package com.radware.defenseflow.dp;

import com.radware.defenseflow.dp.DPRep;
import com.radware.defenseflow.dp.pojos.Classes.Networks.Network;
import com.radware.defenseflow.dp.pojos.Classes.Networks.NetworkKey;
import com.radware.defenseflow.dp.pojos.Classes.Networks.Network_Mode;
import com.radware.defenseflow.dp.pojos.Classes.VLANTagGroup.GroupEntry;
import com.radware.defenseflow.dp.pojos.Classes.VLANTagGroup.GroupEntryKey;
import com.radware.defenseflow.dp.pojos.Classes.VLANTagGroup.GroupEntry_GroupMode;
import com.radware.defenseflow.dp.pojos.Management.SyslogServers.FeatureStatus;
import com.radware.defenseflow.dp.pojos.Management.SyslogServers.SyslogServersTable;
import com.radware.defenseflow.dp.pojos.Management.SyslogServers.SyslogServersTable_syslogServerFacility;
import com.radware.defenseflow.dp.pojos.Management.SyslogServers.SyslogServersTable_syslogServerProtocol;
import com.radware.defenseflow.dp.pojos.Management.SyslogServers.SyslogServersTable_syslogServerRowStatus;
import com.radware.defenseflow.dp.pojos.Security.BehavioralDoS.Profiles;
import com.radware.defenseflow.dp.pojos.Security.BehavioralDoS.Profiles_FINACKFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.BehavioralDoS.Profiles_FRAGFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.BehavioralDoS.Profiles_ICMPFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.BehavioralDoS.Profiles_IGMPFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.BehavioralDoS.Profiles_RSTFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.BehavioralDoS.Profiles_SYNACKFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.BehavioralDoS.Profiles_SYNFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.BehavioralDoS.Profiles_UDPFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.DnsProtection.DnsProtectionProfile;
import com.radware.defenseflow.dp.pojos.Security.DnsProtection.DnsProtectionProfile_DnsAFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.DnsProtection.DnsProtectionProfile_DnsAaaaFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.DnsProtection.DnsProtectionProfile_DnsMxFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.DnsProtection.DnsProtectionProfile_DnsNaptrFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.DnsProtection.DnsProtectionProfile_DnsOtherFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.DnsProtection.DnsProtectionProfile_DnsPtrFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.DnsProtection.DnsProtectionProfile_DnsSoaFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.DnsProtection.DnsProtectionProfile_DnsSrvFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.DnsProtection.DnsProtectionProfile_DnsTextFloodstatus;
import com.radware.defenseflow.dp.pojos.Security.DnsProtection.DnsProtectionProfile_packetReport;
import com.radware.defenseflow.dp.pojos.Security.OutOfState.Profile;
import com.radware.defenseflow.dp.pojos.Security.OutOfState.Profile_PacketReport;
import com.radware.defenseflow.dp.pojos.Security.OutOfState.Profile_ProfileAction;
import com.radware.defenseflow.dp.pojos.Security.OutOfState.Profile_ProfileRisk;
import com.radware.defenseflow.dp.pojos.Security.OutOfState.Profile_SYNACKAllow;
import com.radware.defenseflow.dp.pojos.Security.Policy.Policy;
import com.radware.defenseflow.dp.pojos.Security.Policy.Policy_Action;
import com.radware.defenseflow.dp.pojos.Security.Policy.Policy_PacketReport;
import com.radware.defenseflow.dp.pojos.Security.Policy.Policy_PacketReportEnforcement;
import com.radware.defenseflow.dp.pojos.Security.SynProtection.RsIDSSynProfilesEntry;
import com.radware.defenseflow.dp.pojos.Security.SynProtection.RsIDSSynProfilesEntry_ProfileType;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import me.prettyprint.cassandra.serializers.StringSerializer;
import org.apache.axis.transport.jms.JMSConstants;
import org.apache.commons.codec.language.bm.Languages;
import org.apache.http.HttpVersion;
import org.opendaylight.defense4all.core.AMS;
import org.opendaylight.defense4all.core.DFAppModule;
import org.opendaylight.defense4all.core.DFAppRoot;
import org.opendaylight.defense4all.core.DvsnInfo;
import org.opendaylight.defense4all.core.Mitigation;
import org.opendaylight.defense4all.core.PN;
import org.opendaylight.defense4all.core.interactionstructures.Bandwidth;
import org.opendaylight.defense4all.framework.core.ExceptionControlApp;
import org.opendaylight.defense4all.framework.core.FMHolder;
import org.opendaylight.defense4all.framework.core.FrameworkMain;
import org.opendaylight.defense4all.framework.core.Repo;
import org.opendaylight.defense4all.framework.core.RepoFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/radware/defenseflow/dp/DPConfigMgr.class */
public class DPConfigMgr extends DFAppModule {
    public static final String SYN_PROTECTION_PROFILE_NAME = "SYNProt_Global";
    public static final String SIGNATURES_PROFILE_NAME = "Dos-All";
    public static final String BDOS_PROFILE_NAME_SUFFIX = "_BDOS";
    public static final String DNS_PROFILE_NAME_SUFFIX = "_DNS";
    public static final String OOS_PROFILE_NAME_SUFFIX = "_OoS";
    public static final int DP_NETWORKS_FAILURE_THRESHOLD = 20;
    public static final int DP_VLAN_FAILURE_PERCENTAGE_THRESHOLD = 10;
    public static final String DF_VLAN_PREFIX = "df_vlan_";
    public DPRep amsRep;
    private Logger log = LoggerFactory.getLogger(getClass());
    protected long dnsAQuota = 90;
    protected long dnsMxQuota = 45;
    protected long dnsPtrQuota = 45;
    protected long dnsAaaaQuota = 15;
    protected long dnsTextQuota = 8;
    protected long dnsSoaQuota = 2;
    protected long dnsNaptrQuota = 2;
    protected long dnsSrvQuota = 2;
    protected long dnsOtherQuota = 2;
    protected long actThreshold = JMSConstants.DEFAULT_TIMEOUT_TIME;
    protected long termThreshold = 4000;
    public Repo<String> configuredNetworkRepo = null;
    public Repo<String> configuredVlanRepo = null;
    public Repo<String> securityConfigRepo = null;
    protected HashMap<String, SoapConnector> connectors = new HashMap<>();
    protected Profile synProtectionProfile = new Profile();

    public DPConfigMgr() {
        this.synProtectionProfile.setProfileName(SYN_PROTECTION_PROFILE_NAME);
    }

    public void setAmsRep(DPRep dPRep) {
        this.amsRep = dPRep;
    }

    @Override // org.opendaylight.defense4all.framework.core.Module, org.opendaylight.defense4all.core.Detector
    public void init() throws ExceptionControlApp {
        super.init();
        try {
            RepoFactory repoFactory = this.fMain.getRepoFactory();
            String name = DFAppRoot.RepoMajor.DF_AMS_REP.name();
            StringSerializer stringSerializer = StringSerializer.get();
            this.configuredNetworkRepo = repoFactory.getOrCreateRepo(name, DPRep.RepoMinor.CONFIGURED_NETWORKS.name(), stringSerializer, true, ConfiguredNetwork.getRCDs());
            this.configuredVlanRepo = repoFactory.getOrCreateRepo(name, DPRep.RepoMinor.CONFIGURED_VLANS.name(), stringSerializer, true, ConfiguredVlan.getRCDs());
            this.securityConfigRepo = repoFactory.getOrCreateRepo(name, DPRep.RepoMinor.SECURITY_CONFIGURATIONS.name(), stringSerializer, true, SecurityConfig.getRCDs());
        } catch (Throwable th) {
            this.log.error("Failed to getOrCreateRepo for configured networks.", th);
            this.fMain.getHealthTracker().reportHealthIssue(5);
            throw new ExceptionControlApp("Failed to getOrCreateRepo for configured networks.", th);
        }
    }

    @Override // org.opendaylight.defense4all.framework.core.Module, org.opendaylight.defense4all.core.Detector
    public void finit() {
        super.finit();
    }

    @Override // org.opendaylight.defense4all.framework.core.Module, org.opendaylight.defense4all.core.Detector
    public void reset(FrameworkMain.ResetLevel resetLevel) throws ExceptionControlApp {
        super.reset(resetLevel);
    }

    public void addAMS(String str) throws ExceptionControlApp, IllegalArgumentException {
        if (str == null) {
            throw new IllegalArgumentException("amsKey is null");
        }
        Network network = null;
        int i = 0;
        int i2 = 0;
        try {
            AMS ams = new AMS(this.dfAppRoot.amsRepo.getRow(str));
            SoapConnector soapConnector = new SoapConnector(str, ams.mgmtAddr.getHostAddress(), ams.username, ams.password);
            soapConnector.init();
            this.connectors.put(str, soapConnector);
            Set<Map.Entry<String, Hashtable<String, Object>>> entrySet = this.configuredNetworkRepo.getTable().entrySet();
            Iterator<Map.Entry<String, Hashtable<String, Object>>> it = entrySet.iterator();
            int size = entrySet.size();
            Set<Map.Entry<String, Hashtable<String, Object>>> entrySet2 = this.configuredVlanRepo.getTable().entrySet();
            Iterator<Map.Entry<String, Hashtable<String, Object>>> it2 = entrySet2.iterator();
            int size2 = entrySet2.size();
            try {
                addGlobalProfilesIfNeeded(soapConnector);
                try {
                    addSyslogTarget(soapConnector, this.fMain.getHostAddr());
                } catch (Throwable th) {
                    this.connectors.remove(str);
                }
                this.log.info("Adding to DP " + str + " classes networks representing all protected networks");
                while (it.hasNext()) {
                    try {
                        network = createDPNetworkObject(new ConfiguredNetwork(it.next().getValue()));
                        soapConnector.createClassesNetworks(network);
                    } catch (Throwable th2) {
                        this.log.error("Failed to create network: " + network, th2);
                        i++;
                    }
                }
                this.log.info("Adding to DP " + str + " Vlans spanning all protected networks");
                String str2 = "";
                while (it2.hasNext()) {
                    try {
                        str2 = "";
                        ConfiguredVlan configuredVlan = new ConfiguredVlan(it2.next().getValue());
                        GroupEntry createSingleVlanGroup = createSingleVlanGroup(configuredVlan.name, configuredVlan.vlan);
                        if (createSingleVlanGroup != null) {
                            str2 = configuredVlan.name + " " + configuredVlan.vlan;
                            soapConnector.createClassesVlan(createSingleVlanGroup);
                        }
                    } catch (Throwable th3) {
                        this.log.error("Failed to create vlan: " + str2, th3);
                        i2++;
                    }
                }
                if ((i * 100) / (size + 1) >= 20 || (i2 * 100) / (size2 + 1) >= 10) {
                    FMHolder.get().getFR().logRecord(DFAppRoot.FR_AMS_FAILURE, "AMS " + str + " configuration failed. Exceeded threshold");
                    this.connectors.remove(str);
                    try {
                        it = entrySet2.iterator();
                    } catch (Throwable th4) {
                        this.log.debug("Failed to obtain second iterator: " + str, th4);
                    }
                    NetworkKey networkKey = null;
                    while (it.hasNext()) {
                        try {
                            ConfiguredNetwork configuredNetwork = new ConfiguredNetwork(it.next().getValue());
                            createDPNetworkObject(configuredNetwork);
                            networkKey = new NetworkKey(configuredNetwork.name, 0L);
                            soapConnector.deleteClassesNetwork(networkKey);
                        } catch (Throwable th5) {
                            this.log.error("Failed to remove Network: " + networkKey, th5);
                        }
                    }
                    try {
                        it2 = entrySet2.iterator();
                    } catch (Throwable th6) {
                        this.log.debug("Failed to obtain second iterator: " + str, th6);
                    }
                    while (it2.hasNext()) {
                        try {
                            ConfiguredVlan configuredVlan2 = new ConfiguredVlan(it2.next().getValue());
                            GroupEntryKey groupEntryKey = new GroupEntryKey();
                            groupEntryKey.setGroupName(configuredVlan2.name);
                            groupEntryKey.setVLANTag(configuredVlan2.vlan);
                            soapConnector.deleteClassesVlan(groupEntryKey);
                        } catch (Throwable th7) {
                            this.log.error("Failed to remove vlan", th7);
                        }
                    }
                    String str3 = "Failed to add this DP, because failed to configure networks or vlans for too many PNs." + str;
                    this.log.error(str3);
                    throw new ExceptionControlApp(str3);
                }
            } catch (Throwable th8) {
                this.connectors.remove(str);
                String str4 = "Excepted trying to add global profiles to DP" + str;
                this.log.error(str4, th8);
                throw new ExceptionControlApp(str4, th8);
            }
        } catch (Throwable th9) {
            this.connectors.remove(str);
            String str5 = "Excepted trying to retrieve or construct relevant information" + str;
            this.log.error(str5, th9);
            this.fMain.getHealthTracker().reportHealthIssue(3);
            throw new ExceptionControlApp(str5, th9);
        }
    }

    public void addGlobalProfilesIfNeeded(SoapConnector soapConnector) throws ExceptionControlApp {
        try {
            this.log.info("Adding to DP " + soapConnector.amsKey + " global SYN profiles for HTTP and HTTPS (if needed)");
            soapConnector.createIfNonExistingSynProtectionProfile(createSynProtectionProfileObject(200000L, HttpVersion.HTTP));
            soapConnector.createIfNonExistingSynProtectionProfile(createSynProtectionProfileObject(200001L, "HTTPS"));
        } catch (Throwable th) {
            String str = "Failed to add Global Profiles: " + th.getMessage();
            this.log.error(str);
            throw new ExceptionControlApp(str);
        }
    }

    public void addSyslogTarget(SoapConnector soapConnector, String str) throws ExceptionControlApp {
        try {
            soapConnector.addSyslogTarget(new SyslogServersTable(str, FeatureStatus.Enabled, 514L, 514L, SyslogServersTable_syslogServerFacility.value23, SyslogServersTable_syslogServerProtocol.value1, "", SyslogServersTable_syslogServerRowStatus.reachable, null, FeatureStatus.Enabled, FeatureStatus.Enabled, FeatureStatus.Enabled));
        } catch (Throwable th) {
            String str2 = "Failed to add syslog target " + str + " to DP " + soapConnector.amsKey + " - " + th.getMessage();
            this.log.error(str2);
            throw new ExceptionControlApp(str2);
        }
    }

    private RsIDSSynProfilesEntry createSynProtectionProfileObject(long j, String str) {
        RsIDSSynProfilesEntry rsIDSSynProfilesEntry = new RsIDSSynProfilesEntry();
        rsIDSSynProfilesEntry.setProfileName(SYN_PROTECTION_PROFILE_NAME);
        rsIDSSynProfilesEntry.setAttackID(Long.valueOf(j));
        rsIDSSynProfilesEntry.setAttackName(str);
        rsIDSSynProfilesEntry.setProfileType(RsIDSSynProfilesEntry_ProfileType.value2);
        return rsIDSSynProfilesEntry;
    }

    public void removeAMS(String str) throws ExceptionControlApp, IllegalArgumentException {
        if (str == null) {
            throw new IllegalArgumentException("amsKey is null");
        }
        SoapConnector remove = this.connectors.remove(str);
        try {
            List<String> keys = this.configuredNetworkRepo.getKeys();
            NetworkKey networkKey = null;
            this.log.info("Deleting from DP " + remove.amsKey + " all msgclasses networks that DF has installed for all protected networks");
            Iterator<String> it = keys.iterator();
            while (it.hasNext()) {
                try {
                    networkKey = new NetworkKey(it.next(), 0L);
                    remove.deleteClassesNetwork(networkKey);
                } catch (Throwable th) {
                    this.log.error("Failed to remove Network: " + networkKey, th);
                }
            }
            try {
                remove.removeSyslogTarget(this.fMain.getHostAddr());
            } catch (Exception e) {
            }
        } catch (Throwable th2) {
            this.log.error("Failed to remove ams: " + str, th2);
            this.fMain.getHealthTracker().reportHealthIssue(3);
            throw new ExceptionControlApp("Failed to remove ams: " + str, th2);
        }
    }

    public void addPN(String str) throws ExceptionControlApp {
        SoapConnector soapConnector = null;
        Iterator<Map.Entry<String, SoapConnector>> it = this.connectors.entrySet().iterator();
        try {
            ConfiguredNetwork configuredNetwork = new ConfiguredNetwork();
            configuredNetwork.name = DPRep.generateNetworkName(str);
            configuredNetwork.address = (String) this.dfAppRoot.pNsRepo.getCellValue(str, "dest_addr");
            configuredNetwork.addressPrefixLen = ((Integer) this.dfAppRoot.pNsRepo.getCellValue(str, "dest_addr_prefix_len")).intValue();
            this.configuredNetworkRepo.setRow(configuredNetwork.name, configuredNetwork.toRow());
            Network createDPNetworkObject = createDPNetworkObject(configuredNetwork);
            this.log.info("Adding to all DPs " + configuredNetwork.toString());
            while (it.hasNext()) {
                try {
                    soapConnector = it.next().getValue();
                    soapConnector.createClassesNetworks(createDPNetworkObject);
                } catch (Exception e) {
                    this.log.error("Failed to create network: " + createDPNetworkObject + " at " + (soapConnector == null ? "" : soapConnector.amsKey), (Throwable) e);
                }
            }
        } catch (Throwable th) {
            String str2 = "Excepted trying to add pn: " + str;
            this.log.error(str2, th);
            throw new ExceptionControlApp(str2, th);
        }
    }

    public void addVlans(List<ConfiguredVlan> list) throws ExceptionControlApp {
        if (list == null || list.isEmpty()) {
            return;
        }
        boolean z = false;
        Iterator<ConfiguredVlan> it = list.iterator();
        while (it.hasNext()) {
            try {
                addVlan(it.next());
                z = true;
            } catch (Throwable th) {
            }
        }
        if (!z) {
            throw new ExceptionControlApp("Failed to configure any Vlan in DP");
        }
    }

    public void addVlan(ConfiguredVlan configuredVlan) throws ExceptionControlApp {
        SoapConnector soapConnector = null;
        Iterator<Map.Entry<String, SoapConnector>> it = this.connectors.entrySet().iterator();
        try {
            this.configuredVlanRepo.setRow(configuredVlan.name, configuredVlan.toRow());
            GroupEntry createSingleVlanGroup = createSingleVlanGroup(configuredVlan.name, configuredVlan.vlan);
            this.log.info("Adding to all DPs " + configuredVlan.toString());
            while (it.hasNext()) {
                try {
                    soapConnector = it.next().getValue();
                    soapConnector.createClassesVlan(createSingleVlanGroup);
                } catch (Exception e) {
                    this.log.error("Failed to create vlan: " + configuredVlan.toString() + " at " + (soapConnector == null ? "" : soapConnector.amsKey), (Throwable) e);
                }
            }
        } catch (Throwable th) {
            String str = "Excepted trying to add vlan: " + configuredVlan.name;
            this.log.error(str, th);
            throw new ExceptionControlApp(str, th);
        }
    }

    public void removePN(String str) throws IllegalArgumentException {
        if (str == null) {
            throw new IllegalArgumentException("Null pnkey.");
        }
        Iterator<Map.Entry<String, SoapConnector>> it = this.connectors.entrySet().iterator();
        NetworkKey networkKey = new NetworkKey(DPRep.generateNetworkName(str), 0L);
        this.log.info("Removing from all DPs " + networkKey.getName());
        while (it.hasNext()) {
            it.next().getValue().deleteClassesNetwork(networkKey);
        }
        try {
            this.configuredNetworkRepo.deleteRow(str);
        } catch (ExceptionControlApp e) {
            this.log.error("Failed to delete row: " + str, (Throwable) e);
        }
    }

    public void addSecurityConfiguration(String str) throws ExceptionControlApp {
        Hashtable<String, Object> row = this.dfAppRoot.dvsnInfosRepo.getRow(str);
        if (row == null) {
            this.log.error("AMS security configuration failed. No diversion information found for the logical net-node.");
            FMHolder.get().getHealthTracker().reportHealthIssue(1);
            throw new ExceptionControlApp("AMS security configuration failed. No diversion information found for the logical net-node.");
        }
        DvsnInfo dvsnInfo = new DvsnInfo(row);
        if (dvsnInfo.amsDvsnInfos == null || dvsnInfo.amsDvsnInfos.isEmpty()) {
            return;
        }
        DvsnInfo.AMSDvsnInfo aMSDvsnInfo = dvsnInfo.amsDvsnInfos.get(0);
        SoapConnector soapConnector = this.connectors.get(aMSDvsnInfo.label);
        if (soapConnector == null) {
            return;
        }
        String property = dvsnInfo.configProps.getProperty(DvsnInfo.INBOUND_BANDWIDTH);
        String str2 = (String) this.dfAppRoot.mitigationsRepo.getCellValue(dvsnInfo.mitigationKey, "pnkey");
        String generateNetworkName = DPRep.generateNetworkName(str2);
        int retrieveVlanFromProps = new PN(this.dfAppRoot.pNsRepo.getRow(str2)).retrieveVlanFromProps();
        this.log.info("Adding security configuration to DP " + soapConnector.amsKey + "for diversion " + str);
        addSecurityConfigInDP(generateNetworkName, soapConnector, property, retrieveVlanFromProps);
        try {
            addSecurityConfigInRepo(generateNetworkName, dvsnInfo, aMSDvsnInfo, str2);
        } catch (Throwable th) {
            String str3 = "AMS " + soapConnector.amsKey + " security configuration failed. Failed to configure diversion for logical net-node.";
            FMHolder.get().getFR().logRecord(DFAppRoot.FR_AMS_FAILURE, str3);
            removeSecurityConfigInDP(soapConnector, generateNetworkName);
            this.log.error(str3, th);
            throw new ExceptionControlApp(th);
        }
    }

    protected void removeSecurityConfigInDP(SoapConnector soapConnector, String str) {
        soapConnector.deletePolicy(str);
        soapConnector.deleteBdosProfile(str + BDOS_PROFILE_NAME_SUFFIX);
        try {
            soapConnector.deleteDnsProfile(str + DNS_PROFILE_NAME_SUFFIX);
        } catch (RuntimeException e) {
            if (0 != 0) {
                this.log.warn("failed to delete DNS profile");
                throw e;
            }
            this.log.debug("failed to delete DNS profile, not error or warning, since DNS is disabled");
        }
        soapConnector.deleteOosProfile(str + OOS_PROFILE_NAME_SUFFIX);
    }

    public void addSecurityConfigInDP(String str, SoapConnector soapConnector, String str2, int i) throws ExceptionControlApp {
        try {
            long j = (new Bandwidth(str2).bytes * 8) / 1000;
            long j2 = j < 1 ? 1L : j;
            try {
                String str3 = str + BDOS_PROFILE_NAME_SUFFIX;
                String str4 = str + DNS_PROFILE_NAME_SUFFIX;
                String str5 = str + OOS_PROFILE_NAME_SUFFIX;
                this.log.info("Calculated bandwidth for BDoS profile: " + j2);
                Profiles createBdosProfile = createBdosProfile(str3, j2);
                DnsProtectionProfile createDnsProfile = createDnsProfile(str4, JMSConstants.DEFAULT_TIMEOUT_TIME);
                Profile createOutOfStateProfile = createOutOfStateProfile(str5);
                try {
                    if (!soapConnector.updateCreateDnsProfile(createDnsProfile)) {
                        str4 = null;
                    }
                } catch (Throwable th) {
                    str4 = null;
                }
                String str6 = DF_VLAN_PREFIX + i + 1;
                createSingleVlanGroup(str6, i);
                this.log.warn("skipping creation of VLAN " + str6);
                Policy createPolicy = createPolicy(str, str3, str4, str5, null);
                soapConnector.updateCreateBdosProfile(createBdosProfile);
                soapConnector.updateCreateOOSProfile(createOutOfStateProfile);
                soapConnector.updateCreatePolicy(createPolicy);
            } catch (Throwable th2) {
                this.log.error("Failed to add security configuration, " + th2.getMessage(), th2);
                throw new ExceptionControlApp("Failed to add security configuration: " + th2.getMessage());
            }
        } catch (Throwable th3) {
            this.log.error("Failed to calculate bandwidth, " + th3.getMessage(), th3);
            this.fMain.getHealthTracker().reportHealthIssue(1);
            throw new ExceptionControlApp("Failed to calculate bandwidth, " + th3.getMessage());
        }
    }

    private void addSecurityConfigInRepo(String str, DvsnInfo dvsnInfo, DvsnInfo.AMSDvsnInfo aMSDvsnInfo, String str2) throws ExceptionControlApp {
        try {
            String str3 = str + BDOS_PROFILE_NAME_SUFFIX;
            String str4 = str + DNS_PROFILE_NAME_SUFFIX;
            String str5 = str + OOS_PROFILE_NAME_SUFFIX;
            String generateKey = SecurityConfig.generateKey(str, dvsnInfo.mitigationKey);
            this.dfAppRoot.amsRepo.setCell(aMSDvsnInfo.label, AMS.SECURITY_CONFIG_PREFIX + generateKey, generateKey);
            if (this.securityConfigRepo.hasCell(generateKey, SecurityConfig.NETWORK_NAME)) {
                this.securityConfigRepo.setCell(generateKey, SecurityConfig.DP_NAME_PREFIX + aMSDvsnInfo.label, aMSDvsnInfo.label);
            } else {
                SecurityConfig securityConfig = new SecurityConfig();
                securityConfig.mitigationKey = dvsnInfo.mitigationKey;
                securityConfig.pnkey = str2;
                securityConfig.configuredNetworkName = str;
                securityConfig.bdosProfileName = str3;
                securityConfig.dnsProfileName = str4;
                securityConfig.oosProfileName = str5;
                securityConfig.securityPolicyName = str;
                securityConfig.generateAndSetKey();
                securityConfig.configuredDPs = new ArrayList();
                securityConfig.configuredDPs.add(aMSDvsnInfo.label);
                this.securityConfigRepo.setRow(generateKey, securityConfig.toRow());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    this.dfAppRoot.amsRepo.deleteCell(aMSDvsnInfo.label, AMS.SECURITY_CONFIG_PREFIX + "");
                } catch (Throwable th2) {
                }
            }
            this.log.error("Failed to add security configuration in database", th);
            this.fMain.getHealthTracker().reportHealthIssue(1);
            throw new ExceptionControlApp("Failed to add security configuration in database" + th.getMessage());
        }
    }

    public void removeSecurityConfiguration(String str) {
        String str2 = ".";
        try {
            DvsnInfo dvsnInfo = DvsnInfo.getDvsnInfo(str);
            String str3 = dvsnInfo.amsDvsnInfos.get(0).label;
            SoapConnector soapConnector = this.connectors.get(str3);
            String str4 = (String) this.dfAppRoot.mitigationsRepo.getCellValue(dvsnInfo.mitigationKey, "pnkey");
            String generateNetworkName = DPRep.generateNetworkName(str4);
            String generateKey = SecurityConfig.generateKey(generateNetworkName, dvsnInfo.mitigationKey);
            str2 = soapConnector.amsKey;
            FMHolder.get().getFR().logRecord(DFAppRoot.FR_AMS_SECURITY, "Removing security configuration from AMS " + str2 + " for mitigation of " + Mitigation.getPrintableMitigationTarget(dvsnInfo.mitigationKey));
            Boolean bool = true;
            for (Mitigation mitigation : this.dfAppRoot.getMitigationMgr().getAllPNMitigations(str4)) {
                try {
                    if (mitigation.status == Mitigation.Status.ACTIVE) {
                        for (String str5 : mitigation.dvsnInfoKeys) {
                            if (!str5.equals(str)) {
                                if (DvsnInfo.getDvsnInfo(str5).amsDvsnInfos.get(0).label.equals(str3)) {
                                    bool = false;
                                }
                            }
                        }
                    }
                } catch (Exception e) {
                }
            }
            if (bool.booleanValue()) {
                removeSecurityConfigInDP(soapConnector, generateNetworkName);
            }
            this.securityConfigRepo.deleteRow(generateKey);
            this.dfAppRoot.amsRepo.deleteCell(str3, AMS.SECURITY_CONFIG_PREFIX + generateKey);
        } catch (Throwable th) {
            String str6 = "Failed to fully remove security configuration from AMS " + str2;
            this.log.error(str6, th);
            FMHolder.get().getFR().logRecord(DFAppRoot.FR_DF_FAILURE, str6);
            this.fMain.getHealthTracker().reportHealthIssue(1);
        }
    }

    public Network createDPNetworkObject(ConfiguredNetwork configuredNetwork) {
        Network network = new Network();
        network.setName(configuredNetwork.name);
        network.setIndex(0L);
        network.setAddress(configuredNetwork.address);
        network.setMask(Integer.toString(configuredNetwork.addressPrefixLen));
        network.setMode(Network_Mode.value1);
        return network;
    }

    public Network createDPNetworkObject(String str, String str2, String str3) {
        Network network = new Network();
        network.setName(str3);
        network.setIndex(1L);
        network.setAddress(str);
        network.setMask(str2);
        network.setMode(Network_Mode.value2);
        return network;
    }

    private Profiles createBdosProfile(String str, long j) {
        Profiles profiles = new Profiles();
        profiles.setProfileName(str);
        profiles.setBandwidthIn(Long.valueOf(j));
        profiles.setBandwidthOut(Long.valueOf(j));
        profiles.setSYNACKFloodstatus(Profiles_SYNACKFloodstatus.active);
        profiles.setSYNFloodstatus(Profiles_SYNFloodstatus.active);
        profiles.setUDPFloodstatus(Profiles_UDPFloodstatus.active);
        profiles.setICMPFloodstatus(Profiles_ICMPFloodstatus.active);
        profiles.setIGMPFloodstatus(Profiles_IGMPFloodstatus.active);
        profiles.setFINACKFloodstatus(Profiles_FINACKFloodstatus.active);
        profiles.setFRAGFloodstatus(Profiles_FRAGFloodstatus.active);
        profiles.setRSTFloodstatus(Profiles_RSTFloodstatus.active);
        return profiles;
    }

    private DnsProtectionProfile createDnsProfile(String str, long j) {
        DnsProtectionProfile dnsProtectionProfile = new DnsProtectionProfile();
        dnsProtectionProfile.setProfileName(str);
        dnsProtectionProfile.setDnsAFloodstatus(DnsProtectionProfile_DnsAFloodstatus.active);
        dnsProtectionProfile.setDnsMxFloodstatus(DnsProtectionProfile_DnsMxFloodstatus.active);
        dnsProtectionProfile.setDnsPtrFloodstatus(DnsProtectionProfile_DnsPtrFloodstatus.active);
        dnsProtectionProfile.setDnsAaaaFloodstatus(DnsProtectionProfile_DnsAaaaFloodstatus.active);
        dnsProtectionProfile.setDnsTextFloodstatus(DnsProtectionProfile_DnsTextFloodstatus.active);
        dnsProtectionProfile.setDnsSoaFloodstatus(DnsProtectionProfile_DnsSoaFloodstatus.active);
        dnsProtectionProfile.setDnsNaptrFloodstatus(DnsProtectionProfile_DnsNaptrFloodstatus.active);
        dnsProtectionProfile.setDnsSrvFloodstatus(DnsProtectionProfile_DnsSrvFloodstatus.active);
        dnsProtectionProfile.setDnsOtherFloodstatus(DnsProtectionProfile_DnsOtherFloodstatus.active);
        dnsProtectionProfile.setExpectedQps(Long.valueOf(j));
        dnsProtectionProfile.setDnsAQuota(Long.valueOf(this.dnsAQuota));
        dnsProtectionProfile.setDnsMxQuota(Long.valueOf(this.dnsMxQuota));
        dnsProtectionProfile.setDnsPtrQuota(Long.valueOf(this.dnsPtrQuota));
        dnsProtectionProfile.setDnsAaaaQuota(Long.valueOf(this.dnsAaaaQuota));
        dnsProtectionProfile.setDnsTextQuota(Long.valueOf(this.dnsTextQuota));
        dnsProtectionProfile.setDnsSoaQuota(Long.valueOf(this.dnsSoaQuota));
        dnsProtectionProfile.setDnsNaptrQuota(Long.valueOf(this.dnsNaptrQuota));
        dnsProtectionProfile.setDnsSrvQuota(Long.valueOf(this.dnsSrvQuota));
        dnsProtectionProfile.setDnsOtherQuota(Long.valueOf(this.dnsOtherQuota));
        dnsProtectionProfile.setMaxAllowedQPS(Long.valueOf(j * 2));
        dnsProtectionProfile.setPacketReport(DnsProtectionProfile_packetReport.enable);
        return dnsProtectionProfile;
    }

    private Profile createOutOfStateProfile(String str) {
        Profile profile = new Profile();
        profile.setProfileName(str);
        profile.setACTThreshold(Long.valueOf(this.actThreshold));
        profile.setTermThreshold(Long.valueOf(this.termThreshold));
        profile.setSYNACKAllow(Profile_SYNACKAllow.enable);
        profile.setProfileRisk(Profile_ProfileRisk.medium);
        profile.setProfileAction(Profile_ProfileAction.value2);
        profile.setPacketReport(Profile_PacketReport.enable);
        return profile;
    }

    private GroupEntry createVlanGroup(String str, long j, long j2, Long l) {
        return new GroupEntry(str, j, j2, l, GroupEntry_GroupMode.Range);
    }

    private GroupEntry createSingleVlanGroup(String str, long j) {
        return new GroupEntry(str, 65536L, j, Long.valueOf(j), GroupEntry_GroupMode.Range);
    }

    public Policy createPolicy(String str, String str2, String str3, String str4, String str5) {
        Policy policy = new Policy();
        policy.setPolicyName(str);
        policy.setPolicyDestinationAddress(str);
        policy.setPolicySourceAddress(Languages.ANY);
        policy.setBehavioralDosProfile(str2);
        if (str3 != null) {
            policy.setDNSProtectionProfile(str3);
        }
        policy.setSynProtectionProfile(this.synProtectionProfile.getProfileName());
        policy.setOutOfStateProfile(str4);
        policy.setAction(Policy_Action.value2);
        policy.setPacketReport(Policy_PacketReport.enable);
        policy.setPacketReportEnforcement(Policy_PacketReportEnforcement.enable);
        if (str5 != null) {
            policy.setVlanTagGroup(str5);
        }
        return policy;
    }

    @Override // org.opendaylight.defense4all.framework.core.Module
    protected void actionSwitcher(int i, Object obj) {
    }
}
