summaryrefslogtreecommitdiffstats
path: root/acl
AgeCommit message (Collapse)AuthorFilesLines
2017-06-16Rename yang files to match model revisionMarek Gradzki5-4/+4
Also order of revisions was sorted starting from most current. Change-Id: I21fd35cfdb1cc5601b3fb40c9f3755bd3b995b14 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-06-15HC2VPP-57: Rename vpp-acl:permit to vpp-acl:permit-and-reflectMarek Gradzki22-123/+128
vpp-acl:permit is very similar to regular permit and does not explain its purpose as reflexive classfier. Change-Id: I3b0ac6afc2d8e467507d32710a7b6e387998ff68 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-06-09Update module tests after introducing YangDAGMarek Gradzki1-13/+13
Change-Id: I3ce66e2e1fbed7b9a333382c664b5dd8ed501df0 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-05-03HC2VPP-14: move ietf acl models from vpp-classfier to acl moduleMarek Gradzki3-3/+390
Change-Id: Idcb2697c5ef06d9d4a62a5de4bc5a56e0212f6a8 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-04-24HC2VPP-129 - v4 vs v6 detections based on ip-protocolJan Srnicek3-16/+42
Change-Id: Id10ec084bbb096df3c40aed6319ce406bb746a21 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-04-04Bump hc2vpp version to 1.17.07-SNAPSHOTMarek Gradzki3-7/+7
Also bumps honeycomb and vpp dependencies Change-Id: Ice9863b8afc1895d43b97953ed6d93e739730f5e Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-03-29HC2VPP-118 - reference check for acl'sJan Srnicek5-2/+269
Adds reference cecking before delete for Acl and MacIpAcl Change-Id: I7acc92784498928059a96f88ba89604fc70bc075 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-03-24Add hc2vpp common parentsMarek Gradzki3-4/+8
- provides single root (hc2vpp-parent) for all projects to make site plugin work - fixes relative links in child poms - adds missing project names Partially based on https://gerrit.fd.io/r/#/c/4720 To test: - mvn clean install && mvn site site:stage - open hc2vpp/target/staging/hc2vpp-parent/hc2vpp-aggregator/index.html Change-Id: Ife5a8555748221cd8bcc8ad2fa48f1d0e98fff1d Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-03-09HC2VPP-7 - split vpp-classifiers to separate moduleJan Srnicek1-2/+2
Split vpp-classifiers and vpp-classifiers acls' to separate modules. Contains TODO's for future change of dependencies Change-Id: I94f92ce2ec8960c67bd406f085f2fe928079ee23 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-03-08HC2VPP-91: fix acl orderingMarek Gradzki4-18/+18
Acl assignment should be added after interface creation (and removed in reverse order). Change-Id: Ieb915b8909ce39549e6f8312a92e065d59303e8d Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-02-21Fixed parents for acl/dhcp aggregator modulesJan Srnicek1-2/+2
Change-Id: I2231d16434ec769891069d66c92bd7cb7891a447 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-02-07Fixed use of structural readers in testsJan Srnicek1-13/+16
ioam plugin disabled till ioam team provides fix for HC2VPP-63 Change-Id: Ibf4970283c4dfefabc73634e522786d74ad32889 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-01-26Fix mac-ip acl assignment readMarek Gradzki7-48/+345
Now unassigned acls are filtered out. As a bonus acl plugin coverage was raised above 80%. Change-Id: Ia71be2086d0baadfbffc1f1263bab67f555c0687 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-01-18HONEYCOMB-330: fix acl tag handlingMarek Gradzki14-45/+59
Acl tag in vpp's acl plugin is an ascii tag, so it should not be handled as hex string. Change-Id: I801d5b72a4c20f78246288ea63d914b0b9f3564b Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-01-16HC2VPP-38 / HONEYCOMB-336 - removed mandatory from ace-ip-versionJan Srnicek8-49/+656
Removed mandatory statements Fixed multiple NPE Change-Id: I30af417b0594d9634a9352f7721285257fbcee1e Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-01-11Bump of jvpp version to 17.04Jan Srnicek1-1/+1
Depends on https://gerrit.fd.io/r/#/c/4632/ Nsh stays on 17.01, till owner provides higher version Change-Id: I1f51699b6809d30dd0272301ebb1074a42863618 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-01-11Fix NPE in L3 rulesMarek Gradzki5-17/+130
Patch introduces proper handling for IP adresses, which are optional. Change-Id: Ib009207b4b241d3e2b8c665a35bb1ff87b4a12ac Signed-off-by: Marek Gradzki <mgradzki@cisco.com> (cherry picked from commit e0b4359b39acfe8a583089117a0c2485b85ff7e4)
2017-01-10Fixing NPE in TCP/UDP L4 rulesMarek Gradzki3-17/+106
Change-Id: Iae90f081c0add7ad9f6dd22229df683c6d395e78 Signed-off-by: Tomas Cechvala <tcechval@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-01-10HC2VPP-31: fix vpp-ace translation with no protocol setMarek Gradzki4-2/+46
Change-Id: I9d319ae3d04d90c7652828b0cb382ad142f9d2b6 Signed-off-by: Marek Gradzki <mgradzki@cisco.com> (cherry picked from commit 1b7a019ae9ceeddee496b20f83c095ffcb87b6c2)
2017-01-05Bump hc2vpp versoin to 17.04Marek Gradzki3-6/+6
Also updates version of honeycomb dependencies. Vpp API version bump moved to separate commit due to issues with jvpp jars. Change-Id: Id336393b00fe05e8ecee9b547dcfc6a49e1a98ec Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-01-04HONEYCOMB-310: readers&initializers for vpp and macip aclsMarek Gradzki30-155/+1122
Change-Id: I8892479123091e43bf191c544b6628d6254be564 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-23HONEYCOMB-310: initializers for interface acl assignmentMarek Gradzki7-13/+109
Change-Id: I6dcc1ef1abc9d314906d6d4fcc746dcfd28ec5fc Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-22Fix non existing tag handling for mac-ip customizerMarek Gradzki3-21/+134
Change-Id: I717ea660a773cfd3b56010dbfe1e5691bde32de8 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-22Fix ingress/egress acl assignment readMarek Gradzki9-230/+364
Ingress and egress acls are not anymore mixed on the same list when reading interface state Change-Id: I2f775db4482e61593aa9689afcb687f7db7b4e73 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-21Fix interface read when alcs are not configuredMarek Gradzki4-2/+218
Change-Id: Id780d9f503901d551f5a9d5693ca0a28cf596a5c Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-20HONEYCOMB-310: postman collection for acl pluginMarek Gradzki1-0/+223
Change-Id: I4eb0c7df35577488259e48da7b32ae0a6c47de56 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-20HONEYCOMB-310: translation layer for acl pluginJan Srnicek41-0/+3563
Not covered by this patch (moved to subsequent commits): - postman collection - distinguish ingress/egress ACLs while reading assigned acls - proper support for acl tag - unit tests improvements - read for acls (not necessarily assigned) - initializers Change-Id: I5a198ce1a6e20d0b1d95b4d2d83d0464fb86580c Signed-off-by: Jan Srnicek <jsrnicek@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-16HONEYCOMB-321 - Acl model fix to not break yang specificationJan Srnicek1-27/+41
Prevents breaking 7.9.2. The choice's case Statement from Yang RFC Change-Id: I1895afbdd6c2209262575925463dcfde7d2c649d Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2016-12-14Acl model improvementsJan Srnicek1-5/+16
Adds case to cover other protocol numbers Adds constraint to not allow stateless mac-ip acl's Change-Id: I9feeba5ac6b6480282cac62e5479c433c92c8d99 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2016-12-09Allow setting icmp code range for alc'sJan Srnicek1-16/+25
Change-Id: I712f25f70f1a6186b9fe888f7a560616cfd9aeb6 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2016-12-08HONEYCOMB-304: yang model for the acl pluginMarek Gradzki6-0/+423
Change-Id: Ic5d11961d5e620d171cd6e320879fd3de507b055 Signed-off-by: Marek Gradzki <mgradzki@cisco.com> Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>