package org.opendaylight.defense4all.core.impl;

import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import org.opendaylight.defense4all.core.Attack;
import org.opendaylight.defense4all.core.AttackDecisionPoint;
import org.opendaylight.defense4all.core.DFAppRoot;
import org.opendaylight.defense4all.core.Detection;
import org.opendaylight.defense4all.core.PN;
import org.opendaylight.defense4all.core.ProtocolPort;
import org.opendaylight.defense4all.core.Traffic;
import org.opendaylight.defense4all.core.interactionstructures.EndDetectionNotification;
import org.opendaylight.defense4all.framework.core.ExceptionControlApp;
import org.opendaylight.defense4all.framework.core.FMHolder;
import org.opendaylight.defense4all.framework.core.FrameworkMain;

/* loaded from: input_file:org/opendaylight/defense4all/core/impl/AttackDecisionPointImpl.class */
public class AttackDecisionPointImpl extends DFAppCoreModule implements AttackDecisionPoint {
    protected static final int ACTION_INVALID = -1;
    protected static final int ACTION_RESERVED = 0;
    protected static final int ACTION_PROCESS_ATTACKS = 1;
    protected static final int ACTION_REMOVE_PN = 2;
    protected long processAttacksPeriod = 1000;
    protected boolean initialized = false;

    public void setProcessAttacksPeriod(int i) {
        this.processAttacksPeriod = i;
    }

    @Override // org.opendaylight.defense4all.framework.core.Module, org.opendaylight.defense4all.core.Detector
    public void init() throws ExceptionControlApp {
        super.init();
        this.log.info("AttackDecisionPoint is starting.");
        addPeriodicExecution(1, null, Long.valueOf(this.processAttacksPeriod));
        this.initialized = true;
    }

    @Override // org.opendaylight.defense4all.framework.core.Module, org.opendaylight.defense4all.core.Detector
    public void finit() {
        this.log.info("AttackDecisionPoint is stopping.");
        super.finit();
    }

    @Override // org.opendaylight.defense4all.framework.core.Module, org.opendaylight.defense4all.core.Detector
    public synchronized void reset(FrameworkMain.ResetLevel resetLevel) throws ExceptionControlApp {
        this.log.info("AttackDecisionPoint is resetting to level " + resetLevel);
        super.reset(resetLevel);
        Traffic.NameHash.reset();
        try {
            this.dfAppRootFullImpl.detectionsRepo.truncate();
            this.dfAppRootFullImpl.attacksRepo.truncate();
        } catch (Throwable th) {
            this.log.error("Failed to reset detectionsRepo and/or attacksRepo", th);
        }
    }

    public void test() throws ExceptionControlApp {
        test2();
    }

    protected void test2() throws ExceptionControlApp {
        Attack attack = new Attack("pn1_TCP:0", "pn1", new ProtocolPort(ProtocolPort.DFProtocol.TCP, 0), Attack.Status.DECLARED, new Properties());
        attack.detectionKeys.setProperty("df_detectorpn1.TCP:0", "df_detectorpn1.TCP:0");
        this.dfAppRootFullImpl.attacksRepo.setRow(attack.key, attack.toRow());
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        for (int i = 0; i < 10000; i++) {
            switch (((int) Math.random()) % 4) {
                case 0:
                    Attack attack2 = new Attack(this.dfAppRootFullImpl.attacksRepo.getRow("pn1_TCP:0"));
                    attack2.detectionKeys.setProperty("df_detectorpn1.TCP:0", "df_detectorpn1.TCP:0");
                    this.dfAppRootFullImpl.attacksRepo.setRow(attack2.key, attack2.toRow());
                    Attack attack3 = new Attack(this.dfAppRootFullImpl.attacksRepo.getRow("pn1_TCP:0"));
                    if (attack2.detectionKeys.size() != attack3.detectionKeys.size()) {
                        System.out.println(attack2.detectionKeys.toString() + "; " + attack3.detectionKeys.toString());
                        break;
                    } else {
                        break;
                    }
                case 1:
                    Attack attack4 = new Attack(this.dfAppRootFullImpl.attacksRepo.getRow("pn1_TCP:0"));
                    attack4.detectionKeys.setProperty("dp_based_detectorpn1.TCP:0", "dp_based_detectorpn1.TCP:0");
                    this.dfAppRootFullImpl.attacksRepo.setRow(attack4.key, attack4.toRow());
                    Attack attack5 = new Attack(this.dfAppRootFullImpl.attacksRepo.getRow("pn1_TCP:0"));
                    if (attack4.detectionKeys.size() != attack5.detectionKeys.size()) {
                        System.out.println(attack4.detectionKeys.toString() + "; " + attack5.detectionKeys.toString());
                        break;
                    } else {
                        break;
                    }
                case 2:
                    Attack attack6 = new Attack(this.dfAppRootFullImpl.attacksRepo.getRow("pn1_TCP:0"));
                    attack6.detectionKeys.setProperty("dp_based_detectorpn1.TCP:80", "dp_based_detectorpn1.TCP:80");
                    this.dfAppRootFullImpl.attacksRepo.setRow(attack6.key, attack6.toRow());
                    Attack attack7 = new Attack(this.dfAppRootFullImpl.attacksRepo.getRow("pn1_TCP:0"));
                    if (attack6.detectionKeys.size() != attack7.detectionKeys.size()) {
                        System.out.println(attack6.detectionKeys.toString() + "; " + attack7.detectionKeys.toString());
                        break;
                    } else {
                        break;
                    }
                case 3:
                    Attack attack8 = new Attack(this.dfAppRootFullImpl.attacksRepo.getRow("pn1_TCP:0"));
                    attack8.detectionKeys.clear();
                    this.dfAppRootFullImpl.attacksRepo.setRow(attack8.key, attack8.toRow());
                    System.out.println("Cleared detectionKeys");
                    break;
            }
        }
        System.out.println("time = " + ((System.currentTimeMillis() / 1000) - currentTimeMillis));
    }

    @Override // org.opendaylight.defense4all.core.AttackDecisionPoint
    public synchronized void addDetection(Detection detection) {
        if (detection == null || detection.key == null) {
            this.log.error("Trying to add null detection");
            return;
        }
        try {
            Object cellValue = this.dfAppRootFullImpl.pNsRepo.getCellValue(detection.pnKey, PN.OPERATIONAL_STATUS);
            PN.OperationalStatus operationalStatus = PN.OperationalStatus.INVALID;
            if (cellValue != null) {
                operationalStatus = PN.OperationalStatus.valueOf((String) cellValue);
            }
            if (operationalStatus != PN.OperationalStatus.CANCELED) {
                if (operationalStatus == PN.OperationalStatus.FAILED) {
                    return;
                }
                this.log.info("DF is processing detection " + detection.toString());
                try {
                    this.dfAppRootFullImpl.detectionsRepo.setRow(detection.key, detection.toRow());
                    Attack findMatchingAttack = findMatchingAttack(detection);
                    String generateKey = Attack.generateKey(detection.pnKey, detection.protocolPort);
                    if (findMatchingAttack == null) {
                        findMatchingAttack = new Attack(generateKey, detection.pnKey, detection.protocolPort, Attack.Status.SUSPECTED, null);
                        this.fr.logRecord(DFAppRoot.FR_DF_SECURITY, "DefenseFlow declaring a new attack on " + findMatchingAttack.getPrintableAttackTarget());
                    }
                    switch (findMatchingAttack.status) {
                        case DECLARED:
                            this.log.info("DF is adding detection " + detection.key + " to existing attack " + findMatchingAttack.key);
                            break;
                        case SUSPECTED:
                            break;
                        case ENDED:
                            try {
                                this.dfAppRootFullImpl.attacksRepo.deleteRow(findMatchingAttack.key);
                            } catch (Throwable th) {
                                this.log.error("Failed to delete attack from attacksRepo. " + findMatchingAttack.key, th);
                                this.fMain.getHealthTracker().reportHealthIssue(1);
                            }
                            findMatchingAttack = new Attack(generateKey, detection.pnKey, detection.protocolPort, Attack.Status.SUSPECTED, null);
                            this.fr.logRecord(DFAppRoot.FR_DF_SECURITY, "DefenseFlow declaring a new attack on " + Detection.getPrintableDetectionTarget(generateKey));
                            this.log.info("DF is declaring a new attack " + generateKey);
                            break;
                        case ENDING:
                            this.log.info(detection.key + " is of an \"ending attack\". DF is ignoring new detections until the attack is fully ended.");
                            return;
                        default:
                            return;
                    }
                    findMatchingAttack.detectionKeys.setProperty(detection.key, detection.key);
                    try {
                        this.dfAppRootFullImpl.attacksRepo.setRow(findMatchingAttack.key, findMatchingAttack.toRow());
                        try {
                            invokeDecoupledSerially(1, null);
                        } catch (Throwable th2) {
                            this.log.error("Excepted trying to invokeDecoupledSerialiy 1", th2);
                        }
                    } catch (Throwable th3) {
                        this.log.error("Failed to create attack in the attacksRepo. " + findMatchingAttack.key, th3);
                        this.fr.logRecord(DFAppRoot.FR_DF_SECURITY, "DefenseFlow  fail to process attack on " + Detection.getPrintableDetectionTarget(findMatchingAttack.key));
                        this.fMain.getHealthTracker().reportHealthIssue(1);
                    }
                } catch (ExceptionControlApp e) {
                    this.log.error("Failed to add detetection to detectionsRepo. Detection key: " + detection.key, (Throwable) e);
                    this.fr.logRecord(DFAppRoot.FR_DF_FAILURE, "DefenseFlow failed to process detection " + Detection.getPrintableDetectionTarget(detection.key));
                    this.fMain.getHealthTracker().reportHealthIssue(1);
                }
            }
        } catch (Throwable th4) {
            this.log.error("Failed to retrieve operational status value for " + detection.pnKey, th4);
            this.fMain.getHealthTracker().reportHealthIssue(1);
        }
    }

    protected Attack findMatchingAttack(Detection detection) {
        try {
            PN pn = new PN(this.dfAppRootFullImpl.pNsRepo.getRow(detection.pnKey));
            Traffic traffic = new Traffic(0, pn.dstAddr, pn.dstAddrPrefixLen);
            Hashtable<String, Hashtable<String, Object>> table = this.dfAppRootFullImpl.attacksRepo.getTable();
            if (table == null) {
                this.log.error("Retrieved null attacksTable.");
                this.fMain.getHealthTracker().reportHealthIssue(5);
                return null;
            }
            Iterator<Map.Entry<String, Hashtable<String, Object>>> it = table.entrySet().iterator();
            while (it.hasNext()) {
                try {
                    Attack attack = new Attack(it.next().getValue());
                    if (attack.pnKey.equals(detection.pnKey)) {
                        traffic.setProtocolPort(attack.protocolPort.protocol, attack.protocolPort.port);
                        try {
                            if (traffic.match(0, pn.dstAddr, detection.protocolPort.protocol, detection.protocolPort.port) != Traffic.TrafficMatch.NO) {
                                return attack;
                            }
                        } catch (Throwable th) {
                            this.log.error("Excepted in match operation for attack traffic: " + pn.dstAddr.getHostAddress() + ":" + detection.protocolPort.protocol + "." + detection.protocolPort.port, th);
                            FMHolder.get().getHealthTracker().reportHealthIssue(1);
                        }
                    } else {
                        continue;
                    }
                } catch (Throwable th2) {
                    this.log.error("Excepted trying to inflate attack from row. ", th2);
                    FMHolder.get().getHealthTracker().reportHealthIssue(1);
                }
            }
            return null;
        } catch (Throwable th3) {
            this.log.error("Failed to inflate PN from repo for detection: " + detection.key + "PN key:" + detection.pnKey, th3);
            this.fMain.getHealthTracker().reportHealthIssue(1);
            return null;
        }
    }

    @Override // org.opendaylight.defense4all.core.AttackDecisionPoint
    public synchronized void removeDetection(String str) {
        this.fr.logRecord(DFAppRoot.FR_DF_SECURITY, "DefenseFlow removing detection for  " + Detection.getPrintableDetectionTarget(str));
        this.log.info("DF is removing detection " + str);
        try {
            Hashtable<String, Object> row = this.dfAppRootFullImpl.detectionsRepo.getRow(str);
            if (row == null) {
                return;
            }
            Detection detection = new Detection(row);
            try {
                for (Map.Entry<String, Hashtable<String, Object>> entry : this.dfAppRootFullImpl.attacksRepo.getTable().entrySet()) {
                    Properties properties = (Properties) entry.getValue().get(Attack.DETECTION_KEYS);
                    if (properties != null) {
                        properties.remove(detection.key);
                        this.dfAppRootFullImpl.attacksRepo.setCell(entry.getKey(), Attack.DETECTION_KEYS, properties);
                    }
                }
                try {
                    this.dfAppRootFullImpl.detectionsRepo.deleteRow(str);
                    Traffic.NameHash.reset();
                    try {
                        invokeDecoupledSerially(1, null);
                    } catch (Throwable th) {
                        this.log.error("Excepted trying to invokeDecoupledSerialiy 1", th);
                    }
                } catch (ExceptionControlApp e) {
                    this.log.error("Failed to delete detetectionRow from detectionsRepo. Detection key: " + str, (Throwable) e);
                    this.fMain.getHealthTracker().reportHealthIssue(1);
                }
            } catch (Throwable th2) {
                this.log.error("Failed to delete detection from the attack. Detection key: " + detection.key, th2);
                this.fMain.getHealthTracker().reportHealthIssue(1);
            }
        } catch (ExceptionControlApp e2) {
            this.log.error("Failed to get detetectionRow from detectionsRepo. Detection key: " + str, (Throwable) e2);
            this.fr.logRecord(DFAppRoot.FR_DF_FAILURE, "DefenseFlow failed to remove detection for " + Detection.getPrintableDetectionTarget(str));
            this.fMain.getHealthTracker().reportHealthIssue(1);
        }
    }

    public void removePN(String str) throws ExceptionControlApp {
        this.log.info("DF is processing PN removal with respect to ongoing attacks " + str);
        try {
            invokeDecoupledSerially(2, str);
        } catch (ExceptionControlApp e) {
            String str2 = "Excepted trying to invokeDecoupledSerialiy 2 " + str;
            this.log.error(str2, (Throwable) e);
            throw new ExceptionControlApp(str2, e);
        }
    }

    protected synchronized void decoupledRemovePN(String str) {
        Hashtable<String, Hashtable<String, Object>> table = this.dfAppRootFullImpl.attacksRepo.getTable();
        if (table == null) {
            return;
        }
        Iterator<Map.Entry<String, Hashtable<String, Object>>> it = table.entrySet().iterator();
        while (it.hasNext()) {
            try {
                Hashtable<String, Object> value = it.next().getValue();
                if (((String) value.get("pnkey")).equals(str)) {
                    this.fr.logRecord(DFAppRoot.FR_DF_SECURITY, "DefenseFlow ending attack for removed PO  " + PN.getPrintableKey(str));
                    endAttack(new Attack(value));
                }
            } catch (ExceptionControlApp e) {
                this.log.error("Failed to process endAttack in decoupledRemovePN ", (Throwable) e);
            }
        }
    }

    protected synchronized void periodicProcessAttacks() {
        if (this.fMain.isOpenForBusiness()) {
            List<String> list = null;
            try {
                list = this.dfAppRootFullImpl.attacksRepo.getKeys();
            } catch (ExceptionControlApp e) {
                this.log.error("Failed to get keys from attacksRepo", (Throwable) e);
                this.fMain.getHealthTracker().reportHealthIssue(1);
            }
            if (list == null) {
                return;
            }
            for (String str : list) {
                try {
                    processAttack(str);
                } catch (ExceptionControlApp e2) {
                    this.log.error("Failed in decoupledProcessAttacks. Attack key: " + str);
                    this.fMain.getHealthTracker().reportHealthIssue(1);
                }
            }
        }
    }

    protected void processAttack(String str) throws ExceptionControlApp {
        try {
            Hashtable<String, Object> row = this.dfAppRootFullImpl.attacksRepo.getRow(str);
            if (row == null) {
                return;
            }
            Attack attack = new Attack(row);
            if (attack.status == Attack.Status.ENDING) {
                return;
            }
            if (attack.status == Attack.Status.ENDED) {
                try {
                    this.dfAppRootFullImpl.attacksRepo.deleteRow(str);
                    return;
                } catch (Exception e) {
                    this.log.error("Failed to delete attackRow from attacksRepo. Attack key: " + str, (Throwable) e);
                    this.fMain.getHealthTracker().reportHealthIssue(1);
                    throw new ExceptionControlApp("Failed to delete attackRow from attacksRepo. Attack key: " + str, e);
                }
            }
            long currentTimeMillis = System.currentTimeMillis() / 1000;
            long j = currentTimeMillis;
            Set entrySet = attack.detectionKeys.entrySet();
            if (entrySet == null) {
                return;
            }
            Iterator it = entrySet.iterator();
            while (it.hasNext()) {
                String str2 = (String) ((Map.Entry) it.next()).getKey();
                try {
                    Hashtable<String, Object> row2 = this.dfAppRootFullImpl.detectionsRepo.getRow(str2);
                    if (row2 != null) {
                        Detection detection = new Detection(row2);
                        long j2 = detection.setTime + detection.duration;
                        if (j2 > j) {
                            j = j2;
                        }
                    }
                } catch (Throwable th) {
                    this.log.error("Failed to get detectionRow from detectionsRepo. Detection key: " + str2, th);
                    this.fMain.getHealthTracker().reportHealthIssue(1);
                }
            }
            this.log.debug("Attack: " + str + " Expiration: " + j + " Current time: " + currentTimeMillis);
            if (j <= currentTimeMillis && attack.status != Attack.Status.ENDING && attack.status != Attack.Status.ENDED) {
                this.log.info("processAttack: ending attack: " + attack.toString());
                endAttack(attack);
            } else if (attack.status != Attack.Status.DECLARED) {
                declareAttack(str);
            }
            this.log.debug("attack detection keys: " + attack.detectionKeys.toString());
            try {
                this.log.debug("attack repo detection keys: " + ((Properties) this.dfAppRootFullImpl.attacksRepo.getCellValue(str, Attack.DETECTION_KEYS)).toString());
            } catch (Exception e2) {
            }
        } catch (Throwable th2) {
            this.log.error("Failed to get attackRow from attacksRepo. Attack key: " + str, th2);
            this.fMain.getHealthTracker().reportHealthIssue(1);
            throw new ExceptionControlApp("Failed to get attackRow from attacksRepo. Attack key: " + str, th2);
        }
    }

    protected void declareAttack(String str) throws ExceptionControlApp {
        try {
            this.dfAppRootFullImpl.detectorMgrImpl.cleanup();
        } catch (Throwable th) {
            this.log.error("Failed to initiate detector manager cleanup", th);
        }
        try {
            this.dfAppRootFullImpl.attacksRepo.setCell(str, "status", Attack.Status.DECLARED.name());
            this.dfAppRootFullImpl.mitigationMgrImpl.mitigate(str);
        } catch (ExceptionControlApp e) {
            this.log.error("Failed to update attack status in attacksRepo " + str, (Throwable) e);
            this.fr.logRecord(DFAppRoot.FR_DF_SECURITY, "DefenseFlow failed to process attack on " + Attack.getPrintableAttackTarget(str));
            this.fMain.getHealthTracker().reportHealthIssue(1);
            throw new ExceptionControlApp("Failed to update attack status in attacksRepo " + str, e);
        }
    }

    protected void endAttack(Attack attack) throws ExceptionControlApp {
        if (attack.status != Attack.Status.DECLARED) {
            return;
        }
        this.fr.logRecord(DFAppRoot.FR_DF_SECURITY, "DefenseFlow ending the attack on " + Attack.getPrintableAttackTarget(attack.key));
        attack.status = Attack.Status.ENDING;
        List<String> mitigationTrafficFloorKeys = this.dfAppRootFullImpl.mitigationMgrImpl.getMitigationTrafficFloorKeys(attack.key);
        Set entrySet = attack.detectionKeys.entrySet();
        if (mitigationTrafficFloorKeys != null && entrySet != null) {
            EndDetectionNotification endDetectionNotification = new EndDetectionNotification();
            endDetectionNotification.trafficFloorKeys = mitigationTrafficFloorKeys;
            Iterator it = entrySet.iterator();
            while (it.hasNext()) {
                String str = (String) ((Map.Entry) it.next()).getKey();
                try {
                    endDetectionNotification.detection = new Detection(this.dfAppRootFullImpl.detectionsRepo.getRow(str));
                    this.dfAppRootFullImpl.detectorMgrImpl.notifyEndDetection(endDetectionNotification);
                    this.dfAppRootFullImpl.detectionsRepo.deleteRow(str);
                } catch (Throwable th) {
                    this.log.error("Failed to end detection for attack. " + str);
                }
                it.remove();
            }
        }
        try {
            this.dfAppRootFullImpl.attacksRepo.setRow(attack.key, attack.toRow());
            try {
                this.dfAppRootFullImpl.mitigationMgrImpl.endMitigation(attack.key);
            } catch (Exception e) {
            }
        } catch (Exception e2) {
            this.log.error("Failed to update attack in attacksRepo. " + attack.key);
            this.fr.logRecord(DFAppRoot.FR_DF_SECURITY, "DefenseFlow failed to end attack on " + Attack.getPrintableAttackTarget(attack.key));
            this.fMain.getHealthTracker().reportHealthIssue(1);
            throw new ExceptionControlApp("Failed to update attack in attacksRepo. " + attack.key);
        }
    }

    @Override // org.opendaylight.defense4all.framework.core.Module
    protected void actionSwitcher(int i, Object obj) {
        switch (i) {
            case 0:
            default:
                return;
            case 1:
                periodicProcessAttacks();
                return;
            case 2:
                decoupledRemovePN((String) obj);
                return;
        }
    }
}
