def test_vlan_id_filter(): print 'Creating ACL table' table_id = nas_acl.create_table('INGRESS', 100, ['OUTER_VLAN_ID', 'INNER_VLAN_ID']) print 'Table ID: %d' % table_id print 'Creating ACL entry' entry_id_1 = nas_acl.create_entry(table_id, 1, { 'OUTER_VLAN_ID': { 'data': 0 }, 'INNER_VLAN_ID': { 'data': 0 } }, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id_1 entry_id_2 = nas_acl.create_entry(table_id, 2, { 'OUTER_VLAN_ID': { 'data': 100 }, 'INNER_VLAN_ID': { 'data': 200 } }, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id_2 nas_acl.print_entry(table_id) print 'Deleting ACL entry' nas_acl.delete_entry(table_id, entry_id_1) nas_acl.delete_entry(table_id, entry_id_2) print 'Deleting ACL table' nas_acl.delete_table(table_id)
def __resync(): _db = __get_db_objs() _entries = __get_acl_entries( __table_in.extract_id()) + \ __get_acl_entries( __table_out.extract_id()) _m = {} for _i in _entries: print(_i) _o = cps_object.CPSObject(obj=_i) _acl = _o.get_attr_data('base-acl/entry/id') _table = _o.get_attr_data('base-acl/entry/table-id') __mark_dirty(_o.get()) _m[(_table, _acl)] = _i for _i in _db: _entry = cps_object.CPSObject(obj=__acl_cfg_to_acl_entry(_i, True)) if _entry is None: print( 'Error creating ACL entries. Consult the logs for more details.' ) _table = _entry.get_attr_data('base-acl/table/id') _entry = _entry.get_attr_data('base-acl/entry/id') _i['operation'] = 'set' cps.db_commit(_i, None, True) if (_table, _entry) in _m: del _m[(_table, _entry)] for (table, entry) in _m.keys(): nas_acl.delete_entry(table, entry)
def test_update_entry_action(): print 'Creating ACL table' table_id = nas_acl.create_table('INGRESS', 100, ['IN_INTF']) print 'Table ID: %d' % table_id print 'Creating ACL entry' entry_id = nas_acl.create_entry(table_id, 1, {'IN_INTF': 'e101-001-0'}, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id print 'Trying to set user trap ID with drop action (expected fail)' with pytest.raises(RuntimeError): nas_acl.replace_entry_action_list(table_id, entry_id, { 'PACKET_ACTION': 'DROP', 'SET_USER_TRAP_ID': 2 }) nas_acl.print_entry(table_id, entry_id) print 'Trying to set user trap ID with trap to CPU action' try: nas_acl.replace_entry_action_list(table_id, entry_id, { 'PACKET_ACTION': 'TRAP_TO_CPU', 'SET_USER_TRAP_ID': 2 }) except RuntimeError: assert False nas_acl.print_entry(table_id, entry_id) print 'Restoring ACL entry actions' try: nas_acl.replace_entry_action_list(table_id, entry_id, {'PACKET_ACTION': 'DROP'}) except RuntimeError: assert False nas_acl.print_entry(table_id, entry_id) print 'Deleting ACL entry' nas_acl.delete_entry(table_id, entry_id) print 'Deleting ACL table' nas_acl.delete_table(table_id)
def __delete_entry(): if _args['table_id'] == None or _args['entry_id'] == None: print( 'Missing mandatory attributes to delete entry - required table-id and entry-id' ) sys.exit(1) nas_acl.delete_entry(int(_args['table_id']), int(_args['entry_id'])) print('Entry deleted')
def acl_ut_entry_delete(table_id, entry_id): global total, passed total.append(sys._getframe().f_code.co_name) try: nas_acl.delete_entry(table_id, entry_id) print "Entry ", str(entry_id), " deleted sucessfully" passed.append(sys._getframe().f_code.co_name) except RuntimeError: print "Failed to delete Entry"
def __delete_entry(): _entry = __find_entry() if _entry == None: print('Missing or couldn\'t find match.') sys.exit(1) _table_id = _entry.extract('table-id') _id = _entry.extract('id') nas_acl.delete_entry(_table_id, _id) print('Entry deleted')
def acl_ut_entry_delete(table_id, entry_id): global total, passed total.append(sys._getframe().f_code.co_name) try: nas_acl.delete_entry(table_id, entry_id) print "Entry ", str(entry_id), " deleted sucessfully" passed.append(sys._getframe().f_code.co_name) except RuntimeError: print "Failed to delete Entry"
def test_bridge_type_filter(): print 'Createing Ingress ACL table' ing_table_id = nas_acl.create_table('INGRESS', 101, ['BRIDGE_TYPE']) print 'Table ID: %d' % ing_table_id print 'Creating Ingress ACL entry' entry_id_1 = nas_acl.create_entry(ing_table_id, 1, {'BRIDGE_TYPE': 'BRIDGE_1Q'}, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id_1 entry_id_2 = nas_acl.create_entry(ing_table_id, 2, {'BRIDGE_TYPE': 'BRIDGE_1D'}, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id_2 nas_acl.print_entry(ing_table_id) print 'Createing Egress ACL table' eg_table_id = nas_acl.create_table('EGRESS', 101, ['BRIDGE_TYPE']) print 'Table ID: %d' % eg_table_id print 'Creating Egress ACL entry' entry_id_3 = nas_acl.create_entry(eg_table_id, 1, {'BRIDGE_TYPE': 'BRIDGE_1Q'}, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id_3 entry_id_4 = nas_acl.create_entry(eg_table_id, 2, {'BRIDGE_TYPE': 'BRIDGE_1D'}, {'PACKET_ACTION': 'DROP'}) print 'Entry ID: %d' % entry_id_4 nas_acl.print_entry(eg_table_id) print 'Deleting ACL entry' nas_acl.delete_entry(ing_table_id, entry_id_1) nas_acl.delete_entry(ing_table_id, entry_id_2) nas_acl.delete_entry(eg_table_id, entry_id_3) nas_acl.delete_entry(eg_table_id, entry_id_4) print 'Deleting ACL table' nas_acl.delete_table(ing_table_id) nas_acl.delete_table(eg_table_id)
eid_ip = nas_acl.create_entry(table_id=tid, prio=511, filter_map={ 'DST_IP': '23.0.0.1', 'DSCP': { 'data': 0x08, 'mask': 0x38 } }, action_map={ 'SET_TC': 4, 'SET_COUNTER': counter_ip }) # Print both entries in ACL table nas_acl.print_entry(tid) raw_input("Press Enter to clean up the ACL entries and table ...") # Print the ACL stats object nas_acl.print_stats(tid, counter_ip) nas_acl.print_stats(tid, counter_mac) # Clean up nas_acl.delete_entry(tid, eid_ip) nas_acl.delete_entry(tid, eid_mac) nas_acl.delete_counter(tid, counter_ip) nas_acl.delete_counter(tid, counter_mac) nas_acl.delete_table(tid) print "Clean up Successful"
table_id=tid, entry_id=eid, filter_map=filters) nas_acl.print_entry(tid, eid) # Completely overwrite the action list with another set of actions print "Replaced action list - new action - Mirror egress" actions = { 'MIRROR_EGRESS': {'index': mirr_id_2, 'data': mirr_opq_2} # Attaching external obj # to ACL # action } nas_acl.replace_entry_action_list( table_id=tid, entry_id=eid, action_map=actions) nas_acl.print_entry(tid, eid) except RuntimeError as r: print r # Clean up nas_acl.delete_entry(tid, eid) nas_acl.delete_counter(tid, counter_id) a_utl.mirror_delete(mirr_id_1) a_utl.mirror_delete(mirr_id_2) nas_acl.delete_table(tid) print "Clean up Successful"
def __delete_entry(): if _args['table_id'] == None or _args['entry_id'] == None: print('Missing parameters.. please specify both table and entry IDs') sys.exit(1) nas_acl.delete_entry(_args['table_id'], _args['entry_id'])
entry_id=eid, filter_map=filters) nas_acl.print_entry(tid, eid) # Completely overwrite the action list with another set of actions print "Replaced action list - new action - Mirror egress" actions = { 'MIRROR_EGRESS': { 'index': mirr_id_2, 'data': mirr_opq_2 } # Attaching external obj # to ACL # action } nas_acl.replace_entry_action_list(table_id=tid, entry_id=eid, action_map=actions) nas_acl.print_entry(tid, eid) except RuntimeError as r: print r # Clean up nas_acl.delete_entry(tid, eid) nas_acl.delete_counter(tid, counter_id) a_utl.mirror_delete(mirr_id_1) a_utl.mirror_delete(mirr_id_2) nas_acl.delete_table(tid) print "Clean up Successful"
# # ACL Entry to set traffic class for packets destined to IP 23.0.0.1 # with a DSCP range 8-15 # # ACL counter to count number of dropped packets counter_ip = nas_acl.create_counter(table_id=tid, types=['PACKET']) # CPS Create the ACL entry eid_ip = nas_acl.create_entry(table_id=tid, prio=511, filter_map={'DST_IP': '23.0.0.1', 'DSCP': {'data':0x08, 'mask':0x38}}, action_map={'SET_TC': 4, 'SET_COUNTER': counter_ip}) # Print both entries in ACL table nas_acl.print_entry(tid) raw_input("Press Enter to clean up the ACL entries and table ...") # Print the ACL stats object nas_acl.print_stats(tid, counter_ip) nas_acl.print_stats(tid, counter_mac) # Clean up nas_acl.delete_entry(tid, eid_ip) nas_acl.delete_entry(tid, eid_mac) nas_acl.delete_counter(tid, counter_ip) nas_acl.delete_counter(tid, counter_mac) nas_acl.delete_table(tid) print "Clean up Successful"