X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=test%2Ftest_acl_plugin_macip.py;h=4872bffc17d9ee98d9d52d89f4d4ab00819d06e7;hb=33331edd3ab8c2c2109203be7568587664f08abc;hp=d27458d7df07fdf0c75d8b56b4db7f74cef820a2;hpb=8daa80a4adfd82a19017c2c12554a8a43dddccd7;p=vpp.git diff --git a/test/test_acl_plugin_macip.py b/test/test_acl_plugin_macip.py index d27458d7df0..4872bffc17d 100644 --- a/test/test_acl_plugin_macip.py +++ b/test/test_acl_plugin_macip.py @@ -1,6 +1,8 @@ #!/usr/bin/env python +from __future__ import print_function """ACL plugin - MACIP tests """ +import binascii import random import re import unittest @@ -16,6 +18,7 @@ from framework import VppTestCase, VppTestRunner, running_extended_tests from vpp_lo_interface import VppLoInterface from vpp_papi_provider import L2_VTR_OP from vpp_sub_interface import VppSubInterface, VppDot1QSubint, VppDot1ADSubint +from vpp_papi_provider import L2_PORT_TYPE class MethodHolder(VppTestCase): @@ -63,7 +66,7 @@ class MethodHolder(VppTestCase): try: # create 4 pg interfaces, 1 loopback interface cls.create_pg_interfaces(range(4)) - cls.create_loopback_interfaces(range(1)) + cls.create_loopback_interfaces(1) # create 2 subinterfaces cls.subifs = [ @@ -90,7 +93,8 @@ class MethodHolder(VppTestCase): # Create BD with MAC learning enabled and put interfaces to this BD cls.vapi.sw_interface_set_l2_bridge( - cls.loop0.sw_if_index, bd_id=cls.bd_id, bvi=1) + cls.loop0.sw_if_index, bd_id=cls.bd_id, + port_type=L2_PORT_TYPE.BVI) cls.vapi.sw_interface_set_l2_bridge( cls.pg0.sw_if_index, bd_id=cls.bd_id) cls.vapi.sw_interface_set_l2_bridge( @@ -142,7 +146,7 @@ class MethodHolder(VppTestCase): cls.subifs[3].remote_hosts = cls.loop0.remote_hosts[175:] except Exception: - super(TestMACIP, cls).tearDownClass() + super(MethodHolder, cls).tearDownClass() raise def setUp(self): @@ -164,29 +168,29 @@ class MethodHolder(VppTestCase): self.logger.info(self.vapi.ppcli("sh acl-plugin acl")) self.logger.info(self.vapi.ppcli("sh acl-plugin interface")) self.logger.info(self.vapi.ppcli("sh acl-plugin tables")) - # print self.vapi.ppcli("show interface address") - # print self.vapi.ppcli("show hardware") - # print self.vapi.ppcli("sh acl-plugin macip interface") - # print self.vapi.ppcli("sh acl-plugin macip acl") + # print(self.vapi.ppcli("show interface address")) + # print(self.vapi.ppcli("show hardware")) + # print(self.vapi.ppcli("sh acl-plugin macip interface")) + # print(self.vapi.ppcli("sh acl-plugin macip acl")) self.delete_acls() def macip_acl_dump_debug(self): acls = self.vapi.macip_acl_dump() if self.DEBUG: for acl in acls: - print "ACL #"+str(acl.acl_index) + print("ACL #"+str(acl.acl_index)) for r in acl.r: rule = "ACTION" if r.is_permit == 1: rule = "PERMIT" elif r.is_permit == 0: rule = "DENY " - print " IP6" if r.is_ipv6 else " IP4", \ - rule, \ - r.src_mac.encode('hex'), \ - r.src_mac_mask.encode('hex'),\ - unpack('<16B', r.src_ip_addr), \ - r.src_ip_prefix_len + print(" IP6" if r.is_ipv6 else " IP4", + rule, + binascii.hexlify(r.src_mac), + binascii.hexlify(r.src_mac_mask), + unpack('<16B', r.src_ip_addr), + r.src_ip_prefix_len) return acls def create_rules(self, mac_type=EXACT_MAC, ip_type=EXACT_IP, @@ -287,13 +291,10 @@ class MethodHolder(VppTestCase): reply = self.vapi.macip_acl_dump() self.assertEqual(len(reply), 0) - intf_acls = self.vapi.ppcli("sh acl-plugin interface").split( - "\nsw_if_index") + intf_acls = self.vapi.acl_interface_list_dump() for i_a in intf_acls: - ia = i_a.split(":") - if len(ia) == 3: - sw_if_index = int(ia[0]) - acl_index = int(ia[2]) + sw_if_index = i_a.sw_if_index + for acl_index in i_a.acls: self.vapi.acl_interface_add_del(sw_if_index, acl_index, 0) self.vapi.acl_del(acl_index) @@ -569,26 +570,27 @@ class MethodHolder(VppTestCase): # p_l3 = IPv6 if is_ip6 else IP # if self.DEBUG: # for p in stream: - # print p[Ether].src, p[Ether].dst, p[p_l3].src, p[p_l3].dst + # print(p[Ether].src, p[Ether].dst, p[p_l3].src, p[p_l3].dst) # # acls = self.macip_acl_dump_debug() # TODO : verify # for acl in acls: # for r in acl.r: - # print r.src_mac.encode('hex'), \ - # r.src_mac_mask.encode('hex'),\ + # print(binascii.hexlify(r.src_mac), \ + # binascii.hexlify(r.src_mac_mask),\ # unpack('<16B', r.src_ip_addr), \ - # r.src_ip_prefix_len + # r.src_ip_prefix_len) # # for p in capture: - # print p[Ether].src, p[Ether].dst, p[p_l3].src, p[p_l3].dst - # data = p[Raw].load.split(':',1)[1] - # print p[p_l3].src, data + # print(p[Ether].src, p[Ether].dst, p[p_l3].src, p[p_l3].dst + # data = p[Raw].load.split(':',1)[1]) + # print(p[p_l3].src, data) def run_traffic(self, mac_type, ip_type, traffic, is_ip6, packets, do_not_expected_capture=False, tags=None, - apply_rules=True, isMACIP=True, permit_tags=PERMIT_TAGS): + apply_rules=True, isMACIP=True, permit_tags=PERMIT_TAGS, + try_replace=False): self.reset_packet_infos() if tags is None: @@ -650,6 +652,15 @@ class MethodHolder(VppTestCase): self.vapi.macip_acl_interface_add_del( sw_if_index=tx_if.sw_if_index, acl_index=0) + if try_replace: + if isMACIP: + reply = self.vapi.macip_acl_add_replace( + test_dict['macip_rules'], + acl_index) + else: + reply = self.vapi.acl_add_replace(acl_index=acl_index, + r=test_dict['acl_rules']) + self.assertEqual(reply.retval, 0) if not isinstance(src_if, VppSubInterface): tx_if.add_stream(test_dict['stream']) @@ -812,16 +823,9 @@ class TestMACIP_IP4(MethodHolder): """ MACIP replace ACL with IP4 traffic """ self.run_traffic(self.OUI_MAC, self.SUBNET_IP, - self.BRIDGED, self.IS_IP4, 9) - - r = self.create_rules() - # replace acls #2, #3 with new - reply = self.vapi.macip_acl_add_replace(r[0], 0) - self.assertEqual(reply.retval, 0) - self.assertEqual(reply.acl_index, 0) - + self.BRIDGED, self.IS_IP4, 9, try_replace=True) self.run_traffic(self.EXACT_MAC, self.EXACT_IP, - self.BRIDGED, self.IS_IP4, 9, True) + self.BRIDGED, self.IS_IP4, 9, try_replace=True) class TestMACIP_IP6(MethodHolder): @@ -957,16 +961,9 @@ class TestMACIP_IP6(MethodHolder): """ MACIP replace ACL with IP6 traffic """ self.run_traffic(self.OUI_MAC, self.SUBNET_IP, - self.BRIDGED, self.IS_IP6, 9) - - r = self.create_rules() - # replace acls #2, #3 with new - reply = self.vapi.macip_acl_add_replace(r[0], 0) - self.assertEqual(reply.retval, 0) - self.assertEqual(reply.acl_index, 0) - + self.BRIDGED, self.IS_IP6, 9, try_replace=True) self.run_traffic(self.EXACT_MAC, self.EXACT_IP, - self.BRIDGED, self.IS_IP6, 9, True) + self.BRIDGED, self.IS_IP6, 9, try_replace=True) class TestMACIP(MethodHolder): @@ -1087,8 +1084,8 @@ class TestMACIP(MethodHolder): self.apply_macip_rules(self.create_rules(acl_count=3, rules_count=[3, 5, 4])) - intf.append(VppLoInterface(self, 0)) - intf.append(VppLoInterface(self, 1)) + intf.append(VppLoInterface(self)) + intf.append(VppLoInterface(self)) sw_if_index0 = intf[0].sw_if_index self.vapi.macip_acl_interface_add_del(sw_if_index0, 1) @@ -1110,8 +1107,8 @@ class TestMACIP(MethodHolder): self.assertEqual(reply.acls[sw_if_index0], 4294967295) self.assertEqual(reply.acls[sw_if_index1], 0) - intf.append(VppLoInterface(self, 2)) - intf.append(VppLoInterface(self, 3)) + intf.append(VppLoInterface(self)) + intf.append(VppLoInterface(self)) sw_if_index2 = intf[2].sw_if_index sw_if_index3 = intf[3].sw_if_index self.vapi.macip_acl_interface_add_del(sw_if_index2, 1) @@ -1122,6 +1119,12 @@ class TestMACIP(MethodHolder): self.assertEqual(reply.acls[sw_if_index1], 0) self.assertEqual(reply.acls[sw_if_index2], 1) self.assertEqual(reply.acls[sw_if_index3], 1) + self.logger.info("MACIP ACL on multiple interfaces:") + self.logger.info(self.vapi.ppcli("sh acl-plugin macip acl")) + self.logger.info(self.vapi.ppcli("sh acl-plugin macip acl index 1234")) + self.logger.info(self.vapi.ppcli("sh acl-plugin macip acl index 1")) + self.logger.info(self.vapi.ppcli("sh acl-plugin macip acl index 0")) + self.logger.info(self.vapi.ppcli("sh acl-plugin macip interface")) intf[2].remove_vpp_config() intf[1].remove_vpp_config()