X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;ds=sidebyside;f=src%2Fplugins%2Facl%2Facl.h;h=d030681ac3ab84bf08b8bb80b50953bb265263ed;hb=1edc406da3d4f6e63de2f278360b5753f55c00df;hp=0c0a6db5af72a8f4cbba35637d77aecd82836a0c;hpb=4bc1796b346efd10f3fb19b176ff089179263a24;p=vpp.git

diff --git a/src/plugins/acl/acl.h b/src/plugins/acl/acl.h
index 0c0a6db5af7..d030681ac3a 100644
--- a/src/plugins/acl/acl.h
+++ b/src/plugins/acl/acl.h
@@ -26,7 +26,9 @@
 #include <vppinfra/elog.h>
 #include <vppinfra/bihash_48_8.h>
 #include <vppinfra/bihash_40_8.h>
+#include <vppinfra/bihash_16_8.h>
 
+#include "types.h"
 #include "fa_node.h"
 #include "hash_lookup_types.h"
 #include "lookup_context.h"
@@ -71,26 +73,6 @@ typedef struct
   } addr;
 } address_t;
 
-/*
- * ACL rules
- */
-typedef struct
-{
-  u8 is_permit;
-  u8 is_ipv6;
-  ip46_address_t src;
-  u8 src_prefixlen;
-  ip46_address_t dst;
-  u8 dst_prefixlen;
-  u8 proto;
-  u16 src_port_or_type_first;
-  u16 src_port_or_type_last;
-  u16 dst_port_or_code_first;
-  u16 dst_port_or_code_last;
-  u8 tcp_flags_value;
-  u8 tcp_flags_mask;
-} acl_rule_t;
-
 typedef struct
 {
   u8 is_permit;
@@ -140,6 +122,7 @@ typedef struct
   CLIB_CACHE_LINE_ALIGN_MARK(cacheline0);
   fa_5tuple_t mask;
   u32 refcount;
+  u8 from_tm;
 } ace_mask_type_entry_t;
 
 typedef struct {
@@ -212,9 +195,19 @@ typedef struct {
   /* Do we use hash-based ACL matching or linear */
   int use_hash_acl_matching;
 
+  /* Do we use the TupleMerge for hash ACLs or not */
+  int use_tuple_merge;
+
+  /* Max collision vector length before splitting the tuple */
+#define TM_SPLIT_THRESHOLD 39
+  int tuple_merge_split_threshold;
+
   /* a pool of all mask types present in all ACEs */
   ace_mask_type_entry_t *ace_mask_type_pool;
 
+  /* vec of vectors of all info of all mask types present in ACEs contained in each lc_index */
+  hash_applied_mask_info_t **hash_applied_mask_info_vec_by_lc_index;
+
   /*
    * Classify tables used to grab the packets for the ACL check,
    * and serving as the 5-tuple session tables at the same time
@@ -246,7 +239,8 @@ typedef struct {
   uword *fa_out_acl_on_sw_if_index;
   /* bihash holding all of the sessions */
   int fa_sessions_hash_is_initialized;
-  clib_bihash_40_8_t fa_sessions_hash;
+  clib_bihash_40_8_t fa_ip6_sessions_hash;
+  clib_bihash_16_8_t fa_ip4_sessions_hash;
   /* The process node which orcherstrates the cleanup */
   u32 fa_cleaner_node_index;
   /* FA session timeouts, in seconds */
@@ -388,15 +382,7 @@ AH has a special treatment of its length, it is in 32-bit words, not 64-bit word
 
 
 extern acl_main_t acl_main;
-/*
- * pointer to the above.
- * Needed for some gymnastics to be able to provide
- * the inline functions from this plugin to other plugins.
- */
-
-extern acl_main_t *p_acl_main;
 
 void *acl_plugin_set_heap();
 
-
 #endif