aboutsummaryrefslogtreecommitdiffstats
path: root/test
diff options
context:
space:
mode:
authorJakub Grajciar <jgrajcia@cisco.com>2020-03-27 06:55:06 +0100
committerOle Trøan <otroan@employees.org>2020-03-27 12:46:42 +0000
commit2f8cd914514fe54f91974c6d465d4769dfac8de8 (patch)
tree0800301d4e2ba8d1cf9bf695798b88684bee39f7 /test
parent64d9da3ba3b07d23782ef1a947fb5a71b9f4de56 (diff)
acl: API cleanup
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I09fa6c1b6917936351bd376b56c414ce24488095 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Diffstat (limited to 'test')
-rw-r--r--test/test_dvr.py31
-rw-r--r--test/test_pipe.py64
-rw-r--r--test/vpp_papi_provider.py120
3 files changed, 39 insertions, 176 deletions
diff --git a/test/test_dvr.py b/test/test_dvr.py
index d5ffd3b1577..8531b8553ca 100644
--- a/test/test_dvr.py
+++ b/test/test_dvr.py
@@ -5,11 +5,13 @@ from framework import VppTestCase, VppTestRunner
from vpp_ip_route import VppIpRoute, VppRoutePath, FibPathType
from vpp_l2 import L2_PORT_TYPE
from vpp_sub_interface import L2_VTR_OP, VppDot1QSubint
+from vpp_acl import AclRule, VppAcl, VppAclInterface
from scapy.packet import Raw
from scapy.layers.l2 import Ether, Dot1Q
from scapy.layers.inet import IP, UDP
from socket import AF_INET, inet_pton
+from ipaddress import IPv4Network
NUM_PKTS = 67
@@ -186,26 +188,18 @@ class TestDVR(VppTestCase):
#
# Add an output L3 ACL that will block the traffic
#
- rule_1 = ({'is_permit': 0,
- 'is_ipv6': 0,
- 'proto': 17,
- 'srcport_or_icmptype_first': 1234,
- 'srcport_or_icmptype_last': 1234,
- 'src_ip_prefix_len': 32,
- 'src_ip_addr': inet_pton(AF_INET, any_src_addr),
- 'dstport_or_icmpcode_first': 1234,
- 'dstport_or_icmpcode_last': 1234,
- 'dst_ip_prefix_len': 32,
- 'dst_ip_addr': inet_pton(AF_INET, ip_non_tag_bridged)})
- acl = self.vapi.acl_add_replace(acl_index=4294967295,
- r=[rule_1])
+ rule_1 = AclRule(is_permit=0, proto=17, ports=1234,
+ src_prefix=IPv4Network((any_src_addr, 32)),
+ dst_prefix=IPv4Network((ip_non_tag_bridged, 32)))
+ acl = VppAcl(self, rules=[rule_1])
+ acl.add_vpp_config()
#
# Apply the ACL on the output interface
#
- self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index,
- 0,
- [acl.acl_index])
+ acl_if1 = VppAclInterface(self, sw_if_index=self.pg1.sw_if_index,
+ n_input=0, acls=[acl])
+ acl_if1.add_vpp_config()
#
# Send packet's that should match the ACL and be dropped
@@ -216,9 +210,8 @@ class TestDVR(VppTestCase):
#
# cleanup
#
- self.vapi.acl_interface_set_acl_list(self.pg1.sw_if_index,
- 0, [])
- self.vapi.acl_del(acl.acl_index)
+ acl_if1.remove_vpp_config()
+ acl.remove_vpp_config()
self.vapi.sw_interface_set_l2_bridge(
rx_sw_if_index=self.pg0.sw_if_index, bd_id=1, enable=0)
diff --git a/test/test_pipe.py b/test/test_pipe.py
index 6e3edca3c50..0e766654d2a 100644
--- a/test/test_pipe.py
+++ b/test/test_pipe.py
@@ -1,6 +1,7 @@
#!/usr/bin/env python3
from socket import AF_INET, AF_INET6, inet_pton
import unittest
+from ipaddress import IPv4Network
from scapy.packet import Raw
from scapy.layers.l2 import Ether
@@ -9,6 +10,7 @@ from scapy.layers.inet import IP, UDP
from framework import VppTestCase, VppTestRunner
from vpp_interface import VppInterface
from vpp_ip_route import VppIpTable, VppIpRoute, VppRoutePath
+from vpp_acl import AclRule, VppAcl, VppAclInterface
NUM_PKTS = 67
@@ -122,39 +124,30 @@ class TestPipe(VppTestCase):
#
# Attach ACL to ensure features are run on the pipe
#
- rule_1 = ({'is_permit': 0,
- 'is_ipv6': 0,
- 'proto': 17,
- 'srcport_or_icmptype_first': 1234,
- 'srcport_or_icmptype_last': 1234,
- 'src_ip_prefix_len': 32,
- 'src_ip_addr': inet_pton(AF_INET, "1.1.1.1"),
- 'dstport_or_icmpcode_first': 1234,
- 'dstport_or_icmpcode_last': 1234,
- 'dst_ip_prefix_len': 32,
- 'dst_ip_addr': inet_pton(AF_INET, "1.1.1.2")})
- acl = self.vapi.acl_add_replace(acl_index=4294967295,
- r=[rule_1])
+ rule_1 = AclRule(is_permit=0, proto=17,
+ src_prefix=IPv4Network("1.1.1.1/32"),
+ dst_prefix=IPv4Network("1.1.1.2/32"), ports=1234)
+ acl = VppAcl(self, rules=[rule_1])
+ acl.add_vpp_config()
# Apply the ACL on the pipe on output
- self.vapi.acl_interface_set_acl_list(pipes[0].east,
- 0,
- [acl.acl_index])
+ acl_if_e = VppAclInterface(self, sw_if_index=pipes[0].east, n_input=0,
+ acls=[acl])
+ acl_if_e.add_vpp_config()
+
self.send_and_assert_no_replies(self.pg0, p * NUM_PKTS)
self.send_and_expect(self.pg1, p * NUM_PKTS, self.pg0)
# remove from output and apply on input
- self.vapi.acl_interface_set_acl_list(pipes[0].east,
- 0,
- [])
- self.vapi.acl_interface_set_acl_list(pipes[0].west,
- 1,
- [acl.acl_index])
+ acl_if_e.remove_vpp_config()
+ acl_if_w = VppAclInterface(self, sw_if_index=pipes[0].west, n_input=1,
+ acls=[acl])
+ acl_if_w.add_vpp_config()
+
self.send_and_assert_no_replies(self.pg0, p * NUM_PKTS)
self.send_and_expect(self.pg1, p * NUM_PKTS, self.pg0)
- self.vapi.acl_interface_set_acl_list(pipes[0].west,
- 0,
- [])
+
+ acl_if_w.remove_vpp_config()
self.send_and_expect(self.pg0, p * NUM_PKTS, self.pg1)
self.send_and_expect(self.pg1, p * NUM_PKTS, self.pg0)
@@ -227,24 +220,21 @@ class TestPipe(VppTestCase):
#
# Use ACLs to test features run on the Pipes
#
- self.vapi.acl_interface_set_acl_list(pipes[1].east,
- 0,
- [acl.acl_index])
+ acl_if_e1 = VppAclInterface(self, sw_if_index=pipes[1].east, n_input=0,
+ acls=[acl])
+ acl_if_e1.add_vpp_config()
self.send_and_assert_no_replies(self.pg2, p_east * NUM_PKTS)
self.send_and_expect(self.pg3, p_west * NUM_PKTS, self.pg2)
# remove from output and apply on input
- self.vapi.acl_interface_set_acl_list(pipes[1].east,
- 0,
- [])
- self.vapi.acl_interface_set_acl_list(pipes[1].west,
- 1,
- [acl.acl_index])
+ acl_if_e1.remove_vpp_config()
+ acl_if_w1 = VppAclInterface(self, sw_if_index=pipes[1].west, n_input=1,
+ acls=[acl])
+ acl_if_w1.add_vpp_config()
self.send_and_assert_no_replies(self.pg2, p_east * NUM_PKTS)
self.send_and_expect(self.pg3, p_west * NUM_PKTS, self.pg2)
- self.vapi.acl_interface_set_acl_list(pipes[1].west,
- 0,
- [])
+ acl_if_w1.remove_vpp_config()
+
self.send_and_expect(self.pg2, p_east * NUM_PKTS, self.pg3)
self.send_and_expect(self.pg3, p_west * NUM_PKTS, self.pg2)
diff --git a/test/vpp_papi_provider.py b/test/vpp_papi_provider.py
index 651e07a98b1..1e0226c878e 100644
--- a/test/vpp_papi_provider.py
+++ b/test/vpp_papi_provider.py
@@ -925,126 +925,6 @@ class VppPapiProvider(object):
return self.api(self.papi.sr_mpls_policy_del,
{'bsid': bsid})
- def acl_add_replace(self, acl_index, r, tag='',
- expected_retval=0):
- """Add/replace an ACL
- :param int acl_index: ACL index to replace, 2^32-1 to create new ACL.
- :param acl_rule r: ACL rules array.
- :param str tag: symbolic tag (description) for this ACL.
- :param int count: number of rules.
- """
- return self.api(self.papi.acl_add_replace,
- {'acl_index': acl_index,
- 'r': r,
- 'count': len(r),
- 'tag': tag},
- expected_retval=expected_retval)
-
- def acl_del(self, acl_index, expected_retval=0):
- """
-
- :param acl_index:
- :return:
- """
- return self.api(self.papi.acl_del,
- {'acl_index': acl_index},
- expected_retval=expected_retval)
-
- def acl_interface_set_acl_list(self, sw_if_index, n_input, acls,
- expected_retval=0):
- return self.api(self.papi.acl_interface_set_acl_list,
- {'sw_if_index': sw_if_index,
- 'count': len(acls),
- 'n_input': n_input,
- 'acls': acls},
- expected_retval=expected_retval)
-
- def acl_interface_set_etype_whitelist(self, sw_if_index,
- n_input, whitelist,
- expected_retval=0):
- return self.api(self.papi.acl_interface_set_etype_whitelist,
- {'sw_if_index': sw_if_index,
- 'count': len(whitelist),
- 'n_input': n_input,
- 'whitelist': whitelist},
- expected_retval=expected_retval)
-
- def acl_interface_add_del(self,
- sw_if_index,
- acl_index,
- is_add=1):
- """ Add/Delete ACL to/from interface
-
- :param sw_if_index:
- :param acl_index:
- :param is_add: (Default value = 1)
- """
-
- return self.api(self.papi.acl_interface_add_del,
- {'is_add': is_add,
- 'is_input': 1,
- 'sw_if_index': sw_if_index,
- 'acl_index': acl_index})
-
- def acl_dump(self, acl_index, expected_retval=0):
- return self.api(self.papi.acl_dump,
- {'acl_index': acl_index},
- expected_retval=expected_retval)
-
- def acl_interface_list_dump(self, sw_if_index=0xFFFFFFFF,
- expected_retval=0):
- return self.api(self.papi.acl_interface_list_dump,
- {'sw_if_index': sw_if_index},
- expected_retval=expected_retval)
-
- def macip_acl_add(self, rules, tag=""):
- """ Add MACIP acl
-
- :param rules: list of rules for given acl
- :param tag: acl tag
- """
-
- return self.api(self.papi.macip_acl_add,
- {'r': rules,
- 'count': len(rules),
- 'tag': tag})
-
- def macip_acl_add_replace(self, rules, acl_index=0xFFFFFFFF, tag=""):
- """ Add MACIP acl
-
- :param rules: list of rules for given acl
- :param tag: acl tag
- """
-
- return self.api(self.papi.macip_acl_add_replace,
- {'acl_index': acl_index,
- 'r': rules,
- 'count': len(rules),
- 'tag': tag})
-
- def macip_acl_interface_add_del(self,
- sw_if_index,
- acl_index,
- is_add=1):
- """ Add MACIP acl to interface
-
- :param sw_if_index:
- :param acl_index:
- :param is_add: (Default value = 1)
- """
-
- return self.api(self.papi.macip_acl_interface_add_del,
- {'is_add': is_add,
- 'sw_if_index': sw_if_index,
- 'acl_index': acl_index})
-
- def macip_acl_dump(self, acl_index=4294967295):
- """ Return MACIP acl dump
- """
-
- return self.api(
- self.papi.macip_acl_dump, {'acl_index': acl_index})
-
def ip_punt_police(self,
policer_index,
is_ip6=0,