go.ligato.io/vpp-agent/v3@v3.5.0/proto/ligato/vpp/ipsec/models.go (about) 1 // Copyright (c) 2018 Cisco and/or its affiliates. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at: 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package vpp_ipsec 16 17 import ( 18 "strconv" 19 "strings" 20 21 "go.ligato.io/vpp-agent/v3/pkg/models" 22 ) 23 24 // ModuleName is the module name used for models. 25 const ModuleName = "vpp.ipsec" 26 27 var ( 28 ModelSecurityPolicyDatabase = models.Register(&SecurityPolicyDatabase{}, models.Spec{ 29 Module: ModuleName, 30 Version: "v2", 31 Type: "spd", 32 }, models.WithNameTemplate("{{.Index}}")) 33 34 ModelSecurityPolicy = models.Register(&SecurityPolicy{}, models.Spec{ 35 Module: ModuleName, 36 Version: "v2", 37 Type: "sp", 38 }, models.WithNameTemplate( 39 "spd/{{.SpdIndex}}/" + 40 "sa/{{.SaIndex}}/" + 41 "{{if .IsOutbound}}outbound/{{else}}inbound/{{end}}" + 42 "local-addresses/{{.LocalAddrStart}}-{{.LocalAddrStop}}/" + 43 "remote-addresses/{{.RemoteAddrStart}}-{{.RemoteAddrStop}}")) 44 45 ModelSecurityAssociation = models.Register(&SecurityAssociation{}, models.Spec{ 46 Module: ModuleName, 47 Version: "v2", 48 Type: "sa", 49 }, models.WithNameTemplate("{{.Index}}")) 50 51 ModelTunnelProtection = models.Register(&TunnelProtection{}, models.Spec{ 52 Module: ModuleName, 53 Version: "v2", 54 Type: "tun-protect", 55 }, models.WithNameTemplate( 56 `{{.Interface}}`+ 57 `{{if .NextHopAddr}}/nh/{{.NextHopAddr}}{{end}}`, 58 )) 59 ) 60 61 // SPDKey returns the key used in NB DB to store the configuration of the 62 // given security policy database configuration. 63 func SPDKey(index uint32) string { 64 return models.Key(&SecurityPolicyDatabase{ 65 Index: index, 66 }) 67 } 68 69 // SAKey returns the key used in NB DB to store the configuration of the 70 // given security association configuration. 71 func SAKey(index uint32) string { 72 return models.Key(&SecurityAssociation{ 73 Index: index, 74 }) 75 } 76 77 /* SPD <-> interface binding (derived) */ 78 const ( 79 // spdInterfaceKeyTemplate is a template for (derived) key representing binding 80 // between interface and a security policy database. 81 spdInterfaceKeyTemplate = "vpp/spd/{spd}/interface/{iface}" 82 ) 83 84 const ( 85 // InvalidKeyPart is used in key for parts which are invalid 86 InvalidKeyPart = "<invalid>" 87 ) 88 89 /* SPD <-> interface binding (derived) */ 90 91 // SPDInterfaceKey returns the key used to represent binding between the given interface 92 // and the security policy database. 93 func SPDInterfaceKey(spdIndex uint32, ifName string) string { 94 if ifName == "" { 95 ifName = InvalidKeyPart 96 } 97 key := strings.Replace(spdInterfaceKeyTemplate, "{spd}", strconv.FormatUint(uint64(spdIndex), 10), 1) 98 key = strings.Replace(key, "{iface}", ifName, 1) 99 return key 100 } 101 102 // ParseSPDInterfaceKey parses key representing binding between interface and a security 103 // policy database 104 func ParseSPDInterfaceKey(key string) (spdIndex string, iface string, isSPDIfaceKey bool) { 105 keyComps := strings.Split(key, "/") 106 if len(keyComps) >= 5 && keyComps[0] == "vpp" && keyComps[1] == "spd" && keyComps[3] == "interface" { 107 iface = strings.Join(keyComps[4:], "/") 108 return keyComps[2], iface, true 109 } 110 return "", "", false 111 }