2 // Copyright (c) 2017 Intel Corporation
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
8 // http://www.apache.org/licenses/LICENSE-2.0
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
19 * Pipeline VFW FE Implementation.
21 * Implementation of the Pipeline VFW Front End (FE).
22 * Runs on the Master pipeline, responsible for CLI commands.
30 #include <sys/queue.h>
31 #include <netinet/in.h>
33 #include <rte_common.h>
34 #include <rte_hexdump.h>
35 #include <rte_malloc.h>
36 #include <cmdline_rdline.h>
37 #include <cmdline_parse.h>
38 #include <cmdline_parse_num.h>
39 #include <cmdline_parse_string.h>
40 #include <cmdline_parse_ipaddr.h>
41 #include <cmdline_parse_etheraddr.h>
42 #include <cmdline_socket.h>
44 #include <rte_table_acl.h>
47 #include "pipeline_common_fe.h"
48 #include "pipeline_vfw.h"
49 #include "pipeline_vfw_be.h"
50 #include "rte_cnxn_tracking.h"
53 * A structure defining the VFW rule for the TAILQ Tables.
55 struct app_pipeline_vfw_rule {
56 struct pipeline_vfw_key key;
63 TAILQ_ENTRY(app_pipeline_vfw_rule) node;
67 * A structure defining the VFW pipeline front end data.
69 struct app_pipeline_vfw {
76 * Define a structure to calculate performance measurements for VFW.
77 * VFW continually updates counters for total number of packets
78 * processed, and total number of bytes processed. Each VFW backend thread
79 * i.e.the packet processing instances updates their own copy of these counters.
80 * An optional, 1 second periodic timer fires on the master core, which combines
81 * those numbers to perform byte and packet per second calculations, without
82 * burdening the packet processors.
84 #define RTE_VFW_PERF_MSR_BUFF_SIZE 8 /* must be power of 2 */
85 #define RTE_VFW_PERF_MSR_BUFF_SIZE_MASK (RTE_VFW_PERF_MSR_BUFF_SIZE - 1)
88 * A structure defining the VFW performance measurements.
90 struct rte_vfw_performance_measures_t {
91 /* two circular buffers */
92 uint64_t total_packets[RTE_VFW_PERF_MSR_BUFF_SIZE];
93 uint64_t total_bytes[RTE_VFW_PERF_MSR_BUFF_SIZE];
94 uint32_t bytes_last_second;
95 uint32_t ave_bytes_per_second;
96 uint32_t pkts_last_second;
97 uint32_t ave_pkts_per_second;
98 /* times data has been (over-)written into buffers */
99 uint64_t total_entries;
100 uint8_t current_index; /* for circular buffers */
103 struct rte_vfw_performance_measures_t rte_vfw_performance_measures;
106 * Active and Standby Tables
107 * Active and standby tables exist to allow modifying VFW rules and
108 * actions and having no impact on the packet processing running on
109 * the multiple VFW threads/pipelines. The packet processing does a
110 * lookup on the active tables. Each VFW thread/pipeline runs on
111 * a separate core (i.e. 2,3,4, etc).
113 * All CLI actions run on the VFW Front End (FE) code on Core 0.
114 * All changes, adding/delete rules and action occurs on the standby tables.
115 * In activate the changes in the standby table, the CLI command is entered:
118 * The standby tables become active. The active table becomes the standby.
119 * The new standby table gets updated with the changes that were done.
121 * Table descriptions:
122 * VFW Rule Tables TAILQ - 2 global tables active/standby per ipv4,ipv6
123 * The TAILQ tables are required for the LS CLI command and in order
124 * to do a lookup using a rule when adding or deleting a rule.
125 * The VFW TRIE tables in DPDK do not allow this type of listing or lookup.
127 * VFW Rule Tables TRIE - 2 global tables active/standby per ipv4, ipv6
128 * The TRIE tables are the tables used during packet processing.
129 * A bulk lookup can be performed by passing in a burst of packets.
130 * Unfortunately, the current implementation of the TRIE tables does
131 * not allow lookup using a rule. Hence the need for the TAILQ tables.
133 * VFW Action Tables ARRAY - 2 global tables active/standby
134 * The action tables stores the VFW actions.
135 * Every rule has an action id which defines what action to take
136 * when a packet matching that rule is received.
137 * Actions: accept, drop, fwd, count, nat, dscp, conntrack
139 * Command Table TAILQ - 1 table
140 * After the active and standby tables are swithover, the new standby
141 * table needs to be updated with all the changes that were done.
142 * This table stores all the add and delete commands and updates
143 * the new standby table when the applyruleset command executes.
145 * The active and standby tables can be displayed individually:
146 * p vfw ls 0 <== active VFW rules
147 * p vfw ls 1 <== standby VFW rules
148 * p action ls 0 <== active VFW actions
149 * p action ls 1 <== standby VFW actions
152 /* Only create global VFW tables once */
153 int vfw_rule_table_created;
156 * VFW Rule Tables TAILQ - see description above
157 * Two tables/counters are required for active and standby.
158 * The A and B tables/counters are the actual instances.
159 * The pointers are set to point to these tables/counters.
160 * The pointers are updated during the switchover for the applyruleset.
163 /* Definition of the the TAILQ table */
164 TAILQ_HEAD(app_pipeline_vfw_rule_type, app_pipeline_vfw_rule);
165 /* Instances of tables and counters */
166 struct app_pipeline_vfw_rule_type vfw_tailq_rules_ipv4a;
167 struct app_pipeline_vfw_rule_type vfw_tailq_rules_ipv4b;
168 struct app_pipeline_vfw_rule_type vfw_tailq_rules_ipv6a;
169 struct app_pipeline_vfw_rule_type vfw_tailq_rules_ipv6b;
170 uint32_t vfw_n_tailq_rules_ipv4a;
171 uint32_t vfw_n_tailq_rules_ipv6a;
172 uint32_t vfw_n_tailq_rules_ipv4b;
173 uint32_t vfw_n_tailq_rules_ipv6b;
174 /* Pointers to tables and counters for switchover in applyruleset */
175 struct app_pipeline_vfw_rule_type *vfw_tailq_rules_ipv4_active;
176 struct app_pipeline_vfw_rule_type *vfw_tailq_rules_ipv4_standby;
177 struct app_pipeline_vfw_rule_type *vfw_tailq_rules_ipv6_active;
178 struct app_pipeline_vfw_rule_type *vfw_tailq_rules_ipv6_standby;
179 struct app_pipeline_vfw_rule_type *vfw_tailq_rules_temp_ptr;
180 uint32_t *vfw_n_tailq_rules_ipv4_active;
181 uint32_t *vfw_n_tailq_rules_ipv4_standby;
182 uint32_t *vfw_n_tailq_rules_ipv6_active;
183 uint32_t *vfw_n_tailq_rules_ipv6_standby;
185 /* VFW commands to update new standby tables after switchover */
186 TAILQ_HEAD(, app_pipeline_vfw_rule) vfw_commands;
188 /* VFW IPV4 and IPV6 enable flags for debugging (Default both on) */
189 int vfw_ipv4_enabled = 1;
190 int vfw_ipv6_enabled = 1;
192 /* Number of VFW Rules, default 4 * 1024 */
193 uint32_t vfw_n_rules = 4 * 1024;
194 /* VFW Rule Table TRIE - 2 (Active, Standby) Global table per ipv4, ipv6 */
195 void *vfw_rule_table_ipv4_active;
196 void *vfw_rule_table_ipv4_standby;
197 void *vfw_rule_table_ipv6_active;
198 void *vfw_rule_table_ipv6_standby;
201 * Reset running averages for performance measurements.
204 static void rte_vfw_reset_running_averages(void)
206 memset(&rte_vfw_performance_measures, 0,
207 sizeof(rte_vfw_performance_measures));
211 * Compute performance calculations on master to reduce computing on
215 * Total bytes processed during this interval.
216 * @param total_packets
217 * Total packets processed during this interval.
220 static void rte_vfw_update_performance_measures(uint64_t total_bytes,
221 uint64_t total_packets)
224 struct rte_vfw_performance_measures_t *pm =
225 &rte_vfw_performance_measures;
227 if (unlikely(pm->total_entries == 0 && total_packets == 0))
228 /* the timer is running, but no traffic started yet,
232 if (likely(pm->total_entries > 0)) {
233 uint8_t oldest_index;
236 pm->bytes_last_second =
237 total_bytes - pm->total_bytes[pm->current_index];
238 pm->pkts_last_second =
239 total_packets - pm->total_packets[pm->current_index];
241 /* if total_entries zero, current_index must remain as zero */
244 1) & RTE_VFW_PERF_MSR_BUFF_SIZE_MASK;
247 (pm->total_entries <= RTE_VFW_PERF_MSR_BUFF_SIZE)) {
248 /* oldest value is at element 0 */
250 divisor = pm->total_entries;
251 /* note, prior to incrementing total_entries */
253 /* oldest value is at element about to be overwritten */
254 oldest_index = pm->current_index;
255 divisor = RTE_VFW_PERF_MSR_BUFF_SIZE;
258 pm->ave_bytes_per_second =
259 (total_bytes - pm->total_bytes[oldest_index]) / divisor;
260 pm->ave_pkts_per_second =
261 (total_packets - pm->total_packets[oldest_index]) / divisor;
264 pm->total_bytes[pm->current_index] = total_bytes;
265 pm->total_packets[pm->current_index] = total_packets;
270 * Combine data from all vfw+connection tracking instances.
271 * Calculate various statistics. Dump to console.
274 static void rte_vfw_sum_and_print_counters(void)
277 struct rte_VFW_counter_block vfw_counter_sums;
278 struct rte_CT_counter_block ct_counter_sums;
279 /* For ct instance with this fw instance */
280 struct rte_CT_counter_block *ct_counters;
282 memset(&vfw_counter_sums, 0, sizeof(vfw_counter_sums));
283 memset(&ct_counter_sums, 0, sizeof(ct_counter_sums));
285 for (i = 0; i <= rte_VFW_hi_counter_block_in_use; i++) {
286 struct rte_VFW_counter_block *vfw_ctrs =
287 &rte_vfw_counter_table[i];
288 ct_counters = rte_vfw_counter_table[i].ct_counters;
290 uint64_t average_internal_time =
291 vfw_ctrs->time_measurements ==
292 0 ? 0 : vfw_ctrs->internal_time_sum /
293 vfw_ctrs->time_measurements;
294 uint64_t average_external_time =
295 vfw_ctrs->time_measurements ==
296 0 ? 0 : vfw_ctrs->external_time_sum /
297 vfw_ctrs->time_measurements;
298 uint64_t average_pkts_in_batch =
299 vfw_ctrs->num_pkts_measurements ==
300 0 ? 0 : vfw_ctrs->num_batch_pkts_sum /
301 vfw_ctrs->num_pkts_measurements;
303 printf("{\"VFW counters\" : {\"id\" : \"%s\",\"packets_processed\" : %"
304 PRIu64 ", \"bytes_processed\" : %"
305 PRIu64 ", \"average_pkts_in_batch\" : %"
306 PRIu64 ", \"average_internal_time_in_clocks\" : %"
307 PRIu64 ", \"average_external_time_in_clocks\" : %"
308 PRIu64 ", \"total_time_measures\" : %"
309 PRIu32 ", \"ct_packets_forwarded\" : %"
310 PRIu64 ", \"ct_packets_dropped\" : %"
313 vfw_ctrs->pkts_received,
314 vfw_ctrs->bytes_processed,
315 average_pkts_in_batch,
316 average_internal_time,
317 average_external_time,
318 vfw_ctrs->time_measurements,
319 ct_counters->pkts_forwarded, ct_counters->pkts_drop);
321 /* sum VFW counters */
322 vfw_counter_sums.bytes_processed +=
323 vfw_ctrs->bytes_processed;
324 vfw_counter_sums.pkts_drop_without_rule +=
325 vfw_ctrs->pkts_drop_without_rule;
326 vfw_counter_sums.pkts_received += vfw_ctrs->pkts_received;
327 vfw_counter_sums.pkts_drop_ttl += vfw_ctrs->pkts_drop_ttl;
328 vfw_counter_sums.pkts_drop_bad_size +=
329 vfw_ctrs->pkts_drop_bad_size;
330 vfw_counter_sums.pkts_drop_fragmented +=
331 vfw_ctrs->pkts_drop_fragmented;
332 vfw_counter_sums.pkts_drop_without_arp_entry +=
333 vfw_ctrs->pkts_drop_without_arp_entry;
334 vfw_counter_sums.sum_latencies += vfw_ctrs->sum_latencies;
335 vfw_counter_sums.count_latencies +=
336 vfw_ctrs->count_latencies;
338 vfw_counter_sums.internal_time_sum +=
339 vfw_ctrs->internal_time_sum;
340 vfw_counter_sums.external_time_sum +=
341 vfw_ctrs->external_time_sum;
342 vfw_counter_sums.time_measurements +=
343 vfw_ctrs->time_measurements;
344 vfw_counter_sums.pkts_drop_unsupported_type +=
345 vfw_ctrs->pkts_drop_unsupported_type;
347 /* sum cnxn tracking counters */
348 ct_counter_sums.current_active_sessions +=
349 ct_counters->current_active_sessions;
350 ct_counter_sums.sessions_activated +=
351 ct_counters->sessions_activated;
352 ct_counter_sums.sessions_reactivated +=
353 ct_counters->sessions_reactivated;
354 ct_counter_sums.sessions_established +=
355 ct_counters->sessions_established;
356 ct_counter_sums.sessions_closed += ct_counters->sessions_closed;
357 ct_counter_sums.sessions_timedout +=
358 ct_counters->sessions_timedout;
359 ct_counter_sums.pkts_forwarded += ct_counters->pkts_forwarded;
360 ct_counter_sums.pkts_drop += ct_counters->pkts_drop;
361 ct_counter_sums.pkts_drop_invalid_conn +=
362 ct_counters->pkts_drop_invalid_conn;
363 ct_counter_sums.pkts_drop_invalid_state +=
364 ct_counters->pkts_drop_invalid_state;
365 ct_counter_sums.pkts_drop_invalid_rst +=
366 ct_counters->pkts_drop_invalid_rst;
367 ct_counter_sums.pkts_drop_outof_window +=
368 ct_counters->pkts_drop_outof_window;
371 rte_vfw_update_performance_measures(vfw_counter_sums.
375 uint64_t average_latency =
376 vfw_counter_sums.count_latencies ==
377 0 ? 0 : vfw_counter_sums.sum_latencies /
378 vfw_counter_sums.count_latencies;
380 printf("{\"VFW sum counters\" : {"
381 "\"packets_last_sec\" : %"
382 PRIu32 ", \"average_packets_per_sec\" : %"
383 PRIu32 ", \"bytes_last_sec\" : %"
384 PRIu32 ", \"average_bytes_per_sec\" : %"
385 PRIu32 ", \"pkts_received\" : %"
386 PRIu64 ", \"bytes_processed\" : %"
387 PRIu64 ", \"average_latency_in_clocks\" : %"
388 PRIu64 ", \"ct_packets_forwarded\" : %"
389 PRIu64 ", \"ct_packets_dropped\" : %"
390 PRIu64 ", \"drops\" : {"
391 "\"TTL_zero\" : %" PRIu64 ", \"bad_size\" : %"
392 PRIu64 ", \"fragmented_packet\" : %"
393 PRIu64 ", \"unsupported_packet_types\" : %"
394 PRIu64 ", \"no_arp_entry\" : %"
395 PRIu64 "}, \"ct_sessions\" : {"
396 "\"active\" : %" PRIu64 ", \"open\" : %"
397 PRIu64 ", \"re-open_attempt\" : %"
398 PRIu64 ", \"established\" : %"
399 PRIu64 ", \"closed\" : %"
400 PRIu64 ", \"timeout\" : %"
401 PRIu64 "}, \"ct_drops\" : {"
402 "\"out_of_window\" : %" PRIu64 ", \"invalid_conn\" : %"
403 PRIu64 ", \"invalid_state_transition\" : %"
404 PRIu64 " \"RST\" : %"
406 rte_vfw_performance_measures.pkts_last_second,
407 rte_vfw_performance_measures.ave_pkts_per_second,
408 rte_vfw_performance_measures.bytes_last_second,
409 rte_vfw_performance_measures.ave_bytes_per_second,
410 vfw_counter_sums.pkts_received,
411 vfw_counter_sums.bytes_processed,
413 ct_counter_sums.pkts_forwarded,
414 ct_counter_sums.pkts_drop,
415 vfw_counter_sums.pkts_drop_ttl,
416 vfw_counter_sums.pkts_drop_bad_size,
417 vfw_counter_sums.pkts_drop_fragmented,
418 vfw_counter_sums.pkts_drop_unsupported_type,
419 vfw_counter_sums.pkts_drop_without_arp_entry,
420 ct_counter_sums.current_active_sessions,
421 ct_counter_sums.sessions_activated,
422 ct_counter_sums.sessions_reactivated,
423 ct_counter_sums.sessions_established,
424 ct_counter_sums.sessions_closed,
425 ct_counter_sums.sessions_timedout,
426 ct_counter_sums.pkts_drop_outof_window,
427 ct_counter_sums.pkts_drop_invalid_conn,
428 ct_counter_sums.pkts_drop_invalid_state,
429 ct_counter_sums.pkts_drop_invalid_rst);
434 * Callback routine for 1 second, periodic timer.
437 * A pointer to the rte_timer.
439 * A pointer to application specific arguments (not used).
442 * 0 on success and port_id is filled, negative on error.
444 static void rte_dump_vfw_counters_from_master(
445 __rte_unused struct rte_timer *rt, __rte_unused void *arg)
447 rte_vfw_sum_and_print_counters();
450 int rte_vfw_hertz_computed; /* only launch timer once */
451 uint64_t rte_vfw_ticks_in_one_second;
452 /* TODO: is processor hertz computed/stored elsewhere? */
453 struct rte_timer rte_vfw_one_second_timer = RTE_TIMER_INITIALIZER;
459 * A pointer to the rule.
462 static void print_vfw_ipv4_rule(struct app_pipeline_vfw_rule *rule)
464 printf("Prio = %" PRId32 " (SA = %" PRIu32 ".%" PRIu32
465 ".%" PRIu32 ".%" PRIu32 "/%" PRIu32 ", DA = %"
467 ".%" PRIu32 ".%" PRIu32 "/%" PRIu32 ", SP = %"
468 PRIu32 "-%" PRIu32 ", DP = %"
469 PRIu32 "-%" PRIu32 ", Proto = %"
470 PRIu32 " / 0x%" PRIx32 ") => Action ID = %"
471 PRIu32 " (entry ptr = %p)\n",
473 (rule->key.key.ipv4_5tuple.src_ip >> 24) & 0xFF,
474 (rule->key.key.ipv4_5tuple.src_ip >> 16) & 0xFF,
475 (rule->key.key.ipv4_5tuple.src_ip >> 8) & 0xFF,
476 rule->key.key.ipv4_5tuple.src_ip & 0xFF,
477 rule->key.key.ipv4_5tuple.src_ip_mask,
478 (rule->key.key.ipv4_5tuple.dst_ip >> 24) & 0xFF,
479 (rule->key.key.ipv4_5tuple.dst_ip >> 16) & 0xFF,
480 (rule->key.key.ipv4_5tuple.dst_ip >> 8) & 0xFF,
481 rule->key.key.ipv4_5tuple.dst_ip & 0xFF,
482 rule->key.key.ipv4_5tuple.dst_ip_mask,
483 rule->key.key.ipv4_5tuple.src_port_from,
484 rule->key.key.ipv4_5tuple.src_port_to,
485 rule->key.key.ipv4_5tuple.dst_port_from,
486 rule->key.key.ipv4_5tuple.dst_port_to,
487 rule->key.key.ipv4_5tuple.proto,
488 rule->key.key.ipv4_5tuple.proto_mask,
489 rule->action_id, rule->entry_ptr);
496 * A pointer to the rule.
499 static void print_vfw_ipv6_rule(struct app_pipeline_vfw_rule *rule)
501 printf("Prio = %" PRId32 " (SA = %02" PRIx8 "%02" PRIx8
502 ":%02" PRIx8 "%02" PRIx8 ":%02" PRIx8 "%02" PRIx8
503 ":%02" PRIx8 "%02" PRIx8 ":%02" PRIx8 "%02" PRIx8
504 ":%02" PRIx8 "%02" PRIx8 ":%02" PRIx8 "%02" PRIx8
505 ":%02" PRIx8 "%02" PRIx8 "/" "%" PRIu32 ", DA = %02"
506 PRIx8 "%02" PRIx8 ":%02" PRIx8
507 "%02" PRIx8 ":%02" PRIx8 "%02" PRIx8 ":%02" PRIx8
508 "%02" PRIx8 ":%02" PRIx8 "%02" PRIx8 ":%02" PRIx8
509 "%02" PRIx8 ":%02" PRIx8 "%02" PRIx8 ":%02" PRIx8
510 "%02" PRIx8 "/" "%" PRIu32", " "SP = %" PRIu32 "-%" PRIu32
511 ", DP = %" PRIu32 "-%" PRIu32 ", Proto = %"
512 PRIu32 " / 0x%" PRIx32 ") => Action ID = %"
513 PRIu32 " (entry ptr = %p)\n", rule->priority,
514 (rule->key.key.ipv6_5tuple.src_ip[0]),
515 (rule->key.key.ipv6_5tuple.src_ip[1]),
516 (rule->key.key.ipv6_5tuple.src_ip[2]),
517 (rule->key.key.ipv6_5tuple.src_ip[3]),
518 (rule->key.key.ipv6_5tuple.src_ip[4]),
519 (rule->key.key.ipv6_5tuple.src_ip[5]),
520 (rule->key.key.ipv6_5tuple.src_ip[6]),
521 (rule->key.key.ipv6_5tuple.src_ip[7]),
522 (rule->key.key.ipv6_5tuple.src_ip[8]),
523 (rule->key.key.ipv6_5tuple.src_ip[9]),
524 (rule->key.key.ipv6_5tuple.src_ip[10]),
525 (rule->key.key.ipv6_5tuple.src_ip[11]),
526 (rule->key.key.ipv6_5tuple.src_ip[12]),
527 (rule->key.key.ipv6_5tuple.src_ip[13]),
528 (rule->key.key.ipv6_5tuple.src_ip[14]),
529 (rule->key.key.ipv6_5tuple.src_ip[15]),
530 rule->key.key.ipv6_5tuple.src_ip_mask,
531 (rule->key.key.ipv6_5tuple.dst_ip[0]),
532 (rule->key.key.ipv6_5tuple.dst_ip[1]),
533 (rule->key.key.ipv6_5tuple.dst_ip[2]),
534 (rule->key.key.ipv6_5tuple.dst_ip[3]),
535 (rule->key.key.ipv6_5tuple.dst_ip[4]),
536 (rule->key.key.ipv6_5tuple.dst_ip[5]),
537 (rule->key.key.ipv6_5tuple.dst_ip[6]),
538 (rule->key.key.ipv6_5tuple.dst_ip[7]),
539 (rule->key.key.ipv6_5tuple.dst_ip[8]),
540 (rule->key.key.ipv6_5tuple.dst_ip[9]),
541 (rule->key.key.ipv6_5tuple.dst_ip[10]),
542 (rule->key.key.ipv6_5tuple.dst_ip[11]),
543 (rule->key.key.ipv6_5tuple.dst_ip[12]),
544 (rule->key.key.ipv6_5tuple.dst_ip[13]),
545 (rule->key.key.ipv6_5tuple.dst_ip[14]),
546 (rule->key.key.ipv6_5tuple.dst_ip[15]),
547 rule->key.key.ipv6_5tuple.dst_ip_mask,
548 rule->key.key.ipv6_5tuple.src_port_from,
549 rule->key.key.ipv6_5tuple.src_port_to,
550 rule->key.key.ipv6_5tuple.dst_port_from,
551 rule->key.key.ipv6_5tuple.dst_port_to,
552 rule->key.key.ipv6_5tuple.proto,
553 rule->key.key.ipv6_5tuple.proto_mask, rule->action_id,
559 * This function is used by the add and delete rule functions.
560 * Since all updates are done on the standby tables,
561 * only search the standby tables.
562 * Both IPv4 and IPv6 rules can be searched
565 * A pointer to the rule to be found.
568 * - Pointer to the rule found.
569 * - NULL if no rule found.
571 static struct app_pipeline_vfw_rule *app_pipeline_vfw_rule_find(
572 struct pipeline_vfw_key *key)
575 * This function is used by the add and delete rule functions.
576 * Since all updates are done on the standby tables,
577 * only search the standby tables.
580 struct app_pipeline_vfw_rule *r;
582 if (key->type == PIPELINE_VFW_IPV4_5TUPLE) {
583 TAILQ_FOREACH(r, vfw_tailq_rules_ipv4_standby, node)
586 sizeof(struct pipeline_vfw_key)) == 0)
589 TAILQ_FOREACH(r, vfw_tailq_rules_ipv6_standby, node)
592 sizeof(struct pipeline_vfw_key)) == 0)
601 * Synproxy ON/OFF CLI command.
604 * A pointer to the application parameter.
607 * @param synproxy_flag
611 * Response message contains status.
615 app_pipeline_vfw_synproxy_flag(struct app_params *app,
616 uint32_t pipeline_id, uint8_t synproxy_flag)
618 struct app_pipeline_acl *p;
619 struct pipeline_vfw_synproxy_flag_msg_req *req;
620 struct pipeline_vfw_synproxy_flag_msg_rsp *rsp;
622 /* Check input arguments */
625 p = app_pipeline_data_fe(app, pipeline_id, &pipeline_vfw);
628 /* Allocate and write request */
629 req = app_msg_alloc(app);
632 req->type = PIPELINE_MSG_REQ_CUSTOM;
633 req->subtype = PIPELINE_VFW_MSG_REQ_SYNPROXY_FLAGS;
634 req->synproxy_flag = synproxy_flag;
636 /* Send request and wait for response */
637 rsp = app_msg_send_recv(app, pipeline_id, req, MSG_TIMEOUT_DEFAULT);
639 printf("Failed communication with TCP firewall\n");
642 /* Read response and write rule */
644 printf("res status=%d", rsp->status);
645 app_msg_free(app, rsp);
650 app_msg_free(app, rsp);
656 * Display VFW Rules to the console.
657 * Rules from Active and standby tables can be dispayed.
658 * Both IPv4 and IPv6 will be displayed.
661 * A pointer to application specific data.
662 * @param active_standby_table
663 * Specifies which table to display:
664 * - active_rule_table (0)
665 * - standby_rule_table (1)
669 app_pipeline_vfw_ls(__attribute__ ((unused)) struct app_params *app,
670 uint32_t active_standby_table)
672 struct app_pipeline_vfw_rule *rule;
676 if (active_standby_table == active_rule_table) {
677 n_rules = *vfw_n_tailq_rules_ipv4_active;
679 printf("VFW Active Table IPV4 Rules\n");
680 for (priority = 0; n_rules; priority++)
681 TAILQ_FOREACH(rule, vfw_tailq_rules_ipv4_active,
683 if (rule->priority == priority) {
684 print_vfw_ipv4_rule(rule);
688 n_rules = *vfw_n_tailq_rules_ipv6_active;
690 printf("VFW Active Table IPV6 Rules\n");
691 for (priority = 0; n_rules; priority++)
692 TAILQ_FOREACH(rule, vfw_tailq_rules_ipv6_active,
694 if (rule->priority == priority) {
695 print_vfw_ipv6_rule(rule);
699 n_rules = *vfw_n_tailq_rules_ipv4_standby;
701 printf("VFW Standby Table IPV4 Rules\n");
702 for (priority = 0; n_rules; priority++)
703 TAILQ_FOREACH(rule, vfw_tailq_rules_ipv4_standby,
705 if (rule->priority == priority) {
706 print_vfw_ipv4_rule(rule);
710 n_rules = *vfw_n_tailq_rules_ipv6_standby;
712 printf("VFW Standby Table IPV6a Rules\n");
713 for (priority = 0; n_rules; priority++)
714 TAILQ_FOREACH(rule, vfw_tailq_rules_ipv6_standby,
716 if (rule->priority == priority) {
717 print_vfw_ipv6_rule(rule);
725 * Initialize VFW pipeline Front End (FE).
728 * A pointer to pipeline parameters
730 * A pointer to pipeline specific data (not used).
733 * - A pointer to the pipeline FE
734 * - NULL if initialization failed.
736 static void *app_pipeline_vfw_init(struct pipeline_params *params,
737 __rte_unused void *arg)
739 struct app_pipeline_vfw *p;
742 /* Check input arguments */
743 if ((params == NULL) ||
744 (params->n_ports_in == 0) || (params->n_ports_out == 0))
747 /* Memory allocation */
748 size = RTE_CACHE_LINE_ROUNDUP(sizeof(struct app_pipeline_vfw));
749 p = rte_zmalloc(NULL, size, RTE_CACHE_LINE_SIZE);
754 p->n_ports_in = params->n_ports_in;
755 p->n_ports_out = params->n_ports_out;
757 if (!vfw_rule_table_created) {
758 /* Only create and init once when first VFW pipeline/thread
761 /* Init tailq tables */
762 TAILQ_INIT(&vfw_tailq_rules_ipv4a);
763 vfw_n_tailq_rules_ipv4a = 0;
764 TAILQ_INIT(&vfw_tailq_rules_ipv4b);
765 vfw_n_tailq_rules_ipv4b = 0;
766 TAILQ_INIT(&vfw_tailq_rules_ipv6a);
767 vfw_n_tailq_rules_ipv6a = 0;
768 TAILQ_INIT(&vfw_tailq_rules_ipv6b);
769 vfw_n_tailq_rules_ipv6b = 0;
770 TAILQ_INIT(&vfw_commands);
771 vfw_tailq_rules_ipv4_active = &vfw_tailq_rules_ipv4a;
772 vfw_tailq_rules_ipv4_standby = &vfw_tailq_rules_ipv4b;
773 vfw_tailq_rules_ipv6_active = &vfw_tailq_rules_ipv6a;
774 vfw_tailq_rules_ipv6_standby = &vfw_tailq_rules_ipv6b;
775 vfw_n_tailq_rules_ipv4_active = &vfw_n_tailq_rules_ipv4a;
776 vfw_n_tailq_rules_ipv4_standby = &vfw_n_tailq_rules_ipv4b;
777 vfw_n_tailq_rules_ipv6_active = &vfw_n_tailq_rules_ipv6a;
778 vfw_n_tailq_rules_ipv6_standby = &vfw_n_tailq_rules_ipv6b;
780 /* Both IPV4 and IPV6 enabled by default */
781 vfw_ipv4_enabled = 1;
782 vfw_ipv6_enabled = 1;
784 printf("VFW FE Init Create Tables vfw_n_rules = %i\n",
787 /* Init Action Array and Counter Table */
789 RTE_CACHE_LINE_ROUNDUP(sizeof(struct pipeline_action_key) *
792 rte_zmalloc(NULL, action_array_size, RTE_CACHE_LINE_SIZE);
793 if (action_array_a == NULL)
796 rte_zmalloc(NULL, action_array_size, RTE_CACHE_LINE_SIZE);
797 if (action_array_b == NULL)
799 memset(action_array_a, 0, action_array_size);
800 memset(action_array_b, 0, action_array_size);
801 action_array_active = action_array_a;
802 action_array_standby = action_array_b;
803 memset(&action_counter_table, 0, sizeof(action_counter_table));
805 vfw_rule_table_created = 1;
808 if (!rte_vfw_hertz_computed) {
809 /* all initialization serialized on core 0,
810 * so no need for lock */
811 rte_vfw_ticks_in_one_second = rte_get_tsc_hz();
812 rte_vfw_hertz_computed = 1;
819 * Free VFW pipeline resources.
822 * A pointer to the pipeline to delete.
825 * 0 on success, negative on error.
827 static int app_pipeline_vfw_free(void *pipeline)
829 struct app_pipeline_vfw *p = pipeline;
831 /* Check input arguments */
836 /* Ignore Klockwork infinite loop issues for all while loops */
837 while (!TAILQ_EMPTY(&vfw_tailq_rules_ipv4a)) {
838 struct app_pipeline_vfw_rule *rule;
840 rule = TAILQ_FIRST(&vfw_tailq_rules_ipv4a);
841 TAILQ_REMOVE(&vfw_tailq_rules_ipv4a, rule, node);
844 while (!TAILQ_EMPTY(&vfw_tailq_rules_ipv4b)) {
845 struct app_pipeline_vfw_rule *rule;
847 rule = TAILQ_FIRST(&vfw_tailq_rules_ipv4b);
848 TAILQ_REMOVE(&vfw_tailq_rules_ipv4b, rule, node);
851 while (!TAILQ_EMPTY(&vfw_tailq_rules_ipv6a)) {
852 struct app_pipeline_vfw_rule *rule;
854 rule = TAILQ_FIRST(&vfw_tailq_rules_ipv6a);
855 TAILQ_REMOVE(&vfw_tailq_rules_ipv6a, rule, node);
858 while (!TAILQ_EMPTY(&vfw_tailq_rules_ipv6b)) {
859 struct app_pipeline_vfw_rule *rule;
861 rule = TAILQ_FIRST(&vfw_tailq_rules_ipv6b);
862 TAILQ_REMOVE(&vfw_tailq_rules_ipv6b, rule, node);
865 while (!TAILQ_EMPTY(&vfw_commands)) {
866 struct app_pipeline_vfw_rule *command;
868 command = TAILQ_FIRST(&vfw_commands);
869 TAILQ_REMOVE(&vfw_commands, command, node);
872 rte_free(action_array_a);
873 rte_free(action_array_b);
879 * Verify that the VFW rule is valid.
880 * Both IPv4 and IPv6 rules
883 * A pointer to the VFW rule to verify.
886 * 0 on success, negative on error.
889 app_pipeline_vfw_key_check_and_normalize(struct pipeline_vfw_key *key)
892 case PIPELINE_VFW_IPV4_5TUPLE:
894 uint32_t src_ip_depth =
895 key->key.ipv4_5tuple.src_ip_mask;
896 uint32_t dst_ip_depth =
897 key->key.ipv4_5tuple.dst_ip_mask;
898 uint16_t src_port_from =
899 key->key.ipv4_5tuple.src_port_from;
900 uint16_t src_port_to = key->key.ipv4_5tuple.src_port_to;
901 uint16_t dst_port_from =
902 key->key.ipv4_5tuple.dst_port_from;
903 uint16_t dst_port_to = key->key.ipv4_5tuple.dst_port_to;
905 uint32_t src_ip_netmask = 0;
906 uint32_t dst_ip_netmask = 0;
908 if ((src_ip_depth > 32) ||
909 (dst_ip_depth > 32) ||
910 (src_port_from > src_port_to) ||
911 (dst_port_from > dst_port_to))
915 src_ip_netmask = (~0) << (32 - src_ip_depth);
918 dst_ip_netmask = ((~0) << (32 - dst_ip_depth));
920 key->key.ipv4_5tuple.src_ip &= src_ip_netmask;
921 key->key.ipv4_5tuple.dst_ip &= dst_ip_netmask;
925 case PIPELINE_VFW_IPV6_5TUPLE:
927 uint32_t src_ip_depth =
928 key->key.ipv6_5tuple.src_ip_mask;
929 uint32_t dst_ip_depth =
930 key->key.ipv6_5tuple.dst_ip_mask;
931 uint8_t src_ip_netmask[16];
932 uint8_t dst_ip_netmask[16];
935 convert_prefixlen_to_netmask_ipv6(src_ip_depth,
937 convert_prefixlen_to_netmask_ipv6(dst_ip_depth,
939 for (i = 0; i < 16; i++) {
940 key->key.ipv6_5tuple.src_ip[i] &=
942 key->key.ipv6_5tuple.dst_ip[i] &=
954 * Add VFW rule to the VFW rule table.
955 * Rules are added standby table.
956 * Applyruleset command will activate the change.
957 * Both IPv4 and IPv6 rules can be added.
960 * A pointer to the VFW pipeline parameters.
962 * A pointer to the VFW rule to add.
964 * Priority of the VFW rule.
966 * Port ID of the VFW rule.
968 * Action ID of the VFW rule. Defined in Action Table.
971 * 0 on success, negative on error.
974 app_pipeline_vfw_add_rule(struct app_params *app,
975 struct pipeline_vfw_key *key,
977 uint32_t port_id, uint32_t action_id)
979 struct app_pipeline_vfw_rule *rule;
980 struct pipeline_vfw_add_msg_rsp *rsp;
981 int new_rule, src_field_start, dst_field_start, i;
982 uint32_t *ip1, *ip2, *ip3, *ip4, src_mask, dest_mask;
983 uint32_t src_ip[IPV6_32BIT_LENGTH], dst_ip[IPV6_32BIT_LENGTH];
984 const uint32_t nbu32 = sizeof(uint32_t) * CHAR_BIT;
986 struct rte_table_acl_rule_add_params params;
987 struct lib_acl_table_entry entry = {
989 .action = RTE_PIPELINE_ACTION_PORT,
990 {.port_id = port_id},
992 .action_id = action_id,
995 memset(¶ms, 0, sizeof(params));
997 /* Check input arguments */
999 (key == NULL) || !((key->type == PIPELINE_VFW_IPV4_5TUPLE) ||
1000 (key->type == PIPELINE_VFW_IPV6_5TUPLE)))
1003 if (action_id > action_array_max) {
1004 printf("Action ID greater than max\n");
1008 if (app_pipeline_vfw_key_check_and_normalize(key) != 0)
1011 /* Find existing rule or allocate new rule */
1012 rule = app_pipeline_vfw_rule_find(key);
1013 new_rule = (rule == NULL);
1015 rule = rte_malloc(NULL, sizeof(*rule), RTE_CACHE_LINE_SIZE);
1021 /* Allocate Response */
1022 rsp = app_msg_alloc(app);
1029 switch (key->type) {
1030 case PIPELINE_VFW_IPV4_5TUPLE:
1031 params.priority = priority;
1032 params.field_value[0].value.u8 = key->key.ipv4_5tuple.proto;
1033 params.field_value[0].mask_range.u8 =
1034 key->key.ipv4_5tuple.proto_mask;
1035 params.field_value[1].value.u32 = key->key.ipv4_5tuple.src_ip;
1036 params.field_value[1].mask_range.u32 =
1037 key->key.ipv4_5tuple.src_ip_mask;
1038 params.field_value[2].value.u32 = key->key.ipv4_5tuple.dst_ip;
1039 params.field_value[2].mask_range.u32 =
1040 key->key.ipv4_5tuple.dst_ip_mask;
1041 params.field_value[3].value.u16 =
1042 key->key.ipv4_5tuple.src_port_from;
1043 params.field_value[3].mask_range.u16 =
1044 key->key.ipv4_5tuple.src_port_to;
1045 params.field_value[4].value.u16 =
1046 key->key.ipv4_5tuple.dst_port_from;
1047 params.field_value[4].mask_range.u16 =
1048 key->key.ipv4_5tuple.dst_port_to;
1051 rte_table_acl_ops.f_add(vfw_rule_table_ipv4_standby,
1053 (struct rte_pipeline_table_entry *)
1054 &entry, &rsp->key_found,
1055 (void **)&rsp->entry_ptr);
1057 if (rsp->status != 0)
1059 ("IPV4 Add Rule Command failed key_found: %i\n",
1063 ("IPV4 Add Rule Command success key_found: %i\n",
1068 case PIPELINE_VFW_IPV6_5TUPLE:
1069 ip1 = (uint32_t *) (key->key.ipv6_5tuple.src_ip);
1074 params.priority = priority;
1075 params.field_value[0].value.u8 = key->key.ipv6_5tuple.proto;
1076 params.field_value[0].mask_range.u8 =
1077 key->key.ipv6_5tuple.proto_mask;
1079 src_ip[0] = rte_bswap32(*ip1);
1080 src_ip[1] = rte_bswap32(*ip2);
1081 src_ip[2] = rte_bswap32(*ip3);
1082 src_ip[3] = rte_bswap32(*ip4);
1084 src_mask = key->key.ipv6_5tuple.src_ip_mask;
1086 src_field_start = 1;
1087 for (i = 0; i != RTE_DIM(src_ip); i++, src_field_start++) {
1088 if (src_mask >= (i + 1) * nbu32)
1089 params.field_value[src_field_start].mask_range.
1092 params.field_value[src_field_start].mask_range.
1095 (i * nbu32) ? src_mask - (i * 32) : 0;
1096 params.field_value[src_field_start].value.u32 =
1100 ip1 = (uint32_t *) (key->key.ipv6_5tuple.dst_ip);
1105 dst_ip[0] = rte_bswap32(*ip1);
1106 dst_ip[1] = rte_bswap32(*ip2);
1107 dst_ip[2] = rte_bswap32(*ip3);
1108 dst_ip[3] = rte_bswap32(*ip4);
1110 dest_mask = key->key.ipv6_5tuple.dst_ip_mask;
1112 dst_field_start = 5;
1113 for (i = 0; i != RTE_DIM(dst_ip); i++, dst_field_start++) {
1114 if (dest_mask >= (i + 1) * nbu32)
1115 params.field_value[dst_field_start].mask_range.
1118 params.field_value[dst_field_start].mask_range.
1121 (i * nbu32) ? dest_mask - (i * 32) : 0;
1122 params.field_value[dst_field_start].value.u32 =
1126 params.field_value[9].value.u16 =
1127 key->key.ipv6_5tuple.src_port_from;
1128 params.field_value[9].mask_range.u16 =
1129 key->key.ipv6_5tuple.src_port_to;
1130 params.field_value[10].value.u16 =
1131 key->key.ipv6_5tuple.dst_port_from;
1132 params.field_value[10].mask_range.u16 =
1133 key->key.ipv6_5tuple.dst_port_to;
1136 rte_table_acl_ops.f_add(vfw_rule_table_ipv6_standby,
1138 (struct rte_pipeline_table_entry *)
1139 &entry, &rsp->key_found,
1140 (void **)&rsp->entry_ptr);
1142 if (rsp->status != 0)
1144 ("IPV6 Add Rule Command failed key_found: %i\n",
1148 ("IPV6 Add Rule Command success key_found: %i\n",
1155 app_msg_free(app, rsp);
1161 /* Read response and write rule */
1163 (rsp->entry_ptr == NULL) ||
1164 ((new_rule == 0) && (rsp->key_found == 0)) ||
1165 ((new_rule == 1) && (rsp->key_found == 1))) {
1166 app_msg_free(app, rsp);
1172 memcpy(&rule->key, key, sizeof(*key));
1173 rule->priority = priority;
1174 rule->port_id = port_id;
1175 rule->action_id = action_id;
1176 rule->entry_ptr = rsp->entry_ptr;
1180 if (key->type == PIPELINE_VFW_IPV4_5TUPLE) {
1181 TAILQ_INSERT_TAIL(vfw_tailq_rules_ipv4_standby, rule,
1183 (*vfw_n_tailq_rules_ipv4_standby)++;
1185 TAILQ_INSERT_TAIL(vfw_tailq_rules_ipv6_standby, rule,
1187 (*vfw_n_tailq_rules_ipv6_standby)++;
1191 if (key->type == PIPELINE_VFW_IPV4_5TUPLE)
1192 print_vfw_ipv4_rule(rule);
1194 print_vfw_ipv6_rule(rule);
1197 app_msg_free(app, rsp);
1203 * Delete VFW rule from the VFW rule table.
1204 * Rules deleted from standby tables.
1205 * Applyruleset command will activate the change.
1206 * Both IPv4 and IPv6 rules can be deleted.
1209 * A pointer to the VFW pipeline parameters.
1211 * A pointer to the VFW rule to delete.
1214 * 0 on success, negative on error.
1217 app_pipeline_vfw_delete_rule(struct app_params *app,
1218 struct pipeline_vfw_key *key)
1220 struct app_pipeline_vfw_rule *rule;
1221 int status, key_found;
1222 int src_field_start, dst_field_start, i;
1223 uint32_t *ip1, *ip2, *ip3, *ip4, src_mask, dest_mask;
1224 uint32_t src_ip[IPV6_32BIT_LENGTH], dst_ip[IPV6_32BIT_LENGTH];
1225 const uint32_t nbu32 = sizeof(uint32_t) * CHAR_BIT;
1228 struct rte_table_acl_rule_delete_params params;
1230 memset(¶ms, 0, sizeof(params));
1232 /* Check input arguments */
1233 if ((app == NULL) ||
1234 (key == NULL) || !((key->type == PIPELINE_VFW_IPV4_5TUPLE) ||
1235 (key->type == PIPELINE_VFW_IPV6_5TUPLE)))
1238 if (app_pipeline_vfw_key_check_and_normalize(key) != 0)
1242 rule = app_pipeline_vfw_rule_find(key);
1244 printf("VFW Delete Rule - Rule does not exist\n");
1248 switch (key->type) {
1249 case PIPELINE_VFW_IPV4_5TUPLE:
1250 params.field_value[0].value.u8 = key->key.ipv4_5tuple.proto;
1251 params.field_value[0].mask_range.u8 =
1252 key->key.ipv4_5tuple.proto_mask;
1253 params.field_value[1].value.u32 = key->key.ipv4_5tuple.src_ip;
1254 params.field_value[1].mask_range.u32 =
1255 key->key.ipv4_5tuple.src_ip_mask;
1256 params.field_value[2].value.u32 = key->key.ipv4_5tuple.dst_ip;
1257 params.field_value[2].mask_range.u32 =
1258 key->key.ipv4_5tuple.dst_ip_mask;
1259 params.field_value[3].value.u16 =
1260 key->key.ipv4_5tuple.src_port_from;
1261 params.field_value[3].mask_range.u16 =
1262 key->key.ipv4_5tuple.src_port_to;
1263 params.field_value[4].value.u16 =
1264 key->key.ipv4_5tuple.dst_port_from;
1265 params.field_value[4].mask_range.u16 =
1266 key->key.ipv4_5tuple.dst_port_to;
1269 rte_table_acl_ops.f_delete(vfw_rule_table_ipv4_standby,
1270 ¶ms, &key_found, NULL);
1274 ("IPV4 Del Rule Command failed key_found: %i\n",
1278 ("IPV4 Del Rule Command success key_found: %i\n",
1283 case PIPELINE_VFW_IPV6_5TUPLE:
1284 ip1 = (uint32_t *) (key->key.ipv6_5tuple.src_ip);
1289 params.field_value[0].value.u8 = key->key.ipv6_5tuple.proto;
1290 params.field_value[0].mask_range.u8 =
1291 key->key.ipv6_5tuple.proto_mask;
1293 src_ip[0] = rte_bswap32(*ip1);
1294 src_ip[1] = rte_bswap32(*ip2);
1295 src_ip[2] = rte_bswap32(*ip3);
1296 src_ip[3] = rte_bswap32(*ip4);
1298 src_mask = key->key.ipv6_5tuple.src_ip_mask;
1300 src_field_start = 1;
1301 for (i = 0; i != RTE_DIM(src_ip); i++, src_field_start++) {
1302 if (src_mask >= (i + 1) * nbu32)
1303 params.field_value[src_field_start].mask_range.
1306 params.field_value[src_field_start].mask_range.
1309 (i * nbu32) ? src_mask - (i * 32) : 0;
1310 params.field_value[src_field_start].value.u32 =
1314 ip1 = (uint32_t *) (key->key.ipv6_5tuple.dst_ip);
1319 dst_ip[0] = rte_bswap32(*ip1);
1320 dst_ip[1] = rte_bswap32(*ip2);
1321 dst_ip[2] = rte_bswap32(*ip3);
1322 dst_ip[3] = rte_bswap32(*ip4);
1324 dest_mask = key->key.ipv6_5tuple.dst_ip_mask;
1326 dst_field_start = 5;
1327 for (i = 0; i != RTE_DIM(dst_ip); i++, dst_field_start++) {
1328 if (dest_mask >= (i + 1) * nbu32)
1329 params.field_value[dst_field_start].mask_range.
1332 params.field_value[dst_field_start].mask_range.
1335 (i * nbu32) ? dest_mask - (i * 32) : 0;
1336 params.field_value[dst_field_start].value.u32 =
1340 params.field_value[9].value.u16 =
1341 key->key.ipv6_5tuple.src_port_from;
1342 params.field_value[9].mask_range.u16 =
1343 key->key.ipv6_5tuple.src_port_to;
1344 params.field_value[10].value.u16 =
1345 key->key.ipv6_5tuple.dst_port_from;
1346 params.field_value[10].mask_range.u16 =
1347 key->key.ipv6_5tuple.dst_port_to;
1351 rte_table_acl_ops.f_delete(vfw_rule_table_ipv6_standby,
1352 ¶ms, &key_found, NULL);
1355 printf("IPV6 Del Rule Command failed key_found: %i\n",
1358 printf("IPV6 Del Rule Command success key_found: %i\n",
1369 if (status || !key_found)
1373 if (key->type == PIPELINE_VFW_IPV4_5TUPLE) {
1374 TAILQ_REMOVE(vfw_tailq_rules_ipv4_standby, rule, node);
1375 (*vfw_n_tailq_rules_ipv4_standby)--;
1377 TAILQ_REMOVE(vfw_tailq_rules_ipv6_standby, rule, node);
1378 (*vfw_n_tailq_rules_ipv6_standby)--;
1387 * Clear all VFW rules from the VFW rule table.
1388 * Rules cleared from standby tables.
1389 * Applyruleset command will activate the change.
1390 * Both IPv4 and IPv6 rules will be cleared.
1393 * A pointer to the VFW pipeline parameters.
1396 * 0 on success, negative on error.
1398 int app_pipeline_vfw_clearrules(struct app_params *app)
1400 struct app_pipeline_vfw_rule *rule;
1401 struct app_pipeline_vfw_rule *command;
1406 /* Check input arguments */
1410 n_rules = *vfw_n_tailq_rules_ipv4_standby;
1411 for (priority = 0; n_rules; priority++) {
1412 TAILQ_FOREACH(rule, vfw_tailq_rules_ipv4_standby, node) {
1413 if (rule->priority == priority) {
1414 struct pipeline_vfw_key key = rule->key;
1416 /* Store command to update standby tables
1417 * after switchover */
1419 rte_malloc(NULL, sizeof(*command),
1420 RTE_CACHE_LINE_SIZE);
1421 if (command == NULL) {
1422 printf("Cannot allocation command\n");
1426 sizeof(struct app_pipeline_vfw_rule));
1427 memcpy(&command->key, &key, sizeof(key));
1428 command->command = vfw_delete_command;
1429 TAILQ_INSERT_TAIL(&vfw_commands, command,
1433 app_pipeline_vfw_delete_rule(app, &key);
1439 n_rules = *vfw_n_tailq_rules_ipv6_standby;
1440 for (priority = 0; n_rules; priority++) {
1441 TAILQ_FOREACH(rule, vfw_tailq_rules_ipv6_standby, node) {
1442 if (rule->priority == priority) {
1443 struct pipeline_vfw_key key = rule->key;
1445 /* Store command to update standby tables
1446 * after switchover */
1448 rte_malloc(NULL, sizeof(*command),
1449 RTE_CACHE_LINE_SIZE);
1450 if (command == NULL) {
1451 printf("Cannot allocation command\n");
1455 sizeof(struct app_pipeline_vfw_rule));
1456 memcpy(&command->key, &key, sizeof(key));
1457 command->command = vfw_delete_command;
1458 TAILQ_INSERT_TAIL(&vfw_commands, command,
1462 app_pipeline_vfw_delete_rule(app, &key);
1468 /* Clear Action Array */
1469 memset(action_array_standby, 0, action_array_size);
1479 * Open file and process all commands in the file.
1482 * A pointer to the CLI context
1484 * A pointer to the file to process.
1487 static void app_loadrules_file(cmdline_parse_ctx_t *ctx, const char *file_name)
1489 struct cmdline *file_cl;
1492 fd = open(file_name, O_RDONLY);
1494 printf("Cannot open file \"%s\"\n", file_name);
1498 file_cl = cmdline_new(ctx, "", fd, 1);
1499 cmdline_interact(file_cl);
1503 struct cmd_loadrules_file_result {
1504 cmdline_fixed_string_t p_string;
1505 cmdline_fixed_string_t vfw_string;
1506 cmdline_fixed_string_t loadrules_string;
1507 char file_name[APP_FILE_NAME_SIZE];
1511 * Parse load rules command.
1512 * Verify that file exists.
1513 * Clear existing rules and action.
1514 * Process commands in command file.
1516 * @param parsed_result
1517 * A pointer to the CLI command parsed result
1519 * A pointer to command line context.
1521 * A pointer to command specific data.
1524 * 0 on success, negative on error.
1528 cmd_loadrules_parsed(void *parsed_result, struct cmdline *cl, void *data)
1530 struct cmd_loadrules_file_result *params = parsed_result;
1531 struct app_params *app = data;
1535 /* Make sure the file exists before clearing rules and actions */
1536 fd = open(params->file_name, O_RDONLY);
1538 printf("Cannot open file \"%s\"\n", params->file_name);
1543 /* Clear all rules and actions */
1544 status = app_pipeline_vfw_clearrules(app);
1547 printf("Command clearrules failed\n");
1551 /* Process commands in script file */
1552 app_loadrules_file(cl->ctx, params->file_name);
1555 cmdline_parse_token_string_t cmd_loadrules_p_string =
1556 TOKEN_STRING_INITIALIZER(struct cmd_loadrules_file_result,
1559 cmdline_parse_token_string_t cmd_loadrules_vfw_string =
1560 TOKEN_STRING_INITIALIZER(struct cmd_loadrules_file_result,
1563 cmdline_parse_token_string_t cmd_loadrules_loadrules_string =
1564 TOKEN_STRING_INITIALIZER(struct cmd_loadrules_file_result, loadrules_string,
1567 cmdline_parse_token_string_t cmd_loadrules_file_name =
1568 TOKEN_STRING_INITIALIZER(struct cmd_loadrules_file_result, file_name, NULL);
1570 cmdline_parse_inst_t cmd_loadrules = {
1571 .f = cmd_loadrules_parsed,
1573 .help_str = "VFW Load Rules",
1575 (void *)&cmd_loadrules_p_string,
1576 (void *)&cmd_loadrules_vfw_string,
1577 (void *)&cmd_loadrules_loadrules_string,
1578 (void *)&cmd_loadrules_file_name,
1584 * Add Action to the Action table.
1585 * Actions are added standby table.
1586 * Applyruleset command will activate the change.
1589 * A pointer to the VFW pipeline parameters.
1591 * A pointer to the Action to add.
1594 * 0 on success, negative on error.
1597 app_pipeline_action_add(__attribute__ ((unused)) struct app_params *app,
1598 struct pipeline_action_key *key)
1602 * This function will update the action IDs on the standby table.
1603 * Activating the changes is done with the applyruleset command.
1606 uint32_t action_bitmap = key->action_bitmap;
1607 uint32_t action_id = key->action_id;
1609 if (action_id >= action_array_max) {
1611 printf("Action id: %u out of range\n", action_id);
1615 action_array_standby[action_id].action_id = action_id;
1618 printf("Adding action id: %u Type: ", action_id);
1619 if (action_bitmap == lib_acl_action_packet_accept) {
1620 action_array_standby[action_id].action_bitmap |=
1621 lib_acl_action_packet_accept;
1625 if (action_bitmap == lib_acl_action_packet_drop) {
1626 action_array_standby[action_id].action_bitmap |=
1627 lib_acl_action_packet_drop;
1631 if (action_bitmap == lib_acl_action_nat) {
1632 action_array_standby[action_id].action_bitmap |=
1634 action_array_standby[action_id].nat_port = key->nat_port;
1636 printf("NAT Port ID: %u\n", key->nat_port);
1638 if (action_bitmap == lib_acl_action_fwd) {
1639 action_array_standby[action_id].action_bitmap |=
1641 action_array_standby[action_id].fwd_port = key->fwd_port;
1643 printf("FWD Port ID: %u\n", key->fwd_port);
1645 if (action_bitmap == lib_acl_action_count) {
1646 action_array_standby[action_id].action_bitmap |=
1647 lib_acl_action_count;
1651 if (action_bitmap == lib_acl_action_conntrack) {
1652 action_array_standby[action_id].action_bitmap |=
1653 lib_acl_action_conntrack;
1655 printf("Conntrack\n");
1657 if (action_bitmap == lib_acl_action_connexist) {
1658 action_array_standby[action_id].action_bitmap |=
1659 lib_acl_action_connexist;
1660 action_array_standby[action_id].private_public =
1661 key->private_public;
1663 printf("Conntrack prvpub: %i\n", key->private_public);
1665 if (action_bitmap == lib_acl_action_dscp) {
1666 action_array_standby[action_id].action_bitmap |=
1667 lib_acl_action_dscp;
1668 action_array_standby[action_id].dscp_priority =
1671 printf("DSCP Priority: %u\n", key->dscp_priority);
1675 printf("action_bitmap: %" PRIu32 "\n",
1676 action_array_standby[action_id].action_bitmap);
1682 * Delete Action from the Action table.
1683 * Actions are deleted from the standby table.
1684 * Applyruleset command will activate the change.
1687 * A pointer to the VFW pipeline parameters.
1689 * A pointer to the Action to delete.
1692 * 0 on success, negative on error.
1695 app_pipeline_action_delete(__attribute__ ((unused)) struct app_params *app,
1696 struct pipeline_action_key *key)
1699 * This function will update the action IDs on the standby table.
1700 * Activating the changes is done with the applyruleset command.
1703 uint32_t action_bitmap = key->action_bitmap;
1704 uint32_t action_id = key->action_id;
1706 if (action_id >= action_array_max) {
1708 printf("Action id: %u out of range\n", action_id);
1712 if (action_array_standby[action_id].action_bitmap & action_bitmap)
1713 action_array_standby[action_id].action_bitmap &= ~action_bitmap;
1715 printf("VFW Action Delete - Action not set\n");
1718 printf("Deleting action id: %u Type: ", key->action_id);
1719 if (action_bitmap == lib_acl_action_packet_accept)
1721 if (action_bitmap == lib_acl_action_packet_drop)
1723 if (action_bitmap == lib_acl_action_nat)
1725 if (action_bitmap == lib_acl_action_fwd)
1727 if (action_bitmap == lib_acl_action_count)
1729 if (action_bitmap == lib_acl_action_conntrack)
1730 printf("Conntrack\n");
1731 if (action_bitmap == lib_acl_action_connexist)
1732 printf("Connexist\n");
1733 if (action_bitmap == lib_acl_action_dscp)
1736 printf("action_bitmap: %" PRIu32 "\n",
1737 action_array_standby[action_id].action_bitmap);
1748 * A structure defining the VFW add rule command.
1750 struct cmd_vfw_add_ip_result {
1751 cmdline_fixed_string_t p_string;
1752 cmdline_fixed_string_t vfw_string;
1753 cmdline_fixed_string_t add_string;
1755 cmdline_ipaddr_t src_ip;
1756 uint32_t src_ip_mask;
1757 cmdline_ipaddr_t dst_ip;
1758 uint32_t dst_ip_mask;
1759 uint16_t src_port_from;
1760 uint16_t src_port_to;
1761 uint16_t dst_port_from;
1762 uint16_t dst_port_to;
1770 * Parse VFW add rule CLI command.
1771 * Add rule to standby table.
1772 * Store command to update standby table
1773 * after applyruleset command is invoked.
1775 * @param parsed_result
1776 * A pointer to CLI command parsed result.
1778 * A pointer to command line context.
1780 * A pointer to command specific data
1784 cmd_vfw_add_ip_parsed(void *parsed_result, __attribute__ ((unused))
1785 struct cmdline *cl, void *data)
1787 struct cmd_vfw_add_ip_result *params = parsed_result;
1788 struct app_params *app = data;
1789 struct pipeline_vfw_key key;
1790 struct app_pipeline_vfw_rule *command;
1793 memset(&key, 0, sizeof(struct pipeline_vfw_key));
1795 if (params->src_ip.family == AF_INET) {
1796 key.type = PIPELINE_VFW_IPV4_5TUPLE;
1797 key.key.ipv4_5tuple.src_ip = rte_bswap32((uint32_t)
1798 params->src_ip.addr.
1800 key.key.ipv4_5tuple.src_ip_mask = params->src_ip_mask;
1801 key.key.ipv4_5tuple.dst_ip = rte_bswap32((uint32_t)
1802 params->dst_ip.addr.
1804 key.key.ipv4_5tuple.dst_ip_mask = params->dst_ip_mask;
1805 key.key.ipv4_5tuple.src_port_from = params->src_port_from;
1806 key.key.ipv4_5tuple.src_port_to = params->src_port_to;
1807 key.key.ipv4_5tuple.dst_port_from = params->dst_port_from;
1808 key.key.ipv4_5tuple.dst_port_to = params->dst_port_to;
1809 key.key.ipv4_5tuple.proto = params->proto;
1810 key.key.ipv4_5tuple.proto_mask = params->proto_mask;
1812 if (params->src_ip.family == AF_INET6) {
1814 printf("entered IPV6");
1815 key.type = PIPELINE_VFW_IPV6_5TUPLE;
1816 memcpy(key.key.ipv6_5tuple.src_ip,
1817 params->src_ip.addr.ipv6.s6_addr,
1818 sizeof(params->src_ip.addr.ipv6.s6_addr));
1819 key.key.ipv6_5tuple.src_ip_mask = params->src_ip_mask;
1820 memcpy(key.key.ipv6_5tuple.dst_ip,
1821 params->dst_ip.addr.ipv6.s6_addr,
1822 sizeof(params->src_ip.addr.ipv6.s6_addr));
1823 key.key.ipv6_5tuple.dst_ip_mask = params->dst_ip_mask;
1824 key.key.ipv6_5tuple.src_port_from = params->src_port_from;
1825 key.key.ipv6_5tuple.src_port_to = params->src_port_to;
1826 key.key.ipv6_5tuple.dst_port_from = params->dst_port_from;
1827 key.key.ipv6_5tuple.dst_port_to = params->dst_port_to;
1828 key.key.ipv6_5tuple.proto = params->proto;
1829 key.key.ipv6_5tuple.proto_mask = params->proto_mask;
1831 /* Set to 1 as default, overwritten by Action FWD/NAT Port */
1832 status = app_pipeline_vfw_add_rule(app, &key, params->priority, 1,
1836 printf("Command failed\n");
1840 /* Store command to update standby tables after switchover */
1841 command = rte_malloc(NULL, sizeof(*command), RTE_CACHE_LINE_SIZE);
1842 if (command == NULL) {
1843 printf("Cannot allocation command\n");
1846 memset(command, 0, sizeof(struct app_pipeline_vfw_rule));
1847 memcpy(&command->key, &key, sizeof(key));
1848 command->priority = params->priority;
1849 command->port_id = params->port_id;
1850 command->action_id = params->action_id;
1851 command->command = vfw_add_command;
1852 TAILQ_INSERT_TAIL(&vfw_commands, command, node);
1855 cmdline_parse_token_string_t cmd_vfw_add_ip_p_string =
1856 TOKEN_STRING_INITIALIZER(struct cmd_vfw_add_ip_result, p_string,
1859 cmdline_parse_token_string_t cmd_vfw_add_ip_acl_string =
1860 TOKEN_STRING_INITIALIZER(struct cmd_vfw_add_ip_result,
1863 cmdline_parse_token_string_t cmd_vfw_add_ip_add_string =
1864 TOKEN_STRING_INITIALIZER(struct cmd_vfw_add_ip_result,
1867 cmdline_parse_token_num_t cmd_vfw_add_ip_priority =
1868 TOKEN_NUM_INITIALIZER(struct cmd_vfw_add_ip_result, priority,
1871 cmdline_parse_token_ipaddr_t cmd_vfw_add_ip_src_ip =
1872 TOKEN_IPADDR_INITIALIZER(struct cmd_vfw_add_ip_result, src_ip);
1874 cmdline_parse_token_num_t cmd_vfw_add_ip_src_ip_mask =
1875 TOKEN_NUM_INITIALIZER(struct cmd_vfw_add_ip_result, src_ip_mask,
1878 cmdline_parse_token_ipaddr_t cmd_vfw_add_ip_dst_ip =
1879 TOKEN_IPADDR_INITIALIZER(struct cmd_vfw_add_ip_result, dst_ip);
1881 cmdline_parse_token_num_t cmd_vfw_add_ip_dst_ip_mask =
1882 TOKEN_NUM_INITIALIZER(struct cmd_vfw_add_ip_result, dst_ip_mask,
1885 cmdline_parse_token_num_t cmd_vfw_add_ip_src_port_from =
1886 TOKEN_NUM_INITIALIZER(struct cmd_vfw_add_ip_result,
1887 src_port_from, UINT16);
1889 cmdline_parse_token_num_t cmd_vfw_add_ip_src_port_to =
1890 TOKEN_NUM_INITIALIZER(struct cmd_vfw_add_ip_result,
1891 src_port_to, UINT16);
1893 cmdline_parse_token_num_t cmd_vfw_add_ip_dst_port_from =
1894 TOKEN_NUM_INITIALIZER(struct cmd_vfw_add_ip_result,
1895 dst_port_from, UINT16);
1897 cmdline_parse_token_num_t cmd_vfw_add_ip_dst_port_to =
1898 TOKEN_NUM_INITIALIZER(struct cmd_vfw_add_ip_result,
1899 dst_port_to, UINT16);
1901 cmdline_parse_token_num_t cmd_vfw_add_ip_proto =
1902 TOKEN_NUM_INITIALIZER(struct cmd_vfw_add_ip_result,
1905 cmdline_parse_token_num_t cmd_vfw_add_ip_proto_mask =
1906 TOKEN_NUM_INITIALIZER(struct cmd_vfw_add_ip_result,
1909 cmdline_parse_token_num_t cmd_vfw_add_ip_port_id =
1910 TOKEN_NUM_INITIALIZER(struct cmd_vfw_add_ip_result,
1913 cmdline_parse_token_num_t cmd_vfw_add_ip_action_id =
1914 TOKEN_NUM_INITIALIZER(struct cmd_vfw_add_ip_result,
1917 cmdline_parse_inst_t cmd_vfw_add_ip = {
1918 .f = cmd_vfw_add_ip_parsed,
1920 .help_str = "VFW rule add",
1922 (void *)&cmd_vfw_add_ip_p_string,
1923 (void *)&cmd_vfw_add_ip_acl_string,
1924 (void *)&cmd_vfw_add_ip_add_string,
1925 (void *)&cmd_vfw_add_ip_priority,
1926 (void *)&cmd_vfw_add_ip_src_ip,
1927 (void *)&cmd_vfw_add_ip_src_ip_mask,
1928 (void *)&cmd_vfw_add_ip_dst_ip,
1929 (void *)&cmd_vfw_add_ip_dst_ip_mask,
1930 (void *)&cmd_vfw_add_ip_src_port_from,
1931 (void *)&cmd_vfw_add_ip_src_port_to,
1932 (void *)&cmd_vfw_add_ip_dst_port_from,
1933 (void *)&cmd_vfw_add_ip_dst_port_to,
1934 (void *)&cmd_vfw_add_ip_proto,
1935 (void *)&cmd_vfw_add_ip_proto_mask,
1936 (void *)&cmd_vfw_add_ip_action_id,
1946 * A structure defining the VFW delete rule command.
1948 struct cmd_vfw_del_ip_result {
1949 cmdline_fixed_string_t p_string;
1950 cmdline_fixed_string_t vfw_string;
1951 cmdline_fixed_string_t del_string;
1952 cmdline_ipaddr_t src_ip;
1953 uint32_t src_ip_mask;
1954 cmdline_ipaddr_t dst_ip;
1955 uint32_t dst_ip_mask;
1956 uint16_t src_port_from;
1957 uint16_t src_port_to;
1958 uint16_t dst_port_from;
1959 uint16_t dst_port_to;
1965 * Parse VFW delete rule CLI command.
1966 * Delete rule from standby table.
1967 * Store command to update standby table
1968 * after applyruleset command is invoked.
1970 * @param parsed_result
1971 * A pointer to CLI command parsed result.
1973 * A pointer to command line context.
1975 * A pointer to command specific data
1979 cmd_vfw_del_ip_parsed(void *parsed_result, __attribute__ ((unused))
1980 struct cmdline *cl, void *data)
1982 struct cmd_vfw_del_ip_result *params = parsed_result;
1983 struct app_params *app = data;
1984 struct pipeline_vfw_key key;
1985 struct app_pipeline_vfw_rule *command;
1988 memset(&key, 0, sizeof(struct pipeline_vfw_key));
1990 if (params->src_ip.family == AF_INET) {
1991 key.type = PIPELINE_VFW_IPV4_5TUPLE;
1992 key.key.ipv4_5tuple.src_ip = rte_bswap32((uint32_t)
1993 params->src_ip.addr.
1995 key.key.ipv4_5tuple.src_ip_mask = params->src_ip_mask;
1996 key.key.ipv4_5tuple.dst_ip = rte_bswap32((uint32_t)
1997 params->dst_ip.addr.
1999 key.key.ipv4_5tuple.dst_ip_mask = params->dst_ip_mask;
2000 key.key.ipv4_5tuple.src_port_from = params->src_port_from;
2001 key.key.ipv4_5tuple.src_port_to = params->src_port_to;
2002 key.key.ipv4_5tuple.dst_port_from = params->dst_port_from;
2003 key.key.ipv4_5tuple.dst_port_to = params->dst_port_to;
2004 key.key.ipv4_5tuple.proto = params->proto;
2005 key.key.ipv4_5tuple.proto_mask = params->proto_mask;
2007 if (params->src_ip.family == AF_INET6) {
2008 key.type = PIPELINE_VFW_IPV6_5TUPLE;
2009 memcpy(key.key.ipv6_5tuple.src_ip,
2010 params->src_ip.addr.ipv6.s6_addr,
2011 sizeof(params->src_ip.addr.ipv6.s6_addr));
2012 key.key.ipv6_5tuple.src_ip_mask = params->src_ip_mask;
2013 memcpy(key.key.ipv6_5tuple.dst_ip,
2014 params->dst_ip.addr.ipv6.s6_addr,
2015 sizeof(params->dst_ip.addr.ipv6.s6_addr));
2016 key.key.ipv6_5tuple.dst_ip_mask = params->dst_ip_mask;
2017 key.key.ipv6_5tuple.src_port_from = params->src_port_from;
2018 key.key.ipv6_5tuple.src_port_to = params->src_port_to;
2019 key.key.ipv6_5tuple.dst_port_from = params->dst_port_from;
2020 key.key.ipv6_5tuple.dst_port_to = params->dst_port_to;
2021 key.key.ipv6_5tuple.proto = params->proto;
2022 key.key.ipv6_5tuple.proto_mask = params->proto_mask;
2025 status = app_pipeline_vfw_delete_rule(app, &key);
2028 printf("Command failed\n");
2032 /* Store command to update standby tables after switchover */
2033 command = rte_malloc(NULL, sizeof(*command), RTE_CACHE_LINE_SIZE);
2034 if (command == NULL) {
2035 printf("Cannot allocation command\n");
2038 memset(command, 0, sizeof(struct app_pipeline_vfw_rule));
2039 memcpy(&command->key, &key, sizeof(key));
2040 command->command = vfw_delete_command;
2041 TAILQ_INSERT_TAIL(&vfw_commands, command, node);
2044 cmdline_parse_token_string_t cmd_vfw_del_ip_p_string =
2045 TOKEN_STRING_INITIALIZER(struct cmd_vfw_del_ip_result, p_string,
2048 cmdline_parse_token_string_t cmd_vfw_del_ip_acl_string =
2049 TOKEN_STRING_INITIALIZER(struct cmd_vfw_del_ip_result,
2052 cmdline_parse_token_string_t cmd_vfw_del_ip_del_string =
2053 TOKEN_STRING_INITIALIZER(struct cmd_vfw_del_ip_result,
2056 cmdline_parse_token_ipaddr_t cmd_vfw_del_ip_src_ip =
2057 TOKEN_IPADDR_INITIALIZER(struct cmd_vfw_del_ip_result, src_ip);
2059 cmdline_parse_token_num_t cmd_vfw_del_ip_src_ip_mask =
2060 TOKEN_NUM_INITIALIZER(struct cmd_vfw_del_ip_result, src_ip_mask,
2063 cmdline_parse_token_ipaddr_t cmd_vfw_del_ip_dst_ip =
2064 TOKEN_IPADDR_INITIALIZER(struct cmd_vfw_del_ip_result, dst_ip);
2066 cmdline_parse_token_num_t cmd_vfw_del_ip_dst_ip_mask =
2067 TOKEN_NUM_INITIALIZER(struct cmd_vfw_del_ip_result, dst_ip_mask,
2070 cmdline_parse_token_num_t cmd_vfw_del_ip_src_port_from =
2071 TOKEN_NUM_INITIALIZER(struct cmd_vfw_del_ip_result,
2072 src_port_from, UINT16);
2074 cmdline_parse_token_num_t cmd_vfw_del_ip_src_port_to =
2075 TOKEN_NUM_INITIALIZER(struct cmd_vfw_del_ip_result, src_port_to,
2078 cmdline_parse_token_num_t cmd_vfw_del_ip_dst_port_from =
2079 TOKEN_NUM_INITIALIZER(struct cmd_vfw_del_ip_result,
2080 dst_port_from, UINT16);
2082 cmdline_parse_token_num_t cmd_vfw_del_ip_dst_port_to =
2083 TOKEN_NUM_INITIALIZER(struct cmd_vfw_del_ip_result,
2084 dst_port_to, UINT16);
2086 cmdline_parse_token_num_t cmd_vfw_del_ip_proto =
2087 TOKEN_NUM_INITIALIZER(struct cmd_vfw_del_ip_result,
2090 cmdline_parse_token_num_t cmd_vfw_del_ip_proto_mask =
2091 TOKEN_NUM_INITIALIZER(struct cmd_vfw_del_ip_result, proto_mask,
2094 cmdline_parse_inst_t cmd_vfw_del_ip = {
2095 .f = cmd_vfw_del_ip_parsed,
2097 .help_str = "VFW rule delete",
2099 (void *)&cmd_vfw_del_ip_p_string,
2100 (void *)&cmd_vfw_del_ip_acl_string,
2101 (void *)&cmd_vfw_del_ip_del_string,
2102 (void *)&cmd_vfw_del_ip_src_ip,
2103 (void *)&cmd_vfw_del_ip_src_ip_mask,
2104 (void *)&cmd_vfw_del_ip_dst_ip,
2105 (void *)&cmd_vfw_del_ip_dst_ip_mask,
2106 (void *)&cmd_vfw_del_ip_src_port_from,
2107 (void *)&cmd_vfw_del_ip_src_port_to,
2108 (void *)&cmd_vfw_del_ip_dst_port_from,
2109 (void *)&cmd_vfw_del_ip_dst_port_to,
2110 (void *)&cmd_vfw_del_ip_proto,
2111 (void *)&cmd_vfw_del_ip_proto_mask,
2121 * A structure defining the VFW stats command.
2123 struct cmd_vfw_stats_result {
2124 cmdline_fixed_string_t p_string;
2125 cmdline_fixed_string_t vfw_string;
2126 cmdline_fixed_string_t stats_string;
2130 * Display VFW and Connection Tracker stats to the console.
2132 * @param parsed_result
2133 * A pointer to CLI command parsed result.
2135 * A pointer to command line context.
2137 * A pointer to command specific data
2141 cmd_vfw_stats_parsed(__attribute__ ((unused)) void *parsed_result,
2142 __attribute__ ((unused)) struct cmdline *cl,
2143 __attribute__ ((unused)) void *data)
2146 struct rte_VFW_counter_block vfw_counter_sums;
2147 struct rte_CT_counter_block ct_counter_sums;
2148 struct rte_CT_counter_block *ct_counters;
2149 struct action_counter_block action_counter_sum[action_array_max];
2150 uint64_t sum_pkts_drop_fw = 0;
2152 memset(&vfw_counter_sums, 0, sizeof(vfw_counter_sums));
2153 memset(&ct_counter_sums, 0, sizeof(ct_counter_sums));
2154 memset(&action_counter_sum, 0, sizeof(action_counter_sum));
2156 printf("VFW Stats\n");
2157 for (i = 0; i <= rte_VFW_hi_counter_block_in_use; i++) {
2158 struct rte_VFW_counter_block *vfw_ctrs =
2159 &rte_vfw_counter_table[i];
2160 ct_counters = rte_vfw_counter_table[i].ct_counters;
2162 uint64_t average_internal_time =
2163 vfw_ctrs->time_measurements ==
2164 0 ? 0 : vfw_ctrs->internal_time_sum /
2165 vfw_ctrs->time_measurements;
2166 uint64_t average_external_time =
2167 vfw_ctrs->time_measurements ==
2168 0 ? 0 : vfw_ctrs->external_time_sum /
2169 vfw_ctrs->time_measurements;
2170 uint64_t average_pkts_in_batch =
2171 vfw_ctrs->num_pkts_measurements ==
2172 0 ? 0 : vfw_ctrs->num_batch_pkts_sum /
2173 vfw_ctrs->num_pkts_measurements;
2174 uint64_t pkts_drop_fw = vfw_ctrs->pkts_drop_ttl +
2175 vfw_ctrs->pkts_drop_bad_size +
2176 vfw_ctrs->pkts_drop_fragmented +
2177 vfw_ctrs->pkts_drop_unsupported_type;
2179 printf("{\"VFW_counters\" : {\"id\" : \"%s\", \" pkts_received\": %"
2180 PRIu64 ", \" pkts_fw_forwarded\": %"
2181 PRIu64 ", \" pkts_drop_fw\": %"
2182 PRIu64 ", \" pkts_acl_forwarded\": %"
2183 PRIu64 ", \"pkts_drop_without_rule\" : %"
2184 PRIu64 ", \"average_pkts_in_batch\" : %"
2185 PRIu64 ", \"average_internal_time_in_clocks\" : %"
2186 PRIu64 ", \"average_external_time_in_clocks\" : %"
2187 PRIu64 ", \"total_time_measures\" : %"
2188 PRIu32 ", \"ct_packets_forwarded\" : %"
2189 PRIu64 ", \"ct_packets_dropped\" : %"
2190 PRIu64 ", \"bytes_processed \": %"
2191 PRIu64 ", \"ct_sessions\" : {"
2192 "\"active\" : %" PRIu64 ", \"open_attempt\" : %"
2193 PRIu64 ", \"re-open_attempt\" : %"
2194 PRIu64 ", \"established\" : %"
2195 PRIu64 ", \"closed\" : %"
2196 PRIu64 ", \"timeout\" : %"
2197 PRIu64 "}, \"ct_drops\" : {"
2198 "\"out_of_window\" : %" PRIu64 ", \"invalid_conn\" : %"
2199 PRIu64 ", \"invalid_state_transition\" : %"
2200 PRIu64 " \"RST\" : %"
2203 vfw_ctrs->pkts_received,
2204 vfw_ctrs->pkts_fw_forwarded,
2206 vfw_ctrs->pkts_acl_forwarded,
2207 vfw_ctrs->pkts_drop_without_rule,
2208 average_pkts_in_batch,
2209 average_internal_time,
2210 average_external_time,
2211 vfw_ctrs->time_measurements,
2212 ct_counters->pkts_forwarded,
2213 ct_counters->pkts_drop,
2214 vfw_ctrs->bytes_processed,
2215 ct_counters->current_active_sessions,
2216 ct_counters->sessions_activated,
2217 ct_counters->sessions_reactivated,
2218 ct_counters->sessions_established,
2219 ct_counters->sessions_closed,
2220 ct_counters->sessions_timedout,
2221 ct_counters->pkts_drop_outof_window,
2222 ct_counters->pkts_drop_invalid_conn,
2223 ct_counters->pkts_drop_invalid_state,
2224 ct_counters->pkts_drop_invalid_rst);
2226 vfw_counter_sums.bytes_processed +=
2227 vfw_ctrs->bytes_processed;
2229 vfw_counter_sums.internal_time_sum +=
2230 vfw_ctrs->internal_time_sum;
2231 vfw_counter_sums.external_time_sum +=
2232 vfw_ctrs->external_time_sum;
2233 vfw_counter_sums.time_measurements +=
2234 vfw_ctrs->time_measurements;
2236 vfw_counter_sums.pkts_drop_ttl += vfw_ctrs->pkts_drop_ttl;
2237 vfw_counter_sums.pkts_drop_bad_size +=
2238 vfw_ctrs->pkts_drop_bad_size;
2239 vfw_counter_sums.pkts_drop_fragmented +=
2240 vfw_ctrs->pkts_drop_fragmented;
2241 vfw_counter_sums.pkts_drop_unsupported_type +=
2242 vfw_ctrs->pkts_drop_unsupported_type;
2243 vfw_counter_sums.pkts_drop_without_arp_entry +=
2244 vfw_ctrs->pkts_drop_without_arp_entry;
2246 vfw_counter_sums.pkts_drop_without_rule +=
2247 vfw_ctrs->pkts_drop_without_rule;
2248 vfw_counter_sums.pkts_received += vfw_ctrs->pkts_received;
2249 vfw_counter_sums.pkts_fw_forwarded +=
2250 vfw_ctrs->pkts_fw_forwarded;
2251 vfw_counter_sums.pkts_acl_forwarded +=
2252 vfw_ctrs->pkts_acl_forwarded;
2253 sum_pkts_drop_fw += pkts_drop_fw;
2254 ct_counter_sums.pkts_forwarded += ct_counters->pkts_forwarded;
2255 ct_counter_sums.pkts_drop += ct_counters->pkts_drop;
2256 ct_counter_sums.current_active_sessions +=
2257 ct_counters->current_active_sessions;
2258 ct_counter_sums.sessions_activated +=
2259 ct_counters->sessions_activated;
2260 ct_counter_sums.sessions_reactivated +=
2261 ct_counters->sessions_reactivated;
2262 ct_counter_sums.sessions_established +=
2263 ct_counters->sessions_established;
2264 ct_counter_sums.sessions_closed += ct_counters->sessions_closed;
2265 ct_counter_sums.sessions_timedout +=
2266 ct_counters->sessions_timedout;
2267 ct_counter_sums.pkts_drop_invalid_conn +=
2268 ct_counters->pkts_drop_invalid_conn;
2269 ct_counter_sums.pkts_drop_invalid_state +=
2270 ct_counters->pkts_drop_invalid_state;
2271 ct_counter_sums.pkts_drop_invalid_rst +=
2272 ct_counters->pkts_drop_invalid_rst;
2273 ct_counter_sums.pkts_drop_outof_window +=
2274 ct_counters->pkts_drop_outof_window;
2278 printf("VFW TOTAL: pkts_received: %"
2279 PRIu64 ", \"pkts_fw_forwarded\": %"
2280 PRIu64 ", \"pkts_drop_fw\": %"
2281 PRIu64 ", \"fw_drops\" : {"
2282 "\"TTL_zero\" : %" PRIu64 ", \"bad_size\" : %"
2283 PRIu64 ", \"fragmented_packet\" : %"
2284 PRIu64 ", \"unsupported_packet_types\" : %"
2285 PRIu64 ", \"no_arp_entry\" : %"
2286 PRIu64 "}, \"pkts_acl_forwarded\": %"
2287 PRIu64 ", \"pkts_drop_without_rule\": %"
2288 PRIu64 ", \"packets_last_sec\" : %"
2289 PRIu32 ", \"average_packets_per_sec\" : %"
2290 PRIu32 ", \"bytes_last_sec\" : %"
2291 PRIu32 ", \"average_bytes_per_sec\" : %"
2292 PRIu32 ", \"bytes_processed \": %"
2294 vfw_counter_sums.pkts_received,
2295 vfw_counter_sums.pkts_fw_forwarded,
2297 vfw_counter_sums.pkts_drop_ttl,
2298 vfw_counter_sums.pkts_drop_bad_size,
2299 vfw_counter_sums.pkts_drop_fragmented,
2300 vfw_counter_sums.pkts_drop_unsupported_type,
2301 vfw_counter_sums.pkts_drop_without_arp_entry,
2302 vfw_counter_sums.pkts_acl_forwarded,
2303 vfw_counter_sums.pkts_drop_without_rule,
2304 rte_vfw_performance_measures.pkts_last_second,
2305 rte_vfw_performance_measures.ave_pkts_per_second,
2306 rte_vfw_performance_measures.bytes_last_second,
2307 rte_vfw_performance_measures.ave_bytes_per_second,
2308 vfw_counter_sums.bytes_processed);
2310 printf("\"CT TOTAL: ct_packets_forwarded\" : %"
2311 PRIu64 ", \" ct_packets_dropped\" : %"
2312 PRIu64 ", \"ct_sessions\" : {"
2313 "\"active\" : %" PRIu64 ", \"open_attempt\" : %"
2314 PRIu64 ", \"re-open_attempt\" : %"
2315 PRIu64 ", \"established\" : %"
2316 PRIu64 ", \"closed\" : %"
2317 PRIu64 ", \"timeout\" : %"
2318 PRIu64 "}, \"ct_drops\" : {"
2319 "\"out_of_window\" : %" PRIu64 ", \"invalid_conn\" : %"
2320 PRIu64 ", \"invalid_state_transition\" : %"
2321 PRIu64 " \"RST\" : %"
2323 ct_counter_sums.pkts_forwarded,
2324 ct_counter_sums.pkts_drop,
2325 ct_counter_sums.current_active_sessions,
2326 ct_counter_sums.sessions_activated,
2327 ct_counter_sums.sessions_reactivated,
2328 ct_counter_sums.sessions_established,
2329 ct_counter_sums.sessions_closed,
2330 ct_counter_sums.sessions_timedout,
2331 ct_counter_sums.pkts_drop_outof_window,
2332 ct_counter_sums.pkts_drop_invalid_conn,
2333 ct_counter_sums.pkts_drop_invalid_state,
2334 ct_counter_sums.pkts_drop_invalid_rst);
2336 for (i = 0; i <= rte_VFW_hi_counter_block_in_use; i++) {
2337 for (j = 0; j < action_array_max; j++) {
2338 if (action_array_active[j].
2339 action_bitmap & lib_acl_action_count) {
2340 action_counter_sum[j].packetCount +=
2341 action_counter_table[i][j].packetCount;
2342 action_counter_sum[j].byteCount +=
2343 action_counter_table[i][j].byteCount;
2348 for (j = 0; j < action_array_max; j++) {
2349 if (action_array_active[j].action_bitmap & lib_acl_action_count)
2350 printf("Action ID: %02u, packetCount: %" PRIu64
2351 ", byteCount: %" PRIu64 "\n", j,
2352 action_counter_sum[j].packetCount,
2353 action_counter_sum[j].byteCount);
2357 cmdline_parse_token_string_t cmd_vfw_stats_p_string =
2358 TOKEN_STRING_INITIALIZER(struct cmd_vfw_stats_result,
2361 cmdline_parse_token_string_t cmd_vfw_stats_acl_string =
2362 TOKEN_STRING_INITIALIZER(struct cmd_vfw_stats_result,
2365 cmdline_parse_token_string_t cmd_vfw_stats_stats_string =
2366 TOKEN_STRING_INITIALIZER(struct cmd_vfw_stats_result,
2367 stats_string, "stats");
2369 cmdline_parse_inst_t cmd_vfw_stats = {
2370 .f = cmd_vfw_stats_parsed,
2372 .help_str = "VFW stats",
2374 (void *)&cmd_vfw_stats_p_string,
2375 (void *)&cmd_vfw_stats_acl_string,
2376 (void *)&cmd_vfw_stats_stats_string,
2386 * A structure defining the VFW clear stats command.
2388 struct cmd_vfw_clearstats_result {
2389 cmdline_fixed_string_t p_string;
2390 cmdline_fixed_string_t vfw_string;
2391 cmdline_fixed_string_t clearstats_string;
2395 * Clear VFW and Connection Tracker stats.
2397 * @param parsed_result
2398 * A pointer to CLI command parsed result.
2400 * A pointer to command line context.
2402 * A pointer to command specific data
2405 static void cmd_vfw_clearstats_parsed(__attribute__ ((unused))
2406 void *parsed_result,
2407 __attribute__ ((unused))
2409 __attribute__ ((unused))
2413 struct rte_CT_counter_block *ct_counters;
2415 for (i = 0; i <= rte_VFW_hi_counter_block_in_use; i++) {
2416 ct_counters = rte_vfw_counter_table[i].ct_counters;
2417 rte_vfw_counter_table[i].bytes_processed = 0;
2418 rte_vfw_counter_table[i].pkts_drop_without_rule = 0;
2419 rte_vfw_counter_table[i].pkts_received = 0;
2420 rte_vfw_counter_table[i].pkts_drop_ttl = 0;
2421 rte_vfw_counter_table[i].pkts_drop_bad_size = 0;
2422 rte_vfw_counter_table[i].pkts_drop_fragmented = 0;
2423 rte_vfw_counter_table[i].pkts_drop_unsupported_type = 0;
2424 rte_vfw_counter_table[i].pkts_drop_without_arp_entry = 0;
2425 rte_vfw_counter_table[i].internal_time_sum = 0;
2426 rte_vfw_counter_table[i].external_time_sum = 0;
2427 rte_vfw_counter_table[i].time_measurements = 0;
2428 rte_vfw_counter_table[i].ct_counters->pkts_forwarded = 0;
2429 rte_vfw_counter_table[i].ct_counters->pkts_drop = 0;
2430 rte_vfw_counter_table[i].pkts_fw_forwarded = 0;
2431 rte_vfw_counter_table[i].pkts_acl_forwarded = 0;
2432 ct_counters->current_active_sessions = 0;
2433 ct_counters->sessions_activated = 0;
2434 ct_counters->sessions_reactivated = 0;
2435 ct_counters->sessions_established = 0;
2436 ct_counters->sessions_closed = 0;
2437 ct_counters->sessions_timedout = 0;
2438 ct_counters->pkts_drop_invalid_conn = 0;
2439 ct_counters->pkts_drop_invalid_state = 0;
2440 ct_counters->pkts_drop_invalid_rst = 0;
2441 ct_counters->pkts_drop_outof_window = 0;
2444 memset(&action_counter_table, 0, sizeof(action_counter_table));
2445 rte_vfw_reset_running_averages();
2448 cmdline_parse_token_string_t cmd_vfw_clearstats_p_string =
2449 TOKEN_STRING_INITIALIZER(struct cmd_vfw_clearstats_result,
2452 cmdline_parse_token_string_t cmd_vfw_clearstats_acl_string =
2453 TOKEN_STRING_INITIALIZER(struct cmd_vfw_clearstats_result,
2456 cmdline_parse_token_string_t cmd_vfw_clearstats_clearstats_string =
2457 TOKEN_STRING_INITIALIZER(struct cmd_vfw_clearstats_result,
2458 clearstats_string, "clearstats");
2460 cmdline_parse_inst_t cmd_vfw_clearstats = {
2461 .f = cmd_vfw_clearstats_parsed,
2463 .help_str = "VFW clearstats",
2465 (void *)&cmd_vfw_clearstats_p_string,
2466 (void *)&cmd_vfw_clearstats_acl_string,
2467 (void *)&cmd_vfw_clearstats_clearstats_string,
2477 * A structure defining the VFW debug command.
2479 struct cmd_vfw_dbg_result {
2480 cmdline_fixed_string_t p_string;
2481 cmdline_fixed_string_t vfw_string;
2482 cmdline_fixed_string_t dbg_string;
2487 * Parse and handle VFW debug command.
2489 * @param parsed_result
2490 * A pointer to CLI command parsed result.
2492 * A pointer to command line context.
2494 * A pointer to command specific data
2497 static void cmd_vfw_dbg_parsed(void *parsed_result, __attribute__ ((unused))
2498 struct cmdline *cl, __rte_unused void *data)
2501 struct cmd_vfw_dbg_result *params = parsed_result;
2502 if (params->dbg == 0) {
2503 printf("DBG turned OFF\n");
2505 } else if (params->dbg == 1) {
2506 printf("DBG turned ON\n");
2508 } else if (params->dbg == 2) {
2509 printf("VFW IPV4 enabled\n");
2510 printf("VFW IPV6 enabled\n");
2511 vfw_ipv4_enabled = 1;
2512 vfw_ipv6_enabled = 1;
2513 } else if (params->dbg == 3) {
2514 printf("VFW IPV4 enabled\n");
2515 printf("VFW IPV6 disabled\n");
2516 vfw_ipv4_enabled = 1;
2517 vfw_ipv6_enabled = 0;
2518 } else if (params->dbg == 4) {
2519 printf("VFW IPV4 disabled\n");
2520 printf("VFW IPV6 enabled\n");
2521 vfw_ipv4_enabled = 0;
2522 vfw_ipv6_enabled = 1;
2523 } else if (params->dbg == 5) {
2524 printf("VFW Version: 3.03\n");
2526 printf("Invalid DBG setting\n");
2529 cmdline_parse_token_string_t cmd_vfw_dbg_p_string =
2530 TOKEN_STRING_INITIALIZER(struct cmd_vfw_dbg_result,
2533 cmdline_parse_token_string_t cmd_vfw_dbg_acl_string =
2534 TOKEN_STRING_INITIALIZER(struct cmd_vfw_dbg_result,
2537 cmdline_parse_token_string_t cmd_vfw_dbg_dbg_string =
2538 TOKEN_STRING_INITIALIZER(struct cmd_vfw_dbg_result,
2541 cmdline_parse_token_num_t cmd_vfw_dbg_dbg =
2542 TOKEN_NUM_INITIALIZER(struct cmd_vfw_dbg_result, dbg,
2545 cmdline_parse_inst_t cmd_vfw_dbg = {
2546 .f = cmd_vfw_dbg_parsed,
2548 .help_str = "VFW dbg",
2550 (void *)&cmd_vfw_dbg_p_string,
2551 (void *)&cmd_vfw_dbg_acl_string,
2552 (void *)&cmd_vfw_dbg_dbg_string,
2553 (void *)&cmd_vfw_dbg_dbg,
2563 * A structure defining the VFW clear rules command.
2565 struct cmd_vfw_clearrules_result {
2566 cmdline_fixed_string_t p_string;
2567 cmdline_fixed_string_t vfw_string;
2568 cmdline_fixed_string_t clearrules_string;
2572 * Parse clear rule command.
2574 * @param parsed_result
2575 * A pointer to CLI command parsed result.
2577 * A pointer to command line context.
2579 * A pointer to command specific data
2582 static void cmd_vfw_clearrules_parsed(__attribute__ ((unused))
2583 void *parsed_result,
2584 __attribute__ ((unused))
2585 struct cmdline *cl, void *data)
2587 struct app_params *app = data;
2590 status = app_pipeline_vfw_clearrules(app);
2593 printf("Command failed\n");
2598 cmdline_parse_token_string_t cmd_vfw_clearrules_p_string =
2599 TOKEN_STRING_INITIALIZER(struct cmd_vfw_clearrules_result,
2602 cmdline_parse_token_string_t cmd_vfw_clearrules_acl_string =
2603 TOKEN_STRING_INITIALIZER(struct cmd_vfw_clearrules_result,
2606 cmdline_parse_token_string_t cmd_vfw_clearrules_clearrules_string =
2607 TOKEN_STRING_INITIALIZER(struct cmd_vfw_clearrules_result,
2608 clearrules_string, "clearrules");
2610 cmdline_parse_inst_t cmd_vfw_clearrules = {
2611 .f = cmd_vfw_clearrules_parsed,
2613 .help_str = "VFW clearrules",
2615 (void *)&cmd_vfw_clearrules_p_string,
2616 (void *)&cmd_vfw_clearrules_acl_string,
2617 (void *)&cmd_vfw_clearrules_clearrules_string,
2627 * A structure defining the VFW ls CLI command result.
2629 struct cmd_vfw_ls_result {
2630 cmdline_fixed_string_t p_string;
2631 cmdline_fixed_string_t vfw_string;
2632 cmdline_fixed_string_t ls_string;
2633 uint32_t table_instance;
2637 * Parse VFW ls command to display rules to the console.
2639 * @param parsed_result
2640 * A pointer to CLI command parsed result.
2642 * A pointer to command line context.
2644 * A pointer to command specific data
2647 static void cmd_vfw_ls_parsed(__attribute__ ((unused))
2648 void *parsed_result, __attribute__ ((unused))
2649 struct cmdline *cl, void *data)
2651 struct app_params *app = data;
2652 struct cmd_vfw_ls_result *params = parsed_result;
2654 app_pipeline_vfw_ls(app, params->table_instance);
2657 cmdline_parse_token_string_t cmd_vfw_ls_p_string =
2658 TOKEN_STRING_INITIALIZER(struct cmd_vfw_ls_result, p_string,
2661 cmdline_parse_token_string_t cmd_vfw_ls_acl_string =
2662 TOKEN_STRING_INITIALIZER(struct cmd_vfw_ls_result,
2665 cmdline_parse_token_string_t cmd_vfw_ls_ls_string =
2666 TOKEN_STRING_INITIALIZER(struct cmd_vfw_ls_result, ls_string,
2669 cmdline_parse_token_num_t cmd_vfw_ls_table_instance =
2670 TOKEN_NUM_INITIALIZER(struct cmd_vfw_ls_result, table_instance,
2673 cmdline_parse_inst_t cmd_vfw_ls = {
2674 .f = cmd_vfw_ls_parsed,
2676 .help_str = "VFW rule list",
2678 (void *)&cmd_vfw_ls_p_string,
2679 (void *)&cmd_vfw_ls_acl_string,
2680 (void *)&cmd_vfw_ls_ls_string,
2681 (void *)&cmd_vfw_ls_table_instance,
2687 * p vfw applyruleset
2691 * A structure defining the VFW apply ruleset command.
2693 struct cmd_vfw_applyruleset_result {
2694 cmdline_fixed_string_t p_string;
2695 cmdline_fixed_string_t vfw_string;
2696 cmdline_fixed_string_t applyruleset_string;
2700 * Parse VFW Apply Ruleset Command.
2701 * Switchover active and standby tables.
2702 * Sync newly standby tables to match updated data.
2703 * Both VFW rule and VFW action tables updated.
2705 * @param parsed_result
2706 * A pointer to CLI command parsed result.
2708 * A pointer to command line context.
2710 * A pointer to command specific data
2713 static void cmd_vfw_applyruleset_parsed(__attribute__ ((unused))
2714 void *parsed_result,
2715 __attribute__ ((unused))
2716 struct cmdline *cl, void *data)
2718 struct app_params *app = data;
2720 uint32_t *temp_count_ptr;
2721 struct pipeline_action_key *action_array_temp_ptr;
2724 printf("VFW Apply Ruleset\n");
2726 /* Switchover Active and Standby TRIE rule tables */
2727 temp_ptr = vfw_rule_table_ipv4_active;
2728 vfw_rule_table_ipv4_active = vfw_rule_table_ipv4_standby;
2729 vfw_rule_table_ipv4_standby = temp_ptr;
2730 temp_ptr = vfw_rule_table_ipv6_active;
2731 vfw_rule_table_ipv6_active = vfw_rule_table_ipv6_standby;
2732 vfw_rule_table_ipv6_standby = temp_ptr;
2734 /* Switchover tailq tables */
2735 vfw_tailq_rules_temp_ptr = vfw_tailq_rules_ipv4_active;
2736 vfw_tailq_rules_ipv4_active = vfw_tailq_rules_ipv4_standby;
2737 vfw_tailq_rules_ipv4_standby = vfw_tailq_rules_temp_ptr;
2738 vfw_tailq_rules_temp_ptr = vfw_tailq_rules_ipv6_active;
2739 vfw_tailq_rules_ipv6_active = vfw_tailq_rules_ipv6_standby;
2740 vfw_tailq_rules_ipv6_standby = vfw_tailq_rules_temp_ptr;
2741 temp_count_ptr = vfw_n_tailq_rules_ipv4_active;
2742 vfw_n_tailq_rules_ipv4_active = vfw_n_tailq_rules_ipv4_standby;
2743 vfw_n_tailq_rules_ipv4_standby = temp_count_ptr;
2744 temp_count_ptr = vfw_n_tailq_rules_ipv6_active;
2745 vfw_n_tailq_rules_ipv6_active = vfw_n_tailq_rules_ipv6_standby;
2746 vfw_n_tailq_rules_ipv6_standby = temp_count_ptr;
2748 /* Switchover Active and Standby action table */
2749 action_array_temp_ptr = action_array_active;
2750 action_array_active = action_array_standby;
2751 action_array_standby = action_array_temp_ptr;
2752 /* Update Standby action table with all changes */
2753 memcpy(action_array_standby, action_array_active, action_array_size);
2755 /* Update Standby Rule Tables with all changes */
2756 while (!TAILQ_EMPTY(&vfw_commands)) {
2757 struct app_pipeline_vfw_rule *command;
2759 command = TAILQ_FIRST(&vfw_commands);
2760 TAILQ_REMOVE(&vfw_commands, command, node);
2762 if (command->command == vfw_add_command) {
2763 status = app_pipeline_vfw_add_rule(app,
2771 app_pipeline_vfw_delete_rule(app, &command->key);
2774 printf("Command applyruleset add rule failed\n");
2783 cmdline_parse_token_string_t cmd_vfw_applyruleset_p_string =
2784 TOKEN_STRING_INITIALIZER(struct cmd_vfw_applyruleset_result, p_string,
2787 cmdline_parse_token_string_t cmd_vfw_applyruleset_acl_string =
2788 TOKEN_STRING_INITIALIZER(struct cmd_vfw_applyruleset_result,
2791 cmdline_parse_token_string_t cmd_vfw_applyruleset_applyruleset_string =
2792 TOKEN_STRING_INITIALIZER(struct cmd_vfw_applyruleset_result,
2793 applyruleset_string,
2796 cmdline_parse_inst_t cmd_vfw_applyruleset = {
2797 .f = cmd_vfw_applyruleset_parsed,
2799 .help_str = "VFW applyruleset",
2801 (void *)&cmd_vfw_applyruleset_p_string,
2802 (void *)&cmd_vfw_applyruleset_acl_string,
2803 (void *)&cmd_vfw_applyruleset_applyruleset_string,
2808 * p action add accept
2812 * A structure defining the add accept action command.
2814 struct cmd_action_add_accept_result {
2815 cmdline_fixed_string_t p_string;
2816 cmdline_fixed_string_t action_string;
2817 cmdline_fixed_string_t add_string;
2819 cmdline_fixed_string_t accept_string;
2823 * Parse Accept Action Add Command.
2825 * @param parsed_result
2826 * A pointer to CLI command parsed result.
2828 * A pointer to command line context.
2830 * A pointer to command specific data
2834 cmd_action_add_accept_parsed(void *parsed_result, __attribute__ ((unused))
2835 struct cmdline *cl, void *data)
2837 struct cmd_action_add_accept_result *params = parsed_result;
2838 struct app_params *app = data;
2839 struct pipeline_action_key key;
2842 key.action_id = params->action_id;
2843 key.action_bitmap = lib_acl_action_packet_accept;
2845 status = app_pipeline_action_add(app, &key);
2848 printf("Command failed\n");
2853 cmdline_parse_token_string_t cmd_action_add_accept_p_string =
2854 TOKEN_STRING_INITIALIZER(struct cmd_action_add_accept_result, p_string,
2857 cmdline_parse_token_string_t cmd_action_add_accept_action_string =
2858 TOKEN_STRING_INITIALIZER(struct cmd_action_add_accept_result,
2859 action_string, "action");
2861 cmdline_parse_token_string_t cmd_action_add_accept_add_string =
2862 TOKEN_STRING_INITIALIZER(struct cmd_action_add_accept_result,
2865 cmdline_parse_token_num_t cmd_action_add_accept_action_id =
2866 TOKEN_NUM_INITIALIZER(struct cmd_action_add_accept_result, action_id,
2869 cmdline_parse_token_string_t cmd_action_add_accept_accept_string =
2870 TOKEN_STRING_INITIALIZER(struct cmd_action_add_accept_result,
2871 accept_string, "accept");
2873 cmdline_parse_inst_t cmd_action_add_accept = {
2874 .f = cmd_action_add_accept_parsed,
2876 .help_str = "VFW action add accept",
2878 (void *)&cmd_action_add_accept_p_string,
2879 (void *)&cmd_action_add_accept_action_string,
2880 (void *)&cmd_action_add_accept_add_string,
2881 (void *)&cmd_action_add_accept_action_id,
2882 (void *)&cmd_action_add_accept_accept_string,
2888 * p action del accept
2892 * A structure defining the delete accept action command.
2894 struct cmd_action_del_accept_result {
2895 cmdline_fixed_string_t p_string;
2896 cmdline_fixed_string_t action_string;
2897 cmdline_fixed_string_t del_string;
2899 cmdline_fixed_string_t accept_string;
2903 * Parse Accept Action Delete Command.
2905 * @param parsed_result
2906 * A pointer to CLI command parsed result.
2908 * A pointer to command line context.
2910 * A pointer to command specific data
2914 cmd_action_del_accept_parsed(void *parsed_result, __attribute__ ((unused))
2915 struct cmdline *cl, void *data)
2917 struct cmd_action_del_accept_result *params = parsed_result;
2918 struct app_params *app = data;
2919 struct pipeline_action_key key;
2922 key.action_id = params->action_id;
2923 key.action_bitmap = lib_acl_action_packet_accept;
2925 status = app_pipeline_action_delete(app, &key);
2928 printf("Command failed\n");
2933 cmdline_parse_token_string_t cmd_action_del_accept_p_string =
2934 TOKEN_STRING_INITIALIZER(struct cmd_action_del_accept_result, p_string,
2937 cmdline_parse_token_string_t cmd_action_del_accept_action_string =
2938 TOKEN_STRING_INITIALIZER(struct cmd_action_del_accept_result,
2939 action_string, "action");
2941 cmdline_parse_token_string_t cmd_action_del_accept_del_string =
2942 TOKEN_STRING_INITIALIZER(struct cmd_action_del_accept_result,
2945 cmdline_parse_token_num_t cmd_action_del_accept_action_id =
2946 TOKEN_NUM_INITIALIZER(struct cmd_action_del_accept_result, action_id,
2949 cmdline_parse_token_string_t cmd_action_del_accept_accept_string =
2950 TOKEN_STRING_INITIALIZER(struct cmd_action_del_accept_result,
2951 accept_string, "accept");
2953 cmdline_parse_inst_t cmd_action_del_accept = {
2954 .f = cmd_action_del_accept_parsed,
2956 .help_str = "VFW action delete accept",
2958 (void *)&cmd_action_del_accept_p_string,
2959 (void *)&cmd_action_del_accept_action_string,
2960 (void *)&cmd_action_del_accept_del_string,
2961 (void *)&cmd_action_del_accept_action_id,
2962 (void *)&cmd_action_del_accept_accept_string,
2972 * A structure defining the add drop action command.
2974 struct cmd_action_add_drop_result {
2975 cmdline_fixed_string_t p_string;
2976 cmdline_fixed_string_t action_string;
2977 cmdline_fixed_string_t add_string;
2979 cmdline_fixed_string_t drop_string;
2983 * Parse Drop Action Add Command.
2985 * @param parsed_result
2986 * A pointer to CLI command parsed result.
2988 * A pointer to command line context.
2990 * A pointer to command specific data
2994 cmd_action_add_drop_parsed(void *parsed_result, __attribute__ ((unused))
2995 struct cmdline *cl, void *data)
2997 struct cmd_action_add_drop_result *params = parsed_result;
2998 struct app_params *app = data;
2999 struct pipeline_action_key key;
3002 key.action_id = params->action_id;
3003 key.action_bitmap = lib_acl_action_packet_drop;
3005 status = app_pipeline_action_add(app, &key);
3008 printf("Command failed\n");
3013 cmdline_parse_token_string_t cmd_action_add_drop_p_string =
3014 TOKEN_STRING_INITIALIZER(struct cmd_action_add_drop_result, p_string,
3017 cmdline_parse_token_string_t cmd_action_add_drop_action_string =
3018 TOKEN_STRING_INITIALIZER(struct cmd_action_add_drop_result,
3019 action_string, "action");
3021 cmdline_parse_token_string_t cmd_action_add_drop_add_string =
3022 TOKEN_STRING_INITIALIZER(struct cmd_action_add_drop_result,
3025 cmdline_parse_token_num_t cmd_action_add_drop_action_id =
3026 TOKEN_NUM_INITIALIZER(struct cmd_action_add_drop_result, action_id,
3029 cmdline_parse_token_string_t cmd_action_add_drop_drop_string =
3030 TOKEN_STRING_INITIALIZER(struct cmd_action_add_drop_result,
3031 drop_string, "drop");
3033 cmdline_parse_inst_t cmd_action_add_drop = {
3034 .f = cmd_action_add_drop_parsed,
3036 .help_str = "VFW action add drop",
3038 (void *)&cmd_action_add_drop_p_string,
3039 (void *)&cmd_action_add_drop_action_string,
3040 (void *)&cmd_action_add_drop_add_string,
3041 (void *)&cmd_action_add_drop_action_id,
3042 (void *)&cmd_action_add_drop_drop_string,
3052 * A structure defining the delete drop action command.
3054 struct cmd_action_del_drop_result {
3055 cmdline_fixed_string_t p_string;
3056 cmdline_fixed_string_t action_string;
3057 cmdline_fixed_string_t del_string;
3059 cmdline_fixed_string_t drop_string;
3063 * Parse Drop Action Delete Command.
3065 * @param parsed_result
3066 * A pointer to CLI command parsed result.
3068 * A pointer to command line context.
3070 * A pointer to command specific data
3074 cmd_action_del_drop_parsed(void *parsed_result, __attribute__ ((unused))
3075 struct cmdline *cl, void *data)
3077 struct cmd_action_del_drop_result *params = parsed_result;
3078 struct app_params *app = data;
3079 struct pipeline_action_key key;
3082 key.action_id = params->action_id;
3083 key.action_bitmap = lib_acl_action_packet_drop;
3085 status = app_pipeline_action_delete(app, &key);
3088 printf("Command failed\n");
3093 cmdline_parse_token_string_t cmd_action_del_drop_p_string =
3094 TOKEN_STRING_INITIALIZER(struct cmd_action_del_drop_result, p_string,
3097 cmdline_parse_token_string_t cmd_action_del_drop_action_string =
3098 TOKEN_STRING_INITIALIZER(struct cmd_action_del_drop_result,
3099 action_string, "action");
3101 cmdline_parse_token_string_t cmd_action_del_drop_del_string =
3102 TOKEN_STRING_INITIALIZER(struct cmd_action_del_drop_result,
3105 cmdline_parse_token_num_t cmd_action_del_drop_action_id =
3106 TOKEN_NUM_INITIALIZER(struct cmd_action_del_drop_result, action_id,
3109 cmdline_parse_token_string_t cmd_action_del_drop_drop_string =
3110 TOKEN_STRING_INITIALIZER(struct cmd_action_del_drop_result,
3111 drop_string, "drop");
3113 cmdline_parse_inst_t cmd_action_del_drop = {
3114 .f = cmd_action_del_drop_parsed,
3116 .help_str = "VFW action delete drop",
3118 (void *)&cmd_action_del_drop_p_string,
3119 (void *)&cmd_action_del_drop_action_string,
3120 (void *)&cmd_action_del_drop_del_string,
3121 (void *)&cmd_action_del_drop_action_id,
3122 (void *)&cmd_action_del_drop_drop_string,
3132 * A structure defining the add forward action command.
3134 struct cmd_action_add_fwd_result {
3135 cmdline_fixed_string_t p_string;
3136 cmdline_fixed_string_t action_string;
3137 cmdline_fixed_string_t add_string;
3139 cmdline_fixed_string_t fwd_string;
3144 * Parse Forward Action Add Command.
3146 * @param parsed_result
3147 * A pointer to CLI command parsed result.
3149 * A pointer to command line context.
3151 * A pointer to command specific data
3155 cmd_action_add_fwd_parsed(void *parsed_result, __attribute__ ((unused))
3156 struct cmdline *cl, void *data)
3158 struct cmd_action_add_fwd_result *params = parsed_result;
3159 struct app_params *app = data;
3160 struct pipeline_action_key key;
3163 key.action_id = params->action_id;
3164 key.action_bitmap = lib_acl_action_fwd;
3165 key.fwd_port = params->port_id;
3167 status = app_pipeline_action_add(app, &key);
3170 printf("Command failed\n");
3175 cmdline_parse_token_string_t cmd_action_add_fwd_p_string =
3176 TOKEN_STRING_INITIALIZER(struct cmd_action_add_fwd_result, p_string,
3179 cmdline_parse_token_string_t cmd_action_add_fwd_action_string =
3180 TOKEN_STRING_INITIALIZER(struct cmd_action_add_fwd_result,
3181 action_string, "action");
3183 cmdline_parse_token_string_t cmd_action_add_fwd_add_string =
3184 TOKEN_STRING_INITIALIZER(struct cmd_action_add_fwd_result,
3187 cmdline_parse_token_num_t cmd_action_add_fwd_action_id =
3188 TOKEN_NUM_INITIALIZER(struct cmd_action_add_fwd_result, action_id,
3191 cmdline_parse_token_string_t cmd_action_add_fwd_fwd_string =
3192 TOKEN_STRING_INITIALIZER(struct cmd_action_add_fwd_result,
3195 cmdline_parse_token_num_t cmd_action_add_fwd_port_id =
3196 TOKEN_NUM_INITIALIZER(struct cmd_action_add_fwd_result, port_id,
3199 cmdline_parse_inst_t cmd_action_add_fwd = {
3200 .f = cmd_action_add_fwd_parsed,
3202 .help_str = "VFW action add fwd",
3204 (void *)&cmd_action_add_fwd_p_string,
3205 (void *)&cmd_action_add_fwd_action_string,
3206 (void *)&cmd_action_add_fwd_add_string,
3207 (void *)&cmd_action_add_fwd_action_id,
3208 (void *)&cmd_action_add_fwd_fwd_string,
3209 (void *)&cmd_action_add_fwd_port_id,
3219 * A structure defining the delete forward action command.
3221 struct cmd_action_del_fwd_result {
3222 cmdline_fixed_string_t p_string;
3223 cmdline_fixed_string_t action_string;
3224 cmdline_fixed_string_t del_string;
3226 cmdline_fixed_string_t fwd_string;
3230 * Parse Forward Action Delete Command.
3232 * @param parsed_result
3233 * A pointer to CLI command parsed result.
3235 * A pointer to command line context.
3237 * A pointer to command specific data
3241 cmd_action_del_fwd_parsed(void *parsed_result, __attribute__ ((unused))
3242 struct cmdline *cl, void *data)
3244 struct cmd_action_del_fwd_result *params = parsed_result;
3245 struct app_params *app = data;
3246 struct pipeline_action_key key;
3249 key.action_id = params->action_id;
3250 key.action_bitmap = lib_acl_action_fwd;
3252 status = app_pipeline_action_delete(app, &key);
3255 printf("Command failed\n");
3260 cmdline_parse_token_string_t cmd_action_del_fwd_p_string =
3261 TOKEN_STRING_INITIALIZER(struct cmd_action_del_fwd_result, p_string,
3264 cmdline_parse_token_string_t cmd_action_del_fwd_action_string =
3265 TOKEN_STRING_INITIALIZER(struct cmd_action_del_fwd_result,
3266 action_string, "action");
3268 cmdline_parse_token_string_t cmd_action_del_fwd_del_string =
3269 TOKEN_STRING_INITIALIZER(struct cmd_action_del_fwd_result,
3272 cmdline_parse_token_num_t cmd_action_del_fwd_action_id =
3273 TOKEN_NUM_INITIALIZER(struct cmd_action_del_fwd_result, action_id,
3276 cmdline_parse_token_string_t cmd_action_del_fwd_fwd_string =
3277 TOKEN_STRING_INITIALIZER(struct cmd_action_del_fwd_result,
3280 cmdline_parse_inst_t cmd_action_del_fwd = {
3281 .f = cmd_action_del_fwd_parsed,
3283 .help_str = "VFW action delete fwd",
3285 (void *)&cmd_action_del_fwd_p_string,
3286 (void *)&cmd_action_del_fwd_action_string,
3287 (void *)&cmd_action_del_fwd_del_string,
3288 (void *)&cmd_action_del_fwd_action_id,
3289 (void *)&cmd_action_del_fwd_fwd_string,
3299 * A structure defining the add NAT action command.
3301 struct cmd_action_add_nat_result {
3302 cmdline_fixed_string_t p_string;
3303 cmdline_fixed_string_t action_string;
3304 cmdline_fixed_string_t add_string;
3306 cmdline_fixed_string_t nat_string;
3311 * Parse NAT Action Add Command.
3313 * @param parsed_result
3314 * A pointer to CLI command parsed result.
3316 * A pointer to command line context.
3318 * A pointer to command specific data
3322 cmd_action_add_nat_parsed(void *parsed_result, __attribute__ ((unused))
3323 struct cmdline *cl, void *data)
3325 struct cmd_action_add_nat_result *params = parsed_result;
3326 struct app_params *app = data;
3327 struct pipeline_action_key key;
3330 key.action_id = params->action_id;
3331 key.action_bitmap = lib_acl_action_nat;
3332 key.nat_port = params->port_id;
3334 status = app_pipeline_action_add(app, &key);
3337 printf("Command failed\n");
3342 cmdline_parse_token_string_t cmd_action_add_nat_p_string =
3343 TOKEN_STRING_INITIALIZER(struct cmd_action_add_nat_result, p_string,
3346 cmdline_parse_token_string_t cmd_action_add_nat_action_string =
3347 TOKEN_STRING_INITIALIZER(struct cmd_action_add_nat_result,
3348 action_string, "action");
3350 cmdline_parse_token_string_t cmd_action_add_nat_add_string =
3351 TOKEN_STRING_INITIALIZER(struct cmd_action_add_nat_result,
3354 cmdline_parse_token_num_t cmd_action_add_nat_action_id =
3355 TOKEN_NUM_INITIALIZER(struct cmd_action_add_nat_result, action_id,
3358 cmdline_parse_token_string_t cmd_action_add_nat_nat_string =
3359 TOKEN_STRING_INITIALIZER(struct cmd_action_add_nat_result,
3362 cmdline_parse_token_num_t cmd_action_add_nat_port_id =
3363 TOKEN_NUM_INITIALIZER(struct cmd_action_add_nat_result, port_id,
3366 cmdline_parse_inst_t cmd_action_add_nat = {
3367 .f = cmd_action_add_nat_parsed,
3369 .help_str = "VFW action add nat",
3371 (void *)&cmd_action_add_nat_p_string,
3372 (void *)&cmd_action_add_nat_action_string,
3373 (void *)&cmd_action_add_nat_add_string,
3374 (void *)&cmd_action_add_nat_action_id,
3375 (void *)&cmd_action_add_nat_nat_string,
3376 (void *)&cmd_action_add_nat_port_id,
3386 * A structure defining the delete NAT action command.
3388 struct cmd_action_del_nat_result {
3389 cmdline_fixed_string_t p_string;
3390 cmdline_fixed_string_t action_string;
3391 cmdline_fixed_string_t del_string;
3393 cmdline_fixed_string_t nat_string;
3397 * Parse NAT Action Delete Command.
3399 * @param parsed_result
3400 * A pointer to CLI command parsed result.
3402 * A pointer to command line context.
3404 * A pointer to command specific data
3408 cmd_action_del_nat_parsed(void *parsed_result, __attribute__ ((unused))
3409 struct cmdline *cl, void *data)
3411 struct cmd_action_del_nat_result *params = parsed_result;
3412 struct app_params *app = data;
3413 struct pipeline_action_key key;
3416 key.action_id = params->action_id;
3417 key.action_bitmap = lib_acl_action_nat;
3419 status = app_pipeline_action_delete(app, &key);
3422 printf("Command failed\n");
3427 cmdline_parse_token_string_t cmd_action_del_nat_p_string =
3428 TOKEN_STRING_INITIALIZER(struct cmd_action_del_nat_result, p_string,
3431 cmdline_parse_token_string_t cmd_action_del_nat_action_string =
3432 TOKEN_STRING_INITIALIZER(struct cmd_action_del_nat_result,
3433 action_string, "action");
3435 cmdline_parse_token_string_t cmd_action_del_nat_del_string =
3436 TOKEN_STRING_INITIALIZER(struct cmd_action_del_nat_result,
3439 cmdline_parse_token_num_t cmd_action_del_nat_action_id =
3440 TOKEN_NUM_INITIALIZER(struct cmd_action_del_nat_result, action_id,
3443 cmdline_parse_token_string_t cmd_action_del_nat_nat_string =
3444 TOKEN_STRING_INITIALIZER(struct cmd_action_del_nat_result,
3447 cmdline_parse_inst_t cmd_action_del_nat = {
3448 .f = cmd_action_del_nat_parsed,
3450 .help_str = "VFW action delete nat",
3452 (void *)&cmd_action_del_nat_p_string,
3453 (void *)&cmd_action_del_nat_action_string,
3454 (void *)&cmd_action_del_nat_del_string,
3455 (void *)&cmd_action_del_nat_action_id,
3456 (void *)&cmd_action_del_nat_nat_string,
3462 * p action add count
3466 * A structure defining the add count action command.
3468 struct cmd_action_add_count_result {
3469 cmdline_fixed_string_t p_string;
3470 cmdline_fixed_string_t action_string;
3471 cmdline_fixed_string_t add_string;
3473 cmdline_fixed_string_t count_string;
3477 * Parse Count Action Add Command.
3479 * @param parsed_result
3480 * A pointer to CLI command parsed result.
3482 * A pointer to command line context.
3484 * A pointer to command specific data
3488 cmd_action_add_count_parsed(void *parsed_result, __attribute__ ((unused))
3489 struct cmdline *cl, void *data)
3491 struct cmd_action_add_count_result *params = parsed_result;
3492 struct app_params *app = data;
3493 struct pipeline_action_key key;
3496 key.action_id = params->action_id;
3497 key.action_bitmap = lib_acl_action_count;
3499 status = app_pipeline_action_add(app, &key);
3502 printf("Command failed\n");
3507 cmdline_parse_token_string_t cmd_action_add_count_p_string =
3508 TOKEN_STRING_INITIALIZER(struct cmd_action_add_count_result, p_string,
3511 cmdline_parse_token_string_t cmd_action_add_count_action_string =
3512 TOKEN_STRING_INITIALIZER(struct cmd_action_add_count_result,
3513 action_string, "action");
3515 cmdline_parse_token_string_t cmd_action_add_count_add_string =
3516 TOKEN_STRING_INITIALIZER(struct cmd_action_add_count_result,
3519 cmdline_parse_token_num_t cmd_action_add_count_action_id =
3520 TOKEN_NUM_INITIALIZER(struct cmd_action_add_count_result, action_id,
3523 cmdline_parse_token_string_t cmd_action_add_count_count_string =
3524 TOKEN_STRING_INITIALIZER(struct cmd_action_add_count_result,
3525 count_string, "count");
3527 cmdline_parse_inst_t cmd_action_add_count = {
3528 .f = cmd_action_add_count_parsed,
3530 .help_str = "VFW action add count",
3532 (void *)&cmd_action_add_count_p_string,
3533 (void *)&cmd_action_add_count_action_string,
3534 (void *)&cmd_action_add_count_add_string,
3535 (void *)&cmd_action_add_count_action_id,
3536 (void *)&cmd_action_add_count_count_string,
3542 * p action del count
3546 * A structure defining the delete count action command.
3548 struct cmd_action_del_count_result {
3549 cmdline_fixed_string_t p_string;
3550 cmdline_fixed_string_t action_string;
3551 cmdline_fixed_string_t del_string;
3553 cmdline_fixed_string_t count_string;
3557 * Parse Count Action Delete Command.
3559 * @param parsed_result
3560 * A pointer to CLI command parsed result.
3562 * A pointer to command line context.
3564 * A pointer to command specific data
3568 cmd_action_del_count_parsed(void *parsed_result, __attribute__ ((unused))
3569 struct cmdline *cl, void *data)
3571 struct cmd_action_del_count_result *params = parsed_result;
3572 struct app_params *app = data;
3573 struct pipeline_action_key key;
3576 key.action_id = params->action_id;
3577 key.action_bitmap = lib_acl_action_count;
3579 status = app_pipeline_action_delete(app, &key);
3582 printf("Command failed\n");
3587 cmdline_parse_token_string_t cmd_action_del_count_p_string =
3588 TOKEN_STRING_INITIALIZER(struct cmd_action_del_count_result, p_string,
3591 cmdline_parse_token_string_t cmd_action_del_count_action_string =
3592 TOKEN_STRING_INITIALIZER(struct cmd_action_del_count_result,
3593 action_string, "action");
3595 cmdline_parse_token_string_t cmd_action_del_count_del_string =
3596 TOKEN_STRING_INITIALIZER(struct cmd_action_del_count_result,
3599 cmdline_parse_token_num_t cmd_action_del_count_action_id =
3600 TOKEN_NUM_INITIALIZER(struct cmd_action_del_count_result, action_id,
3603 cmdline_parse_token_string_t cmd_action_del_count_count_string =
3604 TOKEN_STRING_INITIALIZER(struct cmd_action_del_count_result,
3605 count_string, "count");
3607 cmdline_parse_inst_t cmd_action_del_count = {
3608 .f = cmd_action_del_count_parsed,
3610 .help_str = "VFW action delete count",
3612 (void *)&cmd_action_del_count_p_string,
3613 (void *)&cmd_action_del_count_action_string,
3614 (void *)&cmd_action_del_count_del_string,
3615 (void *)&cmd_action_del_count_action_id,
3616 (void *)&cmd_action_del_count_count_string,
3626 * A structure defining the add DSCP action command.
3628 struct cmd_action_add_dscp_result {
3629 cmdline_fixed_string_t p_string;
3630 cmdline_fixed_string_t action_string;
3631 cmdline_fixed_string_t add_string;
3633 cmdline_fixed_string_t dscp_string;
3634 uint8_t dscp_priority;
3638 * Parse DSCP Action Add Command.
3640 * @param parsed_result
3641 * A pointer to CLI command parsed result.
3643 * A pointer to command line context.
3645 * A pointer to command specific data
3649 cmd_action_add_dscp_parsed(void *parsed_result, __attribute__ ((unused))
3650 struct cmdline *cl, void *data)
3652 struct cmd_action_add_dscp_result *params = parsed_result;
3653 struct app_params *app = data;
3654 struct pipeline_action_key key;
3657 key.action_id = params->action_id;
3658 key.action_bitmap = lib_acl_action_dscp;
3659 key.dscp_priority = params->dscp_priority;
3661 status = app_pipeline_action_add(app, &key);
3664 printf("Command failed\n");
3669 cmdline_parse_token_string_t cmd_action_add_dscp_p_string =
3670 TOKEN_STRING_INITIALIZER(struct cmd_action_add_dscp_result, p_string,
3673 cmdline_parse_token_string_t cmd_action_add_dscp_action_string =
3674 TOKEN_STRING_INITIALIZER(struct cmd_action_add_dscp_result,
3675 action_string, "action");
3677 cmdline_parse_token_string_t cmd_action_add_dscp_add_string =
3678 TOKEN_STRING_INITIALIZER(struct cmd_action_add_dscp_result,
3681 cmdline_parse_token_num_t cmd_action_add_dscp_action_id =
3682 TOKEN_NUM_INITIALIZER(struct cmd_action_add_dscp_result, action_id,
3685 cmdline_parse_token_string_t cmd_action_add_dscp_dscp_string =
3686 TOKEN_STRING_INITIALIZER(struct cmd_action_add_dscp_result,
3687 dscp_string, "dscp");
3689 cmdline_parse_token_num_t cmd_action_add_dscp_dscp_priority =
3690 TOKEN_NUM_INITIALIZER(struct cmd_action_add_dscp_result, dscp_priority,
3693 cmdline_parse_inst_t cmd_action_add_dscp = {
3694 .f = cmd_action_add_dscp_parsed,
3696 .help_str = "VFW action add dscp",
3698 (void *)&cmd_action_add_dscp_p_string,
3699 (void *)&cmd_action_add_dscp_action_string,
3700 (void *)&cmd_action_add_dscp_add_string,
3701 (void *)&cmd_action_add_dscp_action_id,
3702 (void *)&cmd_action_add_dscp_dscp_string,
3703 (void *)&cmd_action_add_dscp_dscp_priority,
3713 * A structure defining the delete DSCP action command.
3715 struct cmd_action_del_dscp_result {
3716 cmdline_fixed_string_t p_string;
3717 cmdline_fixed_string_t action_string;
3718 cmdline_fixed_string_t del_string;
3720 cmdline_fixed_string_t dscp_string;
3724 * Parse DSCP Action Delete Command.
3726 * @param parsed_result
3727 * A pointer to CLI command parsed result.
3729 * A pointer to command line context.
3731 * A pointer to command specific data
3735 cmd_action_del_dscp_parsed(void *parsed_result, __attribute__ ((unused))
3736 struct cmdline *cl, void *data)
3738 struct cmd_action_del_dscp_result *params = parsed_result;
3739 struct app_params *app = data;
3740 struct pipeline_action_key key;
3743 key.action_id = params->action_id;
3744 key.action_bitmap = lib_acl_action_dscp;
3746 status = app_pipeline_action_delete(app, &key);
3749 printf("Command failed\n");
3754 cmdline_parse_token_string_t cmd_action_del_dscp_p_string =
3755 TOKEN_STRING_INITIALIZER(struct cmd_action_del_dscp_result, p_string,
3758 cmdline_parse_token_string_t cmd_action_del_dscp_action_string =
3759 TOKEN_STRING_INITIALIZER(struct cmd_action_del_dscp_result,
3760 action_string, "action");
3762 cmdline_parse_token_string_t cmd_action_del_dscp_del_string =
3763 TOKEN_STRING_INITIALIZER(struct cmd_action_del_dscp_result,
3766 cmdline_parse_token_num_t cmd_action_del_dscp_action_id =
3767 TOKEN_NUM_INITIALIZER(struct cmd_action_del_dscp_result, action_id,
3770 cmdline_parse_token_string_t cmd_action_del_dscp_dscp_string =
3771 TOKEN_STRING_INITIALIZER(struct cmd_action_del_dscp_result,
3772 dscp_string, "dscp");
3774 cmdline_parse_inst_t cmd_action_del_dscp = {
3775 .f = cmd_action_del_dscp_parsed,
3777 .help_str = "VFW action delete dscp",
3779 (void *)&cmd_action_del_dscp_p_string,
3780 (void *)&cmd_action_del_dscp_action_string,
3781 (void *)&cmd_action_del_dscp_del_string,
3782 (void *)&cmd_action_del_dscp_action_id,
3783 (void *)&cmd_action_del_dscp_dscp_string,
3789 * p action add conntrack
3793 * A structure defining the add Connection Tracking action command.
3795 struct cmd_action_add_conntrack_result {
3796 cmdline_fixed_string_t p_string;
3797 cmdline_fixed_string_t action_string;
3798 cmdline_fixed_string_t add_string;
3800 cmdline_fixed_string_t conntrack_string;
3804 * Parse Connection Tracking Action Add Command.
3806 * @param parsed_result
3807 * A pointer to CLI command parsed result.
3809 * A pointer to command line context.
3811 * A pointer to command specific data
3815 cmd_action_add_conntrack_parsed(void *parsed_result, __attribute__ ((unused))
3816 struct cmdline *cl, void *data)
3818 struct cmd_action_add_conntrack_result *params = parsed_result;
3819 struct app_params *app = data;
3820 struct pipeline_action_key key;
3823 key.action_id = params->action_id;
3824 key.action_bitmap = lib_acl_action_conntrack;
3826 status = app_pipeline_action_add(app, &key);
3829 printf("Command failed\n");
3834 cmdline_parse_token_string_t cmd_action_add_conntrack_p_string =
3835 TOKEN_STRING_INITIALIZER(struct cmd_action_add_conntrack_result, p_string,
3838 cmdline_parse_token_string_t cmd_action_add_conntrack_action_string =
3839 TOKEN_STRING_INITIALIZER(struct cmd_action_add_conntrack_result,
3840 action_string, "action");
3842 cmdline_parse_token_string_t cmd_action_add_conntrack_add_string =
3843 TOKEN_STRING_INITIALIZER(struct cmd_action_add_conntrack_result,
3846 cmdline_parse_token_num_t cmd_action_add_conntrack_action_id =
3847 TOKEN_NUM_INITIALIZER(struct cmd_action_add_conntrack_result, action_id,
3850 cmdline_parse_token_string_t cmd_action_add_conntrack_conntrack_string =
3851 TOKEN_STRING_INITIALIZER(struct cmd_action_add_conntrack_result,
3852 conntrack_string, "conntrack");
3854 cmdline_parse_inst_t cmd_action_add_conntrack = {
3855 .f = cmd_action_add_conntrack_parsed,
3857 .help_str = "VFW action add conntrack",
3859 (void *)&cmd_action_add_conntrack_p_string,
3860 (void *)&cmd_action_add_conntrack_action_string,
3861 (void *)&cmd_action_add_conntrack_add_string,
3862 (void *)&cmd_action_add_conntrack_action_id,
3863 (void *)&cmd_action_add_conntrack_conntrack_string,
3869 * p action del conntrack
3873 * A structure defining the delete Connection Tracking action command.
3875 struct cmd_action_del_conntrack_result {
3876 cmdline_fixed_string_t p_string;
3877 cmdline_fixed_string_t action_string;
3878 cmdline_fixed_string_t del_string;
3880 cmdline_fixed_string_t conntrack_string;
3884 * Parse Connection Tracking Action Delete Command.
3886 * @param parsed_result
3887 * A pointer to CLI command parsed result.
3889 * A pointer to command line context.
3891 * A pointer to command specific data
3895 cmd_action_del_conntrack_parsed(void *parsed_result, __attribute__ ((unused))
3896 struct cmdline *cl, void *data)
3898 struct cmd_action_del_conntrack_result *params = parsed_result;
3899 struct app_params *app = data;
3900 struct pipeline_action_key key;
3903 key.action_id = params->action_id;
3904 key.action_bitmap = lib_acl_action_conntrack;
3906 status = app_pipeline_action_delete(app, &key);
3909 printf("Command failed\n");
3914 cmdline_parse_token_string_t cmd_action_del_conntrack_p_string =
3915 TOKEN_STRING_INITIALIZER(struct cmd_action_del_conntrack_result, p_string,
3918 cmdline_parse_token_string_t cmd_action_del_conntrack_action_string =
3919 TOKEN_STRING_INITIALIZER(struct cmd_action_del_conntrack_result,
3920 action_string, "action");
3922 cmdline_parse_token_string_t cmd_action_del_conntrack_del_string =
3923 TOKEN_STRING_INITIALIZER(struct cmd_action_del_conntrack_result,
3926 cmdline_parse_token_num_t cmd_action_del_conntrack_action_id =
3927 TOKEN_NUM_INITIALIZER(struct cmd_action_del_conntrack_result, action_id,
3930 cmdline_parse_token_string_t cmd_action_del_conntrack_conntrack_string =
3931 TOKEN_STRING_INITIALIZER(struct cmd_action_del_conntrack_result,
3932 conntrack_string, "conntrack");
3934 cmdline_parse_inst_t cmd_action_del_conntrack = {
3935 .f = cmd_action_del_conntrack_parsed,
3937 .help_str = "VFW action delete conntrack",
3939 (void *)&cmd_action_del_conntrack_p_string,
3940 (void *)&cmd_action_del_conntrack_action_string,
3941 (void *)&cmd_action_del_conntrack_del_string,
3942 (void *)&cmd_action_del_conntrack_action_id,
3943 (void *)&cmd_action_del_conntrack_conntrack_string,
3949 * p action add connexist
3953 * A structure defining the add Connection Exist action command.
3955 struct cmd_action_add_connexist_result {
3956 cmdline_fixed_string_t p_string;
3957 cmdline_fixed_string_t action_string;
3958 cmdline_fixed_string_t add_string;
3960 cmdline_fixed_string_t connexist_string;
3961 cmdline_fixed_string_t private_public_string;
3965 * Parse Connection Exist Action Add Command.
3967 * @param parsed_result
3968 * A pointer to CLI command parsed result.
3970 * A pointer to command line context.
3972 * A pointer to command specific data
3976 cmd_action_add_connexist_parsed(void *parsed_result, __attribute__ ((unused))
3977 struct cmdline *cl, void *data)
3979 struct cmd_action_add_connexist_result *params = parsed_result;
3980 struct app_params *app = data;
3981 struct pipeline_action_key key;
3985 printf("public_private: %s\n", params->private_public_string);
3986 key.action_id = params->action_id;
3987 key.action_bitmap = lib_acl_action_connexist;
3988 if (strcmp(params->private_public_string, "prvpub") == 0)
3989 key.private_public = lib_acl_private_public;
3990 else if (strcmp(params->private_public_string, "pubprv") == 0)
3991 key.private_public = lib_acl_public_private;
3993 printf("Command failed - Invalid string: %s\n",
3994 params->private_public_string);
3998 status = app_pipeline_action_add(app, &key);
4001 printf("Command failed\n");
4006 cmdline_parse_token_string_t cmd_action_add_connexist_p_string =
4007 TOKEN_STRING_INITIALIZER(struct cmd_action_add_connexist_result, p_string,
4010 cmdline_parse_token_string_t cmd_action_add_connexist_action_string =
4011 TOKEN_STRING_INITIALIZER(struct cmd_action_add_connexist_result,
4012 action_string, "action");
4014 cmdline_parse_token_string_t cmd_action_add_connexist_add_string =
4015 TOKEN_STRING_INITIALIZER(struct cmd_action_add_connexist_result,
4018 cmdline_parse_token_num_t cmd_action_add_connexist_action_id =
4019 TOKEN_NUM_INITIALIZER(struct cmd_action_add_connexist_result, action_id,
4022 cmdline_parse_token_string_t cmd_action_add_connexist_connexist_string =
4023 TOKEN_STRING_INITIALIZER(struct cmd_action_add_connexist_result,
4024 connexist_string, "connexist");
4026 cmdline_parse_token_string_t cmd_action_add_connexist_private_public =
4027 TOKEN_STRING_INITIALIZER(struct cmd_action_add_connexist_result,
4028 private_public_string,
4031 cmdline_parse_inst_t cmd_action_add_connexist = {
4032 .f = cmd_action_add_connexist_parsed,
4034 .help_str = "VFW action add connexist",
4036 (void *)&cmd_action_add_connexist_p_string,
4037 (void *)&cmd_action_add_connexist_action_string,
4038 (void *)&cmd_action_add_connexist_add_string,
4039 (void *)&cmd_action_add_connexist_action_id,
4040 (void *)&cmd_action_add_connexist_connexist_string,
4041 (void *)&cmd_action_add_connexist_private_public,
4047 * p action del connexist
4051 * A structure defining the delete Connection Exist action command.
4053 struct cmd_action_del_connexist_result {
4054 cmdline_fixed_string_t p_string;
4055 cmdline_fixed_string_t action_string;
4056 cmdline_fixed_string_t del_string;
4058 cmdline_fixed_string_t connexist_string;
4062 * Parse Connection Exist Action Delete Command.
4064 * @param parsed_result
4065 * A pointer to CLI command parsed result.
4067 * A pointer to command line context.
4069 * A pointer to command specific data
4073 cmd_action_del_connexist_parsed(void *parsed_result, __attribute__ ((unused))
4074 struct cmdline *cl, void *data)
4076 struct cmd_action_del_connexist_result *params = parsed_result;
4077 struct app_params *app = data;
4078 struct pipeline_action_key key;
4081 key.action_id = params->action_id;
4082 key.action_bitmap = lib_acl_action_connexist;
4084 status = app_pipeline_action_delete(app, &key);
4087 printf("Command failed\n");
4092 cmdline_parse_token_string_t cmd_action_del_connexist_p_string =
4093 TOKEN_STRING_INITIALIZER(struct cmd_action_del_connexist_result, p_string,
4096 cmdline_parse_token_string_t cmd_action_del_connexist_action_string =
4097 TOKEN_STRING_INITIALIZER(struct cmd_action_del_connexist_result,
4098 action_string, "action");
4100 cmdline_parse_token_string_t cmd_action_del_connexist_add_string =
4101 TOKEN_STRING_INITIALIZER(struct cmd_action_del_connexist_result,
4104 cmdline_parse_token_num_t cmd_action_del_connexist_action_id =
4105 TOKEN_NUM_INITIALIZER(struct cmd_action_del_connexist_result, action_id,
4108 cmdline_parse_token_string_t cmd_action_del_connexist_connexist_string =
4109 TOKEN_STRING_INITIALIZER(struct cmd_action_del_connexist_result,
4110 connexist_string, "connexist");
4112 cmdline_parse_inst_t cmd_action_del_connexist = {
4113 .f = cmd_action_del_connexist_parsed,
4115 .help_str = "VFW action del connexist",
4117 (void *)&cmd_action_del_connexist_p_string,
4118 (void *)&cmd_action_del_connexist_action_string,
4119 (void *)&cmd_action_del_connexist_add_string,
4120 (void *)&cmd_action_del_connexist_action_id,
4121 (void *)&cmd_action_del_connexist_connexist_string,
4131 * A structure defining the action ls command.
4133 struct cmd_action_ls_result {
4134 cmdline_fixed_string_t p_string;
4135 cmdline_fixed_string_t action_string;
4136 cmdline_fixed_string_t ls_string;
4137 uint32_t table_instance;
4141 * Parse Action LS Command.
4143 * @param parsed_result
4144 * A pointer to CLI command parsed result.
4146 * A pointer to command line context.
4148 * A pointer to command specific data
4151 static void cmd_action_ls_parsed(void *parsed_result, __attribute__ ((unused))
4152 struct cmdline *cl, __attribute__ ((unused)) void *data)
4154 struct cmd_action_ls_result *params = parsed_result;
4155 uint32_t action_bitmap, i, j;
4156 uint8_t action_found = 0;
4157 struct action_counter_block action_counter_sum;
4159 if (params->table_instance == active_rule_table) {
4160 printf("Active Action Table:\n");
4161 printf("Action ID Action\n");
4162 printf("========= ======\n");
4164 for (i = 0; i < action_array_max; i++) {
4165 action_bitmap = action_array_active[i].action_bitmap;
4166 if (action_bitmap != 0) {
4169 lib_acl_action_packet_accept)
4170 printf(" %04u Accept\n", i);
4171 if (action_bitmap & lib_acl_action_packet_drop)
4172 printf(" %04u Drop\n", i);
4173 if (action_bitmap & lib_acl_action_nat)
4178 action_array_active[i].nat_port);
4179 if (action_bitmap & lib_acl_action_fwd)
4184 action_array_active[i].
4186 if (action_bitmap & lib_acl_action_count) {
4187 action_counter_sum.packetCount = 0;
4188 action_counter_sum.byteCount = 0;
4189 for (j = 0; j <= (uint32_t)
4190 rte_VFW_hi_counter_block_in_use;
4194 action_counter_table[j][i].
4196 action_counter_sum.byteCount +=
4197 action_counter_table[j][i].
4201 " Count Packet Count:%"
4202 PRIu64 " Byte Count: %" PRIu64
4204 action_counter_sum.packetCount,
4205 action_counter_sum.byteCount);
4207 if (action_bitmap & lib_acl_action_conntrack)
4208 printf(" %04u Conntrack\n", i);
4209 if (action_bitmap & lib_acl_action_connexist) {
4210 printf(" %04u Connexist", i);
4211 if (action_array_active[i].
4213 lib_acl_private_public)
4214 printf(" prvpub\n");
4216 printf(" pubprv\n");
4218 if (action_bitmap & lib_acl_action_dscp)
4221 " DSCP DSCP Priority: %"
4224 action_array_active[i].
4234 printf("Standby Action Table:\n");
4235 printf("Action ID Action\n");
4236 printf("========= ======\n");
4238 for (i = 0; i < action_array_max; i++) {
4239 action_bitmap = action_array_standby[i].action_bitmap;
4240 if (action_bitmap != 0) {
4243 lib_acl_action_packet_accept)
4244 printf(" %04u Accept\n", i);
4245 if (action_bitmap & lib_acl_action_packet_drop)
4246 printf(" %04u Drop\n", i);
4247 if (action_bitmap & lib_acl_action_nat)
4252 action_array_standby[i].
4254 if (action_bitmap & lib_acl_action_fwd)
4259 action_array_standby[i].
4261 if (action_bitmap & lib_acl_action_count)
4262 printf(" %04u Count\n", i);
4263 if (action_bitmap & lib_acl_action_conntrack)
4264 printf(" %04u Conntrack\n", i);
4265 if (action_bitmap & lib_acl_action_connexist) {
4266 printf(" %04u Connexist", i);
4267 if (action_array_standby[i].
4269 lib_acl_private_public)
4270 printf(" prvpub\n");
4272 printf(" pubprv\n");
4274 if (action_bitmap & lib_acl_action_dscp)
4276 " DSCP DSCP Priority: %"
4278 action_array_standby[i].
4288 cmdline_parse_token_string_t cmd_action_ls_p_string =
4289 TOKEN_STRING_INITIALIZER(struct cmd_action_ls_result, p_string,
4292 cmdline_parse_token_string_t cmd_action_ls_action_string =
4293 TOKEN_STRING_INITIALIZER(struct cmd_action_ls_result,
4294 action_string, "action");
4296 cmdline_parse_token_string_t cmd_action_ls_ls_string =
4297 TOKEN_STRING_INITIALIZER(struct cmd_action_ls_result, ls_string,
4300 cmdline_parse_token_num_t cmd_action_ls_table_instance =
4301 TOKEN_NUM_INITIALIZER(struct cmd_action_ls_result, table_instance,
4304 cmdline_parse_inst_t cmd_action_ls = {
4305 .f = cmd_action_ls_parsed,
4307 .help_str = "VFW action list",
4309 (void *)&cmd_action_ls_p_string,
4310 (void *)&cmd_action_ls_action_string,
4311 (void *)&cmd_action_ls_ls_string,
4312 (void *)&cmd_action_ls_table_instance,
4318 * p vfw onesectimer start/stop
4322 * A structure defining the VFW Dump Counter start/stop command.
4324 struct cmd_vfw_per_sec_ctr_dump_result {
4325 cmdline_fixed_string_t p_string;
4326 cmdline_fixed_string_t vfw_string;
4327 cmdline_fixed_string_t per_sec_ctr_dump_string;
4328 cmdline_fixed_string_t stop_string;
4332 * Parse Dump Counter Start Command.
4333 * Start timer to display stats to console at regular intervals.
4335 * @param parsed_result
4336 * A pointer to CLI command parsed result.
4338 * A pointer to command line context.
4340 * A pointer to command specific data
4344 cmd_vfw_per_sec_ctr_dump_start_parsed(
4345 __attribute__ ((unused)) void *parsed_result,
4346 __attribute__ ((unused))
4347 struct cmdline *cl, __attribute__ ((unused)) void *data)
4349 rte_vfw_reset_running_averages();
4350 /* execute timeout on current core */
4351 uint32_t core_id = rte_lcore_id();
4353 rte_timer_reset(&rte_vfw_one_second_timer,
4354 rte_vfw_ticks_in_one_second, PERIODICAL, core_id,
4355 rte_dump_vfw_counters_from_master, NULL);
4357 printf("CNXN_TRACKER: Failed to set connection timer.\n");
4361 * Parse Dump Counter Stop Command.
4362 * Stop timer that was started to display stats.
4364 * @param parsed_result
4365 * A pointer to CLI command parsed result.
4367 * A pointer to command line context.
4369 * A pointer to command specific data
4373 cmd_vfw_per_sec_ctr_dump_stop_parsed(
4374 __attribute__ ((unused)) void *parsed_result,
4375 __attribute__ ((unused))
4376 struct cmdline *cl, __attribute__ ((unused)) void *data)
4378 rte_timer_stop(&rte_vfw_one_second_timer);
4381 cmdline_parse_token_string_t cmd_vfw_per_sec_ctr_dump_p_string =
4382 TOKEN_STRING_INITIALIZER(struct cmd_vfw_per_sec_ctr_dump_result,
4385 cmdline_parse_token_string_t cmd_vfw_per_sec_ctr_dump_acl_string =
4386 TOKEN_STRING_INITIALIZER(struct cmd_vfw_per_sec_ctr_dump_result,
4389 cmdline_parse_token_string_t cmd_vfw_per_sec_ctr_dump_string =
4390 TOKEN_STRING_INITIALIZER(struct cmd_vfw_per_sec_ctr_dump_result,
4391 per_sec_ctr_dump_string, "counterdump");
4393 cmdline_parse_token_string_t cmd_vfw_stop_string =
4394 TOKEN_STRING_INITIALIZER(struct cmd_vfw_per_sec_ctr_dump_result,
4395 stop_string, "stop");
4397 cmdline_parse_token_string_t cmd_vfw_start_string =
4398 TOKEN_STRING_INITIALIZER(struct cmd_vfw_per_sec_ctr_dump_result,
4399 stop_string, "start");
4401 cmdline_parse_inst_t cmd_vfw_per_sec_ctr_dump_stop = {
4402 .f = cmd_vfw_per_sec_ctr_dump_stop_parsed,
4404 .help_str = "VFW counterdump stop",
4406 (void *)&cmd_vfw_per_sec_ctr_dump_p_string,
4407 (void *)&cmd_vfw_per_sec_ctr_dump_acl_string,
4408 (void *)&cmd_vfw_per_sec_ctr_dump_string,
4409 (void *)&cmd_vfw_stop_string,
4414 cmdline_parse_inst_t cmd_vfw_per_sec_ctr_dump_start = {
4415 .f = cmd_vfw_per_sec_ctr_dump_start_parsed,
4417 .help_str = "VFW counterdump start",
4419 (void *)&cmd_vfw_per_sec_ctr_dump_p_string,
4420 (void *)&cmd_vfw_per_sec_ctr_dump_acl_string,
4421 (void *)&cmd_vfw_per_sec_ctr_dump_string,
4422 (void *)&cmd_vfw_start_string,
4428 * A structure defining the VFW firewall ON/OFF command.
4430 struct cmd_vfw_firewall_flag_result {
4431 cmdline_fixed_string_t p_string;
4432 uint32_t pipeline_id;
4433 cmdline_fixed_string_t vfw_string;
4434 cmdline_fixed_string_t firewall_flag_string;
4435 uint8_t firewall_flag;
4439 * Parse VFW Firewall ON/OFF CLI command.
4441 * @param parsed_result
4442 * A pointer to CLI command parsed result.
4444 * A pointer to command line context.
4446 * A pointer to command specific data
4450 cmd_vfw_firewall_flag_parsed(void *parsed_result, __attribute__ ((unused))
4451 struct cmdline *cl, __attribute__ ((unused)) void *data)
4453 struct cmd_vfw_firewall_flag_result *params = parsed_result;
4455 if (params->firewall_flag == 0) {
4456 printf("firewall turned OFF\n");
4458 } else if (params->firewall_flag == 1) {
4459 printf("firewall turned ON\n");
4462 printf("Invalid firewall setting\n");
4465 cmdline_parse_token_string_t cmd_vfw_firewall_flag_p_string =
4466 TOKEN_STRING_INITIALIZER(struct cmd_vfw_firewall_flag_result,
4469 cmdline_parse_token_string_t cmd_vfw_firewall_flag_vfw_string =
4470 TOKEN_STRING_INITIALIZER(struct cmd_vfw_firewall_flag_result,
4473 cmdline_parse_token_string_t cmd_vfw_firewall_flag_string =
4474 TOKEN_STRING_INITIALIZER(struct cmd_vfw_firewall_flag_result,
4475 firewall_flag_string, "firewall");
4477 cmdline_parse_token_num_t cmd_vfw_firewall_flag =
4478 TOKEN_NUM_INITIALIZER(struct cmd_vfw_firewall_flag_result, firewall_flag,
4481 cmdline_parse_inst_t cmd_vfw_firewall = {
4482 .f = cmd_vfw_firewall_flag_parsed,
4484 .help_str = "VFW firewall_flag",
4486 (void *)&cmd_vfw_firewall_flag_p_string,
4487 (void *)&cmd_vfw_firewall_flag_vfw_string,
4488 (void *)&cmd_vfw_firewall_flag_string,
4489 (void *)&cmd_vfw_firewall_flag,
4496 * A structure defining the TCPFW conntrack ON/OFF command.
4498 struct cmd_vfw_fw_conntrack_result {
4499 cmdline_fixed_string_t p_string;
4500 uint32_t pipeline_id;
4501 cmdline_fixed_string_t tcpfw_string;
4502 cmdline_fixed_string_t conntrack_string;
4503 uint8_t conntrack_flag;
4507 * Parse VFW_TCPFW conntrack ON/OFF CLI command.
4509 * @param parsed_result
4510 * A pointer to CLI command parsed result.
4512 * A pointer to command line context.
4514 * A pointer to command specific data
4517 static void cmd_vfw_fw_conntrack_parsed(
4518 void *parsed_result,
4519 __attribute__((unused)) struct cmdline *cl,
4520 __rte_unused void *data)
4522 struct cmd_vfw_fw_conntrack_result *params = parsed_result;
4524 if (params->conntrack_flag == 0) {
4525 printf("firewall conntrack turned OFF\n");
4526 cnxn_tracking_is_active = 0;
4527 } else if (params->conntrack_flag == 1) {
4528 printf("firewall conntrack turned ON\n");
4529 cnxn_tracking_is_active = 1;
4531 printf("Invalid firewall conntrack setting\n");
4534 cmdline_parse_token_string_t cmd_vfw_fw_conntrack_p_string =
4535 TOKEN_STRING_INITIALIZER(struct cmd_vfw_fw_conntrack_result,
4538 cmdline_parse_token_string_t cmd_vfw_fw_conntrack_fw_string =
4539 TOKEN_STRING_INITIALIZER(struct cmd_vfw_fw_conntrack_result,
4540 tcpfw_string, "vfw");
4542 cmdline_parse_token_string_t cmd_vfw_fw_conntrack_string =
4543 TOKEN_STRING_INITIALIZER(struct cmd_vfw_fw_conntrack_result,
4544 conntrack_string, "conntrack");
4546 cmdline_parse_token_num_t cmd_vfw_fw_conntrack_flag =
4547 TOKEN_NUM_INITIALIZER(struct cmd_vfw_fw_conntrack_result, conntrack_flag,
4549 cmdline_parse_inst_t cmd_vfw_fw_conntrack = {
4550 .f = cmd_vfw_fw_conntrack_parsed,
4552 .help_str = "VFW FW conntrack",
4554 (void *) &cmd_vfw_fw_conntrack_p_string,
4555 (void *) &cmd_vfw_fw_conntrack_fw_string,
4556 (void *) &cmd_vfw_fw_conntrack_string,
4557 (void *) &cmd_vfw_fw_conntrack_flag,
4563 * A structure defining the VFW synproxy ON/OFFcommand.
4565 struct cmd_vfw_synproxy_flag_result {
4566 cmdline_fixed_string_t p_string;
4567 uint32_t pipeline_id;
4568 cmdline_fixed_string_t vfw_string;
4569 cmdline_fixed_string_t synproxy_flag_string;
4570 uint8_t synproxy_flag;
4574 * Parse TCPFW synproxy ON/OFF CLI command.
4576 * @param parsed_result
4577 * A pointer to CLI command parsed result.
4579 * A pointer to command line context.
4581 * A pointer to command specific data
4585 cmd_vfw_synproxy_flag_parsed(void *parsed_result, __attribute__ ((unused))
4586 struct cmdline *cl, void *data)
4588 struct cmd_vfw_synproxy_flag_result *params = parsed_result;
4589 struct app_params *app = data;
4592 status = app_pipeline_vfw_synproxy_flag(app,
4593 params->pipeline_id,
4594 params->synproxy_flag);
4597 printf("Command failed\n");
4602 cmdline_parse_token_string_t cmd_vfw_synproxy_flag_p_string =
4603 TOKEN_STRING_INITIALIZER(struct cmd_vfw_synproxy_flag_result,
4606 cmdline_parse_token_num_t cmd_vfw_synproxy_flag_pipeline_id =
4607 TOKEN_NUM_INITIALIZER(struct cmd_vfw_synproxy_flag_result,
4608 pipeline_id, UINT32);
4610 cmdline_parse_token_string_t cmd_vfw_synproxy_flag_vfw_string =
4611 TOKEN_STRING_INITIALIZER(struct cmd_vfw_synproxy_flag_result,
4614 cmdline_parse_token_string_t cmd_vfw_synproxy_flag_string =
4615 TOKEN_STRING_INITIALIZER(struct cmd_vfw_synproxy_flag_result,
4616 synproxy_flag_string, "synproxy");
4618 cmdline_parse_token_num_t cmd_vfw_synproxy_flag =
4619 TOKEN_NUM_INITIALIZER(struct cmd_vfw_synproxy_flag_result, synproxy_flag,
4622 cmdline_parse_inst_t cmd_vfw_synproxy = {
4623 .f = cmd_vfw_synproxy_flag_parsed,
4625 .help_str = "VFW synproxy_flag",
4627 (void *)&cmd_vfw_synproxy_flag_p_string,
4628 (void *)&cmd_vfw_synproxy_flag_pipeline_id,
4629 (void *)&cmd_vfw_synproxy_flag_vfw_string,
4630 (void *)&cmd_vfw_synproxy_flag_string,
4631 (void *)&cmd_vfw_synproxy_flag,
4636 static cmdline_parse_ctx_t pipeline_cmds[] = {
4638 (cmdline_parse_inst_t *) &cmd_vfw_add_ip,
4639 (cmdline_parse_inst_t *) &cmd_vfw_del_ip,
4640 (cmdline_parse_inst_t *) &cmd_vfw_dbg,
4641 (cmdline_parse_inst_t *) &cmd_vfw_clearrules,
4642 (cmdline_parse_inst_t *) &cmd_loadrules,
4643 (cmdline_parse_inst_t *) &cmd_vfw_ls,
4644 (cmdline_parse_inst_t *) &cmd_action_add_accept,
4645 (cmdline_parse_inst_t *) &cmd_action_del_accept,
4646 (cmdline_parse_inst_t *) &cmd_action_add_drop,
4647 (cmdline_parse_inst_t *) &cmd_action_del_drop,
4648 (cmdline_parse_inst_t *) &cmd_action_add_fwd,
4649 (cmdline_parse_inst_t *) &cmd_action_del_fwd,
4650 (cmdline_parse_inst_t *) &cmd_action_add_nat,
4651 (cmdline_parse_inst_t *) &cmd_action_del_nat,
4652 (cmdline_parse_inst_t *) &cmd_action_add_count,
4653 (cmdline_parse_inst_t *) &cmd_action_del_count,
4654 (cmdline_parse_inst_t *) &cmd_action_add_dscp,
4655 (cmdline_parse_inst_t *) &cmd_action_del_dscp,
4656 (cmdline_parse_inst_t *) &cmd_action_add_conntrack,
4657 (cmdline_parse_inst_t *) &cmd_action_del_conntrack,
4658 (cmdline_parse_inst_t *) &cmd_action_add_connexist,
4659 (cmdline_parse_inst_t *) &cmd_action_del_connexist,
4660 (cmdline_parse_inst_t *) &cmd_action_ls,
4661 (cmdline_parse_inst_t *) &cmd_vfw_applyruleset,
4663 (cmdline_parse_inst_t *) &cmd_vfw_stats,
4664 (cmdline_parse_inst_t *) &cmd_vfw_clearstats,
4665 (cmdline_parse_inst_t *) &cmd_vfw_per_sec_ctr_dump_stop,
4666 (cmdline_parse_inst_t *) &cmd_vfw_per_sec_ctr_dump_start,
4667 (cmdline_parse_inst_t *) &cmd_vfw_synproxy,
4668 (cmdline_parse_inst_t *) &cmd_vfw_firewall,
4670 (cmdline_parse_inst_t *) &cmd_vfw_fw_conntrack,
4675 static struct pipeline_fe_ops pipeline_vfw_fe_ops = {
4676 .f_init = app_pipeline_vfw_init,
4677 .f_free = app_pipeline_vfw_free,
4678 .cmds = pipeline_cmds,
4681 struct pipeline_type pipeline_vfw = {
4683 .be_ops = &pipeline_vfw_be_ops,
4684 .fe_ops = &pipeline_vfw_fe_ops,