package org.opendaylight.netvirt.aclservice;

import java.math.BigInteger;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
import org.opendaylight.genius.mdsalutil.InstructionInfo;
import org.opendaylight.genius.mdsalutil.MDSALUtil;
import org.opendaylight.genius.mdsalutil.MatchFieldType;
import org.opendaylight.genius.mdsalutil.MatchInfo;
import org.opendaylight.genius.mdsalutil.MatchInfoBase;
import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager;
import org.opendaylight.genius.utils.ServiceIndex;
import org.opendaylight.netvirt.aclservice.api.AclServiceManager;
import org.opendaylight.netvirt.aclservice.utils.AclConstants;
import org.opendaylight.netvirt.aclservice.utils.AclDataUtil;
import org.opendaylight.netvirt.aclservice.utils.AclServiceOFFlowBuilder;
import org.opendaylight.netvirt.aclservice.utils.AclServiceUtils;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.Acl;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.Ace;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.Matches;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIp;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.ServiceModeEgress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionIngress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.SecurityRuleAttr;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opendaylight/netvirt/aclservice/AbstractIngressAclServiceImpl.class */
public abstract class AbstractIngressAclServiceImpl extends AbstractAclServiceImpl {
    private static final Logger LOG = LoggerFactory.getLogger(AbstractIngressAclServiceImpl.class);

    public AbstractIngressAclServiceImpl(DataBroker dataBroker, IMdsalApiManager iMdsalApiManager, AclDataUtil aclDataUtil, AclServiceUtils aclServiceUtils) {
        super(ServiceModeEgress.class, dataBroker, iMdsalApiManager, aclDataUtil, aclServiceUtils);
    }

    @Override // org.opendaylight.netvirt.aclservice.AbstractAclServiceImpl
    protected void bindService(String str) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(MDSALUtil.buildAndGetGotoTableInstruction((short) 251, 0 + 1));
        MDSALUtil.syncWrite(this.dataBroker, LogicalDatastoreType.CONFIGURATION, AclServiceUtils.buildServiceId(str, ServiceIndex.getIndex("EGRESS_ACL_SERVICE", (short) 6), ServiceModeEgress.class), AclServiceUtils.getBoundServices(String.format("%s.%s.%s", "vpn", "ingressacl", str), ServiceIndex.getIndex("EGRESS_ACL_SERVICE", (short) 6), 1, AclConstants.COOKIE_ACL_BASE, arrayList));
    }

    @Override // org.opendaylight.netvirt.aclservice.AbstractAclServiceImpl
    protected void unbindService(String str) {
        MDSALUtil.syncDelete(this.dataBroker, LogicalDatastoreType.CONFIGURATION, AclServiceUtils.buildServiceId(str, ServiceIndex.getIndex("EGRESS_ACL_SERVICE", (short) 6), ServiceModeEgress.class));
    }

    @Override // org.opendaylight.netvirt.aclservice.AbstractAclServiceImpl
    protected abstract void programSpecificFixedRules(BigInteger bigInteger, String str, List<AllowedAddressPairs> list, int i, String str2, AclServiceManager.Action action, int i2);

    @Override // org.opendaylight.netvirt.aclservice.AbstractAclServiceImpl
    protected void programGeneralFixedRules(BigInteger bigInteger, String str, List<AllowedAddressPairs> list, int i, AclServiceManager.Action action, int i2) {
        LOG.info("programFixedRules : {} default rules.", action == AclServiceManager.Action.ADD ? "adding" : "removing");
        if (action == AclServiceManager.Action.ADD || action == AclServiceManager.Action.REMOVE) {
            ingressAclDhcpAllowServerTraffic(bigInteger, str, i, i2, AclConstants.PROTO_PREFIX_MATCH_PRIORITY.intValue());
            ingressAclDhcpv6AllowServerTraffic(bigInteger, str, i, i2, AclConstants.PROTO_PREFIX_MATCH_PRIORITY);
            ingressAclIcmpv6AllowedTraffic(bigInteger, i, i2);
        }
        programArpRule(bigInteger, i, i2);
    }

    @Override // org.opendaylight.netvirt.aclservice.AbstractAclServiceImpl
    protected boolean programAclRules(List<Uuid> list, BigInteger bigInteger, int i, int i2, String str) {
        if (list == null || bigInteger == null) {
            LOG.warn("one of the ingress acl parameters can not be null. sg {}, dpId {}", list, bigInteger);
            return false;
        }
        Iterator<Uuid> it = list.iterator();
        while (it.hasNext()) {
            Acl acl = AclServiceUtils.getAcl(this.dataBroker, it.next().getValue());
            if (null == acl) {
                LOG.warn("The ACL is empty");
            } else {
                Iterator it2 = acl.getAccessListEntries().getAce().iterator();
                while (it2.hasNext()) {
                    programAceRule(bigInteger, i, i2, (Ace) it2.next(), str, null);
                }
            }
        }
        return true;
    }

    @Override // org.opendaylight.netvirt.aclservice.AbstractAclServiceImpl
    protected void programAceRule(BigInteger bigInteger, int i, int i2, Ace ace, String str, List<AllowedAddressPairs> list) {
        SecurityRuleAttr accesssListAttributes = AclServiceUtils.getAccesssListAttributes(ace);
        if (accesssListAttributes.getDirection().equals(DirectionIngress.class)) {
            Matches matches = ace.getMatches();
            Map<String, List<MatchInfoBase>> map = null;
            if (matches.getAceType() instanceof AceIp) {
                map = AclServiceOFFlowBuilder.programIpFlow(matches);
                if (list != null) {
                    map = AclServiceUtils.getFlowForAllowedAddresses(list, map, true);
                } else if (accesssListAttributes.getRemoteGroupId() != null) {
                    map = this.aclServiceUtils.getFlowForRemoteAcl(accesssListAttributes.getRemoteGroupId(), str, map, true);
                }
            }
            if (null == map) {
                LOG.error("Failed to apply ACL {} lportTag {}", ace.getKey(), Integer.valueOf(i));
                return;
            }
            Iterator<String> it = map.keySet().iterator();
            while (it.hasNext()) {
                syncSpecificAclFlow(bigInteger, i, i2, ace, str, map, it.next());
            }
        }
    }

    protected abstract String syncSpecificAclFlow(BigInteger bigInteger, int i, int i2, Ace ace, String str, Map<String, List<MatchInfoBase>> map, String str2);

    protected void ingressAclDhcpAllowServerTraffic(BigInteger bigInteger, String str, int i, int i2, int i3) {
        syncFlow(bigInteger, (short) 251, "Ingress_DHCP_Server_v4" + bigInteger + "_" + i + "_" + str + "_Permit_", AclConstants.PROTO_DHCP_SERVER_MATCH_PRIORITY.intValue(), "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, AclServiceUtils.buildDhcpMatches(67, 68, i), getDispatcherTableResubmitInstructions(new ArrayList()), i2);
    }

    protected void ingressAclDhcpv6AllowServerTraffic(BigInteger bigInteger, String str, int i, int i2, Integer num) {
        syncFlow(bigInteger, (short) 251, "Ingress_DHCP_Server_v6_" + bigInteger + "_" + i + "__" + str + "_Permit_", AclConstants.PROTO_DHCP_SERVER_MATCH_PRIORITY.intValue(), "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, AclServiceUtils.buildDhcpV6Matches(AclConstants.DHCP_SERVER_PORT_IPV6, AclConstants.DHCP_CLIENT_PORT_IPV6, i), getDispatcherTableResubmitInstructions(new ArrayList()), i2);
    }

    private void ingressAclIcmpv6AllowedTraffic(BigInteger bigInteger, int i, int i2) {
        List<InstructionInfo> dispatcherTableResubmitInstructions = getDispatcherTableResubmitInstructions(new ArrayList());
        syncFlow(bigInteger, (short) 251, "Ingress_ICMPv6_" + bigInteger + "_" + i + "_" + AclConstants.ICMPV6_TYPE_MLD_QUERY + "_Permit_", AclConstants.PROTO_IPV6_ALLOWED_PRIORITY.intValue(), "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, AclServiceUtils.buildIcmpV6Matches(AclConstants.ICMPV6_TYPE_MLD_QUERY, 0, i), dispatcherTableResubmitInstructions, i2);
        syncFlow(bigInteger, (short) 251, "Ingress_ICMPv6_" + bigInteger + "_" + i + "_" + AclConstants.ICMPV6_TYPE_NS + "_Permit_", AclConstants.PROTO_IPV6_ALLOWED_PRIORITY.intValue(), "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, AclServiceUtils.buildIcmpV6Matches(AclConstants.ICMPV6_TYPE_NS, 0, i), dispatcherTableResubmitInstructions, i2);
        syncFlow(bigInteger, (short) 251, "Ingress_ICMPv6_" + bigInteger + "_" + i + "_" + AclConstants.ICMPV6_TYPE_NA + "_Permit_", AclConstants.PROTO_IPV6_ALLOWED_PRIORITY.intValue(), "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, AclServiceUtils.buildIcmpV6Matches(AclConstants.ICMPV6_TYPE_NA, 0, i), dispatcherTableResubmitInstructions, i2);
    }

    protected void programArpRule(BigInteger bigInteger, int i, int i2) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new MatchInfo(MatchFieldType.eth_type, new long[]{2054}));
        arrayList.add(AclServiceUtils.buildLPortTagMatch(i));
        syncFlow(bigInteger, (short) 251, "Ingress_ARP_" + bigInteger + "_" + i, AclConstants.PROTO_ARP_TRAFFIC_MATCH_PRIORITY.intValue(), "ACL", 0, 0, AclConstants.COOKIE_ACL_BASE, arrayList, getDispatcherTableResubmitInstructions(new ArrayList()), i2);
    }
}
