summaryrefslogtreecommitdiffstats
path: root/acl/acl-impl/src/main/java/io
diff options
context:
space:
mode:
Diffstat (limited to 'acl/acl-impl/src/main/java/io')
-rw-r--r--acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java2
-rw-r--r--acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java15
2 files changed, 15 insertions, 2 deletions
diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java
index 3053fe96f..5293b5b28 100644
--- a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java
+++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/ace/AceConverter.java
@@ -75,7 +75,7 @@ public interface AceConverter extends MacIpAceDataExtractor, StandardAceDataExtr
.map(ace -> {
final VppAce standardAce = fromStandardAce(ace);
- // pre-bind rule with protocol based attributes
+ // pre-bind rule with protocol based attributes (if present)
AclRule rule = createPreBindRule(standardAce);
rule.isPermit = standardAction(ace);
diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java
index c1f9a40ff..f5de7e393 100644
--- a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java
+++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/protocol/ProtoPreBindRuleProducer.java
@@ -172,10 +172,23 @@ public interface ProtoPreBindRuleProducer {
return portNumber.getValue().shortValue();
}
+ /**
+ * Pre-bind rule with protocol based attributes (if present).
+ *
+ * @param vppAce rule to be processed
+ * @return AclRule with protocol filled protocol fields
+ */
default AclRule createPreBindRule(@Nonnull final VppAce vppAce) {
AclRule rule = new AclRule();
- rule.proto = protocol(vppAce.getVppAceNodes().getIpProtocol());
+
+ final IpProtocol ipProtocol = vppAce.getVppAceNodes().getIpProtocol();
+ if (ipProtocol == null) {
+ // returns AclRule with rule.proto set to 0 (protocol fields will be ignored by vpp)
+ return rule;
+ }
+
+ rule.proto = protocol(ipProtocol);
switch (rule.proto) {
case ICMP_INDEX: {