package org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow;

import java.util.Iterator;
import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.OfContext;
import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.OfWriter;
import org.opendaylight.groupbasedpolicy.resolver.PolicyInfo;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv4Prefix;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv6Prefix;
import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.Flow;
import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.Match;
import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.MatchBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.endpoint.fields.L3Address;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.endpoints.Endpoint;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.ofoverlay.rev140528.EndpointLocation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.ofoverlay.rev140528.OfOverlayContext;
import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeConnectorId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.ArpMatchBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv4MatchBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv6Match;
import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv6MatchBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.overlay.rev150105.TunnelTypeVxlan;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opendaylight/groupbasedpolicy/renderer/ofoverlay/flow/PortSecurity.class */
public class PortSecurity extends FlowTable {
    protected static final Logger LOG = LoggerFactory.getLogger(PortSecurity.class);
    public static short TABLE_ID;

    public PortSecurity(OfContext ofContext, short s) {
        super(ofContext);
        TABLE_ID = s;
    }

    @Override // org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowTable
    public short getTableId() {
        return TABLE_ID;
    }

    @Override // org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowTable
    public void sync(NodeId nodeId, PolicyInfo policyInfo, OfWriter ofWriter) {
        NodeConnectorId tunnelPort = this.ctx.getSwitchManager().getTunnelPort(nodeId, TunnelTypeVxlan.class);
        if (tunnelPort != null) {
            ofWriter.writeFlow(nodeId, TABLE_ID, allowFromPort(tunnelPort));
        }
        Iterator<NodeConnectorId> it = this.ctx.getSwitchManager().getExternalPorts(nodeId).iterator();
        while (it.hasNext()) {
            ofWriter.writeFlow(nodeId, TABLE_ID, allowFromExternalPort(it.next()));
        }
        ofWriter.writeFlow(nodeId, TABLE_ID, dropFlow(1, null, Short.valueOf(TABLE_ID)));
        ofWriter.writeFlow(nodeId, TABLE_ID, dropFlow(110, FlowUtils.ARP, Short.valueOf(TABLE_ID)));
        ofWriter.writeFlow(nodeId, TABLE_ID, dropFlow(111, FlowUtils.IPv4, Short.valueOf(TABLE_ID)));
        ofWriter.writeFlow(nodeId, TABLE_ID, dropFlow(112, FlowUtils.IPv6, Short.valueOf(TABLE_ID)));
        for (Endpoint endpoint : this.ctx.getEndpointManager().getEndpointsForNode(nodeId)) {
            OfOverlayContext ofOverlayContext = (OfOverlayContext) endpoint.getAugmentation(OfOverlayContext.class);
            if (ofOverlayContext != null && ofOverlayContext.getNodeConnectorId() != null && (ofOverlayContext.getLocationType() == null || EndpointLocation.LocationType.Internal.equals(ofOverlayContext.getLocationType()))) {
                l3flow(ofWriter, nodeId, endpoint, ofOverlayContext, 120, false);
                l3flow(ofWriter, nodeId, endpoint, ofOverlayContext, 121, true);
                ofWriter.writeFlow(nodeId, TABLE_ID, l3DhcpDoraFlow(endpoint, ofOverlayContext, 115));
                ofWriter.writeFlow(nodeId, TABLE_ID, l2flow(endpoint, ofOverlayContext, 100));
            }
        }
    }

    private Flow allowFromPort(NodeConnectorId nodeConnectorId) {
        Match build = new MatchBuilder().setInPort(nodeConnectorId).build();
        return base().setId(FlowIdUtils.newFlowId(Short.valueOf(TABLE_ID), "allow", build)).setPriority(200).setMatch(build).setInstructions(FlowUtils.gotoTableInstructions(this.ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER())).build();
    }

    private Flow allowFromExternalPort(NodeConnectorId nodeConnectorId) {
        Match build = new MatchBuilder().setInPort(nodeConnectorId).build();
        return base().setId(FlowIdUtils.newFlowId(Short.valueOf(TABLE_ID), "allowExternal", build)).setPriority(200).setMatch(build).setInstructions(FlowUtils.gotoTableInstructions(this.ctx.getPolicyManager().getTABLEID_INGRESS_NAT())).build();
    }

    private Flow l2flow(Endpoint endpoint, OfOverlayContext ofOverlayContext, Integer num) {
        Match build = new MatchBuilder().setEthernetMatch(FlowUtils.ethernetMatch(endpoint.getMacAddress(), null, null)).setInPort(ofOverlayContext.getNodeConnectorId()).build();
        return base().setPriority(num).setId(FlowIdUtils.newFlowId(Short.valueOf(TABLE_ID), "L2", build)).setMatch(build).setInstructions(FlowUtils.gotoTableInstructions(this.ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER())).build();
    }

    private Flow l3DhcpDoraFlow(Endpoint endpoint, OfOverlayContext ofOverlayContext, Integer num) {
        Long l = FlowUtils.IPv4;
        Match build = new MatchBuilder().setEthernetMatch(FlowUtils.ethernetMatch(endpoint.getMacAddress(), null, l)).setLayer3Match(new Ipv4MatchBuilder().setIpv4Destination(new Ipv4Prefix("255.255.255.255/32")).build()).setInPort(ofOverlayContext.getNodeConnectorId()).build();
        return base().setPriority(num).setId(FlowIdUtils.newFlowId(Short.valueOf(TABLE_ID), "dhcp", build)).setMatch(build).setInstructions(FlowUtils.gotoTableInstructions(this.ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER())).build();
    }

    private void l3flow(OfWriter ofWriter, NodeId nodeId, Endpoint endpoint, OfOverlayContext ofOverlayContext, Integer num, boolean z) {
        Ipv6Match build;
        Long l;
        if (endpoint.getL3Address() == null) {
            return;
        }
        for (L3Address l3Address : endpoint.getL3Address()) {
            if (l3Address.getIpAddress() != null) {
                if (l3Address.getIpAddress().getIpv4Address() != null) {
                    String str = l3Address.getIpAddress().getIpv4Address().getValue() + "/32";
                    if (z) {
                        build = new ArpMatchBuilder().setArpSourceTransportAddress(new Ipv4Prefix(str)).build();
                        l = FlowUtils.ARP;
                    } else {
                        build = new Ipv4MatchBuilder().setIpv4Source(new Ipv4Prefix(str)).build();
                        l = FlowUtils.IPv4;
                    }
                } else if (l3Address.getIpAddress().getIpv6Address() != null && !z) {
                    build = new Ipv6MatchBuilder().setIpv6Source(new Ipv6Prefix(l3Address.getIpAddress().getIpv6Address().getValue() + "/128")).build();
                    l = FlowUtils.IPv6;
                }
                Match build2 = new MatchBuilder().setEthernetMatch(FlowUtils.ethernetMatch(endpoint.getMacAddress(), null, l)).setLayer3Match(build).setInPort(ofOverlayContext.getNodeConnectorId()).build();
                ofWriter.writeFlow(nodeId, TABLE_ID, base().setPriority(num).setId(FlowIdUtils.newFlowId(Short.valueOf(TABLE_ID), "L3", build2)).setMatch(build2).setInstructions(FlowUtils.gotoTableInstructions(this.ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER())).build());
            }
        }
    }
}
