summaryrefslogtreecommitdiffstats
path: root/acl/acl-impl/src/main
AgeCommit message (Collapse)AuthorFilesLines
2019-01-14HC2VPP-300: Unify namespaces of VPP-Common modelsTibor Král1-1/+1
Change-Id: If39a2f4d1db07a406c4552cc967f9308a2163d61 Signed-off-by: Tibor Král <tibor.kral@pantheon.tech>
2018-11-19HC2VPP-291: ACL model bumpMichal Cmarada34-1485/+1806
- bump ACL yang models - fix ACL module implementation and validation - fix ACL Unit tests - update postman collection Change-Id: Iaab64e6d92d17babc3ccef7921b41070c3716516 Signed-off-by: Michal Cmarada <mcmarada@cisco.com>
2018-09-28Fix bugs after bumping to Fluorine ODL dependencies (HONEYCOMB-433)Michal Cmarada4-6/+6
Change-Id: I99b630f97144770849679a04efccaf7fc9868cb6 Signed-off-by: Michal Cmarada <michal.cmarada@pantheon.tech>
2018-08-17HC2VPP-343: enable validation for acl listMarek Gradzki4-164/+183
This patch moves all validation for acl list to VppAclValidator, implementation of Validator interface brought by (HONEYCOMB-431): https://gerrit.fd.io/r/#/c/14022/ To test <validate> RPC, run ncclient tests with: ./edit_config.py acl/copy_config_unsupported-acl-type.xml -v Support for <validate> RPC requres: https://gerrit.fd.io/r/#/c/14040/ Change-Id: Iea591a76022e893f6aaf2a52637f45cadb284e4e Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-09-07Fix Sonar security issues in MacIpAceDataExtractorMarek Gradzki1-9/+11
Change-Id: I799a33f7589216c8a43c5560ed3dc58e1bf1eae1 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-08-28DumpCacheManager: make dumpParams optionalMarek Gradzki1-2/+1
Requires https://gerrit.fd.io/r/#/c/8185/ Change-Id: Ib2d529366bd3cf6bb292014026ab8053a19c0ed7 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-08-16HONEYCOMB-386 - Hc2vpp Customizers updateJan Srnicek1-9/+0
Utilizes new default update implementation Change-Id: I9bf8473336274ba5fcfc18804f7b414937b3708e Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-08-14HONEYCOMB-381 - Usage of ShutdownHandler for jvpp componentsJan Srnicek1-10/+7
and notification producer Change-Id: I70e749de5b290c84e86a28625d5ec79c98de80f2 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-07-25HC2VPP-173: set empty acl list when deleting ifc assignmentMarek Gradzki2-8/+13
Change-Id: I95e4675723bbb52c0244b68a731e3ec0f5831ce4 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-07-25HC2VPP-180 - Doc coverage generatorJan Srnicek1-1/+1
TODO - links to specific vpp api section(now points just to section with apis) TODO - links to specific java binding code(now points to class thats doing binding) TODO - operational coverage(ASM does not support lambda processing) TODO - generate coverage adoc links Change-Id: I44c85012da3bd2e7cdd41930753e5aae6955cd7b Signed-off-by: Jan Srnicek <jsrnicek@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-07-06HONEYCOMB-360 - Use binding-init module instead of whole distro coreMarek Gradzki1-1/+1
Change-Id: I86eb100ca96169c7cf8df7ba9f2a1c7e3e75d77f Signed-off-by: Jan Srnicek <jsrnicek@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-06-15HC2VPP-57: Rename vpp-acl:permit to vpp-acl:permit-and-reflectMarek Gradzki12-84/+84
vpp-acl:permit is very similar to regular permit and does not explain its purpose as reflexive classfier. Change-Id: I3b0ac6afc2d8e467507d32710a7b6e387998ff68 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-04-24HC2VPP-129 - v4 vs v6 detections based on ip-protocolJan Srnicek2-5/+19
Change-Id: Id10ec084bbb096df3c40aed6319ce406bb746a21 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-03-29HC2VPP-118 - reference check for acl'sJan Srnicek1-2/+71
Adds reference cecking before delete for Acl and MacIpAcl Change-Id: I7acc92784498928059a96f88ba89604fc70bc075 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-03-08HC2VPP-91: fix acl orderingMarek Gradzki4-18/+18
Acl assignment should be added after interface creation (and removed in reverse order). Change-Id: Ieb915b8909ce39549e6f8312a92e065d59303e8d Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-01-26Fix mac-ip acl assignment readMarek Gradzki2-17/+22
Now unassigned acls are filtered out. As a bonus acl plugin coverage was raised above 80%. Change-Id: Ia71be2086d0baadfbffc1f1263bab67f555c0687 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-01-18HONEYCOMB-330: fix acl tag handlingMarek Gradzki6-26/+35
Acl tag in vpp's acl plugin is an ascii tag, so it should not be handled as hex string. Change-Id: I801d5b72a4c20f78246288ea63d914b0b9f3564b Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-01-16HC2VPP-38 / HONEYCOMB-336 - removed mandatory from ace-ip-versionJan Srnicek4-47/+136
Removed mandatory statements Fixed multiple NPE Change-Id: I30af417b0594d9634a9352f7721285257fbcee1e Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-01-11Fix NPE in L3 rulesMarek Gradzki3-16/+75
Patch introduces proper handling for IP adresses, which are optional. Change-Id: Ib009207b4b241d3e2b8c665a35bb1ff87b4a12ac Signed-off-by: Marek Gradzki <mgradzki@cisco.com> (cherry picked from commit e0b4359b39acfe8a583089117a0c2485b85ff7e4)
2017-01-10Fixing NPE in TCP/UDP L4 rulesMarek Gradzki1-17/+47
Change-Id: Iae90f081c0add7ad9f6dd22229df683c6d395e78 Signed-off-by: Tomas Cechvala <tcechval@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-01-10HC2VPP-31: fix vpp-ace translation with no protocol setMarek Gradzki2-2/+15
Change-Id: I9d319ae3d04d90c7652828b0cb382ad142f9d2b6 Signed-off-by: Marek Gradzki <mgradzki@cisco.com> (cherry picked from commit 1b7a019ae9ceeddee496b20f83c095ffcb87b6c2)
2017-01-04HONEYCOMB-310: readers&initializers for vpp and macip aclsMarek Gradzki23-117/+960
Change-Id: I8892479123091e43bf191c544b6628d6254be564 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-23HONEYCOMB-310: initializers for interface acl assignmentMarek Gradzki5-9/+73
Change-Id: I6dcc1ef1abc9d314906d6d4fcc746dcfd28ec5fc Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-22Fix non existing tag handling for mac-ip customizerMarek Gradzki1-16/+18
Change-Id: I717ea660a773cfd3b56010dbfe1e5691bde32de8 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-22Fix ingress/egress acl assignment readMarek Gradzki4-93/+149
Ingress and egress acls are not anymore mixed on the same list when reading interface state Change-Id: I2f775db4482e61593aa9689afcb687f7db7b4e73 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-21Fix interface read when alcs are not configuredMarek Gradzki1-2/+12
Change-Id: Id780d9f503901d551f5a9d5693ca0a28cf596a5c Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-20HONEYCOMB-310: translation layer for acl pluginJan Srnicek21-0/+2114
Not covered by this patch (moved to subsequent commits): - postman collection - distinguish ingress/egress ACLs while reading assigned acls - proper support for acl tag - unit tests improvements - read for acls (not necessarily assigned) - initializers Change-Id: I5a198ce1a6e20d0b1d95b4d2d83d0464fb86580c Signed-off-by: Jan Srnicek <jsrnicek@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>