From 9fa881ff875b21d6eadbb7cdcf5d448abcdae292 Mon Sep 17 00:00:00 2001
From: Steve Shin <jonshin@cisco.com>
Date: Thu, 8 Feb 2018 22:39:02 -0800
Subject: [PATCH] acl-plugin: Stale classify table after deleting macip ACL

Classify table for output node should be cleaned up
after deleting macip ACL.

Change-Id: Ibbc46c8465bec02fe6fa6a8d33a1f06bcf28e9ad
Signed-off-by: Steve Shin <jonshin@cisco.com>
---
 src/plugins/acl/acl.c | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/src/plugins/acl/acl.c b/src/plugins/acl/acl.c
index 82a5670235b..169dc12037a 100644
--- a/src/plugins/acl/acl.c
+++ b/src/plugins/acl/acl.c
@@ -1852,6 +1852,24 @@ macip_destroy_classify_tables (acl_main_t * am, u32 macip_acl_index)
 					0);
       a->l2_table_index = ~0;
     }
+  if (a->out_ip4_table_index != ~0)
+    {
+      acl_classify_add_del_table_small (cm, 0, ~0, ~0, ~0,
+					&a->out_ip4_table_index, 0);
+      a->out_ip4_table_index = ~0;
+    }
+  if (a->out_ip6_table_index != ~0)
+    {
+      acl_classify_add_del_table_small (cm, 0, ~0, ~0, ~0,
+					&a->out_ip6_table_index, 0);
+      a->out_ip6_table_index = ~0;
+    }
+  if (a->out_l2_table_index != ~0)
+    {
+      acl_classify_add_del_table_small (cm, 0, ~0, ~0, ~0,
+					&a->out_l2_table_index, 0);
+      a->out_l2_table_index = ~0;
+    }
 }
 
 static int
@@ -3032,6 +3050,10 @@ macip_acl_print (acl_main_t * am, u32 macip_acl_index)
   vlib_main_t *vm = am->vlib_main;
   int i;
 
+  /* Don't attempt to show the ACLs that do not exist */
+  if (pool_is_free_index (am->macip_acls, macip_acl_index))
+    return;
+
   /* Don't try to print someone else's memory */
   if (macip_acl_index > vec_len (am->macip_acls))
     return;
-- 
2.16.6