public BDDReachabilityAnalysis bddReachabilityAnalysis(IpSpaceAssignment srcIpSpaceAssignment) { return bddReachabilityAnalysis( srcIpSpaceAssignment, matchDst(UniverseIpSpace.INSTANCE), ImmutableSet.of(), ImmutableSet.of(), _configs.keySet(), ImmutableSet.of(FlowDisposition.ACCEPTED)); }
public static MatchHeaderSpace matchDst(Prefix prefix) { return matchDst(prefix.toIpSpace()); }
public static MatchHeaderSpace matchDst(IpWildcard wc) { return matchDst(wc.toIpSpace()); }
public static MatchHeaderSpace matchDst(Ip ip) { return matchDst(ip.toIpSpace()); }
public static AclLineMatchExpr matchDstPrefix(String prefix) { return matchDst(Prefix.parse(prefix)); }
public static MatchHeaderSpace matchDstIp(String ip) { return matchDst(Ip.parse(ip).toIpSpace()); }
private AclLineMatchExpr resolveHeaderSpace() throws InvalidReachabilityParametersException { AclLineMatchExpr expr = and( firstNonNull(_params.getHeaderSpace(), AclLineMatchExprs.TRUE), matchDst(resolveDestinationIpSpace())); return _params.getInvertSearch() ? AclLineMatchExprs.not(expr) : expr; }
@Override public Optional<Transformation.Builder> toIncomingTransformation(Map<String, NatPool> natPools) { /* * No named ACL in rule, but need to match src/dest to global/local according * to direction and rule type */ AclLineMatchExpr matchExpr; TransformationStep step; switch (getAction()) { case SOURCE_INSIDE: matchExpr = AclLineMatchExprs.matchDst(_globalNetwork); step = TransformationStep.shiftDestinationIp(_localNetwork); break; case SOURCE_OUTSIDE: matchExpr = AclLineMatchExprs.matchSrc(_globalNetwork); step = TransformationStep.shiftSourceIp(_localNetwork); break; default: return Optional.empty(); } return Optional.of(Transformation.when(matchExpr).apply(step)); } }
@Override public Optional<Transformation.Builder> toOutgoingTransformation( Map<String, IpAccessList> ipAccessLists, Map<String, NatPool> natPools, @Nullable Set<String> insideInterfaces, Configuration c) { /* * No named ACL in rule, but need to match src/dest to global/local according * to direction and rule type */ AclLineMatchExpr matchExpr; TransformationStep step; switch (getAction()) { case SOURCE_INSIDE: matchExpr = AclLineMatchExprs.matchSrc(_localNetwork); step = TransformationStep.shiftSourceIp(_globalNetwork); break; case SOURCE_OUTSIDE: matchExpr = AclLineMatchExprs.matchDst(_localNetwork); step = TransformationStep.shiftDestinationIp(_globalNetwork); break; default: return Optional.empty(); } if (insideInterfaces != null) { matchExpr = AclLineMatchExprs.and(matchExpr, new MatchSrcInterface(insideInterfaces)); } return Optional.of(Transformation.when(matchExpr).apply(step)); }
@Test public void testExprs() { Map<String, IpAccessList> namedAcls = ImmutableMap.of(); assertThat(referencedSources(namedAcls, TRUE), equalTo(ImmutableSet.of())); assertThat(referencedSources(namedAcls, FALSE), equalTo(ImmutableSet.of())); assertThat( referencedSources(namedAcls, ORIGINATING_FROM_DEVICE), equalTo(ImmutableSet.of(SOURCE_ORIGINATING_FROM_DEVICE))); assertThat(referencedSources(namedAcls, matchDst(Ip.AUTO)), equalTo(ImmutableSet.of())); assertThat( referencedSources(namedAcls, matchSrcInterface("a", "b", "c")), equalTo(ImmutableSet.of("a", "b", "c"))); assertThat( referencedSources(namedAcls, and(matchSrcInterface("a"), matchSrcInterface("b", "c"))), equalTo(ImmutableSet.of("a", "b", "c"))); assertThat( referencedSources(namedAcls, not(matchSrcInterface("a", "b", "c"))), equalTo(ImmutableSet.of("a", "b", "c"))); assertThat( referencedSources(namedAcls, or(matchSrcInterface("a"), matchSrcInterface("b", "c"))), equalTo(ImmutableSet.of("a", "b", "c"))); }
.setLines( ImmutableList.of( accepting().setMatchCondition(and(matchSrcInterface(IFACE), matchDst(ip))).build())) .build(); Batfish batfish = getBatfish(baseConfig, deltaConfig);
.setLines( ImmutableList.of( accepting().setMatchCondition(and(matchSrcInterface(IFACE), matchDst(ip))).build())) .build(); Batfish batfish = getBatfish(baseConfig, deltaConfig);