2 // Copyright (c) 2017 Intel Corporation
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
8 // http://www.apache.org/licenses/LICENSE-2.0
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
17 #ifndef __INCLUDE_PIPELINE_ACL_H__
18 #define __INCLUDE_PIPELINE_ACL_H__
24 * Pipeline ACL Front End (FE).
25 * Runs on the Master pipeline, responsible for CLI commands.
30 #include "pipeline_acl_be.h"
32 #include <json-c/json.h>
34 /* ACL IPV4 and IPV6 enable flags for debugging (Default both on) */
35 extern int acl_ipv4_enabled;
36 extern int acl_ipv6_enabled;
38 /* Number of ACL Rules, default 4 * 1024 */
39 extern uint32_t acl_n_rules;
40 /* ACL Rule Table TRIE - 2 (Active, Standby Global table per ipv4, ipv6 */
41 extern void *acl_rule_table_ipv4_active;
42 extern void *acl_rule_table_ipv4_standby;
43 extern void *acl_rule_table_ipv6_active;
44 extern void *acl_rule_table_ipv6_standby;
46 #define active_rule_table 0
47 #define standby_rule_table 1
48 #define acl_add_command 0
49 #define acl_delete_command 1
50 #define IPV6_32BIT_LENGTH 4
52 void rest_api_acl_init(struct mg_context *ctx, struct app_params *app);
55 * Add ACL rule to the ACL rule table.
56 * Rules are added standby table.
57 * Applyruleset command will activate the change.
58 * Both IPv4 and IPv6 rules can be added.
61 * A pointer to the ACL pipeline parameters.
63 * A pointer to the ACL rule to add.
65 * Priority of the ACL rule.
67 * Port ID of the ACL rule.
69 * Action ID of the ACL rule. Defined in Action Table.
72 * 0 on success, negative on error.
75 app_pipeline_acl_add_rule(struct app_params *app,
76 struct pipeline_acl_key *key,
78 uint32_t port_id, uint32_t action_id);
81 * Delete ACL rule from the ACL rule table.
82 * Rules deleted from standby tables.
83 * Applyruleset command will activate the change.
84 * Both IPv4 and IPv6 rules can be deleted.
87 * A pointer to the ACL pipeline parameters.
89 * A pointer to the ACL rule to delete.
92 * 0 on success, negative on error.
95 app_pipeline_acl_delete_rule(struct app_params *app,
96 struct pipeline_acl_key *key);
99 * Clear all ACL rules from the ACL rule table.
100 * Rules cleared from standby tables.
101 * Applyruleset command will activate the change.
102 * Both IPv4 and IPv6 rules will be cleared.
105 * A pointer to the ACL pipeline parameters.
108 * 0 on success, negative on error.
110 int app_pipeline_acl_clearrules(struct app_params *app);
113 * Add Action to the Action table.
114 * Actions are added standby table.
115 * Applyruleset command will activate the change.
118 * A pointer to the ACL pipeline parameters.
120 * A pointer to the Action to add.
123 * 0 on success, negative on error.
126 app_pipeline_action_add(struct app_params *app,
127 struct pipeline_action_key *key);
130 * Delete Action from the Action table.
131 * Actions are deleted from the standby table.
132 * Applyruleset command will activate the change.
135 * A pointer to the ACL pipeline parameters.
137 * A pointer to the Action to delete.
140 * 0 on success, negative on error.
143 app_pipeline_action_delete(struct app_params *app,
144 struct pipeline_action_key *key);
146 extern struct pipeline_type pipeline_acl;