ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,500 Commits 30 Branches 141 Tags
cd111b2228cff04cec1bebf808c0d1de11a45e64
Commit Graph

10 Commits

Author SHA1 Message Date
Damjan Marion
cd111b2228 Fix plugin version numbers 
Change-Id: Ie485e9dfa04747b5e4ba93fdeabc5802dc001d31
Signed-off-by: Damjan Marion <damarion@cisco.com>
 2017-01-20 21:58:02 +01:00
Andrew Yourtchenko
856ab8aca3 VPP-574: fix the MACIP ACLs blocking ARP traffic 
The initial assumption was that the MACIP ACL classifier tables would be applied
after the classification of the traffic based on the ethertype, it turned out
to be untrue, but the fix in the code did not happen.

Add the ethertype to the mask, and the logic to create the ACL classifier tables
permitting the ARP ethertype with the correct payload.

Change-Id: I70236a8a723970c662ddaef6bc9fce93d2e630c1
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
 2017-01-03 15:48:39 +00:00
Dave Barach
bd6462e16a Coverity fixes, VPP-486 
Change-Id: I8906bb983128e8f6e2664e367d2015325c1125fb
Signed-off-by: Dave Barach <dave@barachs.net>
 2016-12-16 20:31:18 +00:00
Ole Troan
b1e7ead54b ACL: Install ACL JSON in install directory. 
Change-Id: I3f7dbd23114acf37322f97da80be746616a9d95d
Signed-off-by: Ole Troan <ot@cisco.com>
 2016-12-13 12:32:14 +00:00
Andrew Yourtchenko
c9b20bc7a5 acl: make MACIP ACL apply/unapply/delete logic more robust 
1. vnet_set_input_acl_intfc expects currently applied table ids to
   remove them properly, fixed that.
2. check if the interface has MACIP ACL applied before unapplying it
3. if applying MACIP ACL to interface that has one already applied,
   unapply that first.

These changes required also swapping the order of the add/del functions.

Change-Id: I179490371507b07e9dd8852000954156c318d98c
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
 2016-12-08 21:18:38 +00:00
Andrew Yourtchenko
6162e1e26b Fix incorrect creation of classifier entries for macip ACL 
The is_ip6 flag was incorrectly set during classifier
table creation phase, which intermittently caused the mismatch
between the mask value and the match values, resulting
in dropped packets. Fix that.

Also get rid of the magic numbers in that part of the code.

Change-Id: I0606561e6b07e70a1aa733746b56ed0e91752c94
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
 2016-12-08 17:13:05 +00:00
Jan Srnicek
4183d6d763 Acl JVpp api generation (HONEYCOMB-305) 
Includes simple test cases for acl management.

Change-Id: Ifff4f4baf9bfe84d73ebc46b591ecc46c85c94ad
Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
 2016-12-07 21:24:45 +00:00
Andrew Yourtchenko
cd06b72892 Fix coverity CIDs 157344, 157343, 157341, 157340, 157339, 157336 
The macros used to verify the validity of sw_if_index passed in
the API calls have puzzled coverity.

Even though the issues are false positives, the checks are rather
simple, so edited them to avoid using the preprocessor macros,
it makes the code easier to follow.

Added the null check for 157336.

Change-Id: I24651346851215b236e53e682261e1f91219b381
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
 2016-12-07 12:20:07 +00:00
Juraj Sloboda
288e8930ee Make table chain deletion optional in classifier API (VPP-206) 
Change-Id: If30c0f6d5de34943bc399b3412c2d10847538c3c
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
 2016-12-07 09:42:18 +00:00
Andrew Yourtchenko
b09167f33d acl: The ACL plugin. 
This is the commit from the accumulated work in the github ACL branch,
to move it to gerrit.

Change-Id: I85a6b0df0d3dd3c3c7588e92a1e22c553e4b6ef7
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
 2016-12-06 08:18:53 +00:00