4 * Copyright(c) 2010-2016 Intel Corporation. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * * Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * * Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * * Neither the name of Intel Corporation nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 #include <rte_common.h>
37 #include <rte_malloc.h>
38 #include <rte_ether.h>
41 #include <rte_byteorder.h>
42 #include <rte_table_acl.h>
44 #include "pipeline_firewall_be.h"
47 struct pipeline_firewall {
49 pipeline_msg_req_handler custom_handlers[PIPELINE_FIREWALL_MSG_REQS];
52 uint32_t n_rule_fields;
53 struct rte_acl_field_def *field_format;
54 uint32_t field_format_size;
55 } __rte_cache_aligned;
58 pipeline_firewall_msg_req_custom_handler(struct pipeline *p, void *msg);
60 static pipeline_msg_req_handler handlers[] = {
61 [PIPELINE_MSG_REQ_PING] =
62 pipeline_msg_req_ping_handler,
63 [PIPELINE_MSG_REQ_STATS_PORT_IN] =
64 pipeline_msg_req_stats_port_in_handler,
65 [PIPELINE_MSG_REQ_STATS_PORT_OUT] =
66 pipeline_msg_req_stats_port_out_handler,
67 [PIPELINE_MSG_REQ_STATS_TABLE] =
68 pipeline_msg_req_stats_table_handler,
69 [PIPELINE_MSG_REQ_PORT_IN_ENABLE] =
70 pipeline_msg_req_port_in_enable_handler,
71 [PIPELINE_MSG_REQ_PORT_IN_DISABLE] =
72 pipeline_msg_req_port_in_disable_handler,
73 [PIPELINE_MSG_REQ_CUSTOM] =
74 pipeline_firewall_msg_req_custom_handler,
78 pipeline_firewall_msg_req_add_handler(struct pipeline *p, void *msg);
81 pipeline_firewall_msg_req_del_handler(struct pipeline *p, void *msg);
84 pipeline_firewall_msg_req_add_bulk_handler(struct pipeline *p, void *msg);
87 pipeline_firewall_msg_req_del_bulk_handler(struct pipeline *p, void *msg);
90 pipeline_firewall_msg_req_add_default_handler(struct pipeline *p, void *msg);
93 pipeline_firewall_msg_req_del_default_handler(struct pipeline *p, void *msg);
95 static pipeline_msg_req_handler custom_handlers[] = {
96 [PIPELINE_FIREWALL_MSG_REQ_ADD] =
97 pipeline_firewall_msg_req_add_handler,
98 [PIPELINE_FIREWALL_MSG_REQ_DEL] =
99 pipeline_firewall_msg_req_del_handler,
100 [PIPELINE_FIREWALL_MSG_REQ_ADD_BULK] =
101 pipeline_firewall_msg_req_add_bulk_handler,
102 [PIPELINE_FIREWALL_MSG_REQ_DEL_BULK] =
103 pipeline_firewall_msg_req_del_bulk_handler,
104 [PIPELINE_FIREWALL_MSG_REQ_ADD_DEFAULT] =
105 pipeline_firewall_msg_req_add_default_handler,
106 [PIPELINE_FIREWALL_MSG_REQ_DEL_DEFAULT] =
107 pipeline_firewall_msg_req_del_default_handler,
113 struct firewall_table_entry {
114 struct rte_pipeline_table_entry head;
117 static struct rte_acl_field_def field_format_ipv4[] = {
120 .type = RTE_ACL_FIELD_TYPE_BITMASK,
121 .size = sizeof(uint8_t),
124 .offset = sizeof(struct ether_hdr) +
125 offsetof(struct ipv4_hdr, next_proto_id),
128 /* Source IP address (IPv4) */
130 .type = RTE_ACL_FIELD_TYPE_MASK,
131 .size = sizeof(uint32_t),
134 .offset = sizeof(struct ether_hdr) +
135 offsetof(struct ipv4_hdr, src_addr),
138 /* Destination IP address (IPv4) */
140 .type = RTE_ACL_FIELD_TYPE_MASK,
141 .size = sizeof(uint32_t),
144 .offset = sizeof(struct ether_hdr) +
145 offsetof(struct ipv4_hdr, dst_addr),
150 .type = RTE_ACL_FIELD_TYPE_RANGE,
151 .size = sizeof(uint16_t),
154 .offset = sizeof(struct ether_hdr) +
155 sizeof(struct ipv4_hdr) +
156 offsetof(struct tcp_hdr, src_port),
159 /* Destination Port */
161 .type = RTE_ACL_FIELD_TYPE_RANGE,
162 .size = sizeof(uint16_t),
165 .offset = sizeof(struct ether_hdr) +
166 sizeof(struct ipv4_hdr) +
167 offsetof(struct tcp_hdr, dst_port),
171 #define SIZEOF_VLAN_HDR 4
173 static struct rte_acl_field_def field_format_vlan_ipv4[] = {
176 .type = RTE_ACL_FIELD_TYPE_BITMASK,
177 .size = sizeof(uint8_t),
180 .offset = sizeof(struct ether_hdr) +
182 offsetof(struct ipv4_hdr, next_proto_id),
185 /* Source IP address (IPv4) */
187 .type = RTE_ACL_FIELD_TYPE_MASK,
188 .size = sizeof(uint32_t),
191 .offset = sizeof(struct ether_hdr) +
193 offsetof(struct ipv4_hdr, src_addr),
196 /* Destination IP address (IPv4) */
198 .type = RTE_ACL_FIELD_TYPE_MASK,
199 .size = sizeof(uint32_t),
202 .offset = sizeof(struct ether_hdr) +
204 offsetof(struct ipv4_hdr, dst_addr),
209 .type = RTE_ACL_FIELD_TYPE_RANGE,
210 .size = sizeof(uint16_t),
213 .offset = sizeof(struct ether_hdr) +
215 sizeof(struct ipv4_hdr) +
216 offsetof(struct tcp_hdr, src_port),
219 /* Destination Port */
221 .type = RTE_ACL_FIELD_TYPE_RANGE,
222 .size = sizeof(uint16_t),
225 .offset = sizeof(struct ether_hdr) +
227 sizeof(struct ipv4_hdr) +
228 offsetof(struct tcp_hdr, dst_port),
232 #define SIZEOF_QINQ_HEADER 8
234 static struct rte_acl_field_def field_format_qinq_ipv4[] = {
237 .type = RTE_ACL_FIELD_TYPE_BITMASK,
238 .size = sizeof(uint8_t),
241 .offset = sizeof(struct ether_hdr) +
243 offsetof(struct ipv4_hdr, next_proto_id),
246 /* Source IP address (IPv4) */
248 .type = RTE_ACL_FIELD_TYPE_MASK,
249 .size = sizeof(uint32_t),
252 .offset = sizeof(struct ether_hdr) +
254 offsetof(struct ipv4_hdr, src_addr),
257 /* Destination IP address (IPv4) */
259 .type = RTE_ACL_FIELD_TYPE_MASK,
260 .size = sizeof(uint32_t),
263 .offset = sizeof(struct ether_hdr) +
265 offsetof(struct ipv4_hdr, dst_addr),
270 .type = RTE_ACL_FIELD_TYPE_RANGE,
271 .size = sizeof(uint16_t),
274 .offset = sizeof(struct ether_hdr) +
276 sizeof(struct ipv4_hdr) +
277 offsetof(struct tcp_hdr, src_port),
280 /* Destination Port */
282 .type = RTE_ACL_FIELD_TYPE_RANGE,
283 .size = sizeof(uint16_t),
286 .offset = sizeof(struct ether_hdr) +
288 sizeof(struct ipv4_hdr) +
289 offsetof(struct tcp_hdr, dst_port),
294 pipeline_firewall_parse_args(struct pipeline_firewall *p,
295 struct pipeline_params *params)
297 uint32_t n_rules_present = 0;
298 uint32_t pkt_type_present = 0;
302 p->n_rules = 4 * 1024;
303 p->n_rule_fields = RTE_DIM(field_format_ipv4);
304 p->field_format = field_format_ipv4;
305 p->field_format_size = sizeof(field_format_ipv4);
307 for (i = 0; i < params->n_args; i++) {
308 char *arg_name = params->args_name[i];
309 char *arg_value = params->args_value[i];
311 if (strcmp(arg_name, "n_rules") == 0) {
314 PIPELINE_PARSE_ERR_DUPLICATE(
315 n_rules_present == 0, params->name,
319 status = parser_read_uint32(&p->n_rules,
321 PIPELINE_PARSE_ERR_INV_VAL((status != -EINVAL),
322 params->name, arg_name, arg_value);
323 PIPELINE_PARSE_ERR_OUT_RNG((status != -ERANGE),
324 params->name, arg_name, arg_value);
328 if (strcmp(arg_name, "pkt_type") == 0) {
329 PIPELINE_PARSE_ERR_DUPLICATE(
330 pkt_type_present == 0, params->name,
332 pkt_type_present = 1;
335 if (strcmp(arg_value, "ipv4") == 0) {
336 p->n_rule_fields = RTE_DIM(field_format_ipv4);
337 p->field_format = field_format_ipv4;
338 p->field_format_size =
339 sizeof(field_format_ipv4);
344 if (strcmp(arg_value, "vlan_ipv4") == 0) {
346 RTE_DIM(field_format_vlan_ipv4);
347 p->field_format = field_format_vlan_ipv4;
348 p->field_format_size =
349 sizeof(field_format_vlan_ipv4);
354 if (strcmp(arg_value, "qinq_ipv4") == 0) {
356 RTE_DIM(field_format_qinq_ipv4);
357 p->field_format = field_format_qinq_ipv4;
358 p->field_format_size =
359 sizeof(field_format_qinq_ipv4);
364 PIPELINE_PARSE_ERR_INV_VAL(0, params->name,
365 arg_name, arg_value);
369 PIPELINE_PARSE_ERR_INV_ENT(0, params->name, arg_name);
376 pipeline_firewall_init(struct pipeline_params *params,
377 __rte_unused void *arg)
380 struct pipeline_firewall *p_fw;
383 /* Check input arguments */
384 if ((params == NULL) ||
385 (params->n_ports_in == 0) ||
386 (params->n_ports_out == 0))
389 /* Memory allocation */
390 size = RTE_CACHE_LINE_ROUNDUP(sizeof(struct pipeline_firewall));
391 p = rte_zmalloc(NULL, size, RTE_CACHE_LINE_SIZE);
392 p_fw = (struct pipeline_firewall *) p;
396 strcpy(p->name, params->name);
397 p->log_level = params->log_level;
399 PLOG(p, HIGH, "Firewall");
401 /* Parse arguments */
402 if (pipeline_firewall_parse_args(p_fw, params))
407 struct rte_pipeline_params pipeline_params = {
408 .name = params->name,
409 .socket_id = params->socket_id,
413 p->p = rte_pipeline_create(&pipeline_params);
421 p->n_ports_in = params->n_ports_in;
422 for (i = 0; i < p->n_ports_in; i++) {
423 struct rte_pipeline_port_in_params port_params = {
424 .ops = pipeline_port_in_params_get_ops(
425 ¶ms->port_in[i]),
426 .arg_create = pipeline_port_in_params_convert(
427 ¶ms->port_in[i]),
430 .burst_size = params->port_in[i].burst_size,
433 int status = rte_pipeline_port_in_create(p->p,
438 rte_pipeline_free(p->p);
445 p->n_ports_out = params->n_ports_out;
446 for (i = 0; i < p->n_ports_out; i++) {
447 struct rte_pipeline_port_out_params port_params = {
448 .ops = pipeline_port_out_params_get_ops(
449 ¶ms->port_out[i]),
450 .arg_create = pipeline_port_out_params_convert(
451 ¶ms->port_out[i]),
456 int status = rte_pipeline_port_out_create(p->p,
461 rte_pipeline_free(p->p);
470 struct rte_table_acl_params table_acl_params = {
471 .name = params->name,
472 .n_rules = p_fw->n_rules,
473 .n_rule_fields = p_fw->n_rule_fields,
476 struct rte_pipeline_table_params table_params = {
477 .ops = &rte_table_acl_ops,
478 .arg_create = &table_acl_params,
479 .f_action_hit = NULL,
480 .f_action_miss = NULL,
483 sizeof(struct firewall_table_entry) -
484 sizeof(struct rte_pipeline_table_entry),
489 memcpy(table_acl_params.field_format,
491 p_fw->field_format_size);
493 status = rte_pipeline_table_create(p->p,
498 rte_pipeline_free(p->p);
504 /* Connecting input ports to tables */
505 for (i = 0; i < p->n_ports_in; i++) {
506 int status = rte_pipeline_port_in_connect_to_table(p->p,
511 rte_pipeline_free(p->p);
517 /* Enable input ports */
518 for (i = 0; i < p->n_ports_in; i++) {
519 int status = rte_pipeline_port_in_enable(p->p,
523 rte_pipeline_free(p->p);
529 /* Check pipeline consistency */
530 if (rte_pipeline_check(p->p) < 0) {
531 rte_pipeline_free(p->p);
537 p->n_msgq = params->n_msgq;
538 for (i = 0; i < p->n_msgq; i++)
539 p->msgq_in[i] = params->msgq_in[i];
540 for (i = 0; i < p->n_msgq; i++)
541 p->msgq_out[i] = params->msgq_out[i];
543 /* Message handlers */
544 memcpy(p->handlers, handlers, sizeof(p->handlers));
545 memcpy(p_fw->custom_handlers,
547 sizeof(p_fw->custom_handlers));
553 pipeline_firewall_free(void *pipeline)
555 struct pipeline *p = (struct pipeline *) pipeline;
557 /* Check input arguments */
562 rte_pipeline_free(p->p);
568 pipeline_firewall_track(void *pipeline,
569 __rte_unused uint32_t port_in,
572 struct pipeline *p = (struct pipeline *) pipeline;
574 /* Check input arguments */
576 (port_in >= p->n_ports_in) ||
580 if (p->n_ports_in == 1) {
589 pipeline_firewall_timer(void *pipeline)
591 struct pipeline *p = (struct pipeline *) pipeline;
593 pipeline_msg_req_handle(p);
594 rte_pipeline_flush(p->p);
600 pipeline_firewall_msg_req_custom_handler(struct pipeline *p,
603 struct pipeline_firewall *p_fw = (struct pipeline_firewall *) p;
604 struct pipeline_custom_msg_req *req = msg;
605 pipeline_msg_req_handler f_handle;
607 f_handle = (req->subtype < PIPELINE_FIREWALL_MSG_REQS) ?
608 p_fw->custom_handlers[req->subtype] :
609 pipeline_msg_req_invalid_handler;
611 if (f_handle == NULL)
612 f_handle = pipeline_msg_req_invalid_handler;
614 return f_handle(p, req);
618 pipeline_firewall_msg_req_add_handler(struct pipeline *p, void *msg)
620 struct pipeline_firewall_add_msg_req *req = msg;
621 struct pipeline_firewall_add_msg_rsp *rsp = msg;
623 struct rte_table_acl_rule_add_params params;
624 struct firewall_table_entry entry = {
626 .action = RTE_PIPELINE_ACTION_PORT,
627 {.port_id = p->port_out_id[req->port_id]},
631 memset(¶ms, 0, sizeof(params));
633 switch (req->key.type) {
634 case PIPELINE_FIREWALL_IPV4_5TUPLE:
635 params.priority = req->priority;
636 params.field_value[0].value.u8 =
637 req->key.key.ipv4_5tuple.proto;
638 params.field_value[0].mask_range.u8 =
639 req->key.key.ipv4_5tuple.proto_mask;
640 params.field_value[1].value.u32 =
641 req->key.key.ipv4_5tuple.src_ip;
642 params.field_value[1].mask_range.u32 =
643 req->key.key.ipv4_5tuple.src_ip_mask;
644 params.field_value[2].value.u32 =
645 req->key.key.ipv4_5tuple.dst_ip;
646 params.field_value[2].mask_range.u32 =
647 req->key.key.ipv4_5tuple.dst_ip_mask;
648 params.field_value[3].value.u16 =
649 req->key.key.ipv4_5tuple.src_port_from;
650 params.field_value[3].mask_range.u16 =
651 req->key.key.ipv4_5tuple.src_port_to;
652 params.field_value[4].value.u16 =
653 req->key.key.ipv4_5tuple.dst_port_from;
654 params.field_value[4].mask_range.u16 =
655 req->key.key.ipv4_5tuple.dst_port_to;
659 rsp->status = -1; /* Error */
663 rsp->status = rte_pipeline_table_entry_add(p->p,
666 (struct rte_pipeline_table_entry *) &entry,
668 (struct rte_pipeline_table_entry **) &rsp->entry_ptr);
674 pipeline_firewall_msg_req_del_handler(struct pipeline *p, void *msg)
676 struct pipeline_firewall_del_msg_req *req = msg;
677 struct pipeline_firewall_del_msg_rsp *rsp = msg;
679 struct rte_table_acl_rule_delete_params params;
681 memset(¶ms, 0, sizeof(params));
683 switch (req->key.type) {
684 case PIPELINE_FIREWALL_IPV4_5TUPLE:
685 params.field_value[0].value.u8 =
686 req->key.key.ipv4_5tuple.proto;
687 params.field_value[0].mask_range.u8 =
688 req->key.key.ipv4_5tuple.proto_mask;
689 params.field_value[1].value.u32 =
690 req->key.key.ipv4_5tuple.src_ip;
691 params.field_value[1].mask_range.u32 =
692 req->key.key.ipv4_5tuple.src_ip_mask;
693 params.field_value[2].value.u32 =
694 req->key.key.ipv4_5tuple.dst_ip;
695 params.field_value[2].mask_range.u32 =
696 req->key.key.ipv4_5tuple.dst_ip_mask;
697 params.field_value[3].value.u16 =
698 req->key.key.ipv4_5tuple.src_port_from;
699 params.field_value[3].mask_range.u16 =
700 req->key.key.ipv4_5tuple.src_port_to;
701 params.field_value[4].value.u16 =
702 req->key.key.ipv4_5tuple.dst_port_from;
703 params.field_value[4].mask_range.u16 =
704 req->key.key.ipv4_5tuple.dst_port_to;
708 rsp->status = -1; /* Error */
712 rsp->status = rte_pipeline_table_entry_delete(p->p,
722 pipeline_firewall_msg_req_add_bulk_handler(struct pipeline *p, void *msg)
724 struct pipeline_firewall_add_bulk_msg_req *req = msg;
725 struct pipeline_firewall_add_bulk_msg_rsp *rsp = msg;
727 struct rte_table_acl_rule_add_params *params[req->n_keys];
728 struct firewall_table_entry *entries[req->n_keys];
732 n_keys = req->n_keys;
734 for (i = 0; i < n_keys; i++) {
735 entries[i] = rte_malloc(NULL,
736 sizeof(struct firewall_table_entry),
737 RTE_CACHE_LINE_SIZE);
738 if (entries[i] == NULL) {
743 params[i] = rte_malloc(NULL,
744 sizeof(struct rte_table_acl_rule_add_params),
745 RTE_CACHE_LINE_SIZE);
746 if (params[i] == NULL) {
751 entries[i]->head.action = RTE_PIPELINE_ACTION_PORT;
752 entries[i]->head.port_id = p->port_out_id[req->port_ids[i]];
754 switch (req->keys[i].type) {
755 case PIPELINE_FIREWALL_IPV4_5TUPLE:
756 params[i]->priority = req->priorities[i];
757 params[i]->field_value[0].value.u8 =
758 req->keys[i].key.ipv4_5tuple.proto;
759 params[i]->field_value[0].mask_range.u8 =
760 req->keys[i].key.ipv4_5tuple.proto_mask;
761 params[i]->field_value[1].value.u32 =
762 req->keys[i].key.ipv4_5tuple.src_ip;
763 params[i]->field_value[1].mask_range.u32 =
764 req->keys[i].key.ipv4_5tuple.src_ip_mask;
765 params[i]->field_value[2].value.u32 =
766 req->keys[i].key.ipv4_5tuple.dst_ip;
767 params[i]->field_value[2].mask_range.u32 =
768 req->keys[i].key.ipv4_5tuple.dst_ip_mask;
769 params[i]->field_value[3].value.u16 =
770 req->keys[i].key.ipv4_5tuple.src_port_from;
771 params[i]->field_value[3].mask_range.u16 =
772 req->keys[i].key.ipv4_5tuple.src_port_to;
773 params[i]->field_value[4].value.u16 =
774 req->keys[i].key.ipv4_5tuple.dst_port_from;
775 params[i]->field_value[4].mask_range.u16 =
776 req->keys[i].key.ipv4_5tuple.dst_port_to;
780 rsp->status = -1; /* Error */
782 for (i = 0; i < n_keys; i++) {
783 rte_free(entries[i]);
791 rsp->status = rte_pipeline_table_entry_add_bulk(p->p, p->table_id[0],
792 (void *)params, (struct rte_pipeline_table_entry **)entries,
793 n_keys, req->keys_found,
794 (struct rte_pipeline_table_entry **)req->entries_ptr);
796 for (i = 0; i < n_keys; i++) {
797 rte_free(entries[i]);
805 pipeline_firewall_msg_req_del_bulk_handler(struct pipeline *p, void *msg)
807 struct pipeline_firewall_del_bulk_msg_req *req = msg;
808 struct pipeline_firewall_del_bulk_msg_rsp *rsp = msg;
810 struct rte_table_acl_rule_delete_params *params[req->n_keys];
814 n_keys = req->n_keys;
816 for (i = 0; i < n_keys; i++) {
817 params[i] = rte_malloc(NULL,
818 sizeof(struct rte_table_acl_rule_delete_params),
819 RTE_CACHE_LINE_SIZE);
820 if (params[i] == NULL) {
825 switch (req->keys[i].type) {
826 case PIPELINE_FIREWALL_IPV4_5TUPLE:
827 params[i]->field_value[0].value.u8 =
828 req->keys[i].key.ipv4_5tuple.proto;
829 params[i]->field_value[0].mask_range.u8 =
830 req->keys[i].key.ipv4_5tuple.proto_mask;
831 params[i]->field_value[1].value.u32 =
832 req->keys[i].key.ipv4_5tuple.src_ip;
833 params[i]->field_value[1].mask_range.u32 =
834 req->keys[i].key.ipv4_5tuple.src_ip_mask;
835 params[i]->field_value[2].value.u32 =
836 req->keys[i].key.ipv4_5tuple.dst_ip;
837 params[i]->field_value[2].mask_range.u32 =
838 req->keys[i].key.ipv4_5tuple.dst_ip_mask;
839 params[i]->field_value[3].value.u16 =
840 req->keys[i].key.ipv4_5tuple.src_port_from;
841 params[i]->field_value[3].mask_range.u16 =
842 req->keys[i].key.ipv4_5tuple.src_port_to;
843 params[i]->field_value[4].value.u16 =
844 req->keys[i].key.ipv4_5tuple.dst_port_from;
845 params[i]->field_value[4].mask_range.u16 =
846 req->keys[i].key.ipv4_5tuple.dst_port_to;
850 rsp->status = -1; /* Error */
852 for (i = 0; i < n_keys; i++)
859 rsp->status = rte_pipeline_table_entry_delete_bulk(p->p, p->table_id[0],
860 (void **)¶ms, n_keys, req->keys_found, NULL);
862 for (i = 0; i < n_keys; i++)
869 pipeline_firewall_msg_req_add_default_handler(struct pipeline *p, void *msg)
871 struct pipeline_firewall_add_default_msg_req *req = msg;
872 struct pipeline_firewall_add_default_msg_rsp *rsp = msg;
874 struct firewall_table_entry default_entry = {
876 .action = RTE_PIPELINE_ACTION_PORT,
877 {.port_id = p->port_out_id[req->port_id]},
881 rsp->status = rte_pipeline_table_default_entry_add(p->p,
883 (struct rte_pipeline_table_entry *) &default_entry,
884 (struct rte_pipeline_table_entry **) &rsp->entry_ptr);
890 pipeline_firewall_msg_req_del_default_handler(struct pipeline *p, void *msg)
892 struct pipeline_firewall_del_default_msg_rsp *rsp = msg;
894 rsp->status = rte_pipeline_table_default_entry_delete(p->p,
901 struct pipeline_be_ops pipeline_firewall_be_ops = {
902 .f_init = pipeline_firewall_init,
903 .f_free = pipeline_firewall_free,
905 .f_timer = pipeline_firewall_timer,
906 .f_track = pipeline_firewall_track,
Code Review / deb_dpdk.git / blob