(dict([('port_range_min', 30), ('port_range_max', 40)] + self.rule_tmpl), 32), (dict([('port_range_min', 100), ('port_range_max', 140)] + self.rule_tmpl), 40)]) self._test_merge_port_ranges_helper( [(30, 40, {32}), (100, 140, {40})], result)
def test_merge_port_ranges_no_port_ranges_same_conj_id(self): result = rules.merge_port_ranges( [(dict(self.rule_tmpl), 10), (dict(self.rule_tmpl), 12), (dict([('port_range_min', 30), ('port_range_max', 30)] + self.rule_tmpl), 10)]) self._test_merge_port_ranges_helper([ (None, None, {10, 12})], result)
def test_merge_port_ranges_no_port_ranges(self): result = rules.merge_port_ranges([ (dict(self.rule_tmpl), 10), (dict(self.rule_tmpl), 12), (dict([('port_range_min', 30), ('port_range_max', 40)] + self.rule_tmpl), 4) ]) self._test_merge_port_ranges_helper([(1, 29, {10, 12}), (30, 40, {10, 12, 4}), (41, 65535, {10, 12})], result)
def test_merge_port_ranges_no_port_ranges(self): result = rules.merge_port_ranges( [(dict(self.rule_tmpl), 10), (dict(self.rule_tmpl), 12), (dict([('port_range_min', 30), ('port_range_max', 40)] + self.rule_tmpl), 4)]) self._test_merge_port_ranges_helper([ (1, 29, {10, 12}), (30, 40, {10, 12, 4}), (41, 65535, {10, 12})], result)
def _add_non_ip_conj_flows(self, port): """Install conjunction flows that don't depend on IP address of remote groups, which consist of actions=conjunction(conj_id, 2/2) flows and actions=accept flows. The remaining part is done by ConjIPFlowManager. """ port_rules = collections.defaultdict(list) for sec_group_id, rule in ( self._create_remote_rules_generator_for_port(port)): direction = rule['direction'] ethertype = rule['ethertype'] protocol = rule.get('protocol') priority_offset = rules.flow_priority_offset(rule) conj_id = self.conj_ip_manager.add(port.vlan_tag, sec_group_id, rule['remote_group_id'], direction, ethertype, priority_offset) rule1 = rule.copy() del rule1['remote_group_id'] port_rules_key = (direction, ethertype, protocol) port_rules[port_rules_key].append((rule1, conj_id)) for (direction, ethertype, protocol), rule_conj_list in (port_rules.items()): all_conj_ids = set() for rule, conj_id in rule_conj_list: all_conj_ids.add(conj_id) if protocol in [ lib_const.PROTO_NUM_SCTP, lib_const.PROTO_NUM_TCP, lib_const.PROTO_NUM_UDP ]: rule_conj_list = rules.merge_port_ranges(rule_conj_list) else: rule_conj_list = rules.merge_common_rules(rule_conj_list) for rule, conj_ids in rule_conj_list: flows = rules.create_flows_from_rule_and_port(rule, port, conjunction=True) for flow in rules.substitute_conjunction_actions( flows, 2, conj_ids): self._add_flow(**flow) # Install accept flows and store conj_id to reg7 for future process for conj_id in all_conj_ids: for flow in rules.create_conj_flows(port, conj_id, direction, ethertype): flow['actions'] = "set_field:{:d}->reg{:d},{:s}".format( flow['conj_id'], ovsfw_consts.REG_REMOTE_GROUP, flow['actions']) self._add_flow(**flow)
def _add_non_ip_conj_flows(self, port): """Install conjunction flows that don't depend on IP address of remote groups, which consist of actions=conjunction(conj_id, 2/2) flows and actions=accept flows. The remaining part is done by ConjIPFlowManager. """ port_rules = collections.defaultdict(list) for sec_group_id, rule in ( self._create_remote_rules_generator_for_port(port)): direction = rule['direction'] ethertype = rule['ethertype'] protocol = rule.get('protocol') priority_offset = rules.flow_priority_offset(rule) conj_id = self.conj_ip_manager.add(port.vlan_tag, sec_group_id, rule['remote_group_id'], direction, ethertype, priority_offset) rule1 = rule.copy() del rule1['remote_group_id'] port_rules_key = (direction, ethertype, protocol) port_rules[port_rules_key].append((rule1, conj_id)) for (direction, ethertype, protocol), rule_conj_list in ( port_rules.items()): all_conj_ids = set() for rule, conj_id in rule_conj_list: all_conj_ids.add(conj_id) if protocol in [lib_const.PROTO_NUM_SCTP, lib_const.PROTO_NUM_TCP, lib_const.PROTO_NUM_UDP]: rule_conj_list = rules.merge_port_ranges(rule_conj_list) else: rule_conj_list = rules.merge_common_rules(rule_conj_list) for rule, conj_ids in rule_conj_list: flows = rules.create_flows_from_rule_and_port( rule, port, conjunction=True) for flow in rules.substitute_conjunction_actions( flows, 2, conj_ids): self._add_flow(**flow) # Install accept flows and store conj_id to reg7 for future process for conj_id in all_conj_ids: for flow in rules.create_conj_flows( port, conj_id, direction, ethertype): flow['actions'] = "set_field:{:d}->reg{:d},{:s}".format( flow['conj_id'], ovsfw_consts.REG_REMOTE_GROUP, flow['actions'] ) self._add_flow(**flow)
def test_merge_port_ranges_overlapping(self): result = rules.merge_port_ranges( [(dict([('port_range_min', 20), ('port_range_max', 30)] + self.rule_tmpl), 6), (dict([('port_range_min', 30), ('port_range_max', 40)] + self.rule_tmpl), 14), (dict([('port_range_min', 35), ('port_range_max', 40)] + self.rule_tmpl), 22), (dict([('port_range_min', 20), ('port_range_max', 20)] + self.rule_tmpl), 30)]) self._test_merge_port_ranges_helper([ # port_range_min, port_range_max, conj_ids (20, 20, {6, 30}), (21, 29, {6}), (30, 30, {6, 14}), (31, 34, {14}), (35, 40, {14, 22})], result)