diff --git a/src/main/java/net/floodlightcontroller/core/internal/OpenflowPipelineFactory.java b/src/main/java/net/floodlightcontroller/core/internal/OpenflowPipelineFactory.java
index 23f3f01413dbf4926f431ae7ce113f11ef39310f..28d503c2fa8e4daf909f6c828c6f7004935f6d17 100644
--- a/src/main/java/net/floodlightcontroller/core/internal/OpenflowPipelineFactory.java
+++ b/src/main/java/net/floodlightcontroller/core/internal/OpenflowPipelineFactory.java
@@ -20,10 +20,13 @@ package net.floodlightcontroller.core.internal;
import org.jboss.netty.channel.ChannelPipeline;
import org.jboss.netty.channel.ChannelPipelineFactory;
import org.jboss.netty.channel.Channels;
+import org.jboss.netty.handler.ssl.SslContext;
+import org.jboss.netty.handler.ssl.util.SelfSignedCertificate;
import org.jboss.netty.handler.timeout.IdleStateHandler;
import org.jboss.netty.handler.timeout.ReadTimeoutHandler;
import org.jboss.netty.util.ExternalResourceReleasable;
import org.jboss.netty.util.Timer;
+
import net.floodlightcontroller.debugcounter.IDebugCounterService;
/**
@@ -65,6 +68,16 @@ public class OpenflowPipelineFactory
debugCounters,
timer);
+ /*
+ * Secure the pipeline with SSL (encrypt/decrypt first).
+ */
+ SelfSignedCertificate ssc = new SelfSignedCertificate();
+ SslContext sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
+ pipeline.addLast("ofmessagecrypto", sslCtx.newHandler());
+
+ /*
+ * Then add the handlers to be called after.
+ */
pipeline.addLast(PipelineHandler.OF_MESSAGE_DECODER,
new OFMessageDecoder());
pipeline.addLast(PipelineHandler.OF_MESSAGE_ENCODER,
diff --git a/src/main/java/net/floodlightcontroller/linkdiscovery/internal/LinkDiscoveryManager.java b/src/main/java/net/floodlightcontroller/linkdiscovery/internal/LinkDiscoveryManager.java
index d075b70114dd9ce61f1f29615d9489ba021dccd4..c4a3573eb6f0a7111cba54bbd144d98877b78953 100644
--- a/src/main/java/net/floodlightcontroller/linkdiscovery/internal/LinkDiscoveryManager.java
+++ b/src/main/java/net/floodlightcontroller/linkdiscovery/internal/LinkDiscoveryManager.java
@@ -582,7 +582,7 @@ IFloodlightModule, IInfoProvider {
return handleLldp((LLDP) bsn.getPayload(), sw, inPort, false, cntx);
} else if (eth.getPayload() instanceof LLDP) {
return handleLldp((LLDP) eth.getPayload(), sw, inPort, true, cntx);
- } else if (eth.getEtherType() < 1500) {
+ } else if (eth.getEtherType() < 1536 && eth.getEtherType() >= 17) {
long destMac = eth.getDestinationMACAddress().getLong();
if ((destMac & LINK_LOCAL_MASK) == LINK_LOCAL_VALUE) {
ctrLinkLocalDrops.increment();
@@ -592,6 +592,9 @@ IFloodlightModule, IInfoProvider {
}
return Command.STOP;
}
+ } else if (eth.getEtherType() < 17) {
+ log.error("Received invalid ethertype of {}.", eth.getEtherType());
+ return Command.STOP;
}
if (ignorePacketInFromSource(eth.getSourceMACAddress())) {
diff --git a/src/main/java/net/floodlightcontroller/staticflowentry/StaticFlowEntryPusher.java b/src/main/java/net/floodlightcontroller/staticflowentry/StaticFlowEntryPusher.java
index 3730a095f75b90a6e33c5c4102f54743730a61c6..22eebafb8c78b77a0ddf3c8cb661479b45e83cc6 100644
--- a/src/main/java/net/floodlightcontroller/staticflowentry/StaticFlowEntryPusher.java
+++ b/src/main/java/net/floodlightcontroller/staticflowentry/StaticFlowEntryPusher.java
@@ -424,6 +424,10 @@ implements IOFSwitchListener, IFloodlightModule, IStaticFlowEntryPusherService,
} else {
log.warn("Skipping entry with bad data: {} :: {} ", e.getMessage(), e.getStackTrace());
}
+ } catch (NullPointerException e) {
+ if (fmb == null) {
+ log.error("Skipping entry with bad switch DPID {}. Could not find DPID in switch manager.", switchName);
+ }
}
String match = matchString.toString();
@@ -510,13 +514,14 @@ implements IOFSwitchListener, IFloodlightModule, IStaticFlowEntryPusherService,
/* MODIFY_STRICT b/c the match is still the same */
if (oldFlowMod.getMatch().equals(newFlowMod.getMatch())
&& oldFlowMod.getCookie().equals(newFlowMod.getCookie())
- && oldFlowMod.getPriority() == newFlowMod.getPriority()) {
+ && oldFlowMod.getPriority() == newFlowMod.getPriority()
+ && dpid.equals(dpidOldFlowMod)) {
log.debug("ModifyStrict SFP Flow");
entriesFromStorage.get(dpid).put(entry, newFlowMod);
entry2dpid.put(entry, dpid);
newFlowMod = FlowModUtils.toFlowModifyStrict(newFlowMod);
outQueue.add(newFlowMod);
- /* DELETE_STRICT and then ADD b/c the match is now different */
+ /* DELETE_STRICT and then ADD b/c the match is now different */
} else {
log.debug("DeleteStrict and Add SFP Flow");
oldFlowMod = FlowModUtils.toFlowDeleteStrict(oldFlowMod);
@@ -533,7 +538,7 @@ implements IOFSwitchListener, IFloodlightModule, IStaticFlowEntryPusherService,
entriesFromStorage.get(dpid).put(entry, addTmp);
entry2dpid.put(entry, dpid);
}
- /* Add a brand-new flow with ADD */
+ /* Add a brand-new flow with ADD */
} else if (newFlowMod != null && oldFlowMod == null) {
log.debug("Add SFP Flow");
OFFlowAdd addTmp = FlowModUtils.toFlowAdd(newFlowMod);
diff --git a/src/main/java/net/floodlightcontroller/util/ActionUtils.java b/src/main/java/net/floodlightcontroller/util/ActionUtils.java
index b09f592565825615f25954cf4ff6152710ae59c9..4e1a2040ceaf099d6092b8336ef7aaf83f941bdb 100644
--- a/src/main/java/net/floodlightcontroller/util/ActionUtils.java
+++ b/src/main/java/net/floodlightcontroller/util/ActionUtils.java
@@ -359,7 +359,7 @@ public class ActionUtils {
recommendation=LogMessageDoc.REPORT_CONTROLLER_BUG)
public static void fromString(OFFlowMod.Builder fmb, String bigString, Logger log) {
List<OFAction> actions = new LinkedList<OFAction>();
- if (bigString != null) {
+ if (bigString != null && !bigString.trim().isEmpty()) {
bigString = bigString.toLowerCase();
String[] bigStringSplit = bigString.split(","); // split into separate action=value or action=key@value pairs
@@ -857,10 +857,11 @@ public class ActionUtils {
actions.add(a);
}
}
+ log.debug("action {}", actions);
+ fmb.setActions(actions);
+ } else {
+ log.debug("actions not found --> drop");
}
- log.debug("action {}", actions);
-
- fmb.setActions(actions);
return;
}
diff --git a/src/main/java/org/sdnplatform/sync/internal/rpc/RPCService.java b/src/main/java/org/sdnplatform/sync/internal/rpc/RPCService.java
index ec6fbb86fe895bf63b0fb42b370ba88fddf44d0b..f26ecf77dd37d372a0bdd8ddc201446cbbc97830 100644
--- a/src/main/java/org/sdnplatform/sync/internal/rpc/RPCService.java
+++ b/src/main/java/org/sdnplatform/sync/internal/rpc/RPCService.java
@@ -31,7 +31,7 @@ import org.jboss.netty.channel.group.ChannelGroup;
import org.jboss.netty.channel.group.DefaultChannelGroup;
import org.jboss.netty.channel.socket.nio.NioClientSocketChannelFactory;
import org.jboss.netty.channel.socket.nio.NioServerSocketChannelFactory;
-import org.jboss.netty.util.internal.LinkedTransferQueue;
+import java.util.concurrent.LinkedTransferQueue; /* No longer in Netty v3.10.0 */
import org.sdnplatform.sync.internal.SyncManager;
import org.sdnplatform.sync.internal.config.Node;
import org.sdnplatform.sync.internal.util.Pair;
diff --git a/src/main/resources/floodlightdefault.properties b/src/main/resources/floodlightdefault.properties
index 47b5bc91a7fbfa77569de0006aa91e5aa688051c..5243a6b8b10850f0f38848da13f32d80a5a2f1c3 100644
--- a/src/main/resources/floodlightdefault.properties
+++ b/src/main/resources/floodlightdefault.properties
@@ -18,6 +18,6 @@ net.floodlightcontroller.devicemanager.internal.DeviceManagerImpl
org.sdnplatform.sync.internal.SyncManager.authScheme=CHALLENGE_RESPONSE
org.sdnplatform.sync.internal.SyncManager.keyStorePath=/etc/floodlight/auth_credentials.jceks
org.sdnplatform.sync.internal.SyncManager.dbPath=/var/lib/floodlight/
-org.sdnplatform.sync.internal.SyncManager.port=6642
-net.floodlightcontroller.core.internal.FloodlightProvider.openflowPort=6653
+org.sdnplatform.sync.internal.SyncManager.port=6643
+net.floodlightcontroller.core.internal.FloodlightProvider.openflowPort=6699
net.floodlightcontroller.core.internal.FloodlightProvider.role=ACTIVE