rest_firewall: Compare reserved port in str representation

Along with the update of ofctl_rest, the output representation of the port number in the OUTPUT action has been changed. e.g.) In case of the OUTPUT action to the OFPP_NORMAL port OLD: 'OUTPUT:4294967290' # OFPP_NORMAL = 0xfffffffa NOW: 'OUTPUT:NORMAL' Currently, rest_firewall suposes the OLD format, and it will fail to compare the port number, then all firewall rules will be shown with "actions": "DENY". This patch fixes to compare the port number in the NEW format and fixes this problem. Reported-by: Hong Panha <c011361065@edu.teu.ac.jp> Reported-by: Ruy Takata <ruy.takata@gmail.com> Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com> Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
2026-01-31 05:21:21 +01:00 · 2016-11-18 09:58:08 +09:00 · 2016-11-18 09:58:08 +09:00 · d4d02dd0f6
commit d4d02dd0f6
parent 156b3d2a6e
1 changed files with 9 additions and 12 deletions
--- a/ryu/app/rest_firewall.py
+++ b/ryu/app/rest_firewall.py
@ -679,8 +679,7 @@ class Firewall(object):

    def _set_log_status(self, is_enable, waiters):
        if is_enable:
-            actions = Action.to_openflow(self.dp,
-                                         {REST_ACTION: REST_ACTION_PACKETIN})
+            actions = Action.to_openflow({REST_ACTION: REST_ACTION_PACKETIN})
            details = 'Log collection started.'
        else:
            actions = []
@ -722,7 +721,7 @@ class Firewall(object):
        priority = ARP_FLOW_PRIORITY
        match = {REST_DL_TYPE: ether.ETH_TYPE_ARP}
        action = {REST_ACTION: REST_ACTION_ALLOW}
-        actions = Action.to_openflow(self.dp, action)
+        actions = Action.to_openflow(action)
        flow = self._to_of_flow(cookie=cookie, priority=priority,
                                match=match, actions=actions)

@ -754,7 +753,7 @@ class Firewall(object):
            result = self.get_log_status(waiters)
            if result[REST_LOG_STATUS] == REST_STATUS_ENABLE:
                rest[REST_ACTION] = REST_ACTION_PACKETIN
-        actions = Action.to_openflow(self.dp, rest)
+        actions = Action.to_openflow(rest)
        flow = self._to_of_flow(cookie=cookie, priority=priority,
                                match=match, actions=actions)

@ -881,7 +880,7 @@ class Firewall(object):
        rule = {REST_RULE_ID: ruleid}
        rule.update({REST_PRIORITY: flow[REST_PRIORITY]})
        rule.update(Match.to_rest(flow))
-        rule.update(Action.to_rest(self.dp, flow))
+        rule.update(Action.to_rest(flow))
        return rule


@ -1079,19 +1078,17 @@ class Match(object):
 class Action(object):

    @staticmethod
-    def to_openflow(dp, rest):
+    def to_openflow(rest):
        value = rest.get(REST_ACTION, REST_ACTION_ALLOW)

        if value == REST_ACTION_ALLOW:
-            out_port = dp.ofproto.OFPP_NORMAL
            action = [{'type': 'OUTPUT',
-                       'port': out_port}]
+                       'port': 'NORMAL'}]
        elif value == REST_ACTION_DENY:
            action = []
        elif value == REST_ACTION_PACKETIN:
-            out_port = dp.ofproto.OFPP_CONTROLLER
            action = [{'type': 'OUTPUT',
-                       'port': out_port,
+                       'port': 'CONTROLLER',
                       'max_len': 128}]
        else:
            raise ValueError('Invalid action type.')
@ -1099,9 +1096,9 @@ class Action(object):
        return action

    @staticmethod
-    def to_rest(dp, openflow):
+    def to_rest(openflow):
        if REST_ACTION in openflow:
-            action_allow = 'OUTPUT:%d' % dp.ofproto.OFPP_NORMAL
+            action_allow = 'OUTPUT:NORMAL'
            if openflow[REST_ACTION] == [action_allow]:
                action = {REST_ACTION: REST_ACTION_ALLOW}
            else: