@Nonnull private static IpSpace resolveIpSpaceSpecifier(IpSpaceSpecifier specifier, SpecifierContext ctx) { return firstNonNull( AclIpSpace.union( specifier.resolve(ImmutableSet.of(), ctx).getEntries().stream() .map(Entry::getIpSpace) .collect(ImmutableList.toImmutableList())), EmptyIpSpace.INSTANCE); }
public static IpSpaceAssignment of(List<Entry> entries) { return new IpSpaceAssignment(entries); } }
@Override public IpSpaceAssignment resolve(Set<Location> key, SpecifierContext ctxt) { Set<Location> locations = _locationSpecifier.resolve(ctxt); checkArgument(!locations.isEmpty(), "No such locations"); IpSpace ipSpace = AclIpSpace.union( InferFromLocationIpSpaceSpecifier.INSTANCE.resolve(locations, ctxt).getEntries() .stream() .map(Entry::getIpSpace) .collect(Collectors.toList())); return IpSpaceAssignment.builder() .assign(key, firstNonNull(ipSpace, EmptyIpSpace.INSTANCE)) .build(); } }
@VisibleForTesting IpSpaceAssignment resolveSourceIpSpaceAssignment() throws InvalidReachabilityParametersException { Set<Location> sourceLocations = _params.getSourceLocationSpecifier().resolve(_context).stream() .filter(l -> isActive(l, _configs)) .collect(ImmutableSet.toImmutableSet()); if (sourceLocations.isEmpty()) { throw new InvalidReachabilityParametersException("No matching source locations"); } // resolve the IpSpaceSpecifier, and filter out entries with empty IpSpaces IpSpaceAssignment sourceIpSpaceAssignment = IpSpaceAssignment.of( _params.getSourceIpSpaceSpecifier().resolve(sourceLocations, _context).getEntries() .stream() .filter( entry -> _ipSpaceRepresentative.getRepresentative(entry.getIpSpace()).isPresent()) .collect(ImmutableList.toImmutableList())); if (sourceIpSpaceAssignment.getEntries().isEmpty()) { throw new InvalidReachabilityParametersException("All sources have empty source IpSpaces"); } return sourceIpSpaceAssignment; }
@Override public IpSpaceAssignment resolve(Set<Location> locations, SpecifierContext ctxt) { return IpSpaceAssignment.builder().assign(locations, _ipSpace).build(); }
@Override public IpSpaceAssignment resolve(Set<Location> locations, SpecifierContext ctxt) { IpSpaceLocationVisitor ipSpaceLocationVisitor = new IpSpaceLocationVisitor(ctxt); IpSpaceAssignment.Builder builder = IpSpaceAssignment.builder(); locations.forEach( location -> builder.assign(location, location.accept(ipSpaceLocationVisitor))); return builder.build(); } }
private void setDstIp(PacketHeaderConstraints constraints, Flow.Builder builder) { String headerDstIp = constraints.getDstIps(); checkArgument( constraints.getDstIps() != null, "Cannot perform traceroute without a destination"); IpSpaceSpecifier dstIpSpecifier = IpSpaceSpecifierFactory.load(IP_SPECIFIER_FACTORY).buildIpSpaceSpecifier(headerDstIp); IpSpaceAssignment dstIps = dstIpSpecifier.resolve(ImmutableSet.of(), _specifierContext); checkArgument( dstIps.getEntries().size() == 1, "Specified destination: %s, resolves to more than one IP", headerDstIp); IpSpace space = dstIps.getEntries().iterator().next().getIpSpace(); Optional<Ip> dstIp = _ipSpaceRepresentative.getRepresentative(space); checkArgument(dstIp.isPresent(), "At least one destination IP is required"); builder.setDstIp(dstIp.get()); }
@Override public IpSpaceAssignment resolve(Set<Location> locations, SpecifierContext ctxt) { AddressGroup addressGroup = ctxt.getReferenceBook(_bookName) .orElseThrow( () -> new NoSuchElementException("ReferenceBook '" + _bookName + "' not found")) .getAddressGroup(_addressGroupName) .orElseThrow( () -> new NoSuchElementException( "AddressGroup '" + _addressGroupName + "' not found in ReferenceBook '" + _bookName + "'")); return IpSpaceAssignment.builder() .assign( locations, firstNonNull( AclIpSpace.union( addressGroup.getAddresses().stream() .map(add -> new IpWildcard(add).toIpSpace()) .collect(Collectors.toList())), EmptyIpSpace.INSTANCE)) .build(); } }
public IpSpaceAssignment build() { return new IpSpaceAssignment(_entries.build()); } }
@VisibleForTesting IpSpace resolveDestinationIpSpace() throws InvalidReachabilityParametersException { IpSpace destinationIpSpace = AclIpSpace.union( _params.getDestinationIpSpaceSpecifier().resolve(ImmutableSet.of(), _context) .getEntries().stream() .map(Entry::getIpSpace) .collect(ImmutableList.toImmutableList())); /* * Make sure the destinationIpSpace is non-empty. Otherwise, we'll get no results and no * explanation why. */ if (!_ipSpaceRepresentative.getRepresentative(destinationIpSpace).isPresent()) { throw new InvalidReachabilityParametersException("Empty destination IpSpace"); } return destinationIpSpace; }
public static IpSpaceAssignment empty() { return new IpSpaceAssignment(ImmutableList.of()); }
private Map<StateExpr, BDD> rootConstraints( IpSpaceAssignment srcIpSpaceAssignment, BDD initialHeaderSpaceBdd) { LocationVisitor<Optional<StateExpr>> locationToStateExpr = getLocationToStateExpr(); IpSpaceToBDD srcIpSpaceToBDD = new MemoizedIpSpaceToBDD(_bddPacket.getSrcIp(), ImmutableMap.of()); // convert Locations to StateExprs, and merge srcIp constraints Map<StateExpr, BDD> rootConstraints = new HashMap<>(); for (IpSpaceAssignment.Entry entry : srcIpSpaceAssignment.getEntries()) { BDD srcIpSpaceBDD = entry.getIpSpace().accept(srcIpSpaceToBDD); entry.getLocations().stream() .map(locationToStateExpr::visit) .filter(Optional::isPresent) .map(Optional::get) .forEach(root -> rootConstraints.merge(root, srcIpSpaceBDD, BDD::or)); } // add the global initial HeaderSpace and remove unsat entries Map<StateExpr, BDD> finalRootConstraints = rootConstraints.entrySet().stream() .map( entry -> Maps.immutableEntry( entry.getKey(), entry.getValue().and(initialHeaderSpaceBdd))) .filter(entry -> !entry.getValue().isZero()) .collect(ImmutableMap.toImmutableMap(Entry::getKey, Entry::getValue)); // make sure there is at least one possible source checkArgument( !finalRootConstraints.isEmpty(), "No sources are compatible with the headerspace constraint"); return finalRootConstraints; }
srcIps.getEntries().stream() .filter(e -> !e.getIpSpace().equals(EmptyIpSpace.INSTANCE)) .collect(ImmutableList.toImmutableList()); headerSrcIp, nonEmptyIpSpaces); IpSpace space = srcIps.getEntries().iterator().next().getIpSpace(); Optional<Ip> srcIp = _ipSpaceRepresentative.getRepresentative(space); _sourceIpAssignment.getEntries().stream() .filter(e -> e.getLocations().contains(srcLocation)) .findFirst();
srcIps.getEntries().stream() .filter(e -> !e.getIpSpace().equals(EmptyIpSpace.INSTANCE)) .collect(ImmutableList.toImmutableList()); _sourceIpAssignment.getEntries().stream() .filter(e -> e.getLocations().contains(srcLocation)) .findFirst();
private void setDstIp(PacketHeaderConstraints constraints, Builder builder) { String headerDstIp = constraints.getDstIps(); if (headerDstIp != null) { IpSpaceSpecifier dstIpSpecifier = IpSpaceSpecifierFactory.load(IP_SPECIFIER_FACTORY).buildIpSpaceSpecifier(headerDstIp); IpSpaceAssignment dstIps = dstIpSpecifier.resolve(ImmutableSet.of(), _batfish.specifierContext()); // Filter out empty IP assignments ImmutableList<Entry> nonEmptyIpSpaces = dstIps.getEntries().stream() .filter(e -> !e.getIpSpace().equals(EmptyIpSpace.INSTANCE)) .collect(ImmutableList.toImmutableList()); checkArgument( nonEmptyIpSpaces.size() > 0, "At least one destination IP is required, could not resolve any"); checkArgument( nonEmptyIpSpaces.size() == 1, "Specified destination: %s, resolves to more than one IP", headerDstIp); IpSpace space = nonEmptyIpSpaces.iterator().next().getIpSpace(); Optional<Ip> dstIp = _ipSpaceRepresentative.getRepresentative(space); checkArgument(dstIp.isPresent(), "Specified destination: %s has no IPs", headerDstIp); builder.setDstIp(dstIp.get()); } else { builder.setDstIp(DEFAULT_IP_ADDRESS); } }
@VisibleForTesting static TableAnswerElement resolveIpSpace(SpecifiersQuestion question, SpecifierContext context) { List<ColumnMetadata> columns = ImmutableList.of(new ColumnMetadata(COL_IP_SPACE, Schema.STRING, "IP space", false, false)); TableAnswerElement table = new TableAnswerElement(new TableMetadata(columns)); Map<String, ColumnMetadata> columnMap = table.getMetadata().toColumnMap(); // this will yield all default locations for the factory Set<Location> locations = question.getLocationSpecifier().resolve(context); IpSpaceAssignment ipSpaceAssignment = question.getIpSpaceSpecifier().resolve(locations, context); for (IpSpaceAssignment.Entry entry : ipSpaceAssignment.getEntries()) { table.addRow(Row.of(columnMap, COL_IP_SPACE, Objects.toString(entry.getIpSpace()))); } return table; }
@VisibleForTesting static TableAnswerElement resolveIpSpaceOfLocation( SpecifiersQuestion question, SpecifierContext context) { List<ColumnMetadata> columns = ImmutableList.of( new ColumnMetadata(COL_LOCATIONS, Schema.STRING, "Resolution", false, false), new ColumnMetadata(COL_IP_SPACE, Schema.STRING, "IP space", false, false)); TableAnswerElement table = new TableAnswerElement(new TableMetadata(columns)); Map<String, ColumnMetadata> columnMap = table.getMetadata().toColumnMap(); Set<Location> locations = question.getLocationSpecifier().resolve(context); IpSpaceAssignment ipSpaceAssignment = question.getIpSpaceSpecifier().resolve(locations, context); for (IpSpaceAssignment.Entry entry : ipSpaceAssignment.getEntries()) { table.addRow( Row.of( columnMap, COL_LOCATIONS, entry.getLocations().toString(), COL_IP_SPACE, Objects.toString(entry.getIpSpace()))); } return table; }
@Test public void testDeserializationDefaultValues() throws IOException { String serialized = String.format("{\"class\":\"%s\"}", SearchFiltersQuestion.class.getCanonicalName()); SearchFiltersQuestion q = BatfishObjectMapper.mapper().readValue(serialized, SearchFiltersQuestion.class); assertThat(q.getFilterSpecifier(), notNullValue()); assertThat(q.getType(), is(Type.PERMIT)); assertThat(q.getNodesSpecifier(), notNullValue()); assertThat(q.getDataPlane(), equalTo(false)); assertThat(q.getNodes(), nullValue()); // src/dst IPs NOT stored in headerspace at this stage assertThat(q.getHeaderSpace().getDstIps(), nullValue()); assertThat(q.getHeaderSpace().getSrcIps(), nullValue()); // src/dst IPs are in specifiers at this stage SearchFiltersParameters parameters = q.toSearchFiltersParameters(); for (IpSpaceSpecifier s : Arrays.asList( parameters.getSourceIpSpaceSpecifier(), parameters.getDestinationIpSpaceSpecifier())) { assertThat( s.resolve(ImmutableSet.of(), MockSpecifierContext.builder().build()).getEntries().stream() .map(Entry::getIpSpace) .collect(ImmutableList.toImmutableList()), hasItem(UniverseIpSpace.INSTANCE)); assertThat(q.getLineNumber(), nullValue()); } }
baseParameters.getSourceIpAssignment().getEntries().stream() .flatMap(entry -> entry.getLocations().stream()) .collect(ImmutableSet.toImmutableSet());
LocationToIngressLocation toIngressLocation = new LocationToIngressLocation(configurations); ipSpaceAssignment .getEntries() .forEach( entry ->