vppcalls

package
v1.8.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 4, 2019 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Package vppcalls contains wrappers over VPP ACL binary APIs and helpers to dump ACLs configured in VPP - per interface and total.

Index

Constants

View Source
const (
	ICMPv4Proto = 1
	TCPProto    = 6
	UDPProto    = 17
	ICMPv6Proto = 58
)

Protocol types that can occur in ACLs

Variables

This section is empty.

Functions

func GetACLPluginVersion added in v1.8.1

func GetACLPluginVersion(ch govppapi.Channel) (string, error)

GetACLPluginVersion retrieves ACL plugin version.

Types

type ACLDetails added in v1.8.1

type ACLDetails struct {
	ACL  *acl.AccessLists_Acl `json:"acl"`
	Meta *ACLMeta             `json:"acl_meta"`
}

ACLDetails is combination of proto-modelled ACL data and VPP provided metadata

type ACLInterfaceLogicalReq

type ACLInterfaceLogicalReq struct {
	// contains filtered or unexported fields
}

ACLInterfaceLogicalReq groups multiple fields to not enumerate all of them in one function call

type ACLMeta added in v1.8.1

type ACLMeta struct {
	Index uint32 `json:"acl_index"`
	Tag   string `json:"acl_tag"`
}

ACLMeta holds VPP-specific metadata

type ACLToInterface added in v1.8.1

type ACLToInterface struct {
	SwIfIdx    uint32
	IngressACL []uint32
	EgressACL  []uint32
}

ACLToInterface is definition of interface and all ACLs which are bound to the interface either as ingress or egress

type ACLVppAPI added in v1.8.1

type ACLVppAPI interface {
	ACLVppWrite
	ACLVppRead
}

ACLVppAPI provides read/write methods required to handle VPP access lists

type ACLVppHandler added in v1.8.1

type ACLVppHandler struct {
	// contains filtered or unexported fields
}

ACLVppHandler is accessor for acl-related vppcalls methods

func NewACLVppHandler added in v1.8.1

func NewACLVppHandler(callsChan, dumpChan govppapi.Channel) *ACLVppHandler

NewACLVppHandler creates new instance of acl vppcalls handler

func (*ACLVppHandler) AddIPACL added in v1.8.1

func (h *ACLVppHandler) AddIPACL(rules []*acl.AccessLists_Acl_Rule, aclName string) (uint32, error)

AddIPACL implements ACL handler.

func (*ACLVppHandler) AddMacIPACL added in v1.8.1

func (h *ACLVppHandler) AddMacIPACL(rules []*acl.AccessLists_Acl_Rule, aclName string) (uint32, error)

AddMacIPACL implements ACL handler.

func (*ACLVppHandler) DeleteIPACL added in v1.8.1

func (h *ACLVppHandler) DeleteIPACL(aclIndex uint32) error

DeleteIPACL implements ACL handler.

func (*ACLVppHandler) DeleteMacIPACL added in v1.8.1

func (h *ACLVppHandler) DeleteMacIPACL(aclIndex uint32) error

DeleteMacIPACL implements ACL handler.

func (*ACLVppHandler) DumpIPACL added in v1.8.1

func (h *ACLVppHandler) DumpIPACL(swIfIndices ifaceidx.SwIfIndex) ([]*ACLDetails, error)

DumpIPACL implements ACL handler.

func (*ACLVppHandler) DumpIPACLInterfaces added in v1.8.1

func (h *ACLVppHandler) DumpIPACLInterfaces(indices []uint32, swIfIndices ifaceidx.SwIfIndex) (map[uint32]*acl.AccessLists_Acl_Interfaces, error)

DumpIPACLInterfaces implements ACL handler.

func (*ACLVppHandler) DumpIPAcls added in v1.8.1

func (h *ACLVppHandler) DumpIPAcls() (map[ACLMeta][]acl_api.ACLRule, error)

DumpIPAcls implements ACL handler.

func (*ACLVppHandler) DumpInterfaceIPACLs added in v1.8.1

func (h *ACLVppHandler) DumpInterfaceIPACLs(swIndex uint32) (*acl_api.ACLInterfaceListDetails, error)

DumpInterfaceIPACLs implements ACL handler.

func (*ACLVppHandler) DumpInterfaceIPAcls added in v1.8.1

func (h *ACLVppHandler) DumpInterfaceIPAcls(swIndex uint32) (acl.AccessLists, error)

DumpInterfaceIPAcls implements ACL handler.

func (*ACLVppHandler) DumpInterfaceMACIPACLs added in v1.8.1

func (h *ACLVppHandler) DumpInterfaceMACIPACLs(swIndex uint32) (*acl_api.MacipACLInterfaceListDetails, error)

DumpInterfaceMACIPACLs implements ACL handler.

func (*ACLVppHandler) DumpInterfaceMACIPAcls added in v1.8.1

func (h *ACLVppHandler) DumpInterfaceMACIPAcls(swIndex uint32) (acl.AccessLists, error)

DumpInterfaceMACIPAcls implements ACL handler.

func (*ACLVppHandler) DumpInterfaces added in v1.8.1

DumpInterfaces implements ACL handler.

func (*ACLVppHandler) DumpMACIPACL added in v1.8.1

func (h *ACLVppHandler) DumpMACIPACL(swIfIndices ifaceidx.SwIfIndex) ([]*ACLDetails, error)

DumpMACIPACL implements ACL handler.

func (*ACLVppHandler) DumpMACIPACLInterfaces added in v1.8.1

func (h *ACLVppHandler) DumpMACIPACLInterfaces(indices []uint32, swIfIndices ifaceidx.SwIfIndex) (map[uint32]*acl.AccessLists_Acl_Interfaces, error)

DumpMACIPACLInterfaces implements ACL handler.

func (*ACLVppHandler) DumpMacIPAcls added in v1.8.1

func (h *ACLVppHandler) DumpMacIPAcls() (map[ACLMeta][]acl_api.MacipACLRule, error)

DumpMacIPAcls implements ACL handler.

func (*ACLVppHandler) ModifyIPACL added in v1.8.1

func (h *ACLVppHandler) ModifyIPACL(aclIndex uint32, rules []*acl.AccessLists_Acl_Rule, aclName string) error

ModifyIPACL implements ACL handler.

func (*ACLVppHandler) ModifyMACIPACL added in v1.8.1

func (h *ACLVppHandler) ModifyMACIPACL(aclIndex uint32, rules []*acl.AccessLists_Acl_Rule, aclName string) error

ModifyMACIPACL implements ACL handler.

func (*ACLVppHandler) RemoveIPEgressACLFromInterfaces added in v1.8.1

func (h *ACLVppHandler) RemoveIPEgressACLFromInterfaces(ACLIndex uint32, ifIndices []uint32) error

RemoveIPEgressACLFromInterfaces implements ACL handler.

func (*ACLVppHandler) RemoveIPIngressACLFromInterfaces added in v1.8.1

func (h *ACLVppHandler) RemoveIPIngressACLFromInterfaces(ACLIndex uint32, ifIndices []uint32) error

RemoveIPIngressACLFromInterfaces implements ACL handler.

func (*ACLVppHandler) RemoveMacIPIngressACLFromInterfaces added in v1.8.1

func (h *ACLVppHandler) RemoveMacIPIngressACLFromInterfaces(removedACLIndex uint32, ifIndices []uint32) error

RemoveMacIPIngressACLFromInterfaces implements ACL handler.

func (*ACLVppHandler) SetACLToInterfacesAsEgress added in v1.8.1

func (h *ACLVppHandler) SetACLToInterfacesAsEgress(ACLIndex uint32, ifIndices []uint32) error

SetACLToInterfacesAsEgress implements ACL handler.

func (*ACLVppHandler) SetACLToInterfacesAsIngress added in v1.8.1

func (h *ACLVppHandler) SetACLToInterfacesAsIngress(ACLIndex uint32, ifIndices []uint32) error

SetACLToInterfacesAsIngress implements ACL handler.

func (*ACLVppHandler) SetMacIPACLToInterface added in v1.8.1

func (h *ACLVppHandler) SetMacIPACLToInterface(aclIndex uint32, ifIndices []uint32) error

SetMacIPACLToInterface implements ACL handler.

type ACLVppRead added in v1.8.1

type ACLVppRead interface {
	// DumpIPACL returns all IP-type ACLs
	DumpIPACL(swIfIndices ifaceidx.SwIfIndex) ([]*ACLDetails, error)
	// DumpIPACL returns all MACIP-type ACLs
	DumpMACIPACL(swIfIndices ifaceidx.SwIfIndex) ([]*ACLDetails, error)
	// DumpACLInterfaces returns a map of IP ACL indices with interfaces
	DumpIPACLInterfaces(indices []uint32, swIfIndices ifaceidx.SwIfIndex) (map[uint32]*acl.AccessLists_Acl_Interfaces, error)
	// DumpMACIPACLInterfaces returns a map of MACIP ACL indices with interfaces
	DumpMACIPACLInterfaces(indices []uint32, swIfIndices ifaceidx.SwIfIndex) (map[uint32]*acl.AccessLists_Acl_Interfaces, error)
	// DumpIPAcls returns a list of all configured ACLs with IP-type ruleData.
	DumpIPAcls() (map[ACLMeta][]aclapi.ACLRule, error)
	// DumpMacIPAcls returns a list of all configured ACL with IPMAC-type ruleData.
	DumpMacIPAcls() (map[ACLMeta][]aclapi.MacipACLRule, error)
	// DumpInterfaceAcls finds interface in VPP and returns its ACL configuration
	DumpInterfaceIPAcls(swIndex uint32) (acl.AccessLists, error)
	// DumpInterfaceMACIPAcls finds interface in VPP and returns its MACIP ACL configuration
	DumpInterfaceMACIPAcls(swIndex uint32) (acl.AccessLists, error)
	// DumpInterfaceIPACLs finds interface in VPP and returns its IP ACL configuration.
	DumpInterfaceIPACLs(swIndex uint32) (*aclapi.ACLInterfaceListDetails, error)
	// DumpInterfaceMACIPACLs finds interface in VPP and returns its MACIP ACL configuration.
	DumpInterfaceMACIPACLs(swIndex uint32) (*aclapi.MacipACLInterfaceListDetails, error)
	// DumpInterfaces finds  all interfaces in VPP and returns their ACL configurations
	DumpInterfaces() ([]*aclapi.ACLInterfaceListDetails, []*aclapi.MacipACLInterfaceListDetails, error)
}

ACLVppRead provides read methods for ACL plugin

type ACLVppWrite added in v1.8.1

type ACLVppWrite interface {
	// AddIPACL create new L3/4 ACL. Input index == 0xffffffff, VPP provides index in reply.
	AddIPACL(rules []*acl.AccessLists_Acl_Rule, aclName string) (uint32, error)
	// AddMacIPACL creates new L2 MAC IP ACL. VPP provides index in reply.
	AddMacIPACL(rules []*acl.AccessLists_Acl_Rule, aclName string) (uint32, error)
	// ModifyIPACL uses index (provided by VPP) to identify ACL which is modified.
	ModifyIPACL(aclIndex uint32, rules []*acl.AccessLists_Acl_Rule, aclName string) error
	// ModifyMACIPACL uses index (provided by VPP) to identify ACL which is modified.
	ModifyMACIPACL(aclIndex uint32, rules []*acl.AccessLists_Acl_Rule, aclName string) error
	// DeleteIPACL removes L3/L4 ACL.
	DeleteIPACL(aclIndex uint32) error
	// DeleteMacIPACL removes L2 ACL.
	DeleteMacIPACL(aclIndex uint32) error
	// SetACLToInterfacesAsIngress sets ACL to all provided interfaces as ingress
	SetACLToInterfacesAsIngress(ACLIndex uint32, ifIndices []uint32) error
	// RemoveIPIngressACLFromInterfaces removes ACL from interfaces
	RemoveIPIngressACLFromInterfaces(ACLIndex uint32, ifIndices []uint32) error
	// SetACLToInterfacesAsEgress sets ACL to all provided interfaces as egress
	SetACLToInterfacesAsEgress(ACLIndex uint32, ifIndices []uint32) error
	// RemoveIPEgressACLFromInterfaces removes ACL from interfaces
	RemoveIPEgressACLFromInterfaces(ACLIndex uint32, ifIndices []uint32) error
	// SetMacIPACLToInterface adds L2 ACL to interface.
	SetMacIPACLToInterface(aclIndex uint32, ifIndices []uint32) error
	// RemoveMacIPIngressACLFromInterfaces removes L2 ACL from interfaces.
	RemoveMacIPIngressACLFromInterfaces(removedACLIndex uint32, ifIndices []uint32) error
}

ACLVppWrite provides write methods for ACL plugin

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL