- for(j=0; j<am->acls[acl_index].count; j++) {
- r = &am->acls[acl_index].rules[j];
- out0 = format(out0, " %4d: %s ", j, r->is_ipv6 ? "ipv6" : "ipv4");
- out0 = format_acl_action(out0, r->is_permit);
- out0 = format(out0, " src %U/%d", format_ip46_address, &r->src,
- r->is_ipv6 ? IP46_TYPE_IP6: IP46_TYPE_IP4, r->src_prefixlen);
- out0 = format(out0, " dst %U/%d", format_ip46_address, &r->dst,
- r->is_ipv6 ? IP46_TYPE_IP6: IP46_TYPE_IP4, r->dst_prefixlen);
- out0 = format(out0, " proto %d", r->proto);
- out0 = format(out0, " sport %d", r->src_port_or_type_first);
- if (r->src_port_or_type_first != r->src_port_or_type_last) {
- out0 = format(out0, "-%d", r->src_port_or_type_last);
- }
- out0 = format(out0, " dport %d", r->dst_port_or_code_first);
- if (r->dst_port_or_code_first != r->dst_port_or_code_last) {
- out0 = format(out0, "-%d", r->dst_port_or_code_last);
- }
- if (r->tcp_flags_mask || r->tcp_flags_value) {
- out0 = format(out0, " tcpflags %d mask %d", r->tcp_flags_value, r->tcp_flags_mask);
- }
- out0 = format(out0, "\n");
- }
- return out0;
+ PRINT_AND_RESET (vm, out0);
+ for (j = 0; j < am->acls[acl_index].count; j++)
+ {
+ r = &am->acls[acl_index].rules[j];
+ out0 = format (out0, " %4d: %s ", j, r->is_ipv6 ? "ipv6" : "ipv4");
+ out0 = format_acl_action (out0, r->is_permit);
+ out0 = format (out0, " src %U/%d", format_ip46_address, &r->src,
+ r->is_ipv6 ? IP46_TYPE_IP6 : IP46_TYPE_IP4,
+ r->src_prefixlen);
+ out0 =
+ format (out0, " dst %U/%d", format_ip46_address, &r->dst,
+ r->is_ipv6 ? IP46_TYPE_IP6 : IP46_TYPE_IP4, r->dst_prefixlen);
+ out0 = format (out0, " proto %d", r->proto);
+ out0 = format (out0, " sport %d", r->src_port_or_type_first);
+ if (r->src_port_or_type_first != r->src_port_or_type_last)
+ {
+ out0 = format (out0, "-%d", r->src_port_or_type_last);
+ }
+ out0 = format (out0, " dport %d", r->dst_port_or_code_first);
+ if (r->dst_port_or_code_first != r->dst_port_or_code_last)
+ {
+ out0 = format (out0, "-%d", r->dst_port_or_code_last);
+ }
+ if (r->tcp_flags_mask || r->tcp_flags_value)
+ {
+ out0 =
+ format (out0, " tcpflags %d mask %d", r->tcp_flags_value,
+ r->tcp_flags_mask);
+ }
+ out0 = format (out0, "\n");
+ PRINT_AND_RESET (vm, out0);
+ }
+}
+
+#undef PRINT_AND_RESET
+
+static void
+acl_plugin_show_acl (acl_main_t * am, u32 acl_index)
+{
+ u32 i;
+ vlib_main_t *vm = am->vlib_main;
+
+ for (i = 0; i < vec_len (am->acls); i++)
+ {
+ if (acl_is_not_defined (am, i))
+ {
+ /* don't attempt to show the ACLs that do not exist */
+ continue;
+ }
+ if ((acl_index != ~0) && (acl_index != i))
+ {
+ continue;
+ }
+ acl_print_acl (vm, am, i);
+
+ if (i < vec_len (am->input_sw_if_index_vec_by_acl))
+ {
+ vlib_cli_output (vm, " applied inbound on sw_if_index: %U\n",
+ format_vec32, am->input_sw_if_index_vec_by_acl[i],
+ "%d");
+ }
+ if (i < vec_len (am->output_sw_if_index_vec_by_acl))
+ {
+ vlib_cli_output (vm, " applied outbound on sw_if_index: %U\n",
+ format_vec32, am->output_sw_if_index_vec_by_acl[i],
+ "%d");
+ }
+ }