abf: exclude networks with deny rules

Type: improvement Signed-off-by: Josh Dorsey <jdorsey@netgate.com> Change-Id: Iee43ca9278922fc7396764b88cff1a87bcb28349
author: Josh Dorsey <jdorsey@netgate.com> 2023-01-04 21:28:07 +0000
committer: Neale Ranns <neale@graphiant.com> 2023-01-12 02:17:37 +0000
commit: 6903da232304bc47fc82178bb6956e3613a9921c (patch)
tree: 8766d7ba8f0b5556742d935eaaa6e8367c19346e /src/plugins/abf/FEATURE.yaml
parent: 058237e5811ab0b2d2ffb119228349737dea4a54 (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/src/plugins/abf/FEATURE.yaml b/src/plugins/abf/FEATURE.yaml
index b9f3285daa3..7902dbe7800 100644
--- a/src/plugins/abf/FEATURE.yaml
+++ b/src/plugins/abf/FEATURE.yaml
@@ -1,9 +1,12 @@
 ---
 name: ACL Based Forwarding
-maintainer: Neale Ranns <nranns@cisco.com>
+maintainer: Neale Ranns <neale@graphiant.com>
 features:
   - 'Policy Based Routing'
-  - ACLs match traffic to be forwarded
+  - ACLs identify how traffic should be forwarded. Packets matching a permit
+    rule are forwarded using ABF policy. Packets matching a deny rule are
+    excluded from ABF handling and continue traversing the input feature arc on
+    the L3 path.
   - Each rule in the ACL has an associated 'path' which determines how the
     traffic will be forwarded. This path is described as a FIB path, so anything
     possible with basic L3 forwarding is possible with ABF (with the exception
author	Josh Dorsey <jdorsey@netgate.com>	2023-01-04 21:28:07 +0000
committer	Neale Ranns <neale@graphiant.com>	2023-01-12 02:17:37 +0000
commit	6903da232304bc47fc82178bb6956e3613a9921c (patch)
tree	8766d7ba8f0b5556742d935eaaa6e8367c19346e /src/plugins/abf/FEATURE.yaml
parent	058237e5811ab0b2d2ffb119228349737dea4a54 (diff)