2 * gbp.h : Group Based Policy
4 * Copyright (c) 2018 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <plugins/gbp/gbp.h>
21 * Single contract DB instance
23 gbp_contract_db_t gbp_contract_db;
26 gbp_contract_update (epg_id_t src_epg, epg_id_t dst_epg, u32 acl_index)
28 gbp_main_t *gm = &gbp_main;
30 gbp_contract_value_t value = {
36 gbp_contract_key_t key = {
41 if (~0 == gm->gbp_acl_user_id)
43 acl_plugin_exports_init (&gm->acl_plugin);
45 gm->acl_plugin.register_user_module ("GBP ACL", "src-epg", "dst-epg");
48 p = hash_get (gbp_contract_db.gc_hash, key.as_u64);
56 gm->acl_plugin.get_lookup_context_index (gm->gbp_acl_user_id, src_epg,
58 value.gc_acl_index = acl_index;
59 hash_set (gbp_contract_db.gc_hash, key.as_u64, value.as_u64);
62 if (value.gc_lc_index == ~0)
64 vec_add1 (acl_vec, acl_index);
65 gm->acl_plugin.set_acl_vec_for_context (value.gc_lc_index, acl_vec);
70 gbp_contract_delete (epg_id_t src_epg, epg_id_t dst_epg)
72 gbp_main_t *gm = &gbp_main;
74 gbp_contract_value_t value;
75 gbp_contract_key_t key = {
80 p = hash_get (gbp_contract_db.gc_hash, key.as_u64);
84 gm->acl_plugin.put_lookup_context_index (value.gc_lc_index);
86 hash_unset (gbp_contract_db.gc_hash, key.as_u64);
90 gbp_contract_walk (gbp_contract_cb_t cb, void *ctx)
92 gbp_contract_key_t key;
93 gbp_contract_value_t value;
96 hash_foreach(key.as_u64, value.as_u64, gbp_contract_db.gc_hash,
98 gbp_contract_t gbpc = {
109 static clib_error_t *
110 gbp_contract_cli (vlib_main_t * vm,
111 unformat_input_t * input, vlib_cli_command_t * cmd)
113 epg_id_t src_epg_id = EPG_INVALID, dst_epg_id = EPG_INVALID;
117 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
119 if (unformat (input, "add"))
121 else if (unformat (input, "del"))
123 else if (unformat (input, "src-epg %d", &src_epg_id))
125 else if (unformat (input, "dst-epg %d", &dst_epg_id))
127 else if (unformat (input, "acl-index %d", &acl_index))
133 if (EPG_INVALID == src_epg_id)
134 return clib_error_return (0, "Source EPG-ID must be specified");
135 if (EPG_INVALID == dst_epg_id)
136 return clib_error_return (0, "Destination EPG-ID must be specified");
140 gbp_contract_update (src_epg_id, dst_epg_id, acl_index);
144 gbp_contract_delete (src_epg_id, dst_epg_id);
151 * Configure a GBP Contract
154 * @cliexstart{set gbp contract [del] src-epg <ID> dst-epg <ID> acl-index <ACL>}
158 VLIB_CLI_COMMAND (gbp_contract_cli_node, static) =
160 .path = "gbp contract",
162 "gbp contract [del] src-epg <ID> dst-epg <ID> acl-index <ACL>",
163 .function = gbp_contract_cli,
167 static clib_error_t *
168 gbp_contract_show (vlib_main_t * vm,
169 unformat_input_t * input, vlib_cli_command_t * cmd)
171 gbp_contract_key_t key;
172 gbp_contract_value_t value;
174 vlib_cli_output (vm, "Contracts:");
177 hash_foreach (key.as_u64, value.as_u64, gbp_contract_db.gc_hash,
179 vlib_cli_output (vm, " {%d,%d} -> %d", key.gck_src,
180 key.gck_dst, value.gc_acl_index);
188 * Show Group Based Policy Contracts
191 * @cliexstart{show gbp contract}
195 VLIB_CLI_COMMAND (gbp_contract_show_node, static) = {
196 .path = "show gbp contract",
197 .short_help = "show gbp contract\n",
198 .function = gbp_contract_show,
203 * fd.io coding-style-patch-verification: ON
206 * eval: (c-set-style "gnu")