summaryrefslogtreecommitdiffstats
path: root/src/vnet/classify/classify_api.c
AgeCommit message (Collapse)AuthorFilesLines
2021-10-06ip: add classifier-based ACLs support on ip puntBenoît Ganne1-0/+16
This feature allows one to add classifier-based ACLs on packets punted from the ip infra, eg. to only whitelist specific sender(s). Type: feature Change-Id: Idab37b188583efbca980038875fc3e540cb2e880 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-09-29classify: fix message IDs on API repliesMatthew Smith1-33/+42
Type: fix When the API cleanup of classify messages was done, the code was not updated to add the message enums to REPLY_MSG_ID_BASE. So the wrong message IDs are being sent back in replies to classify API requests. Add REPLY_MSG_ID_BASE when populated vl_msg_id on a reply. Change-Id: Ic7c828f14d42a346fc58fc9ff062b954f494cdbd Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-09-28misc: vpe.api messages dynamically allocatedOle Troan1-0/+9
This is the last in the series of moving API messages from vpp/api/vpe.api to vlibmemory/memclnt.api. This patch makes the remaining vpe.api messages dynamic, to help VAT2 binary-api command. Moves the VAT test code to a separate file and removes the now unnused API meta files. Type: improvement Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I01dd78eaff1d3715dff17d2643bf0f7f0089935b Signed-off-by: Ole Troan <ot@cisco.com>
2021-06-21classify: api cleanupFilip Tehlar1-68/+6
Use autogenerated code. Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: Id7d4d23e4fe707f7049828fec44df7ff0419d23c
2021-02-15misc: coverity fixesDave Barach1-5/+3
Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I6a3348c7edd1cce6b407d336443103f77392bc5d
2020-12-15classify: add pcap/trace classfier mgmt API callsJon Loeliger1-5/+292
Add lookup/get/set API calls to manage both PCAP and Trace filtering Classifier tables. The "lookup" call may be used to identify a Classifier table within a chain of tables taht matches a particular mask vector. For efficiency, this call should be used to determine to which table a match vector should be added. The "get" calls return the first table within a chain (either a PCAP or the Trace) set of tables. The "set" call may be used to add a new table to one such chain. If the "sort_masks" flag is set, the tables within the chain are ordered such that the most-specific mask is first, and the least-specific mask is last. A call that "sets" a chain to ~0 will delete and free all the tables with a chain. The PCAP filters are per-interface, with "local0", (that is, sw_if_index == 0) holding the system-wide PCAP filter. The Classifier used a reference-counted "set" for each PCAP or trace filter that it stored. The ref counts were not used, and the vector of tables was only used temporarily to establish a sorted order for tables based on masks. None of that complexity was actually warranted, and where it was used, the same could be achieved more simply. Type: refactor Signed-off-by: Jon Loeliger <jdl@netgate.com> Change-Id: Icc56116cca91b91c631ca0628e814fb53f3677d2
2020-12-14misc: move to new pool_foreach macrosDamjan Marion1-9/+9
Type: refactor Change-Id: Ie67dc579e88132ddb1ee4a34cb69f96920101772 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-28misc: Break the big IP header files to improve compile timeNeale Ranns1-0/+2
Type: refactor Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Change-Id: Id1801519638a9b97175847d7ed58824fb83433d6
2019-12-10api: multiple connections per processDave Barach1-1/+1
Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I2272521d6e69edcd385ef684af6dd4eea5eaa953
2019-12-05classify: Fix 2 coverity errorsJon Loeliger1-0/+8
Validate two tainted scalars, filter_sw_if_index, that came from an API message. Type: fix Change-Id: I3ac8a09f91f380185e36babeaa6330691f7cb24b Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-12-03classify: API cleanupJakub Grajciar1-7/+20
Use consistent API types. Type: fix Change-Id: Ib5b1efa76f0a9cecc0bc146f8f8a47c2442fc1db Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-04-08fixing typosJim Thompson1-1/+1
Change-Id: I215e1e0208a073db80ec6f87695d734cf40fabe3 Signed-off-by: Jim Thompson <jim@netgate.com>
2018-10-23c11 safe string handling supportDave Barach1-3/+3
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab Signed-off-by: Dave Barach <dave@barachs.net>
2018-08-09Fix "Old Style VLA" build warningsJuraj Sloboda1-2/+26
Change-Id: I8d42f6ed58ec34298d41edcb3d783e7e9ded3eec Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-02-07classifier-based ACL: refactor + add output ACLAndrew Yourtchenko1-9/+35
For implementation of MACIP ACLs enhancement (VPP-1088), an outbound classifier-based ACL would be needed. There was an existing incomplete code for outbound ACLs, it looked almost exact copy of input ACLs, minus the various enhancements, trying to sync that code seemed error-prone and cumbersome to maintain in the longer run. This change refactors the input+output ACLs processing into a unified routine (thus any changes will have effect on both), and also adds the API to set the output interface ACL, with the same format and semantics as the existing input one (except working on output ACL of course). WARNING: IP outbound ACL in L3 mode clobbers the ip.* fields in the vnet_buffer_opaque_t, since the code is using l2_classify.* The net_buffer (p0)->ip.save_rewrite_length is rescued into l2_classify.pad.l2_len, and used to rewind the header in case of drop, so that ipX_drop prints something sensible. Change-Id: I62f814f1e3650e504474a3a5359edb8a0a8836ed Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-01-11api: remove transport specific code from handlersFlorin Coras1-26/+28
This does not update api client code. In other words, if the client assumes the transport is shmem based, this patch does not change that. Furthermore, code that checks queue size, for tail dropping, is not updated. Done for the following apis: Plugins - acl - gtpu - memif - nat - pppoe VNET - bfd - bier - tapv2 - vhost user - dhcp - flow - geneve - ip - punt - ipsec/ipsec-gre - l2 - l2tp - lisp-cp/one-cp - lisp-gpe - map - mpls - policer - session - span - udp - tap - vxlan/vxlan-gpe - interface VPP - api/api.c OAM - oam_api.c Stats - stats.c Change-Id: I0e33ecefb2bdab0295698c0add948068a5a83345 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-09api: refactor vlibmemoryFlorin Coras1-10/+8
- separate client/server code for both memory and socket apis - separate memory api code from generic vlib api code - move unix_shared_memory_fifo to svm and rename to svm_fifo_t - overall declutter Change-Id: I90cdd98ff74d0787d58825b914b0f1eafcfa4dc2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-10Break up vpe.apiNeale Ranns1-1/+92
- makes the VAPI generated file more consumable. - VOM build times improve. Change-Id: I838488930bd23a0d3818adfdffdbca3eead382df Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-03-02Clean up binary api message handler registration issuesDave Barach1-8/+0
Removed a fair number of "BUG" message handlers, due to conflicts with actual message handlers in api_format.c. Vpp itself had no business receiving certain messages, up to the point where we started building in relevant code from vpp_api_test. Eliminated all but one duplicate registration complaint. That one needs attention from the vxlan team since the duplicated handlers have diverged. Change-Id: Iafce5429d2f906270643b4ea5f0130e20beb4d1d Signed-off-by: Dave Barach <dave@barachs.net>
2017-01-25API refactoring : classifyPavel Kotucek1-0/+555
Change-Id: Ib75197ef8e5057e7f0d9361a10705c3743d05333 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>