diff options
Diffstat (limited to 'lib/filter_nb.c')
| -rw-r--r-- | lib/filter_nb.c | 412 |
1 files changed, 154 insertions, 258 deletions
diff --git a/lib/filter_nb.c b/lib/filter_nb.c index d3d868b468..41bf3cf7f4 100644 --- a/lib/filter_nb.c +++ b/lib/filter_nb.c @@ -111,24 +111,38 @@ static void prefix_list_entry_set_empty(struct prefix_list_entry *ple) } /* - * XPath: /frr-filter:lib/access-list-legacy + * XPath: /frr-filter:lib/access-list */ -static int lib_access_list_legacy_create(struct nb_cb_create_args *args) +static int lib_access_list_create(struct nb_cb_create_args *args) { - struct access_list *acl; + struct access_list *acl = NULL; const char *acl_name; + int type; if (args->event != NB_EV_APPLY) return NB_OK; - acl_name = yang_dnode_get_string(args->dnode, "./number"); - acl = access_list_get(AFI_IP, acl_name); + type = yang_dnode_get_enum(args->dnode, "./type"); + acl_name = yang_dnode_get_string(args->dnode, "./name"); + + switch (type) { + case YALT_IPV4: + acl = access_list_get(AFI_IP, acl_name); + break; + case YALT_IPV6: + acl = access_list_get(AFI_IP6, acl_name); + break; + case YALT_MAC: + acl = access_list_get(AFI_L2VPN, acl_name); + break; + } + nb_running_set_entry(args->dnode, acl); return NB_OK; } -static int lib_access_list_legacy_destroy(struct nb_cb_destroy_args *args) +static int lib_access_list_destroy(struct nb_cb_destroy_args *args) { struct access_master *am; struct access_list *acl; @@ -147,9 +161,9 @@ static int lib_access_list_legacy_destroy(struct nb_cb_destroy_args *args) } /* - * XPath: /frr-filter:lib/access-list-legacy/remark + * XPath: /frr-filter:lib/access-list/remark */ -static int lib_access_list_legacy_remark_modify(struct nb_cb_modify_args *args) +static int lib_access_list_remark_modify(struct nb_cb_modify_args *args) { struct access_list *acl; const char *remark; @@ -168,7 +182,7 @@ static int lib_access_list_legacy_remark_modify(struct nb_cb_modify_args *args) } static int -lib_access_list_legacy_remark_destroy(struct nb_cb_destroy_args *args) +lib_access_list_remark_destroy(struct nb_cb_destroy_args *args) { struct access_list *acl; @@ -182,31 +196,20 @@ lib_access_list_legacy_remark_destroy(struct nb_cb_destroy_args *args) return NB_OK; } + /* - * XPath: /frr-filter:lib/access-list-legacy/entry + * XPath: /frr-filter:lib/access-list/entry */ -static int lib_access_list_legacy_entry_create(struct nb_cb_create_args *args) +static int lib_access_list_entry_create(struct nb_cb_create_args *args) { - struct filter_cisco *fc; struct access_list *acl; struct filter *f; - uint32_t aclno; - - /* TODO: validate `filter_lookup_cisco` returns NULL. */ if (args->event != NB_EV_APPLY) return NB_OK; - aclno = yang_dnode_get_uint16(args->dnode, "../number"); - f = filter_new(); - f->cisco = 1; f->seq = yang_dnode_get_uint32(args->dnode, "./sequence"); - fc = &f->u.cfilter; - if ((aclno >= 1 && aclno <= 99) || (aclno >= 1300 && aclno <= 1999)) - fc->extended = 0; - else - fc->extended = 1; acl = nb_running_get_entry(args->dnode, NULL, true); f->acl = acl; @@ -216,7 +219,7 @@ static int lib_access_list_legacy_entry_create(struct nb_cb_create_args *args) return NB_OK; } -static int lib_access_list_legacy_entry_destroy(struct nb_cb_destroy_args *args) +static int lib_access_list_entry_destroy(struct nb_cb_destroy_args *args) { struct access_list *acl; struct filter *f; @@ -232,10 +235,10 @@ static int lib_access_list_legacy_entry_destroy(struct nb_cb_destroy_args *args) } /* - * XPath: /frr-filter:lib/access-list-legacy/entry/action + * XPath: /frr-filter:lib/access-list/entry/action */ static int -lib_access_list_legacy_entry_action_modify(struct nb_cb_modify_args *args) +lib_access_list_entry_action_modify(struct nb_cb_modify_args *args) { const char *filter_type; struct filter *f; @@ -254,86 +257,81 @@ lib_access_list_legacy_entry_action_modify(struct nb_cb_modify_args *args) } /* - * XPath: /frr-filter:lib/access-list-legacy/entry/host + * XPath: /frr-filter:lib/access-list/entry/ipv4-prefix */ static int -lib_access_list_legacy_entry_host_modify(struct nb_cb_modify_args *args) +lib_access_list_entry_ipv4_prefix_modify(struct nb_cb_modify_args *args) { - struct filter_cisco *fc; + struct filter_zebra *fz; struct filter *f; if (args->event != NB_EV_APPLY) return NB_OK; f = nb_running_get_entry(args->dnode, NULL, true); - fc = &f->u.cfilter; - yang_dnode_get_ipv4(&fc->addr, args->dnode, NULL); - fc->addr_mask.s_addr = INADDR_ANY; + f->cisco = 0; + fz = &f->u.zfilter; + yang_dnode_get_prefix(&fz->prefix, args->dnode, NULL); return NB_OK; } static int -lib_access_list_legacy_entry_host_destroy(struct nb_cb_destroy_args *args) +lib_access_list_entry_ipv4_prefix_destroy(struct nb_cb_destroy_args *args) { - struct filter_cisco *fc; + struct filter_zebra *fz; struct filter *f; if (args->event != NB_EV_APPLY) return NB_OK; f = nb_running_get_entry(args->dnode, NULL, true); - fc = &f->u.cfilter; - fc->addr.s_addr = INADDR_ANY; - fc->addr_mask.s_addr = INADDR_NONE; + fz = &f->u.zfilter; + memset(&fz->prefix, 0, sizeof(fz->prefix)); return NB_OK; } /* - * XPath: /frr-filter:lib/access-list-legacy/entry/network + * XPath: /frr-filter:lib/access-list/entry/ipv4-exact-match */ static int -lib_access_list_legacy_entry_network_modify(struct nb_cb_modify_args *args) +lib_access_list_entry_ipv4_exact_match_modify(struct nb_cb_modify_args *args) { - struct filter_cisco *fc; + struct filter_zebra *fz; struct filter *f; - struct prefix p; if (args->event != NB_EV_APPLY) return NB_OK; f = nb_running_get_entry(args->dnode, NULL, true); - fc = &f->u.cfilter; - yang_dnode_get_prefix(&p, args->dnode, NULL); - fc->addr.s_addr = ipv4_network_addr(p.u.prefix4.s_addr, p.prefixlen); - masklen2ip(p.prefixlen, &fc->addr_mask); + fz = &f->u.zfilter; + fz->exact = yang_dnode_get_bool(args->dnode, NULL); return NB_OK; } static int -lib_access_list_legacy_entry_network_destroy(struct nb_cb_destroy_args *args) +lib_access_list_entry_ipv4_exact_match_destroy(struct nb_cb_destroy_args *args) { - struct filter_cisco *fc; + struct filter_zebra *fz; struct filter *f; if (args->event != NB_EV_APPLY) return NB_OK; f = nb_running_get_entry(args->dnode, NULL, true); - fc = &f->u.cfilter; - fc->addr.s_addr = INADDR_ANY; - fc->addr_mask.s_addr = INADDR_NONE; + fz = &f->u.zfilter; + fz->exact = 0; return NB_OK; } /* - * XPath: /frr-filter:lib/access-list-legacy/entry/any + * XPath: /frr-filter:lib/access-list/entry/host */ static int -lib_access_list_legacy_entry_any_create(struct nb_cb_create_args *args) +lib_access_list_entry_host_modify(struct nb_cb_modify_args *args) { struct filter_cisco *fc; struct filter *f; @@ -342,15 +340,16 @@ lib_access_list_legacy_entry_any_create(struct nb_cb_create_args *args) return NB_OK; f = nb_running_get_entry(args->dnode, NULL, true); + f->cisco = 1; fc = &f->u.cfilter; - fc->addr.s_addr = INADDR_ANY; - fc->addr_mask.s_addr = INADDR_NONE; + yang_dnode_get_ipv4(&fc->addr, args->dnode, NULL); + fc->addr_mask.s_addr = INADDR_ANY; return NB_OK; } static int -lib_access_list_legacy_entry_any_destroy(struct nb_cb_destroy_args *args) +lib_access_list_entry_host_destroy(struct nb_cb_destroy_args *args) { struct filter_cisco *fc; struct filter *f; @@ -367,27 +366,30 @@ lib_access_list_legacy_entry_any_destroy(struct nb_cb_destroy_args *args) } /* - * XPath: /frr-filter:lib/access-list-legacy/entry/destination-host + * XPath: /frr-filter:lib/access-list/entry/network */ -static int lib_access_list_legacy_entry_destination_host_modify( - struct nb_cb_modify_args *args) +static int +lib_access_list_entry_network_modify(struct nb_cb_modify_args *args) { struct filter_cisco *fc; struct filter *f; + struct prefix p; if (args->event != NB_EV_APPLY) return NB_OK; f = nb_running_get_entry(args->dnode, NULL, true); + f->cisco = 1; fc = &f->u.cfilter; - yang_dnode_get_ipv4(&fc->mask, args->dnode, NULL); - fc->mask_mask.s_addr = INADDR_ANY; + yang_dnode_get_prefix(&p, args->dnode, NULL); + fc->addr.s_addr = ipv4_network_addr(p.u.prefix4.s_addr, p.prefixlen); + masklen2ip(p.prefixlen, &fc->addr_mask); return NB_OK; } -static int lib_access_list_legacy_entry_destination_host_destroy( - struct nb_cb_destroy_args *args) +static int +lib_access_list_entry_network_destroy(struct nb_cb_destroy_args *args) { struct filter_cisco *fc; struct filter *f; @@ -397,36 +399,35 @@ static int lib_access_list_legacy_entry_destination_host_destroy( f = nb_running_get_entry(args->dnode, NULL, true); fc = &f->u.cfilter; - fc->mask.s_addr = INADDR_ANY; - fc->mask_mask.s_addr = INADDR_NONE; + fc->addr.s_addr = INADDR_ANY; + fc->addr_mask.s_addr = INADDR_NONE; return NB_OK; } /* - * XPath: /frr-filter:lib/access-list-legacy/entry/destination-network + * XPath: /frr-filter:lib/access-list/entry/source-any */ -static int lib_access_list_legacy_entry_destination_network_modify( - struct nb_cb_modify_args *args) +static int +lib_access_list_entry_source_any_create(struct nb_cb_create_args *args) { struct filter_cisco *fc; struct filter *f; - struct prefix p; if (args->event != NB_EV_APPLY) return NB_OK; f = nb_running_get_entry(args->dnode, NULL, true); + f->cisco = 1; fc = &f->u.cfilter; - yang_dnode_get_prefix(&p, args->dnode, NULL); - fc->mask.s_addr = ipv4_network_addr(p.u.prefix4.s_addr, p.prefixlen); - masklen2ip(p.prefixlen, &fc->mask_mask); + fc->addr.s_addr = INADDR_ANY; + fc->addr_mask.s_addr = INADDR_NONE; return NB_OK; } -static int lib_access_list_legacy_entry_destination_network_destroy( - struct nb_cb_destroy_args *args) +static int +lib_access_list_entry_source_any_destroy(struct nb_cb_destroy_args *args) { struct filter_cisco *fc; struct filter *f; @@ -436,17 +437,17 @@ static int lib_access_list_legacy_entry_destination_network_destroy( f = nb_running_get_entry(args->dnode, NULL, true); fc = &f->u.cfilter; - fc->mask.s_addr = INADDR_ANY; - fc->mask_mask.s_addr = INADDR_NONE; + fc->addr.s_addr = INADDR_ANY; + fc->addr_mask.s_addr = INADDR_NONE; return NB_OK; } /* - * XPath: /frr-filter:lib/access-list-legacy/entry/destination-any + * XPath: /frr-filter:lib/access-list/entry/destination-host */ -static int lib_access_list_legacy_entry_destination_any_create( - struct nb_cb_create_args *args) +static int lib_access_list_entry_destination_host_modify( + struct nb_cb_modify_args *args) { struct filter_cisco *fc; struct filter *f; @@ -456,13 +457,14 @@ static int lib_access_list_legacy_entry_destination_any_create( f = nb_running_get_entry(args->dnode, NULL, true); fc = &f->u.cfilter; - fc->mask.s_addr = INADDR_ANY; - fc->mask_mask.s_addr = INADDR_NONE; + fc->extended = 1; + yang_dnode_get_ipv4(&fc->mask, args->dnode, NULL); + fc->mask_mask.s_addr = INADDR_ANY; return NB_OK; } -static int lib_access_list_legacy_entry_destination_any_destroy( +static int lib_access_list_entry_destination_host_destroy( struct nb_cb_destroy_args *args) { struct filter_cisco *fc; @@ -473,6 +475,7 @@ static int lib_access_list_legacy_entry_destination_any_destroy( f = nb_running_get_entry(args->dnode, NULL, true); fc = &f->u.cfilter; + fc->extended = 0; fc->mask.s_addr = INADDR_ANY; fc->mask_mask.s_addr = INADDR_NONE; @@ -480,160 +483,81 @@ static int lib_access_list_legacy_entry_destination_any_destroy( } /* - * XPath: /frr-filter:lib/access-list - */ -static int lib_access_list_create(struct nb_cb_create_args *args) -{ - struct access_list *acl = NULL; - const char *acl_name; - int type; - - if (args->event != NB_EV_APPLY) - return NB_OK; - - type = yang_dnode_get_enum(args->dnode, "./type"); - acl_name = yang_dnode_get_string(args->dnode, "./name"); - - switch (type) { - case YALT_IPV4: - acl = access_list_get(AFI_IP, acl_name); - break; - case YALT_IPV6: - acl = access_list_get(AFI_IP6, acl_name); - break; - case YALT_MAC: - acl = access_list_get(AFI_L2VPN, acl_name); - break; - } - - nb_running_set_entry(args->dnode, acl); - - return NB_OK; -} - -static int lib_access_list_destroy(struct nb_cb_destroy_args *args) -{ - struct access_master *am; - struct access_list *acl; - - if (args->event != NB_EV_APPLY) - return NB_OK; - - acl = nb_running_unset_entry(args->dnode); - am = acl->master; - if (am->delete_hook) - am->delete_hook(acl); - - access_list_delete(acl); - - return NB_OK; -} - -/* - * XPath: /frr-filter:lib/access-list/entry - */ -static int lib_access_list_entry_create(struct nb_cb_create_args *args) -{ - struct access_list *acl; - struct filter *f; - - /* TODO: validate `filter_lookup_zebra` returns NULL. */ - - if (args->event != NB_EV_APPLY) - return NB_OK; - - f = filter_new(); - f->seq = yang_dnode_get_uint32(args->dnode, "./sequence"); - - acl = nb_running_get_entry(args->dnode, NULL, true); - f->acl = acl; - access_list_filter_add(acl, f); - nb_running_set_entry(args->dnode, f); - - return NB_OK; -} - -static int lib_access_list_entry_destroy(struct nb_cb_destroy_args *args) -{ - struct access_list *acl; - struct filter *f; - - if (args->event != NB_EV_APPLY) - return NB_OK; - - f = nb_running_unset_entry(args->dnode); - acl = f->acl; - access_list_filter_delete(acl, f); - - return NB_OK; -} - -/* - * XPath: /frr-filter:lib/access-list/entry/ipv4-prefix + * XPath: /frr-filter:lib/access-list/entry/destination-network */ -static int -lib_access_list_entry_ipv4_prefix_modify(struct nb_cb_modify_args *args) +static int lib_access_list_entry_destination_network_modify( + struct nb_cb_modify_args *args) { - struct filter_zebra *fz; + struct filter_cisco *fc; struct filter *f; + struct prefix p; if (args->event != NB_EV_APPLY) return NB_OK; f = nb_running_get_entry(args->dnode, NULL, true); - fz = &f->u.zfilter; - yang_dnode_get_prefix(&fz->prefix, args->dnode, NULL); + fc = &f->u.cfilter; + fc->extended = 1; + yang_dnode_get_prefix(&p, args->dnode, NULL); + fc->mask.s_addr = ipv4_network_addr(p.u.prefix4.s_addr, p.prefixlen); + masklen2ip(p.prefixlen, &fc->mask_mask); return NB_OK; } -static int -lib_access_list_entry_ipv4_prefix_destroy(struct nb_cb_destroy_args *args) +static int lib_access_list_entry_destination_network_destroy( + struct nb_cb_destroy_args *args) { - struct filter_zebra *fz; + struct filter_cisco *fc; struct filter *f; if (args->event != NB_EV_APPLY) return NB_OK; f = nb_running_get_entry(args->dnode, NULL, true); - fz = &f->u.zfilter; - memset(&fz->prefix, 0, sizeof(fz->prefix)); + fc = &f->u.cfilter; + fc->extended = 0; + fc->mask.s_addr = INADDR_ANY; + fc->mask_mask.s_addr = INADDR_NONE; return NB_OK; } /* - * XPath: /frr-filter:lib/access-list/entry/ipv4-exact-match + * XPath: /frr-filter:lib/access-list/entry/destination-any */ -static int -lib_access_list_entry_ipv4_exact_match_modify(struct nb_cb_modify_args *args) +static int lib_access_list_entry_destination_any_create( + struct nb_cb_create_args *args) { - struct filter_zebra *fz; + struct filter_cisco *fc; struct filter *f; if (args->event != NB_EV_APPLY) return NB_OK; f = nb_running_get_entry(args->dnode, NULL, true); - fz = &f->u.zfilter; - fz->exact = yang_dnode_get_bool(args->dnode, NULL); + fc = &f->u.cfilter; + fc->extended = 1; + fc->mask.s_addr = INADDR_ANY; + fc->mask_mask.s_addr = INADDR_NONE; return NB_OK; } -static int -lib_access_list_entry_ipv4_exact_match_destroy(struct nb_cb_destroy_args *args) +static int lib_access_list_entry_destination_any_destroy( + struct nb_cb_destroy_args *args) { - struct filter_zebra *fz; + struct filter_cisco *fc; struct filter *f; if (args->event != NB_EV_APPLY) return NB_OK; f = nb_running_get_entry(args->dnode, NULL, true); - fz = &f->u.zfilter; - fz->exact = 0; + fc = &f->u.cfilter; + fc->extended = 0; + fc->mask.s_addr = INADDR_ANY; + fc->mask_mask.s_addr = INADDR_NONE; return NB_OK; } @@ -651,6 +575,7 @@ static int lib_access_list_entry_any_create(struct nb_cb_create_args *args) return NB_OK; f = nb_running_get_entry(args->dnode, NULL, true); + f->cisco = 0; fz = &f->u.zfilter; memset(&fz->prefix, 0, sizeof(fz->prefix)); @@ -1059,117 +984,88 @@ const struct frr_yang_module_info frr_filter_info = { .name = "frr-filter", .nodes = { { - .xpath = "/frr-filter:lib/access-list-legacy", - .cbs = { - .create = lib_access_list_legacy_create, - .destroy = lib_access_list_legacy_destroy, - } - }, - { - .xpath = "/frr-filter:lib/access-list-legacy/remark", - .cbs = { - .modify = lib_access_list_legacy_remark_modify, - .destroy = lib_access_list_legacy_remark_destroy, - .cli_show = access_list_legacy_remark_show, - } - }, - { - .xpath = "/frr-filter:lib/access-list-legacy/entry", - .cbs = { - .create = lib_access_list_legacy_entry_create, - .destroy = lib_access_list_legacy_entry_destroy, - .cli_show = access_list_legacy_show, - } - }, - { - .xpath = "/frr-filter:lib/access-list-legacy/entry/action", - .cbs = { - .modify = lib_access_list_legacy_entry_action_modify, - } - }, - { - .xpath = "/frr-filter:lib/access-list-legacy/entry/host", + .xpath = "/frr-filter:lib/access-list", .cbs = { - .modify = lib_access_list_legacy_entry_host_modify, - .destroy = lib_access_list_legacy_entry_host_destroy, + .create = lib_access_list_create, + .destroy = lib_access_list_destroy, } }, { - .xpath = "/frr-filter:lib/access-list-legacy/entry/network", + .xpath = "/frr-filter:lib/access-list/remark", .cbs = { - .modify = lib_access_list_legacy_entry_network_modify, - .destroy = lib_access_list_legacy_entry_network_destroy, + .modify = lib_access_list_remark_modify, + .destroy = lib_access_list_remark_destroy, + .cli_show = access_list_remark_show, } }, { - .xpath = "/frr-filter:lib/access-list-legacy/entry/any", + .xpath = "/frr-filter:lib/access-list/entry", .cbs = { - .create = lib_access_list_legacy_entry_any_create, - .destroy = lib_access_list_legacy_entry_any_destroy, + .create = lib_access_list_entry_create, + .destroy = lib_access_list_entry_destroy, + .cli_show = access_list_show, } }, { - .xpath = "/frr-filter:lib/access-list-legacy/entry/destination-host", + .xpath = "/frr-filter:lib/access-list/entry/action", .cbs = { - .modify = lib_access_list_legacy_entry_destination_host_modify, - .destroy = lib_access_list_legacy_entry_destination_host_destroy, + .modify = lib_access_list_entry_action_modify, } }, { - .xpath = "/frr-filter:lib/access-list-legacy/entry/destination-network", + .xpath = "/frr-filter:lib/access-list/entry/ipv4-prefix", .cbs = { - .modify = lib_access_list_legacy_entry_destination_network_modify, - .destroy = lib_access_list_legacy_entry_destination_network_destroy, + .modify = lib_access_list_entry_ipv4_prefix_modify, + .destroy = lib_access_list_entry_ipv4_prefix_destroy, } }, { - .xpath = "/frr-filter:lib/access-list-legacy/entry/destination-any", + .xpath = "/frr-filter:lib/access-list/entry/ipv4-exact-match", .cbs = { - .create = lib_access_list_legacy_entry_destination_any_create, - .destroy = lib_access_list_legacy_entry_destination_any_destroy, + .modify = lib_access_list_entry_ipv4_exact_match_modify, + .destroy = lib_access_list_entry_ipv4_exact_match_destroy, } }, { - .xpath = "/frr-filter:lib/access-list", + .xpath = "/frr-filter:lib/access-list/entry/host", .cbs = { - .create = lib_access_list_create, - .destroy = lib_access_list_destroy, + .modify = lib_access_list_entry_host_modify, + .destroy = lib_access_list_entry_host_destroy, } }, { - .xpath = "/frr-filter:lib/access-list/remark", + .xpath = "/frr-filter:lib/access-list/entry/network", .cbs = { - .modify = lib_access_list_legacy_remark_modify, - .destroy = lib_access_list_legacy_remark_destroy, - .cli_show = access_list_remark_show, + .modify = lib_access_list_entry_network_modify, + .destroy = lib_access_list_entry_network_destroy, } }, { - .xpath = "/frr-filter:lib/access-list/entry", + .xpath = "/frr-filter:lib/access-list/entry/source-any", .cbs = { - .create = lib_access_list_entry_create, - .destroy = lib_access_list_entry_destroy, - .cli_show = access_list_show, + .create = lib_access_list_entry_source_any_create, + .destroy = lib_access_list_entry_source_any_destroy, } }, { - .xpath = "/frr-filter:lib/access-list/entry/action", + .xpath = "/frr-filter:lib/access-list/entry/destination-host", .cbs = { - .modify = lib_access_list_legacy_entry_action_modify, + .modify = lib_access_list_entry_destination_host_modify, + .destroy = lib_access_list_entry_destination_host_destroy, } }, { - .xpath = "/frr-filter:lib/access-list/entry/ipv4-prefix", + .xpath = "/frr-filter:lib/access-list/entry/destination-network", .cbs = { - .modify = lib_access_list_entry_ipv4_prefix_modify, - .destroy = lib_access_list_entry_ipv4_prefix_destroy, + .modify = lib_access_list_entry_destination_network_modify, + .destroy = lib_access_list_entry_destination_network_destroy, } }, { - .xpath = "/frr-filter:lib/access-list/entry/ipv4-exact-match", + .xpath = "/frr-filter:lib/access-list/entry/destination-any", .cbs = { - .modify = lib_access_list_entry_ipv4_exact_match_modify, - .destroy = lib_access_list_entry_ipv4_exact_match_destroy, + .create = lib_access_list_entry_destination_any_create, + .destroy = lib_access_list_entry_destination_any_destroy, } }, { |