public static AclLineMatchExpr and(AclLineMatchExpr... exprs) { return and( Arrays.stream(exprs) .collect(ImmutableSortedSet.toImmutableSortedSet(Comparator.naturalOrder()))); }
@Override public AclLineMatchExpr visitAndMatchExpr(AndMatchExpr andMatchExpr) { return and( andMatchExpr.getConjuncts().stream() .map(this::visit) .collect(ImmutableSortedSet.toImmutableSortedSet(Comparator.naturalOrder()))); }
@Override public AclLineMatchExpr build() { return getBdd().isZero() ? FALSE : and(getExprs()); }
private AclLineMatchExpr resolveHeaderSpace() throws InvalidReachabilityParametersException { AclLineMatchExpr expr = and( firstNonNull(_params.getHeaderSpace(), AclLineMatchExprs.TRUE), matchDst(resolveDestinationIpSpace())); return _params.getInvertSearch() ? AclLineMatchExprs.not(expr) : expr; }
static Optional<Transformation.Builder> secondTransformation( @Nullable AccessListAddressSpecifier shiftDestination, @Nullable AccessListAddressSpecifier matchDestination, Transformation first, Map<String, NetworkObject> networkObjects, IpField field, Warnings w) { if (shiftDestination == null || matchDestination == null) { // Invalid reference or not supported w.redFlag("Invalid match or shift destination."); return Optional.empty(); } Transformation.Builder secondBuilder = staticTransformation(matchDestination, shiftDestination, null, networkObjects, field, w); if (secondBuilder == null) { return Optional.empty(); } Transformation second = secondBuilder.build(); return Optional.of( Transformation.when(and(first.getGuard(), second.getGuard())) .apply( Iterables.concat(first.getTransformationSteps(), second.getTransformationSteps()))); }
@Test public void testAnd() { MatcherAssert.assertThat(_toBdd.getMemoizedBdd(MATCH_DST_IP), equalTo(Optional.empty())); MatcherAssert.assertThat(_toBdd.getMemoizedBdd(MATCH_SRC_IP), equalTo(Optional.empty())); BDD bdd = _toBdd.visit(and(MATCH_DST_IP, MATCH_SRC_IP)); Optional<BDD> dstBdd = _toBdd.getMemoizedBdd(MATCH_DST_IP); Optional<BDD> srcBdd = _toBdd.getMemoizedBdd(MATCH_SRC_IP); assertThat("MATCH_DST_IP should be memoized", dstBdd.isPresent()); assertThat("MATCH_SRC_IP should be memoized", srcBdd.isPresent()); assertThat(dstBdd.get().and(srcBdd.get()), equalTo(bdd)); }
@Override public Optional<Transformation.Builder> toOutgoingTransformation( Map<String, IpAccessList> ipAccessLists, Map<String, NatPool> natPools, @Nullable Set<String> insideInterfaces, Configuration c) { /* * No named ACL in rule, but need to match src/dest to global/local according * to direction and rule type */ AclLineMatchExpr matchExpr; TransformationStep step; switch (getAction()) { case SOURCE_INSIDE: matchExpr = AclLineMatchExprs.matchSrc(_localNetwork); step = TransformationStep.shiftSourceIp(_globalNetwork); break; case SOURCE_OUTSIDE: matchExpr = AclLineMatchExprs.matchDst(_localNetwork); step = TransformationStep.shiftDestinationIp(_globalNetwork); break; default: return Optional.empty(); } if (insideInterfaces != null) { matchExpr = AclLineMatchExprs.and(matchExpr, new MatchSrcInterface(insideInterfaces)); } return Optional.of(Transformation.when(matchExpr).apply(step)); }
@Test public void testExprs() { Map<String, IpAccessList> namedAcls = ImmutableMap.of(); assertThat(referencedSources(namedAcls, TRUE), equalTo(ImmutableSet.of())); assertThat(referencedSources(namedAcls, FALSE), equalTo(ImmutableSet.of())); assertThat( referencedSources(namedAcls, ORIGINATING_FROM_DEVICE), equalTo(ImmutableSet.of(SOURCE_ORIGINATING_FROM_DEVICE))); assertThat(referencedSources(namedAcls, matchDst(Ip.AUTO)), equalTo(ImmutableSet.of())); assertThat( referencedSources(namedAcls, matchSrcInterface("a", "b", "c")), equalTo(ImmutableSet.of("a", "b", "c"))); assertThat( referencedSources(namedAcls, and(matchSrcInterface("a"), matchSrcInterface("b", "c"))), equalTo(ImmutableSet.of("a", "b", "c"))); assertThat( referencedSources(namedAcls, not(matchSrcInterface("a", "b", "c"))), equalTo(ImmutableSet.of("a", "b", "c"))); assertThat( referencedSources(namedAcls, or(matchSrcInterface("a"), matchSrcInterface("b", "c"))), equalTo(ImmutableSet.of("a", "b", "c"))); }
@Test public void visitAndMatchExpr() { assertThat( negate(and(ORIGINATING_FROM_DEVICE, TRUE, FALSE)), equalTo(or(not(ORIGINATING_FROM_DEVICE), FALSE, TRUE))); }
@Test public void visitOrMatchExpr() { assertThat( negate(or(ORIGINATING_FROM_DEVICE, TRUE, FALSE)), equalTo(and(not(ORIGINATING_FROM_DEVICE), FALSE, TRUE))); }
natAclExpr = and(natAclExpr, new MatchSrcInterface(insideInterfaces));
matchExpr = and(matchExpr, matchSrcInterface(insideInterface));
matchExpr = and(matchExpr, matchSrcInterface(insideInterface));
.setLines( ImmutableList.of( accepting().setMatchCondition(and(matchSrcInterface(IFACE), matchDst(ip))).build())) .build(); Batfish batfish = getBatfish(baseConfig, deltaConfig);
.setLines( ImmutableList.of( accepting().setMatchCondition(and(matchSrcInterface(IFACE), matchDst(ip))).build())) .build(); Batfish batfish = getBatfish(baseConfig, deltaConfig);