diff options
| author |   Marek Gradzki <mgradzki@cisco.com> | 2016-10-18 09:48:01 +0200 |
|---|---|---|
| committer | Marek Gradzki <mgradzki@cisco.com> | 2016-10-18 10:52:04 +0200 |
| commit | e038e92d86fce2df7e50071436ceac5cf0a9ba24 (patch) | |
| tree | 948988a129339d0cf194b012499b07fee3cbae63 /v3po/postman_rest_collection.json | |
| parent | 009a3e6e33225e1cd9ff4dd8ce7c38cc94e5f9dd (diff) | |
Make ip-version mandatory for all ACEs
- ip-version was mandatory only when mixing l2/l3 rules in one ACE
(vpp api limitation). It needs to be provided also in case of
ACEs that define l3 only rules (we allow mixing ip4/ip6 ACEs
in one list).
- updates postman collestion with example of L4 only acl
Change-Id: Ifb863208c21a504cd61843f7540341bc35a6174a
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
Diffstat (limited to 'v3po/postman_rest_collection.json')
| -rw-r--r-- | v3po/postman_rest_collection.json | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/v3po/postman_rest_collection.json b/v3po/postman_rest_collection.json index 5617a98a4..e25cfb6f2 100644 --- a/v3po/postman_rest_collection.json +++ b/v3po/postman_rest_collection.json @@ -98,11 +98,13 @@ "5e93fbca-86d0-12a5-45fd-45d7dfa3bd40", "5140ac58-342a-1576-8b0e-99eb8b3b1fb2", "9f58c827-d698-fc60-ec49-c2ccbca97c35", + "93b5345a-434f-9459-26c2-dc2cad9176e0", "4d3d06fe-8a64-d0e4-400a-79c4fbd6db73", "33280f11-2d61-09d3-f726-9907ef00dc19", "60d4ab79-dea1-de5a-63eb-6e26d3d1481b", "d668c31c-b904-cd65-124c-dd2a89149b70", "13b938a5-7a53-513f-44b9-33d869b8cb53", + "bca26b70-fe05-a1b4-f93a-1f683341d492", "4442a2fd-497d-ee8d-22cd-43b72c358f67", "161987f9-8912-f724-2f2d-d7548b12e8f9" ], @@ -1631,6 +1633,27 @@ "folder": "c05d7211-11b0-5688-2079-afa51196045c" }, { + "id": "93b5345a-434f-9459-26c2-dc2cad9176e0", + "headers": "Authorization: Basic YWRtaW46YWRtaW4=\nContent-Type: application/json\n", + "url": "http://localhost:8183/restconf/config/ietf-access-control-list:access-lists/acl/vpp-acl:mixed-acl/acl6", + "preRequestScript": "", + "pathVariables": {}, + "method": "PUT", + "data": [], + "dataMode": "raw", + "version": 2, + "tests": "", + "currentHelper": "normal", + "helperAttributes": {}, + "time": 1476780298679, + "name": "Write acl6 list (L4 rules)", + "description": "Deny any traffic where destination port is 80 and source port in range [1000,2000].", + "collectionId": "5bad4634-e5cf-900e-9733-0976aa9bea64", + "responses": [], + "rawModeData": "{\n\t\"acl\": [\n\t\t{\n\t\t\t\"acl-name\": \"acl6\", \n\t\t\t\"acl-type\": \"vpp-acl:mixed-acl\", \n\t\t\t\"access-list-entries\": {\n\t\t\t\t\"ace\": [\n\t\t\t\t\t{\n\t\t\t\t\t\t\"matches\": {\n \"destination-ipv4-network\": \"0.0.0.0/0\",\n\t\t\t\t\t\t\t\"destination-port-range\": {\n\t\t\t\t\t\t\t\t\"lower-port\": 80\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t}, \n\t\t\t\t\t\t\t\"source-port-range\": {\n\t\t\t\t\t\t\t\t\"lower-port\": 1000,\n\t\t\t\t\t\t\t\t\"upper-port\": 2000\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}, \n\t\t\t\t\t\t\"actions\": {\n\t\t\t\t\t\t\t\"deny\": {}\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"rule-name\": \"rule1\"\n\t\t\t\t\t}]}}]}\n", + "folder": "c05d7211-11b0-5688-2079-afa51196045c" + }, + { "id": "4d3d06fe-8a64-d0e4-400a-79c4fbd6db73", "headers": "Authorization: Basic YWRtaW46YWRtaW4=\nContent-Type: application/json\n", "url": "http://localhost:8183/restconf/config/ietf-access-control-list:access-lists/acl/ietf-access-control-list:eth-acl/acl1", @@ -1736,6 +1759,27 @@ "folder": "c05d7211-11b0-5688-2079-afa51196045c" }, { + "id": "bca26b70-fe05-a1b4-f93a-1f683341d492", + "headers": "Authorization: Basic YWRtaW46YWRtaW4=\nContent-Type: application/json\n", + "url": "http://localhost:8183/restconf/config/ietf-interfaces:interfaces/interface/local0/ietf-acl/ingress/access-lists/acl/vpp-acl:mixed-acl/acl6", + "preRequestScript": "", + "pathVariables": {}, + "method": "PUT", + "data": [], + "dataMode": "raw", + "version": 2, + "tests": "", + "currentHelper": "normal", + "helperAttributes": {}, + "time": 1476778885469, + "name": "Enable L4 ACL on local0 interface", + "description": "Creates chain of classfy tabless/sessions in VPP and assigns them to local0 interface.\n\nCan be verified with:\nvppctl show classify table verbose\n\nthen (depending on acl mode):\n\nvppctl show inacl type l2\n\nor\n\nvppctl show inacl type ip4\n\nvppctl show inacl type ip6", + "collectionId": "5bad4634-e5cf-900e-9733-0976aa9bea64", + "responses": [], + "rawModeData": "{\n\n \"acl\": [\n {\n \"type\" : \"vpp-acl:mixed-acl\",\n \"name\" : \"acl6\"\n }\n ]\n}", + "folder": "c05d7211-11b0-5688-2079-afa51196045c" + }, + { "id": "4442a2fd-497d-ee8d-22cd-43b72c358f67", "headers": "Authorization: Basic YWRtaW46YWRtaW4=\nContent-Type: application/json\n", "url": "http://localhost:8183/restconf/config/ietf-interfaces:interfaces/interface/local0/v3po:ietf-acl", |