Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
controller
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Wiki
Requirements
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
Repository analytics
Code review analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
TFS
controller
Commits
623bf640
Commit
623bf640
authored
1 year ago
by
Pablo Armingol
Browse files
Options
Downloads
Patches
Plain Diff
acl big fixed
parent
0a5392e8
No related branches found
No related tags found
2 merge requests
!142
Release TeraFlowSDN 2.1
,
!139
Fixes on OpenConfig and ACLs
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
src/device/service/drivers/openconfig/templates/ACL/ACL_multivendor.py
+38
-24
38 additions, 24 deletions
...rvice/drivers/openconfig/templates/ACL/ACL_multivendor.py
src/device/service/drivers/openconfig/templates/Tools.py
+2
-2
2 additions, 2 deletions
src/device/service/drivers/openconfig/templates/Tools.py
with
40 additions
and
26 deletions
src/device/service/drivers/openconfig/templates/ACL/ACL_multivendor.py
+
38
−
24
View file @
623bf640
...
@@ -35,8 +35,13 @@ LOG_ACTION_MAPPING = {
...
@@ -35,8 +35,13 @@ LOG_ACTION_MAPPING = {
'
ACLLOGACTION_NOLOG
'
:
'
LOG_NONE
'
,
'
ACLLOGACTION_NOLOG
'
:
'
LOG_NONE
'
,
'
ACLLOGACTION_SYSLOG
'
:
'
LOG_SYSLOG
'
,
'
ACLLOGACTION_SYSLOG
'
:
'
LOG_SYSLOG
'
,
}
}
def
acl_mgmt
(
parameters
,
vendor
,
delete
):
acl
=
[]
acl
.
append
(
acl_set_mng
(
parameters
,
vendor
,
delete
))
acl
.
append
(
acl_interface
(
parameters
,
vendor
,
delete
))
return
acl
def
acl_set_mng
(
data
,
DEL
):
def
acl_set_mng
(
data
,
vendor
,
delete
):
doc
,
tag
,
text
=
Doc
().
tagtext
()
doc
,
tag
,
text
=
Doc
().
tagtext
()
Acl_data
=
data
[
"
rule_set
"
]
Acl_data
=
data
[
"
rule_set
"
]
...
@@ -45,7 +50,7 @@ def acl_set_mng(data, DEL):
...
@@ -45,7 +50,7 @@ def acl_set_mng(data, DEL):
Acl_desc
=
Acl_data
[
'
description
'
]
Acl_desc
=
Acl_data
[
'
description
'
]
Acl_entries
=
Acl_data
[
'
entries
'
]
Acl_entries
=
Acl_data
[
'
entries
'
]
with
tag
(
'
acl
'
,
xmlns
=
"
http://openconfig.net/yang/acl
"
):
with
tag
(
'
acl
'
,
xmlns
=
"
http://openconfig.net/yang/acl
"
):
if
DEL
:
if
delete
:
with
tag
(
'
acl-sets
'
,
'
xmlns:nc=
"
urn:ietf:params:xml:ns:netconf:base:1.0
"
nc:operation=
"
delete
"'
):
with
tag
(
'
acl-sets
'
,
'
xmlns:nc=
"
urn:ietf:params:xml:ns:netconf:base:1.0
"
nc:operation=
"
delete
"'
):
with
tag
(
'
acl-set
'
):
with
tag
(
'
acl-set
'
):
with
tag
(
'
name
'
):
text
(
Acl_name
)
with
tag
(
'
name
'
):
text
(
Acl_name
)
...
@@ -67,27 +72,29 @@ def acl_set_mng(data, DEL):
...
@@ -67,27 +72,29 @@ def acl_set_mng(data, DEL):
with
tag
(
'
name
'
):
text
(
Acl_name
)
with
tag
(
'
name
'
):
text
(
Acl_name
)
with
tag
(
'
type
'
):
text
(
Acl_type
)
with
tag
(
'
type
'
):
text
(
Acl_type
)
with
tag
(
'
description
'
):
text
(
Acl_desc
)
with
tag
(
'
description
'
):
text
(
Acl_desc
)
with
tag
(
'
acl-entries
'
):
with
tag
(
'
acl-entries
'
):
for
entry
in
Acl_entries
:
for
entry
in
Acl_entries
:
ID
=
entry
[
'
sequence_id
'
]
ID
=
entry
[
'
sequence_id
'
]
desc
=
entry
[
'
description
'
]
desc
=
entry
[
'
description
'
]
match
=
entry
[
'
match
'
]
match
=
entry
[
'
match
'
]
action
=
entry
[
'
action
'
]
action
=
entry
[
'
action
'
]
with
tag
(
'
acl-entry
'
):
with
tag
(
'
acl-entry
'
):
with
tag
(
'
sequence-id
'
):
text
(
ID
)
with
tag
(
'
sequence-id
'
):
text
(
ID
)
with
tag
(
'
config
'
):
with
tag
(
'
config
'
):
with
tag
(
'
acl-entry
'
):
text
(
ID
)
with
tag
(
'
sequence-id
'
):
text
(
ID
)
with
tag
(
'
description
'
):
text
(
desc
)
with
tag
(
'
description
'
):
text
(
desc
)
# Configuration per type
# Configuration per type
if
"
L2
"
in
Acl_type
:
if
"
L2
"
in
Acl_type
:
with
tag
(
'
l2
'
):
with
tag
(
'
l2
'
):
with
tag
(
'
config
'
):
for
key
,
value
in
match
.
items
():
for
key
,
value
in
match
.
items
():
if
"
src_address
"
in
key
and
len
(
value
)
!=
0
:
if
"
src_address
"
in
key
and
len
(
value
)
!=
0
:
with
tag
(
'
source-mac
'
):
text
(
value
)
with
tag
(
'
source-mac
'
):
text
(
value
)
elif
"
dst_address
"
in
key
and
len
(
value
)
!=
0
:
elif
"
dst_address
"
in
key
and
len
(
value
)
!=
0
:
with
tag
(
'
destination-mac
'
):
text
(
value
)
with
tag
(
'
destination-mac
'
):
text
(
value
)
elif
"
IPV4
"
in
Acl_type
:
elif
"
IPV4
"
in
Acl_type
:
with
tag
(
'
ipv4
'
):
with
tag
(
'
ipv4
'
):
with
tag
(
'
config
'
):
for
key
,
value
in
match
.
items
():
for
key
,
value
in
match
.
items
():
if
"
src_address
"
in
key
and
len
(
value
)
!=
0
:
if
"
src_address
"
in
key
and
len
(
value
)
!=
0
:
with
tag
(
'
source-address
'
):
text
(
value
)
with
tag
(
'
source-address
'
):
text
(
value
)
...
@@ -99,7 +106,8 @@ def acl_set_mng(data, DEL):
...
@@ -99,7 +106,8 @@ def acl_set_mng(data, DEL):
with
tag
(
'
hop-limit
'
):
text
(
value
)
with
tag
(
'
hop-limit
'
):
text
(
value
)
elif
"
dscp
"
in
key
:
elif
"
dscp
"
in
key
:
with
tag
(
'
dscp
'
):
text
(
value
)
with
tag
(
'
dscp
'
):
text
(
value
)
with
tag
(
'
transport
'
):
with
tag
(
'
transport
'
):
with
tag
(
'
config
'
):
for
key
,
value
in
match
.
items
():
for
key
,
value
in
match
.
items
():
if
"
src_port
"
in
key
:
if
"
src_port
"
in
key
:
with
tag
(
'
source-port
'
):
text
(
value
)
with
tag
(
'
source-port
'
):
text
(
value
)
...
@@ -107,8 +115,9 @@ def acl_set_mng(data, DEL):
...
@@ -107,8 +115,9 @@ def acl_set_mng(data, DEL):
with
tag
(
'
destination-port
'
):
text
(
value
)
with
tag
(
'
destination-port
'
):
text
(
value
)
elif
"
tcp_flags
"
in
key
:
elif
"
tcp_flags
"
in
key
:
with
tag
(
'
tcp-flags
'
):
text
(
value
)
with
tag
(
'
tcp-flags
'
):
text
(
value
)
elif
"
IPV6
"
in
Acl_type
:
elif
"
IPV6
"
in
Acl_type
:
with
tag
(
'
ipv6
'
):
with
tag
(
'
ipv6
'
):
with
tag
(
'
config
'
):
for
key
,
value
in
match
.
items
():
for
key
,
value
in
match
.
items
():
if
"
src_address
"
in
key
and
len
(
value
)
!=
0
:
if
"
src_address
"
in
key
and
len
(
value
)
!=
0
:
with
tag
(
'
source-address
'
):
text
(
value
)
with
tag
(
'
source-address
'
):
text
(
value
)
...
@@ -120,10 +129,11 @@ def acl_set_mng(data, DEL):
...
@@ -120,10 +129,11 @@ def acl_set_mng(data, DEL):
with
tag
(
'
hop-limit
'
):
text
(
value
)
with
tag
(
'
hop-limit
'
):
text
(
value
)
elif
"
dscp
"
in
key
:
elif
"
dscp
"
in
key
:
with
tag
(
'
dscp
'
):
text
(
value
)
with
tag
(
'
dscp
'
):
text
(
value
)
with
tag
(
'
actions
'
):
with
tag
(
'
actions
'
):
with
tag
(
'
config
'
):
for
key
,
value
in
action
.
items
():
for
key
,
value
in
action
.
items
():
if
"
forward_action
"
in
key
:
if
"
forward_action
"
in
key
:
with
tag
(
'
forward-action
'
):
text
(
FORWARDING_ACTION_MAPPING
[
value
])
with
tag
(
'
forward
ing
-action
'
):
text
(
FORWARDING_ACTION_MAPPING
[
value
])
elif
"
log_action
"
in
key
:
elif
"
log_action
"
in
key
:
with
tag
(
'
log-action
'
):
text
(
LOG_ACTION_MAPPING
[
value
])
with
tag
(
'
log-action
'
):
text
(
LOG_ACTION_MAPPING
[
value
])
result
=
indent
(
result
=
indent
(
...
@@ -133,7 +143,8 @@ def acl_set_mng(data, DEL):
...
@@ -133,7 +143,8 @@ def acl_set_mng(data, DEL):
)
)
return
result
return
result
def
acl_interface
(
data
,
vendor
,
DEL
):
def
acl_interface
(
data
,
vendor
,
delete
):
doc
,
tag
,
text
=
Doc
().
tagtext
()
doc
,
tag
,
text
=
Doc
().
tagtext
()
ID
=
data
[
'
endpoint_id
'
][
'
endpoint_uuid
'
][
'
uuid
'
]
ID
=
data
[
'
endpoint_id
'
][
'
endpoint_uuid
'
][
'
uuid
'
]
...
@@ -158,6 +169,9 @@ def acl_interface(data,vendor, DEL):
...
@@ -158,6 +169,9 @@ def acl_interface(data,vendor, DEL):
with
tag
(
'
ingress-acl-set
'
):
with
tag
(
'
ingress-acl-set
'
):
with
tag
(
'
set-name
'
):
text
(
Acl_name
)
with
tag
(
'
set-name
'
):
text
(
Acl_name
)
with
tag
(
'
type
'
):
text
(
Acl_type
)
with
tag
(
'
type
'
):
text
(
Acl_type
)
with
tag
(
'
config
'
):
with
tag
(
'
set-name
'
):
text
(
Acl_name
)
with
tag
(
'
type
'
):
text
(
Acl_type
)
result
=
indent
(
result
=
indent
(
doc
.
getvalue
(),
doc
.
getvalue
(),
indentation
=
'
'
*
2
,
indentation
=
'
'
*
2
,
...
...
This diff is collapsed.
Click to expand it.
src/device/service/drivers/openconfig/templates/Tools.py
+
2
−
2
View file @
623bf640
...
@@ -15,7 +15,7 @@
...
@@ -15,7 +15,7 @@
import
json
import
json
import
lxml.etree
as
ET
import
lxml.etree
as
ET
from
typing
import
Collection
,
Dict
,
Any
from
typing
import
Collection
,
Dict
,
Any
from
.ACL.ACL_multivendor
import
acl_
set_mng
from
.ACL.ACL_multivendor
import
acl_
mgmt
from
.VPN.Network_instance_multivendor
import
create_NI
,
associate_virtual_circuit
,
associate_RP_to_NI
,
add_protocol_NI
,
create_table_conns
,
associate_If_to_NI
from
.VPN.Network_instance_multivendor
import
create_NI
,
associate_virtual_circuit
,
associate_RP_to_NI
,
add_protocol_NI
,
create_table_conns
,
associate_If_to_NI
from
.VPN.Interfaces_multivendor
import
create_If_SubIf
from
.VPN.Interfaces_multivendor
import
create_If_SubIf
from
.VPN.Routing_policy
import
create_rp_def
,
create_rp_statement
from
.VPN.Routing_policy
import
create_rp_def
,
create_rp_statement
...
@@ -84,6 +84,6 @@ def generate_templates(resource_key: str, resource_value: str, delete: bool,vend
...
@@ -84,6 +84,6 @@ def generate_templates(resource_key: str, resource_value: str, delete: bool,vend
result_templates
.
append
(
create_rp_statement
(
data
,
delete
))
result_templates
.
append
(
create_rp_statement
(
data
,
delete
))
else
:
else
:
if
"
acl_ruleset
"
in
resource_key
:
# acl rules management
if
"
acl_ruleset
"
in
resource_key
:
# acl rules management
result_templates
.
extend
(
acl_
set_mng
(
resource_value
,
delete
))
result_templates
.
extend
(
acl_
mgmt
(
resource_value
,
vendor
,
delete
))
return
result_templates
return
result_templates
\ No newline at end of file
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment