From 623bf6408423bc42cfd5f7073bdf52e2dd75c511 Mon Sep 17 00:00:00 2001
From: armingol <pablo.armingolrobles@telefonica.com>
Date: Wed, 12 Jul 2023 16:38:30 +0000
Subject: [PATCH] acl big fixed
---
.../templates/ACL/ACL_multivendor.py | 62 ++++++++++++-------
.../drivers/openconfig/templates/Tools.py | 4 +-
2 files changed, 40 insertions(+), 26 deletions(-)
diff --git a/src/device/service/drivers/openconfig/templates/ACL/ACL_multivendor.py b/src/device/service/drivers/openconfig/templates/ACL/ACL_multivendor.py
index 61f46baa5..a4e166663 100755
--- a/src/device/service/drivers/openconfig/templates/ACL/ACL_multivendor.py
+++ b/src/device/service/drivers/openconfig/templates/ACL/ACL_multivendor.py
@@ -35,8 +35,13 @@ LOG_ACTION_MAPPING = {
'ACLLOGACTION_NOLOG' : 'LOG_NONE',
'ACLLOGACTION_SYSLOG' : 'LOG_SYSLOG',
}
+def acl_mgmt(parameters,vendor,delete):
+ acl = []
+ acl.append(acl_set_mng( parameters,vendor,delete))
+ acl.append(acl_interface(parameters,vendor,delete))
+ return acl
-def acl_set_mng(data, DEL):
+def acl_set_mng(data,vendor, delete):
doc, tag, text = Doc().tagtext()
Acl_data = data["rule_set"]
@@ -45,7 +50,7 @@ def acl_set_mng(data, DEL):
Acl_desc = Acl_data['description']
Acl_entries = Acl_data['entries']
with tag('acl', xmlns="http://openconfig.net/yang/acl"):
- if DEL:
+ if delete:
with tag('acl-sets' ,'xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" nc:operation="delete"'):
with tag('acl-set'):
with tag('name'):text(Acl_name)
@@ -67,27 +72,29 @@ def acl_set_mng(data, DEL):
with tag('name'): text(Acl_name)
with tag('type'): text(Acl_type)
with tag('description'):text(Acl_desc)
- with tag('acl-entries'):
- for entry in Acl_entries:
- ID = entry['sequence_id']
- desc = entry['description']
- match = entry['match']
- action = entry['action']
- with tag('acl-entry'):
- with tag('sequence-id'):text(ID)
- with tag('config'):
- with tag('acl-entry'): text(ID)
- with tag('description'): text(desc)
- # Configuration per type
- if "L2" in Acl_type:
- with tag('l2'):
+ with tag('acl-entries'):
+ for entry in Acl_entries:
+ ID = entry['sequence_id']
+ desc = entry['description']
+ match = entry['match']
+ action = entry['action']
+ with tag('acl-entry'):
+ with tag('sequence-id'):text(ID)
+ with tag('config'):
+ with tag('sequence-id'): text(ID)
+ with tag('description'): text(desc)
+ # Configuration per type
+ if "L2" in Acl_type:
+ with tag('l2'):
+ with tag('config'):
for key, value in match.items():
if "src_address" in key and len(value) != 0:
with tag('source-mac'):text(value)
elif "dst_address" in key and len(value) != 0:
with tag('destination-mac'):text(value)
- elif "IPV4" in Acl_type:
- with tag('ipv4'):
+ elif "IPV4" in Acl_type:
+ with tag('ipv4'):
+ with tag('config'):
for key, value in match.items():
if "src_address" in key and len(value) != 0:
with tag('source-address'):text(value)
@@ -99,7 +106,8 @@ def acl_set_mng(data, DEL):
with tag('hop-limit'):text(value)
elif "dscp" in key :
with tag('dscp'):text(value)
- with tag('transport'):
+ with tag('transport'):
+ with tag('config'):
for key, value in match.items():
if "src_port" in key :
with tag('source-port'):text(value)
@@ -107,8 +115,9 @@ def acl_set_mng(data, DEL):
with tag('destination-port'):text(value)
elif "tcp_flags" in key :
with tag('tcp-flags'):text(value)
- elif "IPV6" in Acl_type:
- with tag('ipv6'):
+ elif "IPV6" in Acl_type:
+ with tag('ipv6'):
+ with tag('config'):
for key, value in match.items():
if "src_address" in key and len(value) != 0:
with tag('source-address'):text(value)
@@ -120,10 +129,11 @@ def acl_set_mng(data, DEL):
with tag('hop-limit'):text(value)
elif "dscp" in key :
with tag('dscp'):text(value)
- with tag('actions'):
+ with tag('actions'):
+ with tag('config'):
for key, value in action.items():
if "forward_action" in key :
- with tag('forward-action'):text(FORWARDING_ACTION_MAPPING[value])
+ with tag('forwarding-action'):text(FORWARDING_ACTION_MAPPING[value])
elif "log_action" in key :
with tag('log-action'):text(LOG_ACTION_MAPPING[value])
result = indent(
@@ -133,7 +143,8 @@ def acl_set_mng(data, DEL):
)
return result
-def acl_interface(data,vendor, DEL):
+
+def acl_interface(data,vendor, delete):
doc, tag, text = Doc().tagtext()
ID = data['endpoint_id']['endpoint_uuid']['uuid']
@@ -158,6 +169,9 @@ def acl_interface(data,vendor, DEL):
with tag('ingress-acl-set'):
with tag('set-name'):text(Acl_name)
with tag('type'):text(Acl_type)
+ with tag('config'):
+ with tag('set-name'):text(Acl_name)
+ with tag('type'):text(Acl_type)
result = indent(
doc.getvalue(),
indentation = ' '*2,
diff --git a/src/device/service/drivers/openconfig/templates/Tools.py b/src/device/service/drivers/openconfig/templates/Tools.py
index 054907aef..79bebef51 100644
--- a/src/device/service/drivers/openconfig/templates/Tools.py
+++ b/src/device/service/drivers/openconfig/templates/Tools.py
@@ -15,7 +15,7 @@
import json
import lxml.etree as ET
from typing import Collection, Dict, Any
-from .ACL.ACL_multivendor import acl_set_mng
+from .ACL.ACL_multivendor import acl_mgmt
from .VPN.Network_instance_multivendor import create_NI, associate_virtual_circuit, associate_RP_to_NI, add_protocol_NI, create_table_conns, associate_If_to_NI
from .VPN.Interfaces_multivendor import create_If_SubIf
from .VPN.Routing_policy import create_rp_def, create_rp_statement
@@ -84,6 +84,6 @@ def generate_templates(resource_key: str, resource_value: str, delete: bool,vend
result_templates.append(create_rp_statement(data, delete))
else:
if "acl_ruleset" in resource_key: # acl rules management
- result_templates.extend(acl_set_mng(resource_value, delete))
+ result_templates.extend(acl_mgmt(resource_value,vendor, delete))
return result_templates
\ No newline at end of file
--
GitLab