aclplugin

package
v1.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 28, 2017 License: Apache-2.0 Imports: 9 Imported by: 0

README

DISCLAIMER: work in progress, this plugin needs a lot of cleanup

Support for VPP ACL on Network Interfaces. This plugin uses ETCD configuration (see sub folder model/acl) and translates it to the VPP ACL Binary API Calls.

Documentation

Overview

Package aclplugin is the implementation of the ACL Plugin.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ACLConfigurator

type ACLConfigurator struct {
	GoVppmux       *govppmux.GOVPPPlugin
	ACLL3L4Indexes idxvpp.NameToIdxRW
	ACLL2Indexes   idxvpp.NameToIdxRW // mapping for L2 ACLs
	SwIfIndexes    ifaceidx.SwIfIndex
	// contains filtered or unexported fields
}

ACLConfigurator runs in the background in its own goroutine where it watches for any changes in the configuration of ACLs as modelled by the proto file "../model/acl/acl.proto" and stored in ETCD under the key "/vnf-agent/{agent-label}/vpp/config/v1/acl/". Updates received from the northbound API are compared with the VPP run-time configuration and differences are applied through the VPP binary API.

func (*ACLConfigurator) Close

func (plugin *ACLConfigurator) Close()

Close GOVPP channel

func (*ACLConfigurator) ConfigureACL

func (plugin *ACLConfigurator) ConfigureACL(acl *acl.AccessLists_Acl) error

ConfigureACL creates access list with provided rules and sets this list to every relevant interface

func (*ACLConfigurator) DeleteACL

func (plugin *ACLConfigurator) DeleteACL(acl *acl.AccessLists_Acl) error

DeleteACL removes existing ACL. To detach ACL from interfaces, list of interfaces has to be provided

func (*ACLConfigurator) Init

func (plugin *ACLConfigurator) Init() (err error)

Init goroutines, channels and mappings

func (*ACLConfigurator) ModifyACL

func (plugin *ACLConfigurator) ModifyACL(oldACL *acl.AccessLists_Acl, newACL *acl.AccessLists_Acl) error

ModifyACL modifies previously created access list. L2 access list is removed and recreated, L3/L4 access list is modified directly. List of interfaces is refreshed as well

func (*ACLConfigurator) Resync

func (plugin *ACLConfigurator) Resync(acls []*acl.AccessLists_Acl) error

Resync writes ACLs to the empty VPP

Directories

Path Synopsis
bin_api
acl
Package acl represents the VPP binary API of the 'acl' VPP module.
Package acl represents the VPP binary API of the 'acl' VPP module.
model
acl
Package acl is a generated protocol buffer package.
Package acl is a generated protocol buffer package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL