def test_vlan_id_filter():
print 'Creating ACL table'
table_id = nas_acl.create_table('INGRESS', 100,
['OUTER_VLAN_ID', 'INNER_VLAN_ID'])
print 'Table ID: %d' % table_id
print 'Creating ACL entry'
entry_id_1 = nas_acl.create_entry(table_id, 1, {
'OUTER_VLAN_ID': {
'data': 0
},
'INNER_VLAN_ID': {
'data': 0
}
}, {'PACKET_ACTION': 'DROP'})
print 'Entry ID: %d' % entry_id_1
entry_id_2 = nas_acl.create_entry(table_id, 2, {
'OUTER_VLAN_ID': {
'data': 100
},
'INNER_VLAN_ID': {
'data': 200
}
}, {'PACKET_ACTION': 'DROP'})
print 'Entry ID: %d' % entry_id_2
nas_acl.print_entry(table_id)
print 'Deleting ACL entry'
nas_acl.delete_entry(table_id, entry_id_1)
nas_acl.delete_entry(table_id, entry_id_2)
print 'Deleting ACL table'
nas_acl.delete_table(table_id)
def __resync():
_db = __get_db_objs()
_entries = __get_acl_entries( __table_in.extract_id()) + \
__get_acl_entries( __table_out.extract_id())
_m = {}
for _i in _entries:
print(_i)
_o = cps_object.CPSObject(obj=_i)
_acl = _o.get_attr_data('base-acl/entry/id')
_table = _o.get_attr_data('base-acl/entry/table-id')
__mark_dirty(_o.get())
_m[(_table, _acl)] = _i
for _i in _db:
_entry = cps_object.CPSObject(obj=__acl_cfg_to_acl_entry(_i, True))
if _entry is None:
print(
'Error creating ACL entries. Consult the logs for more details.'
)
_table = _entry.get_attr_data('base-acl/table/id')
_entry = _entry.get_attr_data('base-acl/entry/id')
_i['operation'] = 'set'
cps.db_commit(_i, None, True)
if (_table, _entry) in _m:
del _m[(_table, _entry)]
for (table, entry) in _m.keys():
nas_acl.delete_entry(table, entry)
def test_update_entry_action():
print 'Creating ACL table'
table_id = nas_acl.create_table('INGRESS', 100, ['IN_INTF'])
print 'Table ID: %d' % table_id
print 'Creating ACL entry'
entry_id = nas_acl.create_entry(table_id, 1, {'IN_INTF': 'e101-001-0'},
{'PACKET_ACTION': 'DROP'})
print 'Entry ID: %d' % entry_id
print 'Trying to set user trap ID with drop action (expected fail)'
with pytest.raises(RuntimeError):
nas_acl.replace_entry_action_list(table_id, entry_id, {
'PACKET_ACTION': 'DROP',
'SET_USER_TRAP_ID': 2
})
nas_acl.print_entry(table_id, entry_id)
print 'Trying to set user trap ID with trap to CPU action'
try:
nas_acl.replace_entry_action_list(table_id, entry_id, {
'PACKET_ACTION': 'TRAP_TO_CPU',
'SET_USER_TRAP_ID': 2
})
except RuntimeError:
assert False
nas_acl.print_entry(table_id, entry_id)
print 'Restoring ACL entry actions'
try:
nas_acl.replace_entry_action_list(table_id, entry_id,
{'PACKET_ACTION': 'DROP'})
except RuntimeError:
assert False
nas_acl.print_entry(table_id, entry_id)
print 'Deleting ACL entry'
nas_acl.delete_entry(table_id, entry_id)
print 'Deleting ACL table'
nas_acl.delete_table(table_id)
def __delete_entry():
if _args['table_id'] == None or _args['entry_id'] == None:
print(
'Missing mandatory attributes to delete entry - required table-id and entry-id'
)
sys.exit(1)
nas_acl.delete_entry(int(_args['table_id']), int(_args['entry_id']))
print('Entry deleted')
def acl_ut_entry_delete(table_id, entry_id):
global total, passed
total.append(sys._getframe().f_code.co_name)
try:
nas_acl.delete_entry(table_id, entry_id)
print "Entry ", str(entry_id), " deleted sucessfully"
passed.append(sys._getframe().f_code.co_name)
except RuntimeError:
print "Failed to delete Entry"
def __delete_entry():
_entry = __find_entry()
if _entry == None:
print('Missing or couldn\'t find match.')
sys.exit(1)
_table_id = _entry.extract('table-id')
_id = _entry.extract('id')
nas_acl.delete_entry(_table_id, _id)
print('Entry deleted')
def acl_ut_entry_delete(table_id, entry_id):
global total, passed
total.append(sys._getframe().f_code.co_name)
try:
nas_acl.delete_entry(table_id, entry_id)
print "Entry ", str(entry_id), " deleted sucessfully"
passed.append(sys._getframe().f_code.co_name)
except RuntimeError:
print "Failed to delete Entry"
def test_bridge_type_filter():
print 'Createing Ingress ACL table'
ing_table_id = nas_acl.create_table('INGRESS', 101, ['BRIDGE_TYPE'])
print 'Table ID: %d' % ing_table_id
print 'Creating Ingress ACL entry'
entry_id_1 = nas_acl.create_entry(ing_table_id, 1,
{'BRIDGE_TYPE': 'BRIDGE_1Q'},
{'PACKET_ACTION': 'DROP'})
print 'Entry ID: %d' % entry_id_1
entry_id_2 = nas_acl.create_entry(ing_table_id, 2,
{'BRIDGE_TYPE': 'BRIDGE_1D'},
{'PACKET_ACTION': 'DROP'})
print 'Entry ID: %d' % entry_id_2
nas_acl.print_entry(ing_table_id)
print 'Createing Egress ACL table'
eg_table_id = nas_acl.create_table('EGRESS', 101, ['BRIDGE_TYPE'])
print 'Table ID: %d' % eg_table_id
print 'Creating Egress ACL entry'
entry_id_3 = nas_acl.create_entry(eg_table_id, 1,
{'BRIDGE_TYPE': 'BRIDGE_1Q'},
{'PACKET_ACTION': 'DROP'})
print 'Entry ID: %d' % entry_id_3
entry_id_4 = nas_acl.create_entry(eg_table_id, 2,
{'BRIDGE_TYPE': 'BRIDGE_1D'},
{'PACKET_ACTION': 'DROP'})
print 'Entry ID: %d' % entry_id_4
nas_acl.print_entry(eg_table_id)
print 'Deleting ACL entry'
nas_acl.delete_entry(ing_table_id, entry_id_1)
nas_acl.delete_entry(ing_table_id, entry_id_2)
nas_acl.delete_entry(eg_table_id, entry_id_3)
nas_acl.delete_entry(eg_table_id, entry_id_4)
print 'Deleting ACL table'
nas_acl.delete_table(ing_table_id)
nas_acl.delete_table(eg_table_id)
eid_ip = nas_acl.create_entry(table_id=tid,
prio=511,
filter_map={
'DST_IP': '23.0.0.1',
'DSCP': {
'data': 0x08,
'mask': 0x38
}
},
action_map={
'SET_TC': 4,
'SET_COUNTER': counter_ip
})
# Print both entries in ACL table
nas_acl.print_entry(tid)
raw_input("Press Enter to clean up the ACL entries and table ...")
# Print the ACL stats object
nas_acl.print_stats(tid, counter_ip)
nas_acl.print_stats(tid, counter_mac)
# Clean up
nas_acl.delete_entry(tid, eid_ip)
nas_acl.delete_entry(tid, eid_mac)
nas_acl.delete_counter(tid, counter_ip)
nas_acl.delete_counter(tid, counter_mac)
nas_acl.delete_table(tid)
print "Clean up Successful"
table_id=tid,
entry_id=eid,
filter_map=filters)
nas_acl.print_entry(tid, eid)
# Completely overwrite the action list with another set of actions
print "Replaced action list - new action - Mirror egress"
actions = {
'MIRROR_EGRESS':
{'index': mirr_id_2, 'data': mirr_opq_2} # Attaching external obj
# to ACL
# action
}
nas_acl.replace_entry_action_list(
table_id=tid,
entry_id=eid,
action_map=actions)
nas_acl.print_entry(tid, eid)
except RuntimeError as r:
print r
# Clean up
nas_acl.delete_entry(tid, eid)
nas_acl.delete_counter(tid, counter_id)
a_utl.mirror_delete(mirr_id_1)
a_utl.mirror_delete(mirr_id_2)
nas_acl.delete_table(tid)
print "Clean up Successful"
def __delete_entry():
if _args['table_id'] == None or _args['entry_id'] == None:
print('Missing parameters.. please specify both table and entry IDs')
sys.exit(1)
nas_acl.delete_entry(_args['table_id'], _args['entry_id'])
entry_id=eid,
filter_map=filters)
nas_acl.print_entry(tid, eid)
# Completely overwrite the action list with another set of actions
print "Replaced action list - new action - Mirror egress"
actions = {
'MIRROR_EGRESS': {
'index': mirr_id_2,
'data': mirr_opq_2
} # Attaching external obj
# to ACL
# action
}
nas_acl.replace_entry_action_list(table_id=tid,
entry_id=eid,
action_map=actions)
nas_acl.print_entry(tid, eid)
except RuntimeError as r:
print r
# Clean up
nas_acl.delete_entry(tid, eid)
nas_acl.delete_counter(tid, counter_id)
a_utl.mirror_delete(mirr_id_1)
a_utl.mirror_delete(mirr_id_2)
nas_acl.delete_table(tid)
print "Clean up Successful"
#
# ACL Entry to set traffic class for packets destined to IP 23.0.0.1
# with a DSCP range 8-15
#
# ACL counter to count number of dropped packets
counter_ip = nas_acl.create_counter(table_id=tid, types=['PACKET'])
# CPS Create the ACL entry
eid_ip = nas_acl.create_entry(table_id=tid,
prio=511,
filter_map={'DST_IP': '23.0.0.1',
'DSCP': {'data':0x08, 'mask':0x38}},
action_map={'SET_TC': 4,
'SET_COUNTER': counter_ip})
# Print both entries in ACL table
nas_acl.print_entry(tid)
raw_input("Press Enter to clean up the ACL entries and table ...")
# Print the ACL stats object
nas_acl.print_stats(tid, counter_ip)
nas_acl.print_stats(tid, counter_mac)
# Clean up
nas_acl.delete_entry(tid, eid_ip)
nas_acl.delete_entry(tid, eid_mac)
nas_acl.delete_counter(tid, counter_ip)
nas_acl.delete_counter(tid, counter_mac)
nas_acl.delete_table(tid)
print "Clean up Successful"
