#!/usr/bin/env python
+from __future__ import print_function
"""ACL plugin - MACIP tests
"""
+import binascii
import random
import re
import unittest
from vpp_lo_interface import VppLoInterface
from vpp_papi_provider import L2_VTR_OP
from vpp_sub_interface import VppSubInterface, VppDot1QSubint, VppDot1ADSubint
+from vpp_papi_provider import L2_PORT_TYPE
class MethodHolder(VppTestCase):
try:
# create 4 pg interfaces, 1 loopback interface
cls.create_pg_interfaces(range(4))
- cls.create_loopback_interfaces(range(1))
+ cls.create_loopback_interfaces(1)
# create 2 subinterfaces
cls.subifs = [
# Create BD with MAC learning enabled and put interfaces to this BD
cls.vapi.sw_interface_set_l2_bridge(
- cls.loop0.sw_if_index, bd_id=cls.bd_id, bvi=1)
+ cls.loop0.sw_if_index, bd_id=cls.bd_id,
+ port_type=L2_PORT_TYPE.BVI)
cls.vapi.sw_interface_set_l2_bridge(
cls.pg0.sw_if_index, bd_id=cls.bd_id)
cls.vapi.sw_interface_set_l2_bridge(
cls.subifs[3].remote_hosts = cls.loop0.remote_hosts[175:]
except Exception:
- super(TestMACIP, cls).tearDownClass()
+ super(MethodHolder, cls).tearDownClass()
raise
def setUp(self):
self.logger.info(self.vapi.ppcli("sh acl-plugin acl"))
self.logger.info(self.vapi.ppcli("sh acl-plugin interface"))
self.logger.info(self.vapi.ppcli("sh acl-plugin tables"))
- # print self.vapi.ppcli("show interface address")
- # print self.vapi.ppcli("show hardware")
- # print self.vapi.ppcli("sh acl-plugin macip interface")
- # print self.vapi.ppcli("sh acl-plugin macip acl")
+ # print(self.vapi.ppcli("show interface address"))
+ # print(self.vapi.ppcli("show hardware"))
+ # print(self.vapi.ppcli("sh acl-plugin macip interface"))
+ # print(self.vapi.ppcli("sh acl-plugin macip acl"))
self.delete_acls()
def macip_acl_dump_debug(self):
acls = self.vapi.macip_acl_dump()
if self.DEBUG:
for acl in acls:
- print "ACL #"+str(acl.acl_index)
+ print("ACL #"+str(acl.acl_index))
for r in acl.r:
rule = "ACTION"
if r.is_permit == 1:
rule = "PERMIT"
elif r.is_permit == 0:
rule = "DENY "
- print " IP6" if r.is_ipv6 else " IP4", \
- rule, \
- r.src_mac.encode('hex'), \
- r.src_mac_mask.encode('hex'),\
- unpack('<16B', r.src_ip_addr), \
- r.src_ip_prefix_len
+ print(" IP6" if r.is_ipv6 else " IP4",
+ rule,
+ binascii.hexlify(r.src_mac),
+ binascii.hexlify(r.src_mac_mask),
+ unpack('<16B', r.src_ip_addr),
+ r.src_ip_prefix_len)
return acls
def create_rules(self, mac_type=EXACT_MAC, ip_type=EXACT_IP,
reply = self.vapi.macip_acl_dump()
self.assertEqual(len(reply), 0)
- intf_acls = self.vapi.ppcli("sh acl-plugin interface").split(
- "\nsw_if_index")
+ intf_acls = self.vapi.acl_interface_list_dump()
for i_a in intf_acls:
- ia = i_a.split(":")
- if len(ia) == 3:
- sw_if_index = int(ia[0])
- acl_index = int(ia[2])
+ sw_if_index = i_a.sw_if_index
+ for acl_index in i_a.acls:
self.vapi.acl_interface_add_del(sw_if_index, acl_index, 0)
self.vapi.acl_del(acl_index)
# p_l3 = IPv6 if is_ip6 else IP
# if self.DEBUG:
# for p in stream:
- # print p[Ether].src, p[Ether].dst, p[p_l3].src, p[p_l3].dst
+ # print(p[Ether].src, p[Ether].dst, p[p_l3].src, p[p_l3].dst)
#
# acls = self.macip_acl_dump_debug()
# TODO : verify
# for acl in acls:
# for r in acl.r:
- # print r.src_mac.encode('hex'), \
- # r.src_mac_mask.encode('hex'),\
+ # print(binascii.hexlify(r.src_mac), \
+ # binascii.hexlify(r.src_mac_mask),\
# unpack('<16B', r.src_ip_addr), \
- # r.src_ip_prefix_len
+ # r.src_ip_prefix_len)
#
# for p in capture:
- # print p[Ether].src, p[Ether].dst, p[p_l3].src, p[p_l3].dst
- # data = p[Raw].load.split(':',1)[1]
- # print p[p_l3].src, data
+ # print(p[Ether].src, p[Ether].dst, p[p_l3].src, p[p_l3].dst
+ # data = p[Raw].load.split(':',1)[1])
+ # print(p[p_l3].src, data)
def run_traffic(self, mac_type, ip_type, traffic, is_ip6, packets,
do_not_expected_capture=False, tags=None,
self.apply_macip_rules(self.create_rules(acl_count=3,
rules_count=[3, 5, 4]))
- intf.append(VppLoInterface(self, 0))
- intf.append(VppLoInterface(self, 1))
+ intf.append(VppLoInterface(self))
+ intf.append(VppLoInterface(self))
sw_if_index0 = intf[0].sw_if_index
self.vapi.macip_acl_interface_add_del(sw_if_index0, 1)
self.assertEqual(reply.acls[sw_if_index0], 4294967295)
self.assertEqual(reply.acls[sw_if_index1], 0)
- intf.append(VppLoInterface(self, 2))
- intf.append(VppLoInterface(self, 3))
+ intf.append(VppLoInterface(self))
+ intf.append(VppLoInterface(self))
sw_if_index2 = intf[2].sw_if_index
sw_if_index3 = intf[3].sw_if_index
self.vapi.macip_acl_interface_add_del(sw_if_index2, 1)
self.assertEqual(reply.acls[sw_if_index1], 0)
self.assertEqual(reply.acls[sw_if_index2], 1)
self.assertEqual(reply.acls[sw_if_index3], 1)
+ self.logger.info("MACIP ACL on multiple interfaces:")
+ self.logger.info(self.vapi.ppcli("sh acl-plugin macip acl"))
+ self.logger.info(self.vapi.ppcli("sh acl-plugin macip acl index 1234"))
+ self.logger.info(self.vapi.ppcli("sh acl-plugin macip acl index 1"))
+ self.logger.info(self.vapi.ppcli("sh acl-plugin macip acl index 0"))
+ self.logger.info(self.vapi.ppcli("sh acl-plugin macip interface"))
intf[2].remove_vpp_config()
intf[1].remove_vpp_config()