etri.sdn.controller.module.firewall

Class FirewallRule

java.lang.Object

etri.sdn.controller.module.firewall.FirewallRule

All Implemented Interfaces:

java.io.Serializable, java.lang.Comparable<FirewallRule>

public class FirewallRule
extends java.lang.Object
implements java.lang.Comparable<FirewallRule>, java.io.Serializable

This class defines the firewall rule. This class is used when the firewall module carries out its operation. This firewall rule is converted into Map type when it is put in the storage.

See Also:

Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	FirewallRule.FirewallAction This enum constant defines two firewall actions

Field Summary

Fields

Modifier and Type	Field and Description
FirewallRule.FirewallAction	action
long	dl_dst
long	dl_src
short	dl_type
long	dpid
short	in_port
int	nw_dst_maskbits
int	nw_dst_prefix
short	nw_proto
int	nw_src_maskbits
int	nw_src_prefix
static short	OFP_VLAN_NONE
static int	OFPFW_ALL
static int	OFPFW_DL_DST
static int	OFPFW_DL_SRC
static int	OFPFW_DL_TYPE
static int	OFPFW_DL_VLAN
static int	OFPFW_DL_VLAN_PCP
static int	OFPFW_IN_PORT
static int	OFPFW_NW_DST_ALL
static int	OFPFW_NW_DST_BITS
static int	OFPFW_NW_DST_MASK
static int	OFPFW_NW_DST_SHIFT
static int	OFPFW_NW_PROTO
static int	OFPFW_NW_SRC_ALL
static int	OFPFW_NW_SRC_BITS
static int	OFPFW_NW_SRC_MASK
static int	OFPFW_NW_SRC_SHIFT
static int	OFPFW_NW_TOS
static int	OFPFW_TP_DST
static int	OFPFW_TP_SRC
int	priority
int	ruleid
private static long	serialVersionUID
static java.lang.String	STR_DL_DST
static java.lang.String	STR_DL_SRC
static java.lang.String	STR_DL_TYPE
static java.lang.String	STR_DL_VLAN
static java.lang.String	STR_DL_VLAN_PCP
static java.lang.String	STR_IN_PORT
static java.lang.String	STR_NW_DST
static java.lang.String	STR_NW_PROTO
static java.lang.String	STR_NW_SRC
static java.lang.String	STR_NW_TOS
static java.lang.String	STR_TP_DST
static java.lang.String	STR_TP_SRC
short	tp_dst
short	tp_src
boolean	wildcard_dl_dst
boolean	wildcard_dl_src
boolean	wildcard_dl_type
boolean	wildcard_dpid
boolean	wildcard_in_port
boolean	wildcard_nw_dst
boolean	wildcard_nw_proto
boolean	wildcard_nw_src
boolean	wildcard_tp_dst
boolean	wildcard_tp_src

Constructor Summary

Constructors

Constructor and Description
FirewallRule()

Method Summary

Methods

Modifier and Type	Method and Description
int	compareTo(FirewallRule rule) Comparison method for Collections.sort method
int	genID() Generates a unique ID for the instance.
int	hashCode()
static int[]	IPCIDRToPrefixBits(java.lang.String cidr) Divides CIDR address into IP address and the length of mask.
boolean	isSameAs(FirewallRule r) Determines if this instance matches an existing rule instance.
static FirewallRule	jsonToFirewallRule(java.lang.String fmJson) Turns a JSON formatted Firewall Rule string into a FirewallRule instance
boolean	matchesFlow(long switchDpid, short inPort, Ethernet packet, WildcardsPair wildcards) Matches this rule to a given flow - incoming packet.
protected boolean	matchIPAddress(int rulePrefix, int ruleBits, int packetAddress) Determines if rule's CIDR address matches IP address of the packet.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Field Detail

OFPFW_ALL

public static final int OFPFW_ALL

See Also:

Constant Field Values

OFPFW_IN_PORT

public static final int OFPFW_IN_PORT

See Also:

Constant Field Values

OFPFW_DL_VLAN

public static final int OFPFW_DL_VLAN

See Also:

Constant Field Values

OFPFW_DL_SRC

public static final int OFPFW_DL_SRC

See Also:

Constant Field Values

OFPFW_DL_DST

public static final int OFPFW_DL_DST

See Also:

Constant Field Values

OFPFW_DL_TYPE

public static final int OFPFW_DL_TYPE

See Also:

Constant Field Values

OFPFW_NW_PROTO

public static final int OFPFW_NW_PROTO

See Also:

Constant Field Values

OFPFW_TP_SRC

public static final int OFPFW_TP_SRC

See Also:

Constant Field Values

OFPFW_TP_DST

public static final int OFPFW_TP_DST

See Also:

Constant Field Values

OFPFW_NW_SRC_SHIFT

public static final int OFPFW_NW_SRC_SHIFT

See Also:

Constant Field Values

OFPFW_NW_SRC_BITS

public static final int OFPFW_NW_SRC_BITS

See Also:

Constant Field Values

OFPFW_NW_SRC_MASK

public static final int OFPFW_NW_SRC_MASK

See Also:

Constant Field Values

OFPFW_NW_SRC_ALL

public static final int OFPFW_NW_SRC_ALL

See Also:

Constant Field Values

OFPFW_NW_DST_SHIFT

public static final int OFPFW_NW_DST_SHIFT

See Also:

Constant Field Values

OFPFW_NW_DST_BITS

public static final int OFPFW_NW_DST_BITS

See Also:

Constant Field Values

OFPFW_NW_DST_MASK

public static final int OFPFW_NW_DST_MASK

See Also:

Constant Field Values

OFPFW_NW_DST_ALL

public static final int OFPFW_NW_DST_ALL

See Also:

Constant Field Values

OFPFW_DL_VLAN_PCP

public static final int OFPFW_DL_VLAN_PCP

See Also:

Constant Field Values

OFPFW_NW_TOS

public static final int OFPFW_NW_TOS

See Also:

Constant Field Values

OFP_VLAN_NONE

public static final short OFP_VLAN_NONE

See Also:

Constant Field Values

STR_IN_PORT

public static final java.lang.String STR_IN_PORT

See Also:

Constant Field Values

STR_DL_DST

public static final java.lang.String STR_DL_DST

See Also:

Constant Field Values

STR_DL_SRC

public static final java.lang.String STR_DL_SRC

See Also:

Constant Field Values

STR_DL_TYPE

public static final java.lang.String STR_DL_TYPE

See Also:

Constant Field Values

STR_DL_VLAN

public static final java.lang.String STR_DL_VLAN

See Also:

Constant Field Values

STR_DL_VLAN_PCP

public static final java.lang.String STR_DL_VLAN_PCP

See Also:

Constant Field Values

STR_NW_DST

public static final java.lang.String STR_NW_DST

See Also:

Constant Field Values

STR_NW_SRC

public static final java.lang.String STR_NW_SRC

See Also:

Constant Field Values

STR_NW_PROTO

public static final java.lang.String STR_NW_PROTO

See Also:

Constant Field Values

STR_NW_TOS

public static final java.lang.String STR_NW_TOS

See Also:

Constant Field Values

STR_TP_DST

public static final java.lang.String STR_TP_DST

See Also:

Constant Field Values

STR_TP_SRC

public static final java.lang.String STR_TP_SRC

See Also:

Constant Field Values

serialVersionUID

private static final long serialVersionUID

See Also:

Constant Field Values

ruleid

public int ruleid

dpid

public long dpid

in_port

public short in_port

dl_src

public long dl_src

dl_dst

public long dl_dst

dl_type

public short dl_type

nw_src_prefix

public int nw_src_prefix

nw_src_maskbits

public int nw_src_maskbits

nw_dst_prefix

public int nw_dst_prefix

nw_dst_maskbits

public int nw_dst_maskbits

nw_proto

public short nw_proto

tp_src

public short tp_src

tp_dst

public short tp_dst

wildcard_dpid

public boolean wildcard_dpid

wildcard_in_port

public boolean wildcard_in_port

wildcard_dl_src

public boolean wildcard_dl_src

wildcard_dl_dst

public boolean wildcard_dl_dst

wildcard_dl_type

public boolean wildcard_dl_type

wildcard_nw_src

public boolean wildcard_nw_src

wildcard_nw_dst

public boolean wildcard_nw_dst

wildcard_nw_proto

public boolean wildcard_nw_proto

wildcard_tp_src

public boolean wildcard_tp_src

wildcard_tp_dst

public boolean wildcard_tp_dst

priority

public int priority

action

public FirewallRule.FirewallAction action

Constructor Detail

FirewallRule

public FirewallRule()

Method Detail

genID

public int genID()

Generates a unique ID for the instance.

Returns:

integer representing the unique id

compareTo

public int compareTo(FirewallRule rule)

Comparison method for Collections.sort method

Specified by:

compareTo in interface java.lang.Comparable<FirewallRule>

Parameters:

rule - the rule to compare with

Returns:

integer representing the result of comparison, 0 if equal, negative if less than 'rule', greater than zero if greater priority rule than 'rule'

isSameAs

public boolean isSameAs(FirewallRule r)

Determines if this instance matches an existing rule instance.

Parameters:

r - the instance to compare with

Returns:

true if a match is found

matchesFlow

public boolean matchesFlow(long switchDpid,
                  short inPort,
                  Ethernet packet,
                  WildcardsPair wildcards)

Matches this rule to a given flow - incoming packet.

Parameters:

switchDpid - the dpid of the connected switch

inPort - the switch port where the packet originated from

packet - the Ethernet packet that arrives at the switch

wildcards - the pair of wildcards (allow and deny) given by Firewall module that is used by the Firewall module's matchWithRule method to derive wildcards for the decision to be taken

Returns:

true if the rule matches the given packetin, false otherwise

matchIPAddress

protected boolean matchIPAddress(int rulePrefix,
                     int ruleBits,
                     int packetAddress)

Determines if rule's CIDR address matches IP address of the packet.

Parameters:

rulePrefix - the prefix part of the CIDR address

ruleBits - the size of mask of the CIDR address

packetAddress - the IP address of the incoming packet to match with

Returns:

true if CIDR address matches the packet's IP address, false otherwise

hashCode

public int hashCode()

Overrides:

hashCode in class java.lang.Object

jsonToFirewallRule

public static FirewallRule jsonToFirewallRule(java.lang.String fmJson)
                                       throws java.io.IOException

Turns a JSON formatted Firewall Rule string into a FirewallRule instance

Parameters:

fmJson - The JSON formatted static firewall rule

Returns:

The FirewallRule instance

Throws:

java.io.IOException - If there was an error parsing the JSON

IPCIDRToPrefixBits

public static int[] IPCIDRToPrefixBits(java.lang.String cidr)

Divides CIDR address into IP address and the length of mask.

Parameters:

cidr - CIDR address of string

Returns:

an array integer consisting of IP address and mask