diff options
| author |   Steven Luong <sluong@cisco.com> | 2024-07-30 13:44:01 -0700 |
|---|---|---|
| committer |   Florin Coras <florin.coras@gmail.com> | 2024-09-06 18:26:56 +0000 |
| commit | c4b5d10115d4370488ac14eb0ba7295b049a0615 (patch) | |
| tree | 9c8bdf757de6d995e051959d1c11bded0b9267a6 /src/plugins/hs_apps | |
| parent | 2a5bb3b5ab3e05cee0da6a78b77e67fbc3bdca75 (diff) | |
session: add Source Deny List
With this feature, session enable is now modified to have 3 modes of operation
session enable -- only enable session
session enable rt-backend sdl -- enable session with sdl
session enable rt-backend rule-table -- enable session with rule-table
session rule tables are now created on demand, upon adding first rule
to the rule table.
refactor session table to remove depenency from sesssion rules table. Now
session rules table APIs take srtg_handle and transport
proto instead of srt pointer.
Type: feature
Change-Id: Idde6a9b2f46b29bb931f9039636562575572aa14
Signed-off-by: Steven Luong <sluong@cisco.com>
Diffstat (limited to 'src/plugins/hs_apps')
| -rw-r--r-- | src/plugins/hs_apps/echo_client.c | 5 | ||||
| -rw-r--r-- | src/plugins/hs_apps/echo_server.c | 5 | ||||
| -rw-r--r-- | src/plugins/hs_apps/http_cli.c | 5 | ||||
| -rw-r--r-- | src/plugins/hs_apps/http_client_cli.c | 5 | ||||
| -rw-r--r-- | src/plugins/hs_apps/http_simple_post.c | 7 | ||||
| -rw-r--r-- | src/plugins/hs_apps/http_tps.c | 5 | ||||
| -rw-r--r-- | src/plugins/hs_apps/proxy.c | 5 |
7 files changed, 29 insertions, 8 deletions
diff --git a/src/plugins/hs_apps/echo_client.c b/src/plugins/hs_apps/echo_client.c index d1443e75e80..8dec5d86824 100644 --- a/src/plugins/hs_apps/echo_client.c +++ b/src/plugins/hs_apps/echo_client.c @@ -429,8 +429,11 @@ ec_init (vlib_main_t *vm) ecm->app_is_init = 1; + session_enable_disable_args_t args = { .is_en = 1, + .rt_engine_type = + RT_BACKEND_ENGINE_RULE_TABLE }; vlib_worker_thread_barrier_sync (vm); - vnet_session_enable_disable (vm, 1 /* turn on session and transports */); + vnet_session_enable_disable (vm, &args); /* Turn on the builtin client input nodes */ foreach_vlib_main () diff --git a/src/plugins/hs_apps/echo_server.c b/src/plugins/hs_apps/echo_server.c index 0243252434a..756a1cc3451 100644 --- a/src/plugins/hs_apps/echo_server.c +++ b/src/plugins/hs_apps/echo_server.c @@ -736,7 +736,10 @@ echo_server_create_command_fn (vlib_main_t * vm, unformat_input_t * input, goto cleanup; } - vnet_session_enable_disable (vm, 1 /* turn on TCP, etc. */ ); + session_enable_disable_args_t args = { .is_en = 1, + .rt_engine_type = + RT_BACKEND_ENGINE_RULE_TABLE }; + vnet_session_enable_disable (vm, &args); if (!server_uri_set) { diff --git a/src/plugins/hs_apps/http_cli.c b/src/plugins/hs_apps/http_cli.c index 17624b3e827..e0bb9afba4a 100644 --- a/src/plugins/hs_apps/http_cli.c +++ b/src/plugins/hs_apps/http_cli.c @@ -731,7 +731,10 @@ start_server: if (hcm->app_index != (u32) ~0) return clib_error_return (0, "test http server is already running"); - vnet_session_enable_disable (vm, 1 /* turn on TCP, etc. */ ); + session_enable_disable_args_t args = { .is_en = 1, + .rt_engine_type = + RT_BACKEND_ENGINE_RULE_TABLE }; + vnet_session_enable_disable (vm, &args); rv = hcs_create (vm); switch (rv) diff --git a/src/plugins/hs_apps/http_client_cli.c b/src/plugins/hs_apps/http_client_cli.c index 722499b24c3..afa173c98df 100644 --- a/src/plugins/hs_apps/http_client_cli.c +++ b/src/plugins/hs_apps/http_client_cli.c @@ -558,8 +558,11 @@ hcc_command_fn (vlib_main_t *vm, unformat_input_t *input, goto done; } + session_enable_disable_args_t args = { .is_en = 1, + .rt_engine_type = + RT_BACKEND_ENGINE_RULE_TABLE }; vlib_worker_thread_barrier_sync (vm); - vnet_session_enable_disable (vm, 1 /* turn on TCP, etc. */); + vnet_session_enable_disable (vm, &args); vlib_worker_thread_barrier_release (vm); err = hcc_run (vm, print_output); diff --git a/src/plugins/hs_apps/http_simple_post.c b/src/plugins/hs_apps/http_simple_post.c index b0b9a38db2d..0c2b30ad25c 100644 --- a/src/plugins/hs_apps/http_simple_post.c +++ b/src/plugins/hs_apps/http_simple_post.c @@ -522,8 +522,11 @@ hsp_command_fn (vlib_main_t *vm, unformat_input_t *input, goto done; } + session_enable_disable_args_t args = { .is_en = 1, + .rt_engine_type = + RT_BACKEND_ENGINE_RULE_TABLE }; vlib_worker_thread_barrier_sync (vm); - vnet_session_enable_disable (vm, 1 /* turn on TCP, etc. */); + vnet_session_enable_disable (vm, &args); vlib_worker_thread_barrier_release (vm); hspm->cli_node_index = @@ -566,4 +569,4 @@ hsp_main_init (vlib_main_t *vm) return 0; } -VLIB_INIT_FUNCTION (hsp_main_init);
\ No newline at end of file +VLIB_INIT_FUNCTION (hsp_main_init); diff --git a/src/plugins/hs_apps/http_tps.c b/src/plugins/hs_apps/http_tps.c index b37c447295a..35a5802f476 100644 --- a/src/plugins/hs_apps/http_tps.c +++ b/src/plugins/hs_apps/http_tps.c @@ -760,7 +760,10 @@ start_server: if (htm->app_index == (u32) ~0) { - vnet_session_enable_disable (vm, 1 /* is_enable */); + session_enable_disable_args_t args = { .is_en = 1, + .rt_engine_type = + RT_BACKEND_ENGINE_RULE_TABLE }; + vnet_session_enable_disable (vm, &args); if (hts_create (vm)) { diff --git a/src/plugins/hs_apps/proxy.c b/src/plugins/hs_apps/proxy.c index e8fedf921a5..5edea0945b0 100644 --- a/src/plugins/hs_apps/proxy.c +++ b/src/plugins/hs_apps/proxy.c @@ -915,7 +915,10 @@ proxy_server_create_command_fn (vlib_main_t * vm, unformat_input_t * input, goto done; } - vnet_session_enable_disable (vm, 1 /* turn on session and transport */ ); + session_enable_disable_args_t args = { .is_en = 1, + .rt_engine_type = + RT_BACKEND_ENGINE_RULE_TABLE }; + vnet_session_enable_disable (vm, &args); rv = proxy_server_create (vm); switch (rv) |