summaryrefslogtreecommitdiffstats
path: root/src/vnet/classify/input_acl.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/vnet/classify/input_acl.c')
-rw-r--r--src/vnet/classify/input_acl.c154
1 files changed, 85 insertions, 69 deletions
diff --git a/src/vnet/classify/input_acl.c b/src/vnet/classify/input_acl.c
index c446f2d687c..cf5053ef3ac 100644
--- a/src/vnet/classify/input_acl.c
+++ b/src/vnet/classify/input_acl.c
@@ -20,19 +20,18 @@ input_acl_main_t input_acl_main;
static int
vnet_inacl_ip_feature_enable (vlib_main_t * vnm,
- input_acl_main_t *am,
- u32 sw_if_index,
- input_acl_table_id_t tid,
- int feature_enable)
+ input_acl_main_t * am,
+ u32 sw_if_index,
+ input_acl_table_id_t tid, int feature_enable)
{
if (tid == INPUT_ACL_TABLE_L2)
{
l2input_intf_bitmap_enable (sw_if_index, L2INPUT_FEAT_ACL,
- feature_enable);
+ feature_enable);
}
else
- { /* IP[46] */
+ { /* IP[46] */
vnet_feature_config_main_t *fcm;
u8 arc;
@@ -56,15 +55,16 @@ vnet_inacl_ip_feature_enable (vlib_main_t * vnm,
return 0;
}
-int vnet_set_input_acl_intfc (vlib_main_t * vm, u32 sw_if_index,
- u32 ip4_table_index,
- u32 ip6_table_index,
- u32 l2_table_index, u32 is_add)
+int
+vnet_set_input_acl_intfc (vlib_main_t * vm, u32 sw_if_index,
+ u32 ip4_table_index,
+ u32 ip6_table_index, u32 l2_table_index, u32 is_add)
{
- input_acl_main_t * am = &input_acl_main;
- vnet_classify_main_t * vcm = am->vnet_classify_main;
- u32 acl[INPUT_ACL_N_TABLES] = {ip4_table_index, ip6_table_index,
- l2_table_index};
+ input_acl_main_t *am = &input_acl_main;
+ vnet_classify_main_t *vcm = am->vnet_classify_main;
+ u32 acl[INPUT_ACL_N_TABLES] = { ip4_table_index, ip6_table_index,
+ l2_table_index
+ };
u32 ti;
/* Assume that we've validated sw_if_index in the API layer */
@@ -72,34 +72,36 @@ int vnet_set_input_acl_intfc (vlib_main_t * vm, u32 sw_if_index,
for (ti = 0; ti < INPUT_ACL_N_TABLES; ti++)
{
if (acl[ti] == ~0)
- continue;
+ continue;
if (pool_is_free_index (vcm->tables, acl[ti]))
- return VNET_API_ERROR_NO_SUCH_TABLE;
+ return VNET_API_ERROR_NO_SUCH_TABLE;
vec_validate_init_empty
- (am->classify_table_index_by_sw_if_index[ti], sw_if_index, ~0);
+ (am->classify_table_index_by_sw_if_index[ti], sw_if_index, ~0);
/* Reject any DEL operation with wrong sw_if_index */
if (!is_add &&
- (acl[ti] != am->classify_table_index_by_sw_if_index[ti][sw_if_index]))
- {
- clib_warning ("Non-existent intf_idx=%d with table_index=%d for delete",
- sw_if_index, acl[ti]);
- return VNET_API_ERROR_NO_SUCH_TABLE;
- }
+ (acl[ti] !=
+ am->classify_table_index_by_sw_if_index[ti][sw_if_index]))
+ {
+ clib_warning
+ ("Non-existent intf_idx=%d with table_index=%d for delete",
+ sw_if_index, acl[ti]);
+ return VNET_API_ERROR_NO_SUCH_TABLE;
+ }
/* Return ok on ADD operaton if feature is already enabled */
if (is_add &&
- am->classify_table_index_by_sw_if_index[ti][sw_if_index] != ~0)
- return 0;
+ am->classify_table_index_by_sw_if_index[ti][sw_if_index] != ~0)
+ return 0;
vnet_inacl_ip_feature_enable (vm, am, sw_if_index, ti, is_add);
if (is_add)
- am->classify_table_index_by_sw_if_index[ti][sw_if_index] = acl[ti];
+ am->classify_table_index_by_sw_if_index[ti][sw_if_index] = acl[ti];
else
- am->classify_table_index_by_sw_if_index[ti][sw_if_index] = ~0;
+ am->classify_table_index_by_sw_if_index[ti][sw_if_index] = ~0;
}
return 0;
@@ -107,10 +109,9 @@ int vnet_set_input_acl_intfc (vlib_main_t * vm, u32 sw_if_index,
static clib_error_t *
set_input_acl_command_fn (vlib_main_t * vm,
- unformat_input_t * input,
- vlib_cli_command_t * cmd)
+ unformat_input_t * input, vlib_cli_command_t * cmd)
{
- vnet_main_t * vnm = vnet_get_main();
+ vnet_main_t *vnm = vnet_get_main ();
u32 sw_if_index = ~0;
u32 ip4_table_index = ~0;
u32 ip6_table_index = ~0;
@@ -122,18 +123,18 @@ set_input_acl_command_fn (vlib_main_t * vm,
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "intfc %U", unformat_vnet_sw_interface,
- vnm, &sw_if_index))
- ;
+ vnm, &sw_if_index))
+ ;
else if (unformat (input, "ip4-table %d", &ip4_table_index))
- idx_cnt++;
+ idx_cnt++;
else if (unformat (input, "ip6-table %d", &ip6_table_index))
- idx_cnt++;
+ idx_cnt++;
else if (unformat (input, "l2-table %d", &l2_table_index))
- idx_cnt++;
+ idx_cnt++;
else if (unformat (input, "del"))
- is_add = 0;
+ is_add = 0;
else
- break;
+ break;
}
if (sw_if_index == ~0)
@@ -146,7 +147,7 @@ set_input_acl_command_fn (vlib_main_t * vm,
return clib_error_return (0, "Only one table index per API is allowed.");
rv = vnet_set_input_acl_intfc (vm, sw_if_index, ip4_table_index,
- ip6_table_index, l2_table_index, is_add);
+ ip6_table_index, l2_table_index, is_add);
switch (rv)
{
@@ -172,6 +173,7 @@ set_input_acl_command_fn (vlib_main_t * vm,
* Note: Only one table index per API call is allowed.
*
*/
+/* *INDENT-OFF* */
VLIB_CLI_COMMAND (set_input_acl_command, static) = {
.path = "set interface input acl",
.short_help =
@@ -179,17 +181,19 @@ VLIB_CLI_COMMAND (set_input_acl_command, static) = {
" [ip6-table <index>] [l2-table <index>] [del]",
.function = set_input_acl_command_fn,
};
+/* *INDENT-ON* */
-clib_error_t *input_acl_init (vlib_main_t *vm)
+clib_error_t *
+input_acl_init (vlib_main_t * vm)
{
- input_acl_main_t * am = &input_acl_main;
- clib_error_t * error = 0;
+ input_acl_main_t *am = &input_acl_main;
+ clib_error_t *error = 0;
if ((error = vlib_call_init_function (vm, ip_inacl_init)))
return error;
am->vlib_main = vm;
- am->vnet_main = vnet_get_main();
+ am->vnet_main = vnet_get_main ();
am->vnet_classify_main = &vnet_classify_main;
return 0;
@@ -197,61 +201,63 @@ clib_error_t *input_acl_init (vlib_main_t *vm)
VLIB_INIT_FUNCTION (input_acl_init);
-uword unformat_acl_type (unformat_input_t * input, va_list * args)
+uword
+unformat_acl_type (unformat_input_t * input, va_list * args)
{
- u32 * acl_type = va_arg (*args, u32 *);
+ u32 *acl_type = va_arg (*args, u32 *);
u32 tid = INPUT_ACL_N_TABLES;
- while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
- if (unformat (input, "ip4"))
- tid = INPUT_ACL_TABLE_IP4;
- else if (unformat (input, "ip6"))
- tid = INPUT_ACL_TABLE_IP6;
- else if (unformat (input, "l2"))
- tid = INPUT_ACL_TABLE_L2;
- else
- break;
- }
+ while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (input, "ip4"))
+ tid = INPUT_ACL_TABLE_IP4;
+ else if (unformat (input, "ip6"))
+ tid = INPUT_ACL_TABLE_IP6;
+ else if (unformat (input, "l2"))
+ tid = INPUT_ACL_TABLE_L2;
+ else
+ break;
+ }
*acl_type = tid;
return 1;
}
-u8 * format_vnet_inacl_info (u8 * s, va_list * va)
+u8 *
+format_vnet_inacl_info (u8 * s, va_list * va)
{
- input_acl_main_t * am = va_arg (*va, input_acl_main_t *);
+ input_acl_main_t *am = va_arg (*va, input_acl_main_t *);
int sw_if_idx = va_arg (*va, int);
u32 tid = va_arg (*va, u32);
if (tid == ~0)
{
s = format (s, "%10s%20s\t\t%s", "Intfc idx", "Classify table",
- "Interface name");
+ "Interface name");
return s;
}
s = format (s, "%10d%20d\t\t%U", sw_if_idx, tid,
- format_vnet_sw_if_index_name, am->vnet_main, sw_if_idx);
+ format_vnet_sw_if_index_name, am->vnet_main, sw_if_idx);
return s;
}
static clib_error_t *
show_inacl_command_fn (vlib_main_t * vm,
- unformat_input_t * input,
- vlib_cli_command_t * cmd)
+ unformat_input_t * input, vlib_cli_command_t * cmd)
{
- input_acl_main_t * am = &input_acl_main;
+ input_acl_main_t *am = &input_acl_main;
u32 type = INPUT_ACL_N_TABLES;
int i;
- u32 * vec_tbl;
+ u32 *vec_tbl;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "type %U", unformat_acl_type, &type))
- ;
+ ;
else
- break;
+ break;
}
if (type == INPUT_ACL_N_TABLES)
@@ -259,25 +265,35 @@ show_inacl_command_fn (vlib_main_t * vm,
vec_tbl = am->classify_table_index_by_sw_if_index[type];
- if (vec_len(vec_tbl))
- vlib_cli_output (vm, "%U", format_vnet_inacl_info, am, ~0 /* hdr */, ~0);
+ if (vec_len (vec_tbl))
+ vlib_cli_output (vm, "%U", format_vnet_inacl_info, am, ~0 /* hdr */ , ~0);
else
vlib_cli_output (vm, "No input ACL tables configured");
for (i = 0; i < vec_len (vec_tbl); i++)
{
- if (vec_elt(vec_tbl, i) == ~0)
- continue;
+ if (vec_elt (vec_tbl, i) == ~0)
+ continue;
vlib_cli_output (vm, "%U", format_vnet_inacl_info,
- am, i, vec_elt(vec_tbl, i));
+ am, i, vec_elt (vec_tbl, i));
}
return 0;
}
+/* *INDENT-OFF* */
VLIB_CLI_COMMAND (show_inacl_command, static) = {
.path = "show inacl",
.short_help = "show inacl type [ip4|ip6|l2]",
.function = show_inacl_command_fn,
};
+/* *INDENT-ON* */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */