#include <vppinfra/bihash_template.h>
#include <vppinfra/bihash_template.c>
-/* *INDENT-OFF* */
VLIB_PLUGIN_REGISTER () = {
.version = VPP_BUILD_VER,
.description = "Access Control Lists (ACL)",
};
-/* *INDENT-ON* */
/* methods exported from ACL-as-a-service */
static acl_plugin_methods_t acl_plugin;
acl_main_t *am = &acl_main;
int rv = 0;
- /* *INDENT-OFF* */
REPLY_MACRO2 (VL_API_ACL_PLUGIN_CONTROL_PING_REPLY,
({
rmp->vpe_pid = ntohl (getpid ());
}));
- /* *INDENT-ON* */
}
static void
format_bitmap_hex, old_seen_acl_bitmap, format_bitmap_hex,
seen_acl_bitmap, format_bitmap_hex, change_acl_bitmap);
-/* *INDENT-OFF* */
clib_bitmap_foreach (acln, change_acl_bitmap) {
if (clib_bitmap_get(old_seen_acl_bitmap, acln)) {
/* ACL is being removed. */
vec_add1((*pinout_sw_if_index_vec_by_acl)[acln], sw_if_index);
}
}
-/* *INDENT-ON* */
vec_free ((*pinout_acl_vec_by_sw_if_index)[sw_if_index]);
(*pinout_acl_vec_by_sw_if_index)[sw_if_index] =
rv = VNET_API_ERROR_INVALID_VALUE;
}
- /* *INDENT-OFF* */
REPLY_MACRO2(VL_API_ACL_ADD_REPLACE_REPLY,
({
rmp->acl_index = htonl(acl_list_index);
}));
- /* *INDENT-ON* */
}
static void
if (mp->acl_index == ~0)
{
- /* *INDENT-OFF* */
/* Just dump all ACLs */
pool_foreach (acl, am->acls)
{
send_acl_details(am, reg, acl, mp->context);
}
- /* *INDENT-ON* */
}
else
{
if (mp->sw_if_index == ~0)
{
- /* *INDENT-OFF* */
pool_foreach (swif, im->sw_interfaces)
{
send_acl_interface_list_details(am, reg, swif->sw_if_index, mp->context);
}
- /* *INDENT-ON* */
}
else
{
rv = VNET_API_ERROR_INVALID_VALUE;
}
- /* *INDENT-OFF* */
REPLY_MACRO2(VL_API_MACIP_ACL_ADD_REPLY,
({
rmp->acl_index = htonl(acl_list_index);
}));
- /* *INDENT-ON* */
}
static void
rv = VNET_API_ERROR_INVALID_VALUE;
}
- /* *INDENT-OFF* */
REPLY_MACRO2(VL_API_MACIP_ACL_ADD_REPLACE_REPLY,
({
rmp->acl_index = htonl(acl_list_index);
}));
- /* *INDENT-ON* */
}
static void
if (mp->acl_index == ~0)
{
/* Just dump all ACLs for now, with sw_if_index = ~0 */
- /* *INDENT-OFF* */
pool_foreach (acl, am->macip_acls)
{
send_macip_acl_details (am, reg, acl, mp->context);
}
- /* *INDENT-ON* */
}
else
{
if (mp->sw_if_index == ~0)
{
- /* *INDENT-OFF* */
pool_foreach (swif, im->sw_interfaces)
{
send_acl_interface_etype_whitelist_details(am, reg, swif->sw_if_index, mp->context);
}
- /* *INDENT-ON* */
}
else
{
vlib_cli_output (vm, " link list id: %u", sess->link_list_id);
}
vlib_cli_output (vm, " connection add/del stats:", wk);
- /* *INDENT-OFF* */
pool_foreach (swif, im->sw_interfaces)
{
u32 sw_if_index = swif->sw_if_index;
n_dels,
n_epoch_changes);
}
- /* *INDENT-ON* */
vlib_cli_output (vm, " connection timeout type lists:", wk);
u8 tt = 0;
return error;
}
- /* *INDENT-OFF* */
VLIB_CLI_COMMAND (aclplugin_set_command, static) = {
.path = "set acl-plugin",
.short_help = "set acl-plugin session timeout {{udp idle}|tcp {idle|transient}} <seconds>",
"rules}",
.function = acl_set_aclplugin_acl_fn,
};
-/* *INDENT-ON* */
/*?
* Delete an Access Control List (ACL)