commit 22ce467ad0f3de50e7f4848dfda2c0d872f7d711
author Jian Li <pyguni@gmail.com> Tue May 26 00:31:27 2020 +0900
committer Jian Li <pyguni@gmail.com> Tue May 26 00:31:27 2020 +0900
tree 31873081c4e7dd684f1978e747e6f929f5e6dcdf
parent 87b3f864da3e0486a171a9c362754cebdf391d98

Fix: perform exact port match for full port mask value 0xFFFF

Change-Id: I3820a60d42677fa407daf6f42f4cc308497b255f

apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/impl/OpenstackSecurityGroupHandler.java

diff --git a/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/impl/OpenstackSecurityGroupHandler.java b/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/impl/OpenstackSecurityGroupHandler.java
index 6b6dfa5..31a9f6d 100644
--- a/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/impl/OpenstackSecurityGroupHandler.java
+++ b/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/impl/OpenstackSecurityGroupHandler.java
@@ -552,9 +552,6 @@
 
         Set<TrafficSelector> selectorSet = Sets.newHashSet();
 
-        TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder();
-        buildMatches(sBuilder, sgRule, vmIp, remoteIp, netId);
-
         if (sgRule.getPortRangeMax() != null && sgRule.getPortRangeMin() != null &&
                 sgRule.getPortRangeMin() < sgRule.getPortRangeMax()) {
             Map<TpPort, TpPort> portRangeMatchMap =
@@ -562,23 +559,46 @@
                             sgRule.getPortRangeMax());
             portRangeMatchMap.forEach((key, value) -> {
 
+                TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder();
+                buildMatches(sBuilder, sgRule, vmIp, remoteIp, netId);
+
                 if (sgRule.getProtocol().equalsIgnoreCase(PROTO_TCP)) {
                     if (sgRule.getDirection().equalsIgnoreCase(EGRESS)) {
-                        sBuilder.matchTcpSrcMasked(key, value);
+                        if (value.toInt() == TpPort.MAX_PORT) {
+                            sBuilder.matchTcpSrc(key);
+                        } else {
+                            sBuilder.matchTcpSrcMasked(key, value);
+                        }
                     } else {
-                        sBuilder.matchTcpDstMasked(key, value);
+                        if (value.toInt() == TpPort.MAX_PORT) {
+                            sBuilder.matchTcpDst(key);
+                        } else {
+                            sBuilder.matchTcpDstMasked(key, value);
+                        }
                     }
                 } else if (sgRule.getProtocol().equalsIgnoreCase(PROTO_UDP)) {
                     if (sgRule.getDirection().equalsIgnoreCase(EGRESS)) {
-                        sBuilder.matchUdpSrcMasked(key, value);
+                        if (value.toInt() == TpPort.MAX_PORT) {
+                            sBuilder.matchUdpSrc(key);
+                        } else {
+                            sBuilder.matchUdpSrcMasked(key, value);
+                        }
                     } else {
-                        sBuilder.matchUdpDstMasked(key, value);
+                        if (value.toInt() == TpPort.MAX_PORT) {
+                            sBuilder.matchUdpDst(key);
+                        } else {
+                            sBuilder.matchUdpDstMasked(key, value);
+                        }
                     }
                 }
 
                 selectorSet.add(sBuilder.build());
             });
         } else {
+
+            TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder();
+            buildMatches(sBuilder, sgRule, vmIp, remoteIp, netId);
+
             selectorSet.add(sBuilder.build());
         }