Merge pull request #121 from polycube-network/pr/port_firewall_to_tra…

…nsparent_services port firewall to transparent services
polycube-network · May 9, 2019 · 09d1bd5 · 09d1bd5
2 parents b813c67 + ca9557c
commit 09d1bd5
Show file tree

Hide file tree

Showing 92 changed files with 667 additions and 2,389 deletions.
diff --git a/src/polycubed/src/polycubed.cpp b/src/polycubed/src/polycubed.cpp
@@ -28,6 +28,7 @@
 
 #include "config.h"
 #include "polycube/services/json.hpp"
+#include "netlink.h"
 #include "rest_server.h"
 #include "utils.h"
 #include "version.h"
@@ -53,6 +54,7 @@ std::shared_ptr<spdlog::logger> logger;
 // create core instance
 PolycubedCore *core;
 RestServer *restserver;
+int netlink_nofitication_id = -1;
 
 void shutdown() {
   static bool done = false;
@@ -67,6 +69,12 @@ void shutdown() {
     delete core;
     delete restserver;
   }
+
+  if (netlink_nofitication_id != -1) {
+    Netlink::getInstance().unregisterObserver(Netlink::Event::LINK_DELETED,
+                                              netlink_nofitication_id);
+  }
+
   logger->info("polycubed is shutting down. Bye!");
   done = true;
 }
@@ -246,6 +254,12 @@ int main(int argc, char *argv[]) {
   auto base_model = new BaseModel();
   core = new PolycubedCore(base_model);
 
+  // register handler to detect interfaces that are deleted
+  netlink_nofitication_id = Netlink::getInstance().registerObserver(
+    Netlink::Event::LINK_DELETED,
+    std::bind(&ServiceController::netlink_notification, std::placeholders::_1,
+              std::placeholders::_2));
+
   // setup rest server
   int thr = 4;
   Address addr(config.getServerIP(), Pistache::Port(config.getServerPort()));

diff --git a/src/polycubed/src/port.cpp b/src/polycubed/src/port.cpp
@@ -17,8 +17,6 @@
 #include "port.h"
 #include "controller.h"
 #include "extiface.h"
-#include "netlink.h"
-
 #include "service_controller.h"
 
 // workaround for now
@@ -37,17 +35,9 @@ Port::Port(CubeIface &parent, const std::string &name, uint16_t index,
       index_(index),
       uuid_(GuidGenerator().newGuid()),
       peer_port_(nullptr),
-      logger(spdlog::get("polycubed")) {
-  netlink_notification_index = Netlink::getInstance().registerObserver(
-      Netlink::Event::LINK_DELETED,
-      std::bind(&Port::netlink_notification, this, std::placeholders::_1,
-                std::placeholders::_2));
-}
+      logger(spdlog::get("polycubed")) {}
 
-Port::~Port() {
-  Netlink::getInstance().unregisterObserver(Netlink::Event::LINK_DELETED,
-                                            netlink_notification_index);
-}
+Port::~Port() {}
 
 uint16_t Port::get_port_id() const {
   return index_;  // TODO: rename this variable
@@ -141,12 +131,6 @@ bool Port::operator==(const PortIface &rhs) const {
     return false;
 }
 
-void Port::netlink_notification(int ifindex, const std::string &ifname) {
-  if (peer_ == ifname) {
-    set_peer("");
-  }
-}
-
 void Port::set_peer(const std::string &peer) {
   {
     std::lock_guard<std::mutex> guard(port_mutex_);

diff --git a/src/polycubed/src/port.h b/src/polycubed/src/port.h
@@ -76,8 +76,6 @@ class Port : public polycube::service::PortIface, public PeerIface {
   virtual void set_conf(const nlohmann::json &conf);
   virtual nlohmann::json to_json() const;
 
-  void netlink_notification(int ifindex, const std::string &ifname);
-
   static void connect(PeerIface &p1, PeerIface &p2);
   static void unconnect(PeerIface &p1, PeerIface &p2);
 
@@ -93,7 +91,6 @@ class Port : public polycube::service::PortIface, public PeerIface {
   uint16_t index_;
   Guid uuid_;
   std::string peer_;
-  int netlink_notification_index;
 
   // TODO: I know, a better name is needed
   PeerIface *peer_port_;

diff --git a/src/polycubed/src/service_controller.cpp b/src/polycubed/src/service_controller.cpp
@@ -284,5 +284,26 @@ bool ServiceController::parse_peer_name(const std::string &peer,
   return true;
 }
 
+void ServiceController::netlink_notification(int ifindex,
+                                             const std::string &ifname) {
+  std::lock_guard<std::mutex> guard(service_ctrl_mutex_);
+  if (ports_to_ifaces.count(ifname) == 0) {
+    return; // nothing to do here
+  }
+
+  auto iface = ports_to_ifaces.at(ifname);
+
+  auto peer = iface->get_peer_iface();
+  if (peer) {
+    auto port = dynamic_cast<Port*>(peer);
+    if (port) {
+      port->set_peer("");
+    }
+  }
+
+  // try to remove it if existed
+  ports_to_ifaces.erase(ifname);
+}
+
 }  // namespace polycubed
 }  // namespace polycube
diff --git a/src/polycubed/src/service_controller.h b/src/polycubed/src/service_controller.h
@@ -88,6 +88,8 @@ class ServiceController {
   static std::unordered_map<std::string, std::shared_ptr<ExtIface>>
       ports_to_ifaces;
 
+  static void netlink_notification(int ifindex, const std::string &ifname);
+
  private:
   std::shared_ptr<spdlog::logger> l;
   std::shared_ptr<ManagementInterface> management_interface_;

diff --git a/src/services/pcn-firewall/datamodel/firewall.yang b/src/services/pcn-firewall/datamodel/firewall.yang
@@ -4,7 +4,7 @@ module firewall {
   prefix "firewall";
 
   import polycube-base { prefix "polycube-base"; }
-  import polycube-standard-base { prefix "polycube-standard-base"; }
+  import polycube-transparent-base { prefix "polycube-transparent-base"; }
 
   organization "Polycube open source project";
   description "YANG data model for the Polycube Firewall service";
@@ -14,7 +14,7 @@ module firewall {
   polycube-base:service-name "firewall";
   polycube-base:service-min-kernel-version "4.14.0";
 
-  uses "polycube-standard-base:standard-base-yang-module";
+  uses "polycube-transparent-base:transparent-base-yang-module";
 
   typedef action {
     type enumeration {
@@ -97,16 +97,6 @@ module firewall {
     }
   }
 
-  leaf ingress-port {
-    type string;
-    description "Name for the ingress port, from which arrives traffic processed by INGRESS chain (by default it's the first port of the cube)";
-  }
-
-  leaf egress-port {
-    type string;
-    description "Name for the egress port, from which arrives traffic processed by EGRESS chain (by default it's the second port of the cube)";
-  }
-
   leaf conntrack {
     type enumeration {
       enum ON;
@@ -126,7 +116,7 @@ module firewall {
   leaf interactive {
     type boolean;
     description "Interactive mode applies new rules immediately; if 'false', the command 'apply-rules' has to be used to apply all the rules at once. Default is TRUE.";
-        default true;
+    default true;
   }
 
   list session-table {

diff --git a/src/services/pcn-firewall/src/CMakeLists.txt b/src/services/pcn-firewall/src/CMakeLists.txt
@@ -23,7 +23,6 @@ add_library(pcn-firewall SHARED
   ChainStats.cpp
   SessionTable.cpp
   Firewall.cpp
-  Ports.cpp
   Firewall-lib.cpp
   Utils.cpp)