{
/* tried to replace a non-existent ACL, no point doing anything */
clib_warning("acl-plugin-error: Trying to replace nonexistent ACL %d (tag %s)", *acl_list_index, tag);
- return -1;
+ return VNET_API_ERROR_NO_SUCH_ENTRY;
}
}
if (0 == count) {
int i, ii;
if (pool_is_free_index (am->acls, acl_list_index))
{
- return -1;
+ return VNET_API_ERROR_NO_SUCH_ENTRY;
}
if (acl_list_index < vec_len(am->input_sw_if_index_vec_by_acl)) {
if (vec_len(vec_elt(am->input_sw_if_index_vec_by_acl, acl_list_index)) > 0) {
/* ACL is applied somewhere inbound. Refuse to delete */
- return -1;
+ return VNET_API_ERROR_ACL_IN_USE_INBOUND;
}
}
if (acl_list_index < vec_len(am->output_sw_if_index_vec_by_acl)) {
if (vec_len(vec_elt(am->output_sw_if_index_vec_by_acl, acl_list_index)) > 0) {
/* ACL is applied somewhere outbound. Refuse to delete */
- return -1;
+ return VNET_API_ERROR_ACL_IN_USE_OUTBOUND;
}
}
acl_main_t *am = &acl_main;
if (acl_is_not_defined(am, acl_list_index)) {
/* ACL is not defined. Can not apply */
- return -1;
+ return VNET_API_ERROR_NO_SUCH_ENTRY;
}
void *oldheap = acl_set_heap(am);
acl_list_index, sw_if_index, index);
/* the entry is already there */
clib_mem_set_heap (oldheap);
- return -1;
+ return VNET_API_ERROR_ACL_IN_USE_INBOUND;
}
/* if there was no ACL applied before, enable the ACL processing */
if (vec_len(am->input_acl_vec_by_sw_if_index[sw_if_index]) == 0) {
acl_list_index, sw_if_index, index);
/* the entry is already there */
clib_mem_set_heap (oldheap);
- return -1;
+ return VNET_API_ERROR_ACL_IN_USE_OUTBOUND;
}
/* if there was no ACL applied before, enable the ACL processing */
if (vec_len(am->output_acl_vec_by_sw_if_index[sw_if_index]) == 0) {
{
acl_main_t *am = &acl_main;
int i;
- int rv = -1;
+ int rv = VNET_API_ERROR_NO_SUCH_ENTRY;
void *oldheap = acl_set_heap(am);
if (is_input)
{
acl_interface_add_del_inout_acl (u32 sw_if_index, u8 is_add, u8 is_input,
u32 acl_list_index)
{
- int rv = -1;
+ int rv = VNET_API_ERROR_NO_SUCH_ENTRY;
acl_main_t *am = &acl_main;
if (is_add)
{
{
/* tried to replace a non-existent ACL, no point doing anything */
clib_warning("acl-plugin-error: Trying to replace nonexistent MACIP ACL %d (tag %s)", *acl_list_index, tag);
- return -1;
+ return VNET_API_ERROR_NO_SUCH_ENTRY;
}
}
macip_acl_index = am->macip_acl_by_sw_if_index[sw_if_index];
/* No point in deleting MACIP ACL which is not applied */
if (~0 == macip_acl_index)
- return -1;
+ return VNET_API_ERROR_NO_SUCH_ENTRY;
a = pool_elt_at_index (am->macip_acls, macip_acl_index);
/* remove the classifier tables off the interface L2 ACL */
rv =
int rv;
if (pool_is_free_index (am->macip_acls, macip_acl_index))
{
- return -1;
+ return VNET_API_ERROR_NO_SUCH_ENTRY;
}
void *oldheap = acl_set_heap(am);
a = pool_elt_at_index (am->macip_acls, macip_acl_index);
int i;
if (pool_is_free_index (am->macip_acls, acl_list_index))
{
- return -1;
+ return VNET_API_ERROR_NO_SUCH_ENTRY;
}
/* delete any references to the ACL */
{
if(acl_is_not_defined(am, ntohl (mp->acls[i]))) {
/* ACL does not exist, so we can not apply it */
- rv = -1;
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
}
}
if (0 == rv) {
_(NAME_SERVER_NO_SUCH_NAME, -138, "No such name") \
_(NAME_SERVER_NO_ADDRESSES, -139, "No addresses available") \
_(NAME_SERVER_NEXT_SERVER, -140, "Retry with new server") \
-_(APP_CONNECT_FILTERED, -141, "Connect was filtered")
+_(APP_CONNECT_FILTERED, -141, "Connect was filtered") \
+_(ACL_IN_USE_INBOUND, -142, "Inbound ACL in use") \
+_(ACL_IN_USE_OUTBOUND, -143, "Outbound ACL in use")
typedef enum
{
# Test 2: try to modify a nonexistent ACL
reply = self.vapi.acl_add_replace(acl_index=432, r=r,
- tag="FFFF:FFFF", expected_retval=-1)
- self.assertEqual(reply.retval, -1)
+ tag="FFFF:FFFF", expected_retval=-6)
+ self.assertEqual(reply.retval, -6)
# The ACL number should pass through
self.assertEqual(reply.acl_index, 432)
# apply an ACL on an interface inbound, try to delete ACL, must fail
self.vapi.acl_interface_set_acl_list(sw_if_index=self.pg0.sw_if_index,
n_input=1,
acls=[first_acl])
- reply = self.vapi.acl_del(acl_index=first_acl, expected_retval=-1)
+ reply = self.vapi.acl_del(acl_index=first_acl, expected_retval=-142)
# Unapply an ACL and then try to delete it - must be ok
self.vapi.acl_interface_set_acl_list(sw_if_index=self.pg0.sw_if_index,
n_input=0,
self.vapi.acl_interface_set_acl_list(sw_if_index=self.pg0.sw_if_index,
n_input=0,
acls=[second_acl])
- reply = self.vapi.acl_del(acl_index=second_acl, expected_retval=-1)
+ reply = self.vapi.acl_del(acl_index=second_acl, expected_retval=-143)
# Unapply the ACL and then try to delete it - must be ok
self.vapi.acl_interface_set_acl_list(sw_if_index=self.pg0.sw_if_index,
n_input=0,
self.vapi.acl_interface_set_acl_list(sw_if_index=self.pg0.sw_if_index,
n_input=1,
acls=[first_acl],
- expected_retval=-1)
+ expected_retval=-6)
self.logger.info("ACLP_TEST_FINISH_0001")