summaryrefslogtreecommitdiffstats
path: root/src/plugins/acl
diff options
context:
space:
mode:
authorAndrew Yourtchenko <ayourtch@gmail.com>2017-08-10 17:02:58 +0200
committerOle Trøan <otroan@employees.org>2017-09-07 11:33:06 +0000
commit6be72cd89a3068130fea1e0a44f2885bff599c55 (patch)
tree622bb467a0491cf271576f209a8555f1e9597c34 /src/plugins/acl
parent4802632dd1da02c021af99a179264f4a9a163f36 (diff)
acl-plugin: match index set to first portrange element if non-first portrange matches on the same hash key (VPP-937)
Multiple portranges that land on the same hash key will always report the match on the first portrange - even when the subsequent portranges have matched. Test escape, so make a corresponding test case and fix the code so it passes. (the commit on stable/1707 has erroneously mentioned VPP-938 jira ticket) Change-Id: Idbeb8a122252ead2468f5f9dbaf72cf0e8bb78f1 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit fb088f0a201270e949469c915c529d75ad13353e) Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Diffstat (limited to 'src/plugins/acl')
-rw-r--r--src/plugins/acl/hash_lookup.c6
1 files changed, 1 insertions, 5 deletions
diff --git a/src/plugins/acl/hash_lookup.c b/src/plugins/acl/hash_lookup.c
index f987b36e03a..5dbc3589c98 100644
--- a/src/plugins/acl/hash_lookup.c
+++ b/src/plugins/acl/hash_lookup.c
@@ -134,11 +134,7 @@ multi_acl_match_get_applied_ace_index(acl_main_t *am, fa_5tuple_t *match)
}
if (curr_index < curr_match_index) {
DBG("The index %d is the new candidate in portrange matches.", curr_index);
- curr_match_index = result_val->applied_entry_index;
- if (!result_val->shadowed) {
- /* new result is known to not be shadowed, so no point to look up further */
- break;
- }
+ curr_match_index = curr_index;
} else {
DBG("Curr portmatch index %d is too big vs. current matched one %d", curr_index, curr_match_index);
}