package reorg: remove pkg connection, rename ConnetionSet to Endpoint… (

#74) * package reorg: remove pkg connection, rename ConnetionSet to EndpointsTrafficSet Signed-off-by: adisos <[email protected]> * update comment Signed-off-by: adisos <[email protected]> * few updates Signed-off-by: adisos <[email protected]> --------- Signed-off-by: adisos <[email protected]>
np-guard · Oct 2, 2024 · fdc2963 · fdc2963
1 parent dbe18f8
commit fdc2963
Show file tree

Hide file tree

Showing 9 changed files with 174 additions and 216 deletions.
diff --git a/README.md b/README.md
@@ -17,7 +17,7 @@ A collection of Golang packages with models for cartesian products and network r
     * `HashSet` - A generic `Set` for storing any Hashable.
     * `MultiMap` - A map for mapping any Hashable key to a set of Hashable values.
     * `ProductLeft` - A `Product` of two sets, implemented using a map where each key-values pair represents the cartesian product of the two sets.
-    * `LeftTripleSet`, RightTripleSet, OuterTripleSet - `TripleSet` implementations.
+    * `LeftTripleSet`, `RightTripleSet`, `OuterTripleSet` - `TripleSet` implementations.
     * `DisjointSum` - A sum type for two tagged sets.
 * **interval** - Interval-related data structures.
     * `Interval` - A simple interval data structure.
@@ -31,11 +31,13 @@ A collection of Golang packages with models for cartesian products and network r
   * `PortSet` - A set of ports. Implemented using an IntervalSet.
   * `ProtocolSet` - Whether the protocol is TCP or UDP. Implemented using IntervalSet.
   * `TCPUDPSet` - `TripleSet[*ProtocolSet, *PortSet, *PortSet]`.
-  * `ICMPSet` - accurately tracking set of ICMP types and code pairs. Implemented using a bitset.
-  * `TransportSet` - either ICMP or TCPUDP set. Implemented as `Disjoint[*TCPUDPSet, *ICMPSet]`.
+  * `RFCICMPSet` - accurately tracking set of ICMP types and code pairs. Implemented using a bitset.
+  * `TypeSet` - ICMP types set. Implemented using an IntervalSet.
+  * `CodeSet` ICMP codes set. Implemented using an IntervalSet.
+  * `ICMPSet` - ICMP types and code pairs, implemented as `Product[*TypeSet, *CodeSet]`.
+  * `TransportSet` - either ICMPSet or TCPUDP set. Implemented as `Disjoint[*TCPUDPSet, *ICMPSet]`.
   * `IPBlock` - A set of IP addresses. Implemented using IntervalSet.
-  * `ConnectionSet` - `TripleSet[*IPBlock, *IPBlock, *TransportSet]`.
-* **connection** - `Set` as Alias for `TransportSet`.
+  * `EndpointsTrafficSet` - `TripleSet[*IPBlock, *IPBlock, *TransportSet]`.
 * **spec** - A collection of structs for defining required connectivity. Automatically generated from a JSON schema (see below).
 
 ## Code generation

diff --git a/pkg/connection/connection.go b/pkg/connection/connection.go
diff --git a/pkg/netset/connectionset.go b/pkg/netset/connectionset.go
diff --git a/pkg/netset/netset.go b/pkg/netset/netset.go
@@ -4,11 +4,11 @@ Copyright 2023- IBM Inc. All Rights Reserved.
 SPDX-License-Identifier: Apache-2.0
 */
 
-// package netset implements types for network connection sets objects and operations.
+// Package netset implements types for network connection sets objects and operations.
 // Types defined in this package:
 // IPBlock - captures a set of IP ranges
 // TCPUDPSet - captures sets of protocols (within TCP,UDP only) and ports (source and destination)
-// ICMPSet - captures sets of types,codes for ICMP protocol
-// TransportSet - captures connection-sets for protocols from {TCP, UDP, ICMP}
-// ConnectionSet - captures a set of connections for tuples of (src IP range, dst IP range, TransportSet)
+// ICMPSet - captures sets of type,code values for ICMP protocol
+// TransportSet - captures union of elements from TCPUDPSet, ICMPSet
+// EndpointsTrafficSet - captures a set of traffic attribute for tuples of (source IP range, destination IP range, TransportSet)
 package netset
diff --git a/pkg/netset/trafficset.go b/pkg/netset/trafficset.go
@@ -0,0 +1,101 @@
+/*
+Copyright 2023- IBM Inc. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package netset
+
+import (
+	"fmt"
+	"sort"
+	"strings"
+
+	"github.com/np-guard/models/pkg/ds"
+)
+
+// EndpointsTrafficSet captures a set of traffic attributes for tuples of (source IP range, desination IP range, TransportSet),
+// where TransportSet is a set of TCP/UPD/ICMP with their properties (src,dst ports / icmp type,code)
+type EndpointsTrafficSet struct {
+	props ds.TripleSet[*IPBlock, *IPBlock, *TransportSet]
+}
+
+// EmptyEndpointsTrafficSet returns an empty EndpointsTrafficSet
+func EmptyEndpointsTrafficSet() *EndpointsTrafficSet {
+	return &EndpointsTrafficSet{props: ds.NewLeftTripleSet[*IPBlock, *IPBlock, *TransportSet]()}
+}
+
+// Equal returns true is this EndpointsTrafficSet captures the exact same set of connections as `other` does.
+func (c *EndpointsTrafficSet) Equal(other *EndpointsTrafficSet) bool {
+	return c.props.Equal(other.props)
+}
+
+// Copy returns new EndpointsTrafficSet object with same set of connections as current one
+func (c *EndpointsTrafficSet) Copy() *EndpointsTrafficSet {
+	return &EndpointsTrafficSet{
+		props: c.props.Copy(),
+	}
+}
+
+// Intersect returns a EndpointsTrafficSet object with connection tuples that result from intersection of
+// this and `other` sets
+func (c *EndpointsTrafficSet) Intersect(other *EndpointsTrafficSet) *EndpointsTrafficSet {
+	return &EndpointsTrafficSet{props: c.props.Intersect(other.props)}
+}
+
+// IsEmpty returns true of the EndpointsTrafficSet is empty
+func (c *EndpointsTrafficSet) IsEmpty() bool {
+	return c.props.IsEmpty()
+}
+
+// Union returns a EndpointsTrafficSet object with connection tuples that result from union of
+// this and `other` sets
+func (c *EndpointsTrafficSet) Union(other *EndpointsTrafficSet) *EndpointsTrafficSet {
+	if other.IsEmpty() {
+		return c.Copy()
+	}
+	if c.IsEmpty() {
+		return other.Copy()
+	}
+	return &EndpointsTrafficSet{
+		props: c.props.Union(other.props),
+	}
+}
+
+// Subtract returns a EndpointsTrafficSet object with connection tuples that result from subtraction of
+// `other` from this set
+func (c *EndpointsTrafficSet) Subtract(other *EndpointsTrafficSet) *EndpointsTrafficSet {
+	if other.IsEmpty() {
+		return c.Copy()
+	}
+	return &EndpointsTrafficSet{props: c.props.Subtract(other.props)}
+}
+
+// IsSubset returns true if c is subset of other
+func (c *EndpointsTrafficSet) IsSubset(other *EndpointsTrafficSet) bool {
+	return c.props.IsSubset(other.props)
+}
+
+// NewEndpointsTrafficSet returns a new EndpointsTrafficSet object from input src, dst IP-ranges sets ands
+// TransportSet connections
+func NewEndpointsTrafficSet(src, dst *IPBlock, conn *TransportSet) *EndpointsTrafficSet {
+	return &EndpointsTrafficSet{props: ds.CartesianLeftTriple(src, dst, conn)}
+}
+
+func (c *EndpointsTrafficSet) Partitions() []ds.Triple[*IPBlock, *IPBlock, *TransportSet] {
+	return c.props.Partitions()
+}
+
+func cubeStr(c ds.Triple[*IPBlock, *IPBlock, *TransportSet]) string {
+	return fmt.Sprintf("src: %s, dst: %s, conns: %s", c.S1.String(), c.S2.String(), c.S3.String())
+}
+
+func (c *EndpointsTrafficSet) String() string {
+	cubes := c.Partitions()
+	var resStrings = make([]string, len(cubes))
+	for i, cube := range cubes {
+		resStrings[i] = cubeStr(cube)
+	}
+	sort.Strings(resStrings)
+	return strings.Join(resStrings, comma)
+}