Along with the update of ofctl_rest, the output representation of
the port number in the OUTPUT action has been changed.
e.g.) In case of the OUTPUT action to the OFPP_NORMAL port
OLD:
'OUTPUT:4294967290' # OFPP_NORMAL = 0xfffffffa
NOW:
'OUTPUT:NORMAL'
Currently, rest_firewall suposes the OLD format, and it will fail
to compare the port number, then all firewall rules will be shown
with "actions": "DENY".
This patch fixes to compare the port number in the NEW format and
fixes this problem.
Reported-by: Hong Panha <[email protected]>
Reported-by: Ruy Takata <[email protected]>
Signed-off-by: IWASE Yusuke <[email protected]>
---
ryu/app/rest_firewall.py | 21 +++++++++------------
1 file changed, 9 insertions(+), 12 deletions(-)
diff --git a/ryu/app/rest_firewall.py b/ryu/app/rest_firewall.py
index a04525f..81659a9 100644
--- a/ryu/app/rest_firewall.py
+++ b/ryu/app/rest_firewall.py
@@ -679,8 +679,7 @@ class Firewall(object):
def _set_log_status(self, is_enable, waiters):
if is_enable:
- actions = Action.to_openflow(self.dp,
- {REST_ACTION: REST_ACTION_PACKETIN})
+ actions = Action.to_openflow({REST_ACTION: REST_ACTION_PACKETIN})
details = 'Log collection started.'
else:
actions = []
@@ -722,7 +721,7 @@ class Firewall(object):
priority = ARP_FLOW_PRIORITY
match = {REST_DL_TYPE: ether.ETH_TYPE_ARP}
action = {REST_ACTION: REST_ACTION_ALLOW}
- actions = Action.to_openflow(self.dp, action)
+ actions = Action.to_openflow(action)
flow = self._to_of_flow(cookie=cookie, priority=priority,
match=match, actions=actions)
@@ -754,7 +753,7 @@ class Firewall(object):
result = self.get_log_status(waiters)
if result[REST_LOG_STATUS] == REST_STATUS_ENABLE:
rest[REST_ACTION] = REST_ACTION_PACKETIN
- actions = Action.to_openflow(self.dp, rest)
+ actions = Action.to_openflow(rest)
flow = self._to_of_flow(cookie=cookie, priority=priority,
match=match, actions=actions)
@@ -881,7 +880,7 @@ class Firewall(object):
rule = {REST_RULE_ID: ruleid}
rule.update({REST_PRIORITY: flow[REST_PRIORITY]})
rule.update(Match.to_rest(flow))
- rule.update(Action.to_rest(self.dp, flow))
+ rule.update(Action.to_rest(flow))
return rule
@@ -1079,19 +1078,17 @@ class Match(object):
class Action(object):
@staticmethod
- def to_openflow(dp, rest):
+ def to_openflow(rest):
value = rest.get(REST_ACTION, REST_ACTION_ALLOW)
if value == REST_ACTION_ALLOW:
- out_port = dp.ofproto.OFPP_NORMAL
action = [{'type': 'OUTPUT',
- 'port': out_port}]
+ 'port': 'NORMAL'}]
elif value == REST_ACTION_DENY:
action = []
elif value == REST_ACTION_PACKETIN:
- out_port = dp.ofproto.OFPP_CONTROLLER
action = [{'type': 'OUTPUT',
- 'port': out_port,
+ 'port': 'CONTROLLER',
'max_len': 128}]
else:
raise ValueError('Invalid action type.')
@@ -1099,9 +1096,9 @@ class Action(object):
return action
@staticmethod
- def to_rest(dp, openflow):
+ def to_rest(openflow):
if REST_ACTION in openflow:
- action_allow = 'OUTPUT:%d' % dp.ofproto.OFPP_NORMAL
+ action_allow = 'OUTPUT:NORMAL'
if openflow[REST_ACTION] == [action_allow]:
action = {REST_ACTION: REST_ACTION_ALLOW}
else:
--
2.7.4
------------------------------------------------------------------------------
_______________________________________________
Ryu-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ryu-devel
