28 int feature_enable,
int is_output)
47 char *arc_name = is_output ?
"ip4-output" :
"ip4-unicast";
49 is_output ?
"ip4-outacl" :
"ip4-inacl",
50 sw_if_index, feature_enable, 0, 0);
55 char *arc_name = is_output ?
"ip6-output" :
"ip6-unicast";
57 is_output ?
"ip6-outacl" :
"ip6-inacl",
58 sw_if_index, feature_enable, 0, 0);
72 u32 ip6_table_index,
u32 l2_table_index,
90 return VNET_API_ERROR_NO_SUCH_TABLE;
103 (
"Non-existent intf_idx=%d with table_index=%d for delete",
104 sw_if_index, acl[ti]);
105 return VNET_API_ERROR_NO_SUCH_TABLE;
131 u32 ip6_table_index,
u32 l2_table_index,
u32 is_add)
134 ip6_table_index, l2_table_index, is_add,
141 u32 ip6_table_index,
u32 l2_table_index,
145 ip6_table_index, l2_table_index, is_add,
156 u32 ip4_table_index = ~0;
157 u32 ip6_table_index = ~0;
158 u32 l2_table_index = ~0;
168 else if (
unformat (input,
"ip4-table %d", &ip4_table_index))
170 else if (
unformat (input,
"ip6-table %d", &ip6_table_index))
172 else if (
unformat (input,
"l2-table %d", &l2_table_index))
180 if (sw_if_index == ~0)
190 ip6_table_index, l2_table_index, is_add,
198 case VNET_API_ERROR_NO_MATCHING_INTERFACE:
201 case VNET_API_ERROR_NO_SUCH_ENTRY:
235 .path =
"set interface input acl",
237 "set interface input acl intfc <int> [ip4-table <index>]\n" 238 " [ip6-table <index>] [l2-table <index>] [del]",
242 .path =
"set interface output acl",
244 "set interface output acl intfc <int> [ip4-table <index>]\n" 245 " [ip6-table <index>] [l2-table <index>] [del]",
264 .runs_after =
VLIB_INITS(
"ip_in_out_acl_init"),
271 u32 *acl_type = va_arg (*args,
u32 *);
294 int sw_if_idx = va_arg (*va,
int);
295 u32 tid = va_arg (*va,
u32);
299 s =
format (s,
"%10s%20s\t\t%s",
"Intfc idx",
"Classify table",
304 s =
format (s,
"%10d%20d\t\t%U", sw_if_idx, tid,
330 :
"Invalid input ACL table type.");
339 :
"No input ACL tables configured");
341 for (i = 0; i <
vec_len (vec_tbl); i++)
343 if (
vec_elt (vec_tbl, i) == ~0)
371 .path =
"show inacl",
372 .short_help =
"show inacl type [ip4|ip6|l2]",
376 .path =
"show outacl",
377 .short_help =
"show outacl type [ip4|ip6|l2]",
vnet_config_main_t config_main
static clib_error_t * show_in_out_acl_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd, u32 is_output)
u8 vnet_get_feature_arc_index(const char *s)
vnet_main_t * vnet_get_main(void)
u32 * classify_table_index_by_sw_if_index[IN_OUT_ACL_N_TABLE_GROUPS][IN_OUT_ACL_N_TABLES]
clib_error_t * in_out_acl_init(vlib_main_t *vm)
static clib_error_t * set_output_acl_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
unformat_function_t unformat_vnet_sw_interface
format_function_t format_vnet_sw_if_index_name
#define VLIB_INIT_FUNCTION(x)
static clib_error_t * set_in_out_acl_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd, u32 is_output)
#define clib_error_return(e, args...)
vnet_config_main_t * vnet_config_main[IN_OUT_ACL_N_TABLE_GROUPS][IN_OUT_ACL_N_TABLES]
vl_api_fib_path_type_t type
static clib_error_t * show_outacl_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
int vnet_set_input_acl_intfc(vlib_main_t *vm, u32 sw_if_index, u32 ip4_table_index, u32 ip6_table_index, u32 l2_table_index, u32 is_add)
void l2output_intf_bitmap_enable(u32 sw_if_index, l2output_feat_masks_t feature_bitmap, u32 enable)
Enable (or disable) the feature in the bitmap for the given interface.
sll srl srl sll sra u16x4 i
#define clib_warning(format, args...)
u8 * format_vnet_in_out_acl_info(u8 *s, va_list *va)
static clib_error_t * show_inacl_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
static int vnet_in_out_acl_ip_feature_enable(vlib_main_t *vnm, in_out_acl_main_t *am, u32 sw_if_index, in_out_acl_table_id_t tid, int feature_enable, int is_output)
#define pool_is_free_index(P, I)
Use free bitmap to query whether given index is free.
#define VLIB_CLI_COMMAND(x,...)
struct _vnet_classify_main vnet_classify_main_t
void vlib_cli_output(vlib_main_t *vm, char *fmt,...)
static clib_error_t * set_input_acl_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
vnet_classify_main_t vnet_classify_main
#define vec_elt(v, i)
Get vector value at index i.
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
vnet_classify_main_t * vnet_classify_main
int vnet_set_in_out_acl_intfc(vlib_main_t *vm, u32 sw_if_index, u32 ip4_table_index, u32 ip6_table_index, u32 l2_table_index, u32 is_add, u32 is_output)
static vnet_feature_config_main_t * vnet_get_feature_arc_config_main(u8 arc_index)
in_out_acl_main_t in_out_acl_main
uword unformat_acl_type(unformat_input_t *input, va_list *args)
#define vec_validate_init_empty(V, I, INIT)
Make sure vector is long enough for given index and initialize empty space (no header, unspecified alignment)
int vnet_set_output_acl_intfc(vlib_main_t *vm, u32 sw_if_index, u32 ip4_table_index, u32 ip6_table_index, u32 l2_table_index, u32 is_add)
vl_api_interface_index_t sw_if_index
int vnet_feature_enable_disable(const char *arc_name, const char *node_name, u32 sw_if_index, int enable_disable, void *feature_config, u32 n_feature_config_bytes)