1 from vpp_object import *
2 from ipaddress import ip_address
3 from vpp_papi import VppEnum
11 class VppIpsecSpd(VppObject):
16 def __init__(self, test, id):
20 def add_vpp_config(self):
21 self.test.vapi.ipsec_spd_add_del(self.id)
22 self.test.registry.register(self, self.test.logger)
24 def remove_vpp_config(self):
25 self.test.vapi.ipsec_spd_add_del(self.id, is_add=0)
28 return self.object_id()
31 return "ipsec-spd-%d" % self.id
33 def query_vpp_config(self):
34 spds = self.test.vapi.ipsec_spds_dump()
36 if spd.spd_id == self.id:
41 class VppIpsecSpdItfBinding(VppObject):
43 VPP SPD DB to interface binding
44 (i.e. this SPD is used on this interfce)
47 def __init__(self, test, spd, itf):
52 def add_vpp_config(self):
53 self.test.vapi.ipsec_interface_add_del_spd(self.spd.id,
55 self.test.registry.register(self, self.test.logger)
57 def remove_vpp_config(self):
58 self.test.vapi.ipsec_interface_add_del_spd(self.spd.id,
63 return self.object_id()
66 return "bind-%s-to-%s" % (self.spd.id, self.itf)
68 def query_vpp_config(self):
69 bs = self.test.vapi.ipsec_spd_interface_dump()
71 if b.sw_if_index == self.itf.sw_if_index:
76 class VppIpsecSpdEntry(VppObject):
81 def __init__(self, test, spd, sa_id,
82 local_start, local_stop,
83 remote_start, remote_stop,
89 remote_port_stop=65535,
91 local_port_stop=65535):
95 self.local_start = ip_address(text_type(local_start))
96 self.local_stop = ip_address(text_type(local_stop))
97 self.remote_start = ip_address(text_type(remote_start))
98 self.remote_stop = ip_address(text_type(remote_stop))
100 self.is_outbound = is_outbound
101 self.priority = priority
103 self.policy = (VppEnum.vl_api_ipsec_spd_action_t.
104 IPSEC_API_SPD_ACTION_BYPASS)
107 self.is_ipv6 = (0 if self.local_start.version == 4 else 1)
108 self.local_port_start = local_port_start
109 self.local_port_stop = local_port_stop
110 self.remote_port_start = remote_port_start
111 self.remote_port_stop = remote_port_stop
113 def add_vpp_config(self):
114 self.test.vapi.ipsec_spd_entry_add_del(
122 is_ipv6=self.is_ipv6,
123 is_outbound=self.is_outbound,
124 priority=self.priority,
126 local_port_start=self.local_port_start,
127 local_port_stop=self.local_port_stop,
128 remote_port_start=self.remote_port_start,
129 remote_port_stop=self.remote_port_stop)
130 self.test.registry.register(self, self.test.logger)
132 def remove_vpp_config(self):
133 self.test.vapi.ipsec_spd_entry_add_del(
141 is_ipv6=self.is_ipv6,
142 is_outbound=self.is_outbound,
143 priority=self.priority,
145 local_port_start=self.local_port_start,
146 local_port_stop=self.local_port_stop,
147 remote_port_start=self.remote_port_start,
148 remote_port_stop=self.remote_port_stop,
152 return self.object_id()
155 return "spd-entry-%d-%d-%d-%d-%d-%d" % (self.spd.id,
160 self.remote_port_start)
162 def query_vpp_config(self):
163 ss = self.test.vapi.ipsec_spd_dump(self.spd.id)
165 if s.entry.sa_id == self.sa_id and \
166 s.entry.is_outbound == self.is_outbound and \
167 s.entry.priority == self.priority and \
168 s.entry.policy == self.policy and \
169 s.entry.remote_address_start == self.remote_start and \
170 s.entry.remote_port_start == self.remote_port_start:
175 class VppIpsecSA(VppObject):
180 def __init__(self, test, id, spi,
181 integ_alg, integ_key,
182 crypto_alg, crypto_key,
184 tun_src=None, tun_dst=None,
186 e = VppEnum.vl_api_ipsec_sad_flags_t
190 self.integ_alg = integ_alg
191 self.integ_key = integ_key
192 self.crypto_alg = crypto_alg
193 self.crypto_key = crypto_key
196 self.tun_src = tun_src
197 self.tun_dst = tun_dst
199 self.flags = e.IPSEC_API_SAD_FLAG_NONE
203 self.tun_src = ip_address(text_type(tun_src))
204 self.flags = self.flags | e.IPSEC_API_SAD_FLAG_IS_TUNNEL
205 if (self.tun_src.version == 6):
206 self.flags = self.flags | e.IPSEC_API_SAD_FLAG_IS_TUNNEL_V6
208 self.tun_dst = ip_address(text_type(tun_dst))
210 def add_vpp_config(self):
211 self.test.vapi.ipsec_sad_entry_add_del(
219 (self.tun_src if self.tun_src else []),
220 (self.tun_dst if self.tun_dst else []),
222 self.test.registry.register(self, self.test.logger)
224 def remove_vpp_config(self):
225 self.test.vapi.ipsec_sad_entry_add_del(
233 (self.tun_src if self.tun_src else []),
234 (self.tun_dst if self.tun_dst else []),
239 return self.object_id()
242 return "ipsec-sa-%d" % self.id
244 def query_vpp_config(self):
245 bs = self.test.vapi.ipsec_sa_dump()
247 if b.sa_id == self.id: