summaryrefslogtreecommitdiffstats
path: root/acl
AgeCommit message (Collapse)AuthorFilesLines
2018-01-10Bump hc2vpp version to 1.18.01-RC1v1.18.01-RC1Marek Gradzki3-6/+6
Change-Id: I5c7d5de7e3963c42fb1a133b17e9c8f3d415821f Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-11-20Refactor IP translators to use IetfInetUtilMarek Gradzki1-2/+2
Use efficient factory methods for ietf-inet-types DTOs where possible. Also cleans up some duplicated and unused code. Change-Id: I58f4163edba0dcd30e5e044cf701788446d86a0f Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-10-04Bump jvpp version to 18.01-SNAPSHOTMarek Gradzki1-1/+1
Also sets version of vpp package dependencies to 18.01 Change-Id: I9d84915e206cc16c87479f94d4b8738899479cea Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-10-04Bump hc2vpp version to 1.18.01-SNAPSHOTMarek Gradzki3-6/+6
Change-Id: Id2b6e7c5259190808b7093dc18538427e4034fc0 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-09-07Fix Sonar security issues in MacIpAceDataExtractorMarek Gradzki1-9/+11
Change-Id: I799a33f7589216c8a43c5560ed3dc58e1bf1eae1 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-08-28DumpCacheManager: make dumpParams optionalMarek Gradzki1-2/+1
Requires https://gerrit.fd.io/r/#/c/8185/ Change-Id: Ib2d529366bd3cf6bb292014026ab8053a19c0ed7 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-08-16HONEYCOMB-386 - Hc2vpp Customizers updateJan Srnicek3-30/+1
Utilizes new default update implementation Change-Id: I9bf8473336274ba5fcfc18804f7b414937b3708e Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-08-14HONEYCOMB-381 - Usage of ShutdownHandler for jvpp componentsJan Srnicek2-10/+13
and notification producer Change-Id: I70e749de5b290c84e86a28625d5ec79c98de80f2 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-08-04Adapt hc2vpp to ODL Carbon bump in honeycombMarek Gradzki1-1/+1
Depends on https://gerrit.fd.io/r/#/c/6924/ Change-Id: I80597cb2846d174a548a5abf1e4add0ba0e17186 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-07-25HC2VPP-173: set empty acl list when deleting ifc assignmentMarek Gradzki4-23/+63
Change-Id: I95e4675723bbb52c0244b68a731e3ec0f5831ce4 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-07-25HC2VPP-180 - Doc coverage generatorJan Srnicek1-1/+1
TODO - links to specific vpp api section(now points just to section with apis) TODO - links to specific java binding code(now points to class thats doing binding) TODO - operational coverage(ASM does not support lambda processing) TODO - generate coverage adoc links Change-Id: I44c85012da3bd2e7cdd41930753e5aae6955cd7b Signed-off-by: Jan Srnicek <jsrnicek@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-07-07Bump jvpp version to 17.10-SNAPSHOTMarek Gradzki1-1/+1
Also sets version of vpp package dependencies to 17.10 Change-Id: I4e139ff2d485933c0de3339db50714a5c72e0a9e Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-07-06Bump hc2vpp version to 1.17.10-SNAPSHOTMarek Gradzki3-6/+6
Change-Id: I744c3bc4962295b307b718764adb14035ee13d1d Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-07-06HONEYCOMB-360 - Use binding-init module instead of whole distro coreMarek Gradzki2-2/+7
Change-Id: I86eb100ca96169c7cf8df7ba9f2a1c7e3e75d77f Signed-off-by: Jan Srnicek <jsrnicek@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-07-01Change minimal-distribution to minimal-distribution-coreMarek Gradzki1-1/+1
The minimal-distribution-core was introduced by HONEYCOMB-373. Adoption is needed to remove indirect dependencies on various HC infra yang models to decrease footprint (HONEYCOMB-358 loads yang models based on maven dependencies). Change-Id: Iba639efb893deb8d51de09009750542f78dfdd50 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-06-16Rename yang files to match model revisionMarek Gradzki5-4/+4
Also order of revisions was sorted starting from most current. Change-Id: I21fd35cfdb1cc5601b3fb40c9f3755bd3b995b14 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-06-15HC2VPP-57: Rename vpp-acl:permit to vpp-acl:permit-and-reflectMarek Gradzki22-123/+128
vpp-acl:permit is very similar to regular permit and does not explain its purpose as reflexive classfier. Change-Id: I3b0ac6afc2d8e467507d32710a7b6e387998ff68 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-06-09Update module tests after introducing YangDAGMarek Gradzki1-13/+13
Change-Id: I3ce66e2e1fbed7b9a333382c664b5dd8ed501df0 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-05-03HC2VPP-14: move ietf acl models from vpp-classfier to acl moduleMarek Gradzki3-3/+390
Change-Id: Idcb2697c5ef06d9d4a62a5de4bc5a56e0212f6a8 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-04-24HC2VPP-129 - v4 vs v6 detections based on ip-protocolJan Srnicek3-16/+42
Change-Id: Id10ec084bbb096df3c40aed6319ce406bb746a21 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-04-04Bump hc2vpp version to 1.17.07-SNAPSHOTMarek Gradzki3-7/+7
Also bumps honeycomb and vpp dependencies Change-Id: Ice9863b8afc1895d43b97953ed6d93e739730f5e Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-03-29HC2VPP-118 - reference check for acl'sJan Srnicek5-2/+269
Adds reference cecking before delete for Acl and MacIpAcl Change-Id: I7acc92784498928059a96f88ba89604fc70bc075 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-03-24Add hc2vpp common parentsMarek Gradzki3-4/+8
- provides single root (hc2vpp-parent) for all projects to make site plugin work - fixes relative links in child poms - adds missing project names Partially based on https://gerrit.fd.io/r/#/c/4720 To test: - mvn clean install && mvn site site:stage - open hc2vpp/target/staging/hc2vpp-parent/hc2vpp-aggregator/index.html Change-Id: Ife5a8555748221cd8bcc8ad2fa48f1d0e98fff1d Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-03-09HC2VPP-7 - split vpp-classifiers to separate moduleJan Srnicek1-2/+2
Split vpp-classifiers and vpp-classifiers acls' to separate modules. Contains TODO's for future change of dependencies Change-Id: I94f92ce2ec8960c67bd406f085f2fe928079ee23 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-03-08HC2VPP-91: fix acl orderingMarek Gradzki4-18/+18
Acl assignment should be added after interface creation (and removed in reverse order). Change-Id: Ieb915b8909ce39549e6f8312a92e065d59303e8d Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-02-21Fixed parents for acl/dhcp aggregator modulesJan Srnicek1-2/+2
Change-Id: I2231d16434ec769891069d66c92bd7cb7891a447 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-02-07Fixed use of structural readers in testsJan Srnicek1-13/+16
ioam plugin disabled till ioam team provides fix for HC2VPP-63 Change-Id: Ibf4970283c4dfefabc73634e522786d74ad32889 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-01-26Fix mac-ip acl assignment readMarek Gradzki7-48/+345
Now unassigned acls are filtered out. As a bonus acl plugin coverage was raised above 80%. Change-Id: Ia71be2086d0baadfbffc1f1263bab67f555c0687 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-01-18HONEYCOMB-330: fix acl tag handlingMarek Gradzki14-45/+59
Acl tag in vpp's acl plugin is an ascii tag, so it should not be handled as hex string. Change-Id: I801d5b72a4c20f78246288ea63d914b0b9f3564b Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-01-16HC2VPP-38 / HONEYCOMB-336 - removed mandatory from ace-ip-versionJan Srnicek8-49/+656
Removed mandatory statements Fixed multiple NPE Change-Id: I30af417b0594d9634a9352f7721285257fbcee1e Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-01-11Bump of jvpp version to 17.04Jan Srnicek1-1/+1
Depends on https://gerrit.fd.io/r/#/c/4632/ Nsh stays on 17.01, till owner provides higher version Change-Id: I1f51699b6809d30dd0272301ebb1074a42863618 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2017-01-11Fix NPE in L3 rulesMarek Gradzki5-17/+130
Patch introduces proper handling for IP adresses, which are optional. Change-Id: Ib009207b4b241d3e2b8c665a35bb1ff87b4a12ac Signed-off-by: Marek Gradzki <mgradzki@cisco.com> (cherry picked from commit e0b4359b39acfe8a583089117a0c2485b85ff7e4)
2017-01-10Fixing NPE in TCP/UDP L4 rulesMarek Gradzki3-17/+106
Change-Id: Iae90f081c0add7ad9f6dd22229df683c6d395e78 Signed-off-by: Tomas Cechvala <tcechval@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-01-10HC2VPP-31: fix vpp-ace translation with no protocol setMarek Gradzki4-2/+46
Change-Id: I9d319ae3d04d90c7652828b0cb382ad142f9d2b6 Signed-off-by: Marek Gradzki <mgradzki@cisco.com> (cherry picked from commit 1b7a019ae9ceeddee496b20f83c095ffcb87b6c2)
2017-01-05Bump hc2vpp versoin to 17.04Marek Gradzki3-6/+6
Also updates version of honeycomb dependencies. Vpp API version bump moved to separate commit due to issues with jvpp jars. Change-Id: Id336393b00fe05e8ecee9b547dcfc6a49e1a98ec Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-01-04HONEYCOMB-310: readers&initializers for vpp and macip aclsMarek Gradzki30-155/+1122
Change-Id: I8892479123091e43bf191c544b6628d6254be564 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-23HONEYCOMB-310: initializers for interface acl assignmentMarek Gradzki7-13/+109
Change-Id: I6dcc1ef1abc9d314906d6d4fcc746dcfd28ec5fc Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-22Fix non existing tag handling for mac-ip customizerMarek Gradzki3-21/+134
Change-Id: I717ea660a773cfd3b56010dbfe1e5691bde32de8 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-22Fix ingress/egress acl assignment readMarek Gradzki9-230/+364
Ingress and egress acls are not anymore mixed on the same list when reading interface state Change-Id: I2f775db4482e61593aa9689afcb687f7db7b4e73 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-21Fix interface read when alcs are not configuredMarek Gradzki4-2/+218
Change-Id: Id780d9f503901d551f5a9d5693ca0a28cf596a5c Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-20HONEYCOMB-310: postman collection for acl pluginMarek Gradzki1-0/+223
Change-Id: I4eb0c7df35577488259e48da7b32ae0a6c47de56 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-20HONEYCOMB-310: translation layer for acl pluginJan Srnicek41-0/+3563
Not covered by this patch (moved to subsequent commits): - postman collection - distinguish ingress/egress ACLs while reading assigned acls - proper support for acl tag - unit tests improvements - read for acls (not necessarily assigned) - initializers Change-Id: I5a198ce1a6e20d0b1d95b4d2d83d0464fb86580c Signed-off-by: Jan Srnicek <jsrnicek@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-12-16HONEYCOMB-321 - Acl model fix to not break yang specificationJan Srnicek1-27/+41
Prevents breaking 7.9.2. The choice's case Statement from Yang RFC Change-Id: I1895afbdd6c2209262575925463dcfde7d2c649d Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2016-12-14Acl model improvementsJan Srnicek1-5/+16
Adds case to cover other protocol numbers Adds constraint to not allow stateless mac-ip acl's Change-Id: I9feeba5ac6b6480282cac62e5479c433c92c8d99 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2016-12-09Allow setting icmp code range for alc'sJan Srnicek1-16/+25
Change-Id: I712f25f70f1a6186b9fe888f7a560616cfd9aeb6 Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>
2016-12-08HONEYCOMB-304: yang model for the acl pluginMarek Gradzki6-0/+423
Change-Id: Ic5d11961d5e620d171cd6e320879fd3de507b055 Signed-off-by: Marek Gradzki <mgradzki@cisco.com> Signed-off-by: Jan Srnicek <jsrnicek@cisco.com>