From bb7d2f0580429eb17d048f484f25c05bb257b64c Mon Sep 17 00:00:00 2001 From: Jan Gelety Date: Sat, 21 Mar 2020 09:41:46 +0100 Subject: CSIT-1597 API cleanup: acl - cover API changes in VPP: https://gerrit.fd.io/r/c/vpp/+/26184 - update vpp stable to version 20.05-rc0~424 Change-Id: Ie621a29db25755151bfee76a045a423fd1267ada Signed-off-by: Jan Gelety --- resources/api/vpp/supported_crcs.yaml | 251 +-------------------------------- resources/libraries/python/Classify.py | 85 ++++++----- 2 files changed, 44 insertions(+), 292 deletions(-) (limited to 'resources') diff --git a/resources/api/vpp/supported_crcs.yaml b/resources/api/vpp/supported_crcs.yaml index a3f9a4ffdd..2d8051f44c 100644 --- a/resources/api/vpp/supported_crcs.yaml +++ b/resources/api/vpp/supported_crcs.yaml @@ -30,255 +30,8 @@ # Use bash command "env LC_COLLATE=C sort -u" if not clear. # https://logs.fd.io/production/vex-yul-rot-jenkins-1 -# /vpp-merge-master-ubuntu1804/895/ -20.01-rc0~398: - acl_add_replace: '0x13bc8539' # dev - acl_add_replace_reply: '0xac407b0c' # dev - acl_details: '0xf89d7a88' # perf teardown - acl_dump: '0xef34fea4' # perf teardown - acl_interface_list_details: '0xd5e80809' # perf teardown - acl_interface_list_dump: '0x529cb13f' # perf teardown - acl_interface_set_acl_list: '0x8baece38' # perf - acl_interface_set_acl_list_reply: '0xe8d4e804' # perf - # 6x^ tc01-64B-1c-ethip4udp-ip4base-iacl1sf-10kflows-mrr - # tc01-64B-1c-ethip4udp-ip4base-iacl1sl-10kflows-mrr - # ^^ ip4fwdANDiaclANDacl10AND100_flows - avf_create: '0xdaab8ae2' # dev - avf_create_reply: '0x5383d31f' # dev - bond_create: '0x48883c7e' # perf - bond_create_reply: '0x5383d31f' # perf - bond_enslave: '0x076ecfa7' # perf - bond_enslave_reply: '0xe8d4e804' # perf - # 4x^ tc01-64B-1c-1lbvpplacp-dot1q-l2xcbase-eth-2vhostvr1024-1vm-mrr - # ^ l2xcfwdANDlbond_1lANDnf_testpmd - bridge_domain_add_del: '0x600b7170' # dev - bridge_domain_add_del_reply: '0xe8d4e804' # dev - # bridge_domain_dump / details # honeycomb - classify_add_del_session: '0xf20879f0' # dev - classify_add_del_session_reply: '0xe8d4e804' # dev - classify_add_del_table: '0x6849e39e' # dev - classify_add_del_table_reply: '0x05486349' # dev - # classify_session_dump / details # honeycomb - # classify_table_by_interface / reply # honeycomb - # classify_table_info / reply # honeycomb - cli_inband: '0xf8377302' # dev setup - cli_inband_reply: '0x05879051' # dev setup - cop_interface_enable_disable: '0x5501adee' # dev - cop_interface_enable_disable_reply: '0xe8d4e804' # dev - cop_whitelist_enable_disable: '0xdebe13ea' # dev - cop_whitelist_enable_disable_reply: '0xe8d4e804' # dev - create_loopback: '0x42bb5d22' # dev - create_loopback_reply: '0x5383d31f' # dev - create_subif: '0xcb371063' # perf - create_subif_reply: '0x5383d31f' # perf - # ^^ tc01-64B-1c-dot1ad-l2xcbase-mrr - # ^ 3n: dot1adANDl2xcfwd - create_vhost_user_if: '0x591ee951' # dev - create_vhost_user_if_reply: '0x5383d31f' # dev - create_vlan_subif: '0xaf34ac8b' # dev - create_vlan_subif_reply: '0x5383d31f' # dev - # dhcp_proxy_dump / details # honeycomb - gbp_bridge_domain_add: '0x8454bfdf' # dev - gbp_bridge_domain_add_reply: '0xe8d4e804' # dev - gbp_contract_add_del: '0x553e275b' # dev - gbp_contract_add_del_reply: '0x1992deab' # dev - gbp_endpoint_add: '0x9ce16d5a' # dev - gbp_endpoint_add_reply: '0x1dd3ff3e' # dev - gbp_endpoint_group_add: '0x8e0f4054' # dev - gbp_endpoint_group_add_reply: '0xe8d4e804' # dev - gbp_ext_itf_add_del: '0x12ed5700' # dev - gbp_ext_itf_add_del_reply: '0xe8d4e804' # dev - gbp_route_domain_add: '0x2d0afe38' # dev - gbp_route_domain_add_reply: '0xe8d4e804' # dev - gbp_subnet_add_del: '0x888aca35' # dev - gbp_subnet_add_del_reply: '0xe8d4e804' # dev - gpe_enable_disable: '0xeb0e943b' # dev - gpe_enable_disable_reply: '0xe8d4e804' # dev - # gre_tunnel_add_del / reply # unused L1 keyword: create_gre_tunnel_interface - hw_interface_set_mtu: '0xe6746899' # dev - hw_interface_set_mtu_reply: '0xe8d4e804' # dev - input_acl_set_interface: '0xde7ad708' # dev - input_acl_set_interface_reply: '0xe8d4e804' # dev - ip_address_details: '0xb1199745' # dev - ip_address_dump: '0x2d033de4' # dev - ip_neighbor_add_del: '0x105518b6' # dev - ip_neighbor_add_del_reply: '0x1992deab' # dev - # ip_probe_neighbor / reply # unused L1 keyword vpp_ip_probe - ip_route_add_del: '0xc1ff832d' # dev - ip_route_add_del_reply: '0x1992deab' # dev - # ip_source_check_interface_add_del / reply # unused L1 keyword vpp_ip_source_check_setup - ip_table_add_del: '0x0ffdaec0' # dev - ip_table_add_del_reply: '0xe8d4e804' # dev - ipsec_interface_add_del_spd: '0x80f80cbb' # dev - ipsec_interface_add_del_spd_reply: '0xe8d4e804' # dev - ipsec_sad_entry_add_del: '0x57cc13fa' # dev - ipsec_sad_entry_add_del_reply: '0x9ffac24b' # dev - ipsec_select_backend: '0x5bcfd3b7' # perf - ipsec_select_backend_reply: '0xe8d4e804' # perf - # ^^ tc01-64B-1c-ethip4ipsec1tnlsw-ip4base-int-aes256gcm-mrr - # ^ nic_intel-xl710ANDipsechwANDipsecintANDtnl_1ANDaes_256_gcm - ipsec_spd_add_del: '0x20e89a95' # dev - ipsec_spd_add_del_reply: '0xe8d4e804' # dev - ipsec_spd_entry_add_del: '0x9f384b8d' # dev - ipsec_spd_entry_add_del_reply: '0x9ffac24b' # dev - ipsec_tunnel_if_add_del: '0x2b135e68' # perf - ipsec_tunnel_if_add_del_reply: '0x5383d31f' # perf - # ^^ tc01-64B-1c-ethip4ipsec1tnlhw-ip4base-int-aes256gcm-mrr - # ^ See select_backend. - # l2_fib_table_dump / details # honeycomb - l2_interface_vlan_tag_rewrite: '0x62cc0bbc' # dev - l2_interface_vlan_tag_rewrite_reply: '0xe8d4e804' # dev - l2_patch_add_del: '0x522f3445' # dev - l2_patch_add_del_reply: '0xe8d4e804' # dev - # l2fib_add_del / reply # unused L1 keyword: vpp_add_l2fib_entry - lb_conf: '0x22ddb739' # perf - lb_conf_reply: '0xe8d4e804' # perf - lb_add_del_vip: '0xd15b7ddc' # perf - lb_add_del_vip_reply: '0xe8d4e804' # perf - lb_add_del_as: '0x78628987' # perf - lb_add_del_as_reply: '0xe8d4e804' # perf - lb_add_del_intf_nat4: '0x47d6e753' # perf - lb_add_del_intf_nat4_reply: '0xe8d4e804' # perf - # 8x^ tc01-64B-1c-ethip4-loadbalancer-nat4 - # ^ 2n: loadbalancer_nat4 - lisp_add_del_adjacency: '0xf047390d' # dev - lisp_add_del_adjacency_reply: '0xe8d4e804' # dev - lisp_add_del_local_eid: '0xe6d00717' # dev - lisp_add_del_local_eid_reply: '0xe8d4e804' # dev - lisp_add_del_locator: '0x006a4240' # dev - lisp_add_del_locator_reply: '0xe8d4e804' # dev - lisp_add_del_locator_set: '0x06968e38' # dev - lisp_add_del_locator_set_reply: '0xb6666db4' # dev - # lisp_add_del_map_resolver / reply # unused L2 keyword: Configure LISP map resolver address - lisp_add_del_remote_mapping: '0xb879c3a9' # dev - lisp_add_del_remote_mapping_reply: '0xe8d4e804' # dev - lisp_eid_table_add_del_map: '0x59e9975e' # perf - lisp_eid_table_add_del_map_reply: '0xe8d4e804' # perf - # ^^ tc01-64B-1c-ethip4ipsectptlispgpe-ip4base-aes128cbc-hmac256sha-ndrpdr # currently failing before calls - # ^ ipsecANDlispgpe - # lisp_eid_table_dump / details # unused L2 keyword: LISP eid address should be set correctly to eid table - lisp_enable_disable: '0xeb0e943b' # dev - lisp_enable_disable_reply: '0xe8d4e804' # dev - # lisp_locator_set_dump / details # unused L2 keyword: LISP locator_set shpuld be configured correctly - # lisp_map_server_dump / details # honeycomb - # lisp_map_resolver_dump / details # unused L2 keyword: LISP map resolver address should be configured correctly - macip_acl_add: '0x0c680ca5' # perf - macip_acl_add_reply: '0xac407b0c' # perf - macip_acl_details: '0xe164e69a' # perf teardown - macip_acl_dump: '0xef34fea4' # perf teardown - macip_acl_interface_add_del: '0x6a6be97c' # perf - macip_acl_interface_add_del_reply: '0xe8d4e804' # perf - macip_acl_interface_get: '0x51077d14' # perf teardown - macip_acl_interface_get_reply: '0xaccf9b05' # perf teardown - # 8x^ tc01-64B-1c-eth-l2bdbasemaclrn-macip-iacl1sl-100flows-mrr - # ^ macipANDacl1AND100_flows - memif_create: '0xb1b25061' # dev - memif_create_reply: '0x5383d31f' # dev - memif_details: '0xd0382c4c' # dev - memif_dump: '0x51077d14' # dev - memif_socket_filename_add_del: '0xa2ce1a10' # dev - memif_socket_filename_add_del_reply: '0xe8d4e804' # dev - nat44_interface_add_del_feature: '0xf3699b83' # perf - nat44_interface_add_del_feature_reply: '0xe8d4e804' # perf - nat_det_add_del_map: '0x112fde05' # perf - nat_det_add_del_map_reply: '0xe8d4e804' # perf - nat_show_config: '0x51077d14' # perf teardown - nat_show_config_reply: '0x006a0786' # perf teardown - # 6x^ tc01-64B-1c-ethip4udp-ip4base-nat44-mrr - # ^ nat44NOTscaleNOTsrc_user_1 - nsim_configure: '0x16ed400f' # perf - nsim_configure_reply: '0xe8d4e804' # perf - nsim_output_feature_enable_disable: '0x3865946c' # perf - nsim_output_feature_enable_disable_reply: '0xe8d4e804' # perf - # 4x^ tc01-9000B-1c-eth-ip4tcp-nsim-ldpreload-iperf3-bps - # ^ 3n: nsimAND1stream - policer_add_del: '0xcb948f6e' # dev - policer_add_del_reply: '0xa177cef2' # dev - policer_classify_set_interface: '0xde7ad708' # dev - policer_classify_set_interface_reply: '0xe8d4e804' # dev - # 4x^ tc01-64B-ethip4-ip4base-ipolicemarkbase-dev - rdma_create: '0x076fe418' # perf - rdma_create_reply: '0x5383d31f' # perf - # 2x^ Any test with drv_rdma. Currently only available on 2n-clx. - # - Not testable by devicetest (until we have environment with right NICs). - # show_lisp_map_register_state / reply # honeycomb - # show_lisp_map_request_mode / reply # honeycomb - # show_lisp_pitr / reply # honeycomb - # show_lisp_rloc_probe_state / reply # honeycomb - # show_lisp_status / reply # unused L2 keywords: LISP should be enabled / disabled - # show_lisp_use_petr / reply # honeycomb - show_threads: '0x51077d14' # dev - show_threads_reply: '0xefd78e83' # dev - show_version: '0x51077d14' # dev setup - show_version_reply: '0xc919bde1' # dev setup - sr_localsid_add_del: '0x26fa3309' # perf - sr_localsid_add_del_reply: '0xe8d4e804' # perf - sr_localsids_details: '0x6a6c0265' # perf teardown - sr_localsids_dump: '0x51077d14' # perf teardown - sr_policies_details: '0x07ec2d93' # perf teardown - sr_policies_dump: '0x51077d14' # perf teardown - sr_policy_add: '0xec79ee6a' # perf - sr_policy_add_reply: '0xe8d4e804' # perf - sr_set_encap_source: '0xd3bad5e1' # perf - sr_set_encap_source_reply: '0xe8d4e804' # perf - sr_steering_add_del: '0x3711dace' # perf - sr_steering_add_del_reply: '0xe8d4e804' # perf - sr_steering_pol_details: '0x1c1ee786' # perf teardown - sr_steering_pol_dump: '0x51077d14' # perf teardown - # 14x^ tc01-78B-1c-ethip6ip6-ip6base-srv6enc1sid-mrr - # ^ srv6_1sid - sw_interface_add_del_address: '0x5803d5c4' # dev - sw_interface_add_del_address_reply: '0xe8d4e804' # dev - sw_interface_bond_details: '0xf5ef2106' # perf - sw_interface_bond_dump: '0x51077d14' # perf - # ^^ see bond_* - sw_interface_details: '0x17b69fa2' # dev setup - sw_interface_dump: '0xaa610c27' # dev setup - # sw_interface_get_table / reply # honeycomb - sw_interface_ip6nd_ra_config: '0x3eb00b1c' # dev - sw_interface_ip6nd_ra_config_reply: '0xe8d4e804' # dev - sw_interface_rx_placement_details: '0xf6d7d024' # perf - sw_interface_rx_placement_dump: '0xf9e6675e' # perf - # ^^ tc01-64B-1c-dot1q-l2bdbasemaclrn-eth-2memif-1dcr-mrr - # ^ dot1qANDl2bdmaclrnANDbaseANDmemif - sw_interface_set_flags: '0x6a2b491a' # dev - sw_interface_set_flags_reply: '0xe8d4e804' # dev - sw_interface_set_l2_bridge: '0x2e483cd0' # dev - sw_interface_set_l2_bridge_reply: '0xe8d4e804' # dev - sw_interface_set_l2_xconnect: '0x1aaa2dbb' # dev - sw_interface_set_l2_xconnect_reply: '0xe8d4e804' # dev - sw_interface_set_mac_address: '0x6aca746a' # perf - sw_interface_set_mac_address_reply: '0xe8d4e804' # perf - sw_interface_set_rx_placement: '0xdb65f3c9' # perf - sw_interface_set_rx_placement_reply: '0xe8d4e804' # perf - # ^^ see tc01-64B-1c-dot1q-l2bdbasemaclrn-eth-2memif-1dcr-mrr above - sw_interface_set_table: '0xdf42a577' # dev - sw_interface_set_table_reply: '0xe8d4e804' # dev - sw_interface_set_unnumbered: '0x938ef33b' # perf - sw_interface_set_unnumbered_reply: '0xe8d4e804' # perf - # ^^ see ipsec_tunnel_if_add_del - sw_interface_set_vxlan_bypass: '0x65247409' # dev - sw_interface_set_vxlan_bypass_reply: '0xe8d4e804' # dev - sw_interface_slave_details: '0x3c4a0e23' # perf - sw_interface_slave_dump: '0xf9e6675e' # perf - # ^^ see bond_* - # sw_interface_span_dump / details # honeycomb - sw_interface_tap_v2_dump: '0xf9e6675e' # dev - sw_interface_tap_v2_details: '0xe53c16de' # dev - sw_interface_vhost_user_details: '0x98530df1' # dev - sw_interface_vhost_user_dump: '0xf9e6675e' # dev - tap_create_v2: '0x445835fd' # dev - tap_create_v2_reply: '0x5383d31f' # dev - vxlan_add_del_tunnel: '0xa35dc8f5' # dev - vxlan_add_del_tunnel_reply: '0x5383d31f' # dev - # vxlan_gpe_tunnel_dump / details # honeycomb - # vxlan_tunnel_dump /details # unused L2 keyword: Get VXLAN dump -# Please keep alphabetic order. -# Use bash command "env LC_COLLATE=C sort -u" if not clear. - - -# https://gerrit.fd.io/r/c/vpp/+/25787 -25787/15: +# /vpp-merge-master-ubuntu1804/921/ +20.01-rc0~424: acl_add_replace: '0x1cabdeab' # dev acl_add_replace_reply: '0xac407b0c' # dev acl_details: '0x7a97f21c' # perf teardown diff --git a/resources/libraries/python/Classify.py b/resources/libraries/python/Classify.py index 016dc572b5..13472617f2 100644 --- a/resources/libraries/python/Classify.py +++ b/resources/libraries/python/Classify.py @@ -1,4 +1,4 @@ -# Copyright (c) 2019 Cisco and/or its affiliates. +# Copyright (c) 2020 Cisco and/or its affiliates. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: @@ -20,8 +20,9 @@ from ipaddress import ip_address from robot.api import logger from resources.libraries.python.Constants import Constants +from resources.libraries.python.InterfaceUtil import InterfaceUtil +from resources.libraries.python.IPUtil import IPUtil from resources.libraries.python.PapiExecutor import PapiSocketExecutor -from resources.libraries.python.topology import Topology class Classify: @@ -332,11 +333,10 @@ class Classify: :type acls: list """ cmd = u"acl_interface_set_acl_list" - n_input = len(acls) if acl_type == u"input" else 0 args = dict( sw_if_index=sw_if_index, acls=acls, - n_input=n_input, + n_input=len(acls) if acl_type == u"input" else 0, count=len(acls) ) @@ -361,7 +361,7 @@ class Classify: """ cmd = u"acl_add_replace" args = dict( - tag=tag.encode("utf-8"), + tag=tag, acl_index=4294967295 if acl_idx is None else acl_idx, count=len(rules), r=rules @@ -606,15 +606,11 @@ class Classify: :type acl_type: str :type acl_idx: list """ - if isinstance(interface, str): - sw_if_index = Topology.get_interface_sw_index(node, interface) - else: - sw_if_index = int(interface) - - acls = acl_idx if isinstance(acl_idx, list) else list() - Classify._acl_interface_set_acl_list( - node=node, sw_if_index=sw_if_index, acl_type=acl_type, acls=acls + node=node, + sw_if_index=int(InterfaceUtil.get_interface_index(node, interface)), + acl_type=acl_type, + acls=acl_idx if isinstance(acl_idx, list) else list() ) @staticmethod @@ -639,51 +635,56 @@ class Classify: acl_rules = list() for rule in rules.split(u", "): - acl_rule = dict() - acl_rule[u"is_permit"] = 1 if u"permit" in rule else 0 - acl_rule[u"is_ipv6"] = 1 if u"ipv6" in rule else 0 + acl_rule = dict( + is_permit=2 if u"permit+reflect" in rule + else 1 if u"permit" in rule else 0, + src_prefix=0, + dst_prefix=0, + proto=0, + srcport_or_icmptype_first=0, + srcport_or_icmptype_last=65535, + dstport_or_icmpcode_first=0, + dstport_or_icmpcode_last=65535, + tcp_flags_mask=0, + tcp_flags_value=0 + ) groups = re.search(reg_ex_src_ip, rule) if groups: grp = groups.group(1).split(u" ")[1].split(u"/") - acl_rule[u"src_ip_addr"] = ip_address(grp[0]).packed - acl_rule[u"src_ip_prefix_len"] = int(grp[1]) + acl_rule[u"src_prefix"] = IPUtil.create_prefix_object( + ip_address(grp[0]), int(grp[1]) + ) groups = re.search(reg_ex_dst_ip, rule) if groups: grp = groups.group(1).split(u" ")[1].split(u"/") - acl_rule[u"dst_ip_addr"] = ip_address(grp[0]).packed - acl_rule[u"dst_ip_prefix_len"] = int(grp[1]) + acl_rule[u"dst_prefix"] = IPUtil.create_prefix_object( + ip_address(grp[0]), int(grp[1]) + ) groups = re.search(reg_ex_sport, rule) if groups: port = int(groups.group(1).split(u" ")[1]) acl_rule[u"srcport_or_icmptype_first"] = port acl_rule[u"srcport_or_icmptype_last"] = port - else: - acl_rule[u"srcport_or_icmptype_first"] = 0 - acl_rule[u"srcport_or_icmptype_last"] = 65535 groups = re.search(reg_ex_dport, rule) if groups: port = int(groups.group(1).split(u" ")[1]) acl_rule[u"dstport_or_icmpcode_first"] = port acl_rule[u"dstport_or_icmpcode_last"] = port - else: - acl_rule[u"dstport_or_icmpcode_first"] = 0 - acl_rule[u"dstport_or_icmpcode_last"] = 65535 groups = re.search(reg_ex_proto, rule) if groups: proto = int(groups.group(1).split(' ')[1]) acl_rule[u"proto"] = proto - else: - acl_rule[u"proto"] = 0 acl_rules.append(acl_rule) Classify._acl_add_replace( - node, acl_idx=acl_idx, rules=acl_rules, tag=tag) + node, acl_idx=acl_idx, rules=acl_rules, tag=tag + ) @staticmethod def add_macip_acl_multi_entries(node, rules=u""): @@ -700,9 +701,13 @@ class Classify: acl_rules = list() for rule in rules.split(u", "): - acl_rule = dict() - acl_rule[u"is_permit"] = 1 if u"permit" in rule else 0 - acl_rule[u"is_ipv6"] = 1 if u"ipv6" in rule else 0 + acl_rule = dict( + is_permit=2 if u"permit+reflect" in rule + else 1 if u"permit" in rule else 0, + src_mac=6*b'0', + src_mac_mask=6*b'0', + prefix=0 + ) groups = re.search(reg_ex_mac, rule) if groups: @@ -717,8 +722,9 @@ class Classify: groups = re.search(reg_ex_ip, rule) if groups: grp = groups.group(1).split(u" ")[1].split(u"/") - acl_rule[u"src_ip_addr"] = ip_address((grp[0])).packed - acl_rule[u"src_ip_prefix_len"] = int(grp[1]) + acl_rule[u"src_prefix"] = IPUtil.create_prefix_object( + ip_address((grp[0])), int(grp[1]) + ) acl_rules.append(acl_rule) @@ -748,18 +754,11 @@ class Classify: :type acl_idx: str or int :raises RuntimeError: If unable to set MACIP ACL for the interface. """ - if isinstance(interface, str): - sw_if_index = Topology.get_interface_sw_index(node, interface) - else: - sw_if_index = interface - - is_add = 1 if action == u"add" else 0 - cmd = u"macip_acl_interface_add_del" err_msg = f"Failed to get 'macip_acl_interface' on host {node[u'host']}" args = dict( - is_add=is_add, - sw_if_index=int(sw_if_index), + is_add=bool(action == u"add"), + sw_if_index=int(InterfaceUtil.get_interface_index(node, interface)), acl_index=int(acl_idx) ) with PapiSocketExecutor(node) as papi_exec: -- cgit 1.2.3-korg