def test_vlan_id_filter(): print 'Creating ACL table' table_id = nas_acl.create_table('INGRESS', 100, ['OUTER_VLAN_ID', 'INNER_VLAN_ID']) print 'Table ID: %d' % table_id print 'Creating ACL entry' entry_id_1 = nas_acl.create_entry(table_id, 1, { 'OUTER_VLAN_ID': { 'data': 0 }, 'INNER_VLAN_ID': { 'data': 0 } }, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id_1 entry_id_2 = nas_acl.create_entry(table_id, 2, { 'OUTER_VLAN_ID': { 'data': 100 }, 'INNER_VLAN_ID': { 'data': 200 } }, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id_2 nas_acl.print_entry(table_id) print 'Deleting ACL entry' nas_acl.delete_entry(table_id, entry_id_1) nas_acl.delete_entry(table_id, entry_id_2) print 'Deleting ACL table' nas_acl.delete_table(table_id)
def acl_ut_entry_get(table_id=None, entry_id=None): global total, passed total.append(sys._getframe().f_code.co_name) try: print '#### Entry Show ####' nas_acl.print_entry(table_id, entry_id) passed.append(sys._getframe().f_code.co_name) except RuntimeError: print (sys._getframe().f_code.co_name + ": Error in Get")
def main(): tid = nas_acl.create_table(stage='EGRESS', prio=99, allow_filters=[ 'SRC_IP', 'DST_IP', 'IN_PORT', 'OUT_PORT', 'L4_SRC_PORT', 'L4_DST_PORT' ]) # # ACL Entry to drop all packets received from DST_IP on L4_DST_PORT # # ACL counter to count number of dropped packets #counter_mac = nas_acl.create_counter(table_id=tid, types=['PACKET']) # CPS Create the ACL entry eid_tcp = nas_acl.create_entry(table_id=tid, prio=512, filter_map={ 'SRC_IP': { 'addr': '23.0.0.1', 'mask': '255.0.0.0' }, 'L4_SRC_PORT': 443, }, action_map={'PACKET_ACTION': 'DROP'}) """ eid_ip = nas_acl.create_entry(table_id=tid, prio=511, filter_map={'DST_IP': '23.0.0.1', 'DSCP': {'data':0x08, 'mask':0x38}}, action_map={'SET_TC': 4, 'SET_COUNTER': counter_ip}) """ # Print both entries in ACL table nas_acl.print_entry(tid) #return tid,eid_mac #raw_input("Press Enter to clean up the ACL entries and table ...") # Print the ACL stats object #nas_acl.print_stats(tid, counter_ip) nas_acl.print_stats(tid)
def test_update_entry_action(): print 'Creating ACL table' table_id = nas_acl.create_table('INGRESS', 100, ['IN_INTF']) print 'Table ID: %d' % table_id print 'Creating ACL entry' entry_id = nas_acl.create_entry(table_id, 1, {'IN_INTF': 'e101-001-0'}, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id print 'Trying to set user trap ID with drop action (expected fail)' with pytest.raises(RuntimeError): nas_acl.replace_entry_action_list(table_id, entry_id, { 'PACKET_ACTION': 'DROP', 'SET_USER_TRAP_ID': 2 }) nas_acl.print_entry(table_id, entry_id) print 'Trying to set user trap ID with trap to CPU action' try: nas_acl.replace_entry_action_list(table_id, entry_id, { 'PACKET_ACTION': 'TRAP_TO_CPU', 'SET_USER_TRAP_ID': 2 }) except RuntimeError: assert False nas_acl.print_entry(table_id, entry_id) print 'Restoring ACL entry actions' try: nas_acl.replace_entry_action_list(table_id, entry_id, {'PACKET_ACTION': 'DROP'}) except RuntimeError: assert False nas_acl.print_entry(table_id, entry_id) print 'Deleting ACL entry' nas_acl.delete_entry(table_id, entry_id) print 'Deleting ACL table' nas_acl.delete_table(table_id)
def test_bridge_type_filter(): print 'Createing Ingress ACL table' ing_table_id = nas_acl.create_table('INGRESS', 101, ['BRIDGE_TYPE']) print 'Table ID: %d' % ing_table_id print 'Creating Ingress ACL entry' entry_id_1 = nas_acl.create_entry(ing_table_id, 1, {'BRIDGE_TYPE': 'BRIDGE_1Q'}, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id_1 entry_id_2 = nas_acl.create_entry(ing_table_id, 2, {'BRIDGE_TYPE': 'BRIDGE_1D'}, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id_2 nas_acl.print_entry(ing_table_id) print 'Createing Egress ACL table' eg_table_id = nas_acl.create_table('EGRESS', 101, ['BRIDGE_TYPE']) print 'Table ID: %d' % eg_table_id print 'Creating Egress ACL entry' entry_id_3 = nas_acl.create_entry(eg_table_id, 1, {'BRIDGE_TYPE': 'BRIDGE_1Q'}, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id_3 entry_id_4 = nas_acl.create_entry(eg_table_id, 2, {'BRIDGE_TYPE': 'BRIDGE_1D'}, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id_4 nas_acl.print_entry(eg_table_id) print 'Deleting ACL entry' nas_acl.delete_entry(ing_table_id, entry_id_1) nas_acl.delete_entry(ing_table_id, entry_id_2) nas_acl.delete_entry(eg_table_id, entry_id_3) nas_acl.delete_entry(eg_table_id, entry_id_4) print 'Deleting ACL table' nas_acl.delete_table(ing_table_id) nas_acl.delete_table(eg_table_id)
eid_ip = nas_acl.create_entry(table_id=tid, prio=511, filter_map={ 'DST_IP': '23.0.0.1', 'DSCP': { 'data': 0x08, 'mask': 0x38 } }, action_map={ 'SET_TC': 4, 'SET_COUNTER': counter_ip }) # Print both entries in ACL table nas_acl.print_entry(tid) raw_input("Press Enter to clean up the ACL entries and table ...") # Print the ACL stats object nas_acl.print_stats(tid, counter_ip) nas_acl.print_stats(tid, counter_mac) # Clean up nas_acl.delete_entry(tid, eid_ip) nas_acl.delete_entry(tid, eid_mac) nas_acl.delete_counter(tid, counter_ip) nas_acl.delete_counter(tid, counter_mac) nas_acl.delete_table(tid) print "Clean up Successful"
'PACKET_ACTION': 'COPY_TO_CPU', 'SET_COUNTER': counter_id, # Attach internal object to # ACL action 'MIRROR_INGRESS': {'index': mirr_id_1, 'data': mirr_opq_1} # Attaching external obj # to ACL action } # Create an ACL entry with above filters and actions eid = nas_acl.create_entry( table_id=tid, prio=sys.argv[2], filter_map=filters, action_map=actions) nas_acl.print_entry(tid, eid) try: # Add another filter to the ACL entry nas_acl.append_entry_filter( table_id=tid, entry_id=eid, filter_type='DST_IP', filter_val={ 'addr': '23.0.0.1', 'mask': '255.0.0.255'}) print "Added new DST IP filter" nas_acl.print_entry(tid, eid) # Or change value of existing filter nas_acl.mod_entry_filter(
def __show_entry(): nas_acl.print_entry()