-
Notifications
You must be signed in to change notification settings - Fork 390
/
acl_entry_spec.h
162 lines (136 loc) · 3.97 KB
/
acl_entry_spec.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
/*
* Copyright (c) 2013 Juniper Networks, Inc. All rights reserved.
*/
#ifndef __AGENT_ACL_ENTRY_SPEC_H__
#define __AGENT_ACL_ENTRY_SPEC_H__
#include <vector>
#include <boost/uuid/uuid.hpp>
#include <net/address.h>
#include <cmn/agent_cmn.h>
#include <cmn/agent.h>
#include <vnc_cfg_types.h>
#include <filter/traffic_action.h>
#include <filter/acl_entry_match.h>
#include <vnc_cfg_types.h>
struct RangeSpec {
uint16_t min;
uint16_t max;
};
struct StaticMirrorNhData {
IpAddress vtep_dst_ip;
uint32_t vni;
MacAddress vtep_dst_mac;
};
struct MirrorActionSpec {
std::string analyzer_name;
std::string vrf_name;
IpAddress ip;
MacAddress mac;
uint16_t port;
std::string encap;
bool juniper_header;
std::string nh_mode;
StaticMirrorNhData staticnhdata;
bool operator == (const MirrorActionSpec &rhs) const {
return analyzer_name == rhs.analyzer_name;
}
};
struct VrfTranslateActionSpec {
VrfTranslateActionSpec() : vrf_name_(""), ignore_acl_(false) { }
VrfTranslateActionSpec(std::string vrf_name, bool ignore_acl):
vrf_name_(vrf_name), ignore_acl_(ignore_acl) { }
const std::string& vrf_name() const { return vrf_name_;}
bool ignore_acl() const { return ignore_acl_;}
void set_vrf_name(const std::string &vrf_name) {
vrf_name_ = vrf_name;
}
void set_ignore_acl(bool ignore_acl) {
ignore_acl_ = ignore_acl;
}
std::string vrf_name_;
bool ignore_acl_;
};
struct QosConfigActionSpec {
QosConfigActionSpec() : name_(""), id_(-1) {}
QosConfigActionSpec(const std::string &qos_config_name):
name_(qos_config_name), id_(-1) {}
void set_name(const std::string &name) {
name_ = name;
}
const std::string& name() const {
return name_;
}
void set_id(uint32_t id) {
id_ = id;
}
uint32_t id() const {
return id_;
}
void clear() {
name_ = "";
id_ = -1;
}
std::string name_;
uint32_t id_;
};
struct ActionSpec {
/* For actions log and alert we don't have any specific field. Only ta_type
* of TrafficAction::LOG_ACTION and TrafficAction::ALERT_ACTION is enough
*/
TrafficAction::Action simple_action;
TrafficAction::TrafficActionType ta_type;
MirrorActionSpec ma;
VrfTranslateActionSpec vrf_translate;
QosConfigActionSpec qos_config_action;
ActionSpec() {}
ActionSpec(TrafficAction::TrafficActionType type) : ta_type(type) {}
};
typedef enum AclTypeSpec {
TERM = 1,
NON_TERM = 2,
} AclTypeSpecT;
class AclEntrySpec {
public:
AclEntrySpec(): src_addr_type(AddressMatch::UNKNOWN_TYPE),
dst_addr_type(AddressMatch::UNKNOWN_TYPE), terminal(true) { }
typedef boost::uuids::uuid uuid;
AclTypeSpecT type;
uint32_t id;
// Address
AddressMatch::AddressType src_addr_type;
std::vector<AclAddressInfo> src_ip_list;
uuid src_policy_id;
std::string src_policy_id_str;
int src_sg_id;
AddressMatch::AddressType dst_addr_type;
std::vector<AclAddressInfo> dst_ip_list;
uuid dst_policy_id;
std::string dst_policy_id_str;
int dst_sg_id;
// Protocol
std::vector<RangeSpec> protocol;
// Source port range
std::vector<RangeSpec> src_port;
// Destination port range
std::vector<RangeSpec> dst_port;
bool terminal;
// Action
std::vector<ActionSpec> action_l;
// Rule-UUID
std::string rule_uuid;
bool Populate(const autogen::MatchConditionType *match_condition);
void PopulateAction(const AclTable *acl_table,
const autogen::ActionListType &action_list);
void AddMirrorEntry(Agent *agent) const;
void BuildAddressInfo(const std::string &prefix, int plen,
std::vector<AclAddressInfo> *list);
};
struct AclSpec {
AclSpec() : dynamic_acl(false) { };
typedef boost::uuids::uuid uuid;
uuid acl_id;
// Dynamic
bool dynamic_acl;
std::vector<AclEntrySpec> acl_entry_specs_;
};
#endif