diff options
Diffstat (limited to 'src/plugins/acl')
-rw-r--r-- | src/plugins/acl/acl.api | 27 | ||||
-rw-r--r-- | src/plugins/acl/acl.c | 64 |
2 files changed, 90 insertions, 1 deletions
diff --git a/src/plugins/acl/acl.api b/src/plugins/acl/acl.api index d34f374e8f8..48d6aece3a9 100644 --- a/src/plugins/acl/acl.api +++ b/src/plugins/acl/acl.api @@ -416,3 +416,30 @@ define macip_acl_interface_get_reply u32 acls[count]; }; +/** \brief Dump the list(s) of MACIP ACLs applied to specific or all interfaces + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request + @param sw_if_index - interface to dump the ACL list for +*/ + +define macip_acl_interface_list_dump +{ + u32 client_index; + u32 context; + u32 sw_if_index; /* ~0 for all interfaces */ +}; + +/** \brief Details about a single MACIP ACL contents + @param context - returned sender context, to match reply w/ request + @param sw_if_index - interface for which the list of ACLs is applied + @param count - total length of acl indices vector + @param acls - the vector of ACL indices +*/ + +define macip_acl_interface_list_details +{ + u32 context; + u32 sw_if_index; + u8 count; + u32 acls[count]; +}; diff --git a/src/plugins/acl/acl.c b/src/plugins/acl/acl.c index bc38265a6c5..3c1e819ede8 100644 --- a/src/plugins/acl/acl.c +++ b/src/plugins/acl/acl.c @@ -74,7 +74,9 @@ _(MACIP_ACL_ADD, macip_acl_add) \ _(MACIP_ACL_DEL, macip_acl_del) \ _(MACIP_ACL_INTERFACE_ADD_DEL, macip_acl_interface_add_del) \ _(MACIP_ACL_DUMP, macip_acl_dump) \ -_(MACIP_ACL_INTERFACE_GET, macip_acl_interface_get) +_(MACIP_ACL_INTERFACE_GET, macip_acl_interface_get) \ +_(MACIP_ACL_INTERFACE_LIST_DUMP, macip_acl_interface_list_dump) + /* *INDENT-OFF* */ VLIB_PLUGIN_REGISTER () = { @@ -1738,6 +1740,66 @@ vl_api_macip_acl_interface_get_t_handler (vl_api_macip_acl_interface_get_t * vl_msg_api_send_shmem (q, (u8 *) & rmp); } +static void +send_macip_acl_interface_list_details (acl_main_t * am, + unix_shared_memory_queue_t * q, + u32 sw_if_index, + u32 acl_index, + u32 context) +{ + vl_api_macip_acl_interface_list_details_t *rmp; + /* at this time there is only ever 1 mac ip acl per interface */ + int msg_size = sizeof (*rmp) + sizeof (rmp->acls[0]); + + rmp = vl_msg_api_alloc (msg_size); + memset (rmp, 0, msg_size); + rmp->_vl_msg_id = ntohs (VL_API_MACIP_ACL_INTERFACE_LIST_DETAILS + am->msg_id_base); + + /* fill in the message */ + rmp->context = context; + rmp->count = 1; + rmp->sw_if_index = htonl (sw_if_index); + rmp->acls[0] = htonl (acl_index); + + vl_msg_api_send_shmem (q, (u8 *) & rmp); +} + +static void +vl_api_macip_acl_interface_list_dump_t_handler (vl_api_macip_acl_interface_list_dump_t *mp) +{ + unix_shared_memory_queue_t *q; + acl_main_t *am = &acl_main; + u32 sw_if_index = ntohl (mp->sw_if_index); + + q = vl_api_client_index_to_input_queue (mp->client_index); + if (q == 0) + { + return; + } + + if (sw_if_index == ~0) + { + vec_foreach_index(sw_if_index, am->macip_acl_by_sw_if_index) + { + if (~0 != am->macip_acl_by_sw_if_index[sw_if_index]) + { + send_macip_acl_interface_list_details(am, q, sw_if_index, + am->macip_acl_by_sw_if_index[sw_if_index], + mp->context); + } + } + } + else + { + if (vec_len(am->macip_acl_by_sw_if_index) > sw_if_index) + { + send_macip_acl_interface_list_details(am, q, sw_if_index, + am->macip_acl_by_sw_if_index[sw_if_index], + mp->context); + } + } +} + /* Set up the API message handling tables */ static clib_error_t * acl_plugin_api_hookup (vlib_main_t * vm) |