aboutsummaryrefslogtreecommitdiffstats
path: root/test/test_acl_plugin.py
AgeCommit message (Expand)AuthorFilesLines
2022-05-10tests: replace pycodestyle with blackKlement Sekera1-407/+592
2021-05-13tests: move test source to vpp/testDave Wallace1-0/+1438
2019-08-22tests: move plugin tests to src/plugins/*/testDave Wallace1-1519/+0
2019-07-24acl: implement countersAndrew Yourtchenko1-5/+35
2019-04-11Tests: Refactor tearDown show command logging, add lifecycle markers.Paul Vinciguerra1-15/+16
2019-04-10Tests Cleanup: Fix missing calls to setUpClass/tearDownClass.Paul Vinciguerra1-0/+4
2019-03-11vpp_papi_provider: Remove more wrapper functions.Ole Troan1-2/+2
2019-03-07Tests: Refactor payload_to_info()Paul Vinciguerra1-2/+2
2019-03-07VPP-1508: test_acl_plugin vapi changes for Python3.Paul Vinciguerra1-43/+43
2018-10-20acl-plugin: use the L2 feature arc infrastructure instead of L2 classifier fo...Andrew Yourtchenko1-0/+8
2018-10-14acl-plugin: make each test in test_acl_plugin runnable separatelyAndrew Yourtchenko1-36/+75
2018-06-25make test: fix broken interfaces #2Klement Sekera1-1/+1
2018-04-10test: Fix issues with new version of pycodestyle (VPP-1232)Chris Luke1-1/+2
2018-03-23acl-plugin: make test: add a test which deletes an interface with applied ACLAndrew Yourtchenko1-0/+39
2018-02-08acl-plugin: add whitelisted ethertype mode (VPP-1163)Andrew Yourtchenko1-7/+93
2017-11-11ACLs: Use better error return codes than "-1" everywhere.Jon Loeliger1-5/+5
2017-11-10make test: automatically seed random generatorKlement Sekera1-2/+0
2017-10-25VPP-1033: Python API support arbitrary sized input parameters.Ole Troan1-2/+2
2017-09-27acl-plugin: take 2 at VPP-991 fix, this time with a test case which verifies it.Andrew Yourtchenko1-1/+30
2017-09-26acl-plugin: test: move the API calls to vpp_papi_provider.pyAndrew Yourtchenko1-49/+15
2017-09-07acl-plugin: match index set to first portrange element if non-first portrange...Andrew Yourtchenko1-0/+191
2017-06-19acl-plugin: bihash-based ACL lookupAndrew Yourtchenko1-0/+3
2017-04-18ACL-plugin does not match UDP next-header, VPP-687Pavel Kotucek1-7/+79
2017-04-06acl-plugin: make the IPv4/IPv6 non-first fragment handling in line with ACL (...Andrew Yourtchenko1-6/+43
2017-03-13ACL plugin rejects ICMP messages (VPP-624)Pavel Kotucek1-0/+1015
rg.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp._interface.acl.rev170315.VppInterfaceAclAugmentation; import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; /** * Writer customizer responsible for Access Control Lists management. Does not send any messages to VPP. All the config * data are stored in HC and used when acl is assigned/unassigned to/from an interface. * * ACLs that are currently assigned to an interface cannot be updated/deleted. */ public class IetfAclWriter implements ListWriterCustomizer<Acl, AclKey> { public static final InstanceIdentifier<AccessLists> ACL_ID = InstanceIdentifier.create(AccessLists.class); private static final Logger LOG = LoggerFactory.getLogger(IetfAclWriter.class); @Override public void writeCurrentAttributes(@Nonnull final InstanceIdentifier<Acl> id, @Nonnull final Acl dataAfter, @Nonnull final WriteContext writeContext) throws WriteFailedException { LOG.debug("Creating ACL: iid={} dataAfter={}", id, dataAfter); // no vpp call, just updates DataTree } @Override public void updateCurrentAttributes(@Nonnull final InstanceIdentifier<Acl> id, @Nonnull final Acl dataBefore, @Nonnull final Acl dataAfter, @Nonnull final WriteContext writeContext) throws WriteFailedException { LOG.debug("Updating ACL: iid={} dataBefore={} dataAfter={}", id, dataBefore, dataAfter); if (isAssigned(dataAfter, writeContext)) { throw new WriteFailedException(id, String.format("Failed to update data at %s: acl %s is already assigned", id, dataAfter)); } LOG.debug("Updating unassigned ACL: iid={} dataBefore={} dataAfter={}", id, dataBefore, dataAfter); // no vpp call, just updates DataTree } @Override public void deleteCurrentAttributes(@Nonnull final InstanceIdentifier<Acl> id, @Nonnull final Acl dataBefore, @Nonnull final WriteContext writeContext) throws WriteFailedException { LOG.debug("Deleting ACL: iid={} dataBefore={}", id, dataBefore); if (isAssigned(dataBefore, writeContext)) { throw new WriteFailedException(id, String.format("Failed to delete data at %s: acl %s is already assigned", id, dataBefore)); } LOG.debug("Deleting unassigned ACL: iid={} dataBefore={}", id, dataBefore); // no vpp call, just updates DataTree } private static boolean isAssigned(@Nonnull final Acl acl, @Nonnull final WriteContext writeContext) { final String aclName = acl.getAclName(); final Class<? extends AclBase> aclType = acl.getAclType(); final Interfaces interfaces = writeContext.readAfter(InstanceIdentifier.create(Interfaces.class)).get(); return interfaces.getInterface().stream() .map(i -> Optional.ofNullable(i.getAugmentation(VppInterfaceAclAugmentation.class)) .map(aug -> aug.getIetfAcl()) .map(ietfAcl -> ietfAcl.getIngress()) .map(ingress -> ingress.getAccessLists()) .map(accessLists -> accessLists.getAcl())) .flatMap(iacl -> iacl.isPresent() ? iacl.get().stream() : Stream.empty()) .filter(assignedAcl -> aclName.equals(assignedAcl.getName()) && aclType.equals(assignedAcl.getType())) .findFirst().isPresent(); } }