Code Review
/
vpp.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
VPP-521: Classify API enhancement to redirect traffic to pre-defined VRF
[vpp.git]
/
vnet
/
vnet
/
ip
/
ip_input_acl.c
diff --git
a/vnet/vnet/ip/ip_input_acl.c
b/vnet/vnet/ip/ip_input_acl.c
index
e905ed1
..
93a580c
100644
(file)
--- a/
vnet/vnet/ip/ip_input_acl.c
+++ b/
vnet/vnet/ip/ip_input_acl.c
@@
-115,11
+115,9
@@
ip_inacl_inline (vlib_main_t * vm,
bi0 = from[0];
b0 = vlib_get_buffer (vm, bi0);
bi0 = from[0];
b0 = vlib_get_buffer (vm, bi0);
- h0 = b0->data;
bi1 = from[1];
b1 = vlib_get_buffer (vm, bi1);
bi1 = from[1];
b1 = vlib_get_buffer (vm, bi1);
- h1 = b1->data;
sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX];
table_index0 = am->classify_table_index_by_sw_if_index[tid][sw_if_index0];
sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX];
table_index0 = am->classify_table_index_by_sw_if_index[tid][sw_if_index0];
@@
-131,11
+129,21
@@
ip_inacl_inline (vlib_main_t * vm,
t1 = pool_elt_at_index (vcm->tables, table_index1);
t1 = pool_elt_at_index (vcm->tables, table_index1);
+ if (t0->current_data_flag == CLASSIFY_FLAG_USE_CURR_DATA)
+ h0 = (void *)vlib_buffer_get_current (b0) + t0->current_data_offset;
+ else
+ h0 = b0->data;
+
vnet_buffer(b0)->l2_classify.hash =
vnet_classify_hash_packet (t0, (u8 *) h0);
vnet_classify_prefetch_bucket (t0, vnet_buffer(b0)->l2_classify.hash);
vnet_buffer(b0)->l2_classify.hash =
vnet_classify_hash_packet (t0, (u8 *) h0);
vnet_classify_prefetch_bucket (t0, vnet_buffer(b0)->l2_classify.hash);
+ if (t1->current_data_flag == CLASSIFY_FLAG_USE_CURR_DATA)
+ h1 = (void *)vlib_buffer_get_current (b1) + t1->current_data_offset;
+ else
+ h1 = b1->data;
+
vnet_buffer(b1)->l2_classify.hash =
vnet_classify_hash_packet (t1, (u8 *) h1);
vnet_buffer(b1)->l2_classify.hash =
vnet_classify_hash_packet (t1, (u8 *) h1);
@@
-160,12
+168,17
@@
ip_inacl_inline (vlib_main_t * vm,
bi0 = from[0];
b0 = vlib_get_buffer (vm, bi0);
bi0 = from[0];
b0 = vlib_get_buffer (vm, bi0);
- h0 = b0->data;
sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX];
table_index0 = am->classify_table_index_by_sw_if_index[tid][sw_if_index0];
t0 = pool_elt_at_index (vcm->tables, table_index0);
sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX];
table_index0 = am->classify_table_index_by_sw_if_index[tid][sw_if_index0];
t0 = pool_elt_at_index (vcm->tables, table_index0);
+
+ if (t0->current_data_flag == CLASSIFY_FLAG_USE_CURR_DATA)
+ h0 = (void *)vlib_buffer_get_current (b0) + t0->current_data_offset;
+ else
+ h0 = b0->data;
+
vnet_buffer(b0)->l2_classify.hash =
vnet_classify_hash_packet (t0, (u8 *) h0);
vnet_buffer(b0)->l2_classify.hash =
vnet_classify_hash_packet (t0, (u8 *) h0);
@@
-227,12
+240,11
@@
ip_inacl_inline (vlib_main_t * vm,
n_left_to_next -= 1;
b0 = vlib_get_buffer (vm, bi0);
n_left_to_next -= 1;
b0 = vlib_get_buffer (vm, bi0);
- h0 = b0->data;
table_index0 = vnet_buffer(b0)->l2_classify.table_index;
e0 = 0;
t0 = 0;
vnet_get_config_data (am->vnet_config_main[tid],
table_index0 = vnet_buffer(b0)->l2_classify.table_index;
e0 = 0;
t0 = 0;
vnet_get_config_data (am->vnet_config_main[tid],
- &
vnet_buffer(b0)->ip.
current_config_index,
+ &
b0->
current_config_index,
&next0,
/* # bytes of config data */ 0);
&next0,
/* # bytes of config data */ 0);
@@
-243,6
+255,11
@@
ip_inacl_inline (vlib_main_t * vm,
hash0 = vnet_buffer(b0)->l2_classify.hash;
t0 = pool_elt_at_index (vcm->tables, table_index0);
hash0 = vnet_buffer(b0)->l2_classify.hash;
t0 = pool_elt_at_index (vcm->tables, table_index0);
+ if (t0->current_data_flag == CLASSIFY_FLAG_USE_CURR_DATA)
+ h0 = (void *)vlib_buffer_get_current (b0) + t0->current_data_offset;
+ else
+ h0 = b0->data;
+
e0 = vnet_classify_find_entry (t0, (u8 *) h0, hash0,
now);
if (e0)
e0 = vnet_classify_find_entry (t0, (u8 *) h0, hash0,
now);
if (e0)
@@
-263,6
+280,10
@@
ip_inacl_inline (vlib_main_t * vm,
error0 = (next0 == ACL_NEXT_INDEX_DENY)?
IP6_ERROR_INACL_SESSION_DENY:IP6_ERROR_NONE;
b0->error = error_node->errors[error0];
error0 = (next0 == ACL_NEXT_INDEX_DENY)?
IP6_ERROR_INACL_SESSION_DENY:IP6_ERROR_NONE;
b0->error = error_node->errors[error0];
+
+ if (e0->action == CLASSIFY_ACTION_SET_IP4_FIB_INDEX ||
+ e0->action == CLASSIFY_ACTION_SET_IP6_FIB_INDEX)
+ vnet_buffer (b0)->sw_if_index[VLIB_TX] = e0->metadata;
}
else
{
}
else
{
@@
-288,6
+309,11
@@
ip_inacl_inline (vlib_main_t * vm,
break;
}
break;
}
+ if (t0->current_data_flag == CLASSIFY_FLAG_USE_CURR_DATA)
+ h0 = (void *)vlib_buffer_get_current (b0) + t0->current_data_offset;
+ else
+ h0 = b0->data;
+
hash0 = vnet_classify_hash_packet (t0, (u8 *) h0);
e0 = vnet_classify_find_entry
(t0, (u8 *) h0, hash0, now);
hash0 = vnet_classify_hash_packet (t0, (u8 *) h0);
e0 = vnet_classify_find_entry
(t0, (u8 *) h0, hash0, now);
@@
-308,6
+334,10
@@
ip_inacl_inline (vlib_main_t * vm,
error0 = (next0 == ACL_NEXT_INDEX_DENY)?
IP6_ERROR_INACL_SESSION_DENY:IP6_ERROR_NONE;
b0->error = error_node->errors[error0];
error0 = (next0 == ACL_NEXT_INDEX_DENY)?
IP6_ERROR_INACL_SESSION_DENY:IP6_ERROR_NONE;
b0->error = error_node->errors[error0];
+
+ if (e0->action == CLASSIFY_ACTION_SET_IP4_FIB_INDEX ||
+ e0->action == CLASSIFY_ACTION_SET_IP6_FIB_INDEX)
+ vnet_buffer (b0)->sw_if_index[VLIB_TX] = e0->metadata;
break;
}
}
break;
}
}
@@
-322,7
+352,7
@@
ip_inacl_inline (vlib_main_t * vm,
t->sw_if_index = vnet_buffer(b0)->sw_if_index[VLIB_RX];
t->next_index = next0;
t->table_index = t0 ? t0 - vcm->tables : ~0;
t->sw_if_index = vnet_buffer(b0)->sw_if_index[VLIB_RX];
t->next_index = next0;
t->table_index = t0 ? t0 - vcm->tables : ~0;
- t->offset =
e0
? vnet_classify_get_offset (t0, e0): ~0;
+ t->offset =
(e0 && t0)
? vnet_classify_get_offset (t0, e0): ~0;
}
/* verify speculative enqueue, maybe switch current next frame */
}
/* verify speculative enqueue, maybe switch current next frame */
@@
-369,6
+399,8
@@
VLIB_REGISTER_NODE (ip4_inacl_node) = {
},
};
},
};
+VLIB_NODE_FUNCTION_MULTIARCH (ip4_inacl_node, ip4_inacl)
+
static uword
ip6_inacl (vlib_main_t * vm,
vlib_node_runtime_t * node,
static uword
ip6_inacl (vlib_main_t * vm,
vlib_node_runtime_t * node,
@@
-392,6
+424,8
@@
VLIB_REGISTER_NODE (ip6_inacl_node) = {
},
};
},
};
+VLIB_NODE_FUNCTION_MULTIARCH (ip6_inacl_node, ip6_inacl)
+
static clib_error_t *
ip_inacl_init (vlib_main_t * vm)
{
static clib_error_t *
ip_inacl_init (vlib_main_t * vm)
{