26 int feature_enable,
int is_output)
45 char *arc_name = is_output ?
"ip4-output" :
"ip4-unicast";
47 is_output ?
"ip4-outacl" :
"ip4-inacl",
48 sw_if_index, feature_enable, 0, 0);
53 char *arc_name = is_output ?
"ip6-output" :
"ip6-unicast";
55 is_output ?
"ip6-outacl" :
"ip6-inacl",
56 sw_if_index, feature_enable, 0, 0);
70 u32 ip6_table_index,
u32 l2_table_index,
88 return VNET_API_ERROR_NO_SUCH_TABLE;
101 (
"Non-existent intf_idx=%d with table_index=%d for delete",
102 sw_if_index, acl[ti]);
103 return VNET_API_ERROR_NO_SUCH_TABLE;
129 u32 ip6_table_index,
u32 l2_table_index,
u32 is_add)
132 ip6_table_index, l2_table_index, is_add,
139 u32 ip6_table_index,
u32 l2_table_index,
143 ip6_table_index, l2_table_index, is_add,
153 u32 sw_if_index = ~0;
154 u32 ip4_table_index = ~0;
155 u32 ip6_table_index = ~0;
156 u32 l2_table_index = ~0;
166 else if (
unformat (input,
"ip4-table %d", &ip4_table_index))
168 else if (
unformat (input,
"ip6-table %d", &ip6_table_index))
170 else if (
unformat (input,
"l2-table %d", &l2_table_index))
178 if (sw_if_index == ~0)
188 ip6_table_index, l2_table_index, is_add,
196 case VNET_API_ERROR_NO_MATCHING_INTERFACE:
199 case VNET_API_ERROR_NO_SUCH_ENTRY:
233 .path =
"set interface input acl",
235 "set interface input acl intfc <int> [ip4-table <index>]\n" 236 " [ip6-table <index>] [l2-table <index>] [del]",
240 .path =
"set interface output acl",
242 "set interface output acl intfc <int> [ip4-table <index>]\n" 243 " [ip6-table <index>] [l2-table <index>] [del]",
269 u32 *acl_type = va_arg (*args,
u32 *);
292 int sw_if_idx = va_arg (*va,
int);
293 u32 tid = va_arg (*va,
u32);
297 s =
format (s,
"%10s%20s\t\t%s",
"Intfc idx",
"Classify table",
302 s =
format (s,
"%10d%20d\t\t%U", sw_if_idx, tid,
328 :
"Invalid input ACL table type.");
337 :
"No input ACL tables configured");
339 for (i = 0; i <
vec_len (vec_tbl); i++)
341 if (
vec_elt (vec_tbl, i) == ~0)
369 .path =
"show inacl",
370 .short_help =
"show inacl type [ip4|ip6|l2]",
374 .path =
"show outacl",
375 .short_help =
"show outacl type [ip4|ip6|l2]",
vnet_config_main_t config_main
static clib_error_t * show_in_out_acl_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd, u32 is_output)
u8 vnet_get_feature_arc_index(const char *s)
vnet_main_t * vnet_get_main(void)
u32 * classify_table_index_by_sw_if_index[IN_OUT_ACL_N_TABLE_GROUPS][IN_OUT_ACL_N_TABLES]
clib_error_t * in_out_acl_init(vlib_main_t *vm)
static clib_error_t * set_output_acl_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
unformat_function_t unformat_vnet_sw_interface
format_function_t format_vnet_sw_if_index_name
#define VLIB_INIT_FUNCTION(x)
static clib_error_t * set_in_out_acl_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd, u32 is_output)
#define clib_error_return(e, args...)
vnet_config_main_t * vnet_config_main[IN_OUT_ACL_N_TABLE_GROUPS][IN_OUT_ACL_N_TABLES]
#define vlib_call_init_function(vm, x)
void l2output_intf_bitmap_enable(u32 sw_if_index, u32 feature_bitmap, u32 enable)
Enable (or disable) the feature in the bitmap for the given interface.
static clib_error_t * show_outacl_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
int vnet_set_input_acl_intfc(vlib_main_t *vm, u32 sw_if_index, u32 ip4_table_index, u32 ip6_table_index, u32 l2_table_index, u32 is_add)
#define clib_warning(format, args...)
u8 * format_vnet_in_out_acl_info(u8 *s, va_list *va)
static clib_error_t * show_inacl_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
static int vnet_in_out_acl_ip_feature_enable(vlib_main_t *vnm, in_out_acl_main_t *am, u32 sw_if_index, in_out_acl_table_id_t tid, int feature_enable, int is_output)
#define pool_is_free_index(P, I)
Use free bitmap to query whether given index is free.
#define VLIB_CLI_COMMAND(x,...)
struct _vnet_classify_main vnet_classify_main_t
static clib_error_t * set_input_acl_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
vnet_classify_main_t vnet_classify_main
#define vec_elt(v, i)
Get vector value at index i.
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
vnet_classify_main_t * vnet_classify_main
int vnet_set_in_out_acl_intfc(vlib_main_t *vm, u32 sw_if_index, u32 ip4_table_index, u32 ip6_table_index, u32 l2_table_index, u32 is_add, u32 is_output)
static vnet_feature_config_main_t * vnet_get_feature_arc_config_main(u8 arc_index)
in_out_acl_main_t in_out_acl_main
uword unformat_acl_type(unformat_input_t *input, va_list *args)
#define vec_validate_init_empty(V, I, INIT)
Make sure vector is long enough for given index and initialize empty space (no header, unspecified alignment)
void vlib_cli_output(vlib_main_t *vm, char *fmt,...)
static clib_error_t * ip_in_out_acl_init(vlib_main_t *vm)
int vnet_set_output_acl_intfc(vlib_main_t *vm, u32 sw_if_index, u32 ip4_table_index, u32 ip6_table_index, u32 l2_table_index, u32 is_add)
int vnet_feature_enable_disable(const char *arc_name, const char *node_name, u32 sw_if_index, int enable_disable, void *feature_config, u32 n_feature_config_bytes)