bc_templates: filters to point to fw_filters role

geant/gap_ansible/roles/bc_templates/routers/nokia/filters

+../../../fw_filters/templates/filters
\ No newline at end of file

geant/gap_ansible/roles/bc_templates/routers/nokia/filters/cpm_filters.j2

-{% with is_cpm_filter=true, filters=cpm_filters %}
-{% include "filters/port_list_definitions.j2" %}
-
-<system>
-  <security>
-    <cpm-filter xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
-      <default-action>{{ cpm_filter_policy.default_action }}</default-action>
-        {% include "filters/fw_filters.j2" %}
-    </cpm-filter>
-{% endwith %}
-  </security>
-</system>

geant/gap_ansible/roles/bc_templates/routers/nokia/filters/fw_filters.j2

-{# Template is meant to be called from either gen_filters.j2 or cmp_filters.j2 #}
-{% for filter in filters %}
-  {% if filter.family == "ipv4" %}
-        <ip-filter alu:operation="replace">
-  {% elif filter.family == "ipv6" %}
-        <ipv6-filter alu:operation="replace">
-  {% endif %}
-  {% if not is_cpm_filter %}
-        <filter-name>{{ filter.name }}</filter-name>
-  {% endif %}
-  {% if filter.offset is defined %}
-    {% set ns3 = namespace(entry_id = filter.offset | int) %}
-  {% else %}
-    {% set ns3 = namespace(entry_id = 10 | int) %}
-  {% endif %}
-  {% if is_cpm_filter %}
-        <admin-state>{{ filter.admin_state }}</admin-state>
-  {% endif %}
-  {% for term in filter.terms %}
-    {% if term.offset is defined %}
-      {% set ns3 = namespace(entry_id = term.offset | int) %}
-    {% endif %}
-    {% if term.from is not defined %}
-          <entry>
-            <entry-id>{{ ns3.entry_id }}</entry-id>
-            <description>{{ term.name }}</description>
-            {% if term.log is defined %}
-            <log>{{ term.log }}</log>
-            {% endif %}
-            <action>
-                <{{term.action}}></{{term.action}}>
-            </action>
-          </entry>
-    {% endif %}
-
-    {% if term.from is defined %}
-      {# Special cases where from.protocol is defined #}
-      {% if term.from.protocol is defined %}
-        {# This is the case for TCP_ESTABLISHED #}
-        {% if term.from.protocol == "tcp" and term.from.tcp_flag is defined %}
-          <entry>
-            <entry-id>{{ ns3.entry_id }}</entry-id>
-            <description>{{ term.name }}</description>
-            {% if term.log is defined %}
-            <log>{{ term.log }}</log>
-            {% endif %}
-            <match>
-              {% if filter.family == "ipv4" %}
-              <protocol>{{ term.from.protocol }}</protocol>
-              {% else %}
-              <next-header>{{ term.from.protocol }}</next-header>
-              {% endif %}
-              <tcp-flags>
-                <{{ term.from.tcp_flag }}>true</{{ term.from.tcp_flag }}>
-              </tcp-flags>
-            </match>
-            <action>
-              <{{ term.action }}></{{ term.action }}>
-            </action>
-          </entry>
-          {% set ns3.entry_id = ns3.entry_id + 10 %}
-        {% endif %}
-        {# Generic ICMP filters with ICMP types #}
-        {% if (term.from.protocol == "icmp" or term.from.protocol == "ipv6-icmp") %}
-          {% if term.from.icmp_types is defined %}
-            {% for icmp_type in term.from.icmp_types %}
-            <entry>
-              <entry-id>{{ ns3.entry_id }}</entry-id>
-              <description>{{ term.name }}</description>
-              {% if term.log is defined %}
-              <log>{{ term.log }}</log>
-              {% endif %}
-              <match>
-                    {% if filter.family == "ipv4" %}
-                <protocol>{{ term.from.protocol }}</protocol>
-                    {% else %}
-                <next-header>{{ term.from.protocol }}</next-header>
-                    {% endif %}
-                  <icmp>
-                    <type>{{ icmp_type }}</type>
-                  </icmp>
-              </match>
-              <action>
-                <{{ term.action }}></{{ term.action }}>
-              </action>
-            </entry>
-          {% set ns3.entry_id = ns3.entry_id + 10 %}
-            {% endfor %}
-          {% endif %}
-        {% endif %}
-        {# Case when only need to match on protocol, e.g. PIM #}
-        {% if term.from.protocol in ['pim', '58'] %}
-            <entry>
-              <entry-id>{{ ns3.entry_id }}</entry-id>
-              <description>{{ term.name }}</description>
-              {% if term.log is defined %}
-              <log>{{ term.log }}</log>
-              {% endif %}
-              <match>
-                    {% if filter.family == "ipv4" %}
-                <protocol>{{ term.from.protocol }}</protocol>
-                    {% else %}
-                <next-header>{{ term.from.protocol }}</next-header>
-                    {% endif %}
-              </match>
-              <action>
-                <{{ term.action }}></{{ term.action }}>
-              </action>
-            </entry>
-          {% set ns3.entry_id = ns3.entry_id + 10 %}
-        {% endif %}
-      {% endif %}
-      {# Case when both src_prefix_list and dst_prefix_list are defined #}
-      {% if term.from.src_prefix_list is defined %}
-        {% for src_prefix_list_item in term.from.src_prefix_list%}
-          {% set src_index = loop.index0 %}
-          {% if term.from.dst_prefix_list is defined %}
-            {% for dst_prefix_list_item in term.from.dst_prefix_list %}
-          <entry>
-            <entry-id>{{ ns3.entry_id }}</entry-id>
-            <description>{{ term.name }}</description>
-            {% if term.log is defined %}
-            <log>{{ term.log }}</log>
-            {% endif %}
-            <match>
-              {% if term.from.protocol is defined %}
-                {% if filter.family == "ipv4" %}
-              <protocol>{{term.from.protocol}}</protocol>
-                {% else %}
-              <next-header>{{ term.from.protocol }}</next-header>
-                {% endif %}
-              {% endif %}
-            {% include 'filters/port_list_entries.j2' %}
-              <src-ip>
-                {% if filter.family == "ipv4" %}
-                <ip-prefix-list>{{term.from.src_prefix_list[src_index]}}</ip-prefix-list>
-                {% else %}
-                <ipv6-prefix-list>{{term.from.src_prefix_list[src_index]}}</ipv6-prefix-list>
-                {% endif %}
-              </src-ip>
-              <dst-ip>
-                {% if filter.family == "ipv4" %}
-                <ip-prefix-list>{{term.from.dst_prefix_list[loop.index0]}}</ip-prefix-list>
-                {% else %}
-                <ipv6-prefix-list>{{term.from.dst_prefix_list[loop.index0]}}</ipv6-prefix-list>
-                {% endif %}
-              </dst-ip>
-            </match>
-            {% set ns3.entry_id = ns3.entry_id + 10 %}
-            <action>
-                <{{term.action}}></{{term.action}}>
-            </action>
-          </entry>
-            {% endfor %}
-          {% else %}
-            {# src_prefix_list is defined, dst_prefix_list is not #}
-          <entry>
-            <entry-id> {{ ns3.entry_id }} </entry-id>
-            <description>{{ term.name }}</description>
-            {% if term.log is defined %}
-            <log>{{ term.log }}</log>
-            {% endif %}
-            <match>
-            {% if term.from.protocol is defined %}
-                {% if filter.family == "ipv4" %}
-              <protocol>{{term.from.protocol}}</protocol>
-                {% else %}
-              <next-header>{{ term.from.protocol }}</next-header>
-                {% endif %}
-            {% endif %}
-            {% include 'filters/port_list_entries.j2' %}
-              <src-ip>
-                {% if filter.family == "ipv4" %}
-                <ip-prefix-list>{{term.from.src_prefix_list[src_index]}}</ip-prefix-list>
-                {% else %}
-                <ipv6-prefix-list>{{term.from.src_prefix_list[src_index]}}</ipv6-prefix-list>
-                {% endif %}
-              </src-ip>
-            </match>
-            {% set ns3.entry_id = ns3.entry_id + 10 %}
-            <action>
-                <{{term.action}}></{{term.action}}>
-            </action>
-          </entry>
-          {% endif %}
-        {% endfor %}
-      {# Case where only DST prefix list is defined #}
-      {% elif term.from.dst_prefix_list is defined %}
-        {% for dst_prefix_list_item in term.from.dst_prefix_list %}
-          <entry>
-            <entry-id>{{ ns3.entry_id }}</entry-id>
-            <description>{{ term.name }}</description>
-            {% if term.log is defined %}
-            <log>{{ term.log }}</log>
-            {% endif %}
-            <match>
-              {% if term.from.protocol is defined %}
-                {% if filter.family == "ipv4" %}
-              <protocol>{{term.from.protocol}}</protocol>
-                {% else %}
-              <next-header>{{ term.from.protocol }}</next-header>
-                {% endif %}
-              {% endif %}
-            {% include 'filters/port_list_entries.j2' %}
-              <dst-ip>
-                {% if filter.family == "ipv4" %}
-                <ip-prefix-list>{{term.from.dst_prefix_list[loop.index0]}}</ip-prefix-list>
-                {% else %}
-                <ipv6-prefix-list>{{term.from.dst_prefix_list[loop.index0]}}</ipv6-prefix-list>
-                {% endif %}
-              </dst-ip>
-            </match>
-            {% set ns3.entry_id = ns3.entry_id + 10 %}
-            <action>
-                <{{term.action}}></{{term.action}}>
-            </action>
-          </entry>
-        {% endfor %}
-      {# term.from.protocol and ports are defined, but not SRC or DST prefix list - e.g. IPv4 traceroute #}
-      {% elif term.from.protocol is defined and term.from.protocol in ['udp'] %}
-          <entry>
-            <entry-id>{{ ns3.entry_id }}</entry-id>
-            <description>{{ term.name }}</description>
-            {% if term.log is defined %}
-            <log>{{ term.log }}</log>
-            {% endif %}
-            <match>
-                  {% if filter.family == "ipv4" %}
-              <protocol>{{ term.from.protocol }}</protocol>
-                  {% else %}
-              <next-header>{{ term.from.protocol }}</next-header>
-                  {% endif %}
-            {% include 'filters/port_list_entries.j2' %}
-            </match>
-            <action>
-              <{{ term.action }}></{{ term.action }}>
-            </action>
-          </entry>
-          {% set ns3.entry_id = ns3.entry_id + 10 %}
-      {% endif %}
-    {% endif %}
-  {% endfor %}
-  {# Terms end #}
-  {% if filter.family == "ipv4" %}
-        </ip-filter>
-  {% elif filter.family == "ipv6" %}
-        </ipv6-filter>
-  {% endif %}
-{% endfor %}

geant/gap_ansible/roles/bc_templates/routers/nokia/filters/gen_filters.j2

-{# This template takes care of configuring connectors and breakouts #}
-
-{% with is_cpm_filter=False, filters=gen_filters %}
-{% include "filters/port_list_definitions.j2" %}
-<filter xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
-  {% include "filters/fw_filters.j2" %}
-</filter>
-{% endwith %}
-

geant/gap_ansible/roles/bc_templates/routers/nokia/filters/port_list_definitions.j2

-{# This template takes care of configuring connectors and breakouts #}
-<filter xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
-  <match-list>
-  {% for filter in filters %}
-    {% for term in filter.terms %}
-    {% if term.from.port is defined and term.from.port.__class__.__name__ == 'list'%}
-    <port-list>
-      <port-list-name>{{filter.name}}-{{term.name}}-PORTS</port-list-name>
-      {%for port in term.from.port %}
-        <port>
-            <value>{{port}}</value>
-        </port>
-      {% endfor %}
-    </port-list>
-    {% endif %}
-    {% if term.from.src_port is defined and term.from.src_port.__class__.__name__ == 'list'%}
-    <port-list>
-      <port-list-name>{{filter.name}}-{{term.name}}-SRC_PORTS</port-list-name>
-      {%for port in term.from.src_port %}
-        <port>
-          <value>{{port}}</value>
-        </port>
-      {% endfor %}
-    </port-list>
-    {% endif %}
-    {% if term.from.dst_port is defined and term.from.dst_port.__class__.__name__ == 'list'%}
-    <port-list>
-      <port-list-name>{{filter.name}}-{{term.name}}-DST_PORTS</port-list-name>
-      {%for port in term.from.dst_port %}
-        <port>
-          <value>{{port}}</value>
-        </port>
-      {% endfor %}
-      </port-list>
-    {% endif %}
-    {% if term.from.port_range is defined %}
-    <port-list>
-      <port-list-name>{{filter.name}}-{{term.name}}-PORT_RANGE</port-list-name>
-      <range>
-        <start>{{ term.from.port_range.start }}</start>
-        <end>{{ term.from.port_range.end }}</end>
-      </range>
-    </port-list>
-    {% endif %}
-    {% if term.from.src_port_range is defined %}
-    <port-list>
-      <port-list-name>{{filter.name}}-{{term.name}}-SRC_PORT_RANGE</port-list-name>
-      <range>
-        <start>{{ term.from.src_port_range.start }}</start>
-        <end>{{ term.from.src_port_range.end }}</end>
-      </range>
-    </port-list>
-    {% endif %}
-    {% if term.from.dst_port_range is defined %}
-    <port-list>
-      <port-list-name>{{filter.name}}-{{term.name}}-DST_PORT_RANGE</port-list-name>
-      <range>
-        <start>{{ term.from.dst_port_range.start }}</start>
-        <end>{{ term.from.dst_port_range.end }}</end>
-      </range>
-    </port-list>
-    {% endif %}
-    {% endfor %}
-  {% endfor %}
-  </match-list>
-</filter>

geant/gap_ansible/roles/bc_templates/routers/nokia/filters/port_list_entries.j2

-{#This is the case it's a port-list #}
-{% if term.from.port is defined and term.from.port.__class__.__name__ == 'list'%}
-  <port>
-      <port-list>{{filter.name}}-{{term.name}}-PORTS</port-list>
-  </port>
-{% endif %}
-{% if term.from.src_port is defined and term.from.src_port.__class__.__name__ == 'list'%}
-  <src-port>
-      <port-list>{{filter.name}}-{{term.name}}-SRC_PORTS</port-list>
-  </src-port>
-{% endif %}
-{% if term.from.dst_port is defined and term.from.dst_port.__class__.__name__ == 'list'%}
-  <dst-port>
-      <port-list>{{filter.name}}-{{term.name}}-DST_PORTS</port-list>
-  </dst-port>
-{% endif %}
-{#This is the case it's a single port #}
-{% if term.from.port is defined and term.from.port.__class__.__name__ != 'list'%}
-  <port>
-      <eq>{{term.from.port}}</eq>
-  </port>
-{% endif %}
-{% if term.from.src_port is defined and term.from.src_port.__class__.__name__ != 'list'%}
-  <src-port>
-      <eq>{{term.from.src_port}}</eq>
-  </src-port>
-{% endif %}
-{% if term.from.dst_port is defined and term.from.dst_port.__class__.__name__ != 'list'%}
-  <dst-port>
-    <eq>{{term.from.dst_port}}</eq>
-  </dst-port>
-{% endif %}
- {# Port range #}
- {% if term.from.port_range is defined %}
-  <port>
-      <port-list>{{filter.name}}-{{term.name}}-PORT_RANGE</port-list>
-  </port>
-{% endif %}
-{% if term.from.src_port_range is defined %}
-  <src-port>
-      <port-list>{{filter.name}}-{{term.name}}-SRC_PORT_RANGE</port-list>
-  </src-port>
-{% endif %}
-{% if term.from.dst_port_range is defined %}
-  <dst-port>
-      <port-list>{{filter.name}}-{{term.name}}-DST_PORT_RANGE</port-list>
-  </dst-port>
-{% endif %}