@5947752 update EosSdk to v1.13.0!

aristanetworks · Sep 21, 2017 · fef8b7f · fef8b7f
1 parent d4ea2a7
commit fef8b7f
Show file tree

Hide file tree

Showing 5 changed files with 76 additions and 8 deletions.
diff --git a/acl.cpp b/acl.cpp
@@ -76,6 +76,16 @@ class acl_mgr_impl : public acl_mgr {
    void acl_fragments_enabled_set(acl_key_t const &, bool enabled) {
    }
 
+   bool dgram_allowed(ip_addr_t const &, ip_addr_t const &, uint16_t, uint16_t,
+                      uint8_t, uint8_t, intf_id_t const &) {
+      return true;
+   }
+
+   bool stream_allowed(ip_addr_t const &, ip_addr_t const &, uint8_t, uint16_t,
+                       uint16_t) {
+      return true;
+   }
+
    bool persistent(acl_key_t const &) const {
       return false;
    }

diff --git a/eos/acl.h b/eos/acl.h
@@ -282,6 +282,36 @@ class EOS_SDK_PUBLIC acl_mgr : public base_mgr<acl_handler> {
     */
    virtual void acl_fragments_enabled_set(acl_key_t const &, bool) = 0;
 
+   /**
+    * Check a connection against any applied ACL to determine if it should be
+    * dropped. For use with SOCK_STREAM or SOCK_DGRAM.
+    *
+    * @param ip_addr_t Source IP address
+    * @param ip_addr_t Destination IP address
+    * @param uint8_t Protocol (optional)
+    * @param uint16_t Source port (optional)
+    * @param uint16_t Destination port (optional)
+    * @return false if connection should be dropped, true otherwise.
+    */
+   virtual bool stream_allowed(ip_addr_t const &, ip_addr_t const &, uint8_t = 0,
+                               uint16_t = 0, uint16_t = 0) = 0;
+
+   /**
+    * Check a packet against any applied ACL to determine if it should be
+    * dropped. For use with SOCK_DGRAM only.
+    *
+    * @param ip_addr_t Source IP address
+    * @param ip_addr_t Destination IP address
+    * @param uint16_t Source port
+    * @param uint16_t Destination port
+    * @param uint8_t Time to live (IPv4) or hop limit (IPv6)
+    * @param uint8_t Type of service (IPv4) or traffic class (IPv6)
+    * @param intf_id_t Recipient interface
+    * @return false if the packet should be dropped, true otherwise.
+    */
+   virtual bool dgram_allowed(ip_addr_t const &, ip_addr_t const &, uint16_t,
+                              uint16_t, uint8_t, uint8_t, intf_id_t const &) = 0;
+
    /**
     * Return whether the ACL is persistent or not. ACLs are dynamic by default.
     * @param acl_key_t The ACL key (name and ACL type)

diff --git a/examples/FibAclSync.cpp b/examples/FibAclSync.cpp
@@ -12,7 +12,7 @@
  * with the destination qualifier matching each monitored route exists in a
  * V4/V6 ACL. For simplicity, when an ACL update is triggered by a route change
  * all the existing rules in the ACL are purged from the ACL config and a new
- * config is created by iterating the FIB. The new config is then committed 
+ * config is created by iterating the FIB. The new config is then committed
  * to reprogram the ACL in hardware.
  *
  * ACL commit operation is expensive since it involves reprogramming all the
@@ -73,7 +73,7 @@ static const std::string STATUS_ROUTE_TYPES = "Route types to monitor";
 static const std::string STATUS_ACL_UPDATE_TIMER_MIN = "ACL update timer[ min ]";
 static const std::string STATUS_ACL_UPDATE_TIMER_MAX = "ACL update timer[ max ]";
 static const std::string STATUS_ACL_UPDATE_TIMER = "ACL update timer";
-static const std::string STATUS_UPDATE_SUCCESS_COUNTER= 
+static const std::string STATUS_UPDATE_SUCCESS_COUNTER=
                                       "Number of succeeded ACL updates";
 static const std::string STATUS_UPDATE_FAIL_COUNTER= "Number of failed ACL updates";
 static const std::string STATUS_LAST_UPDATE_STATUS = "Status of last ACL update";
@@ -199,7 +199,7 @@ class fib_acl_sync : public eos::agent_handler,
                // User has set an incorrect value.
                // Reset to default value.
                t.trace0("%s: Option %s set to an incorrect value. "
-                        "Assuming default value.", 
+                        "Assuming default value.",
                         __FUNCTION__, CONFIG_ACL_UPDATE_TIMER_MIN.c_str());
                acl_update_timer_min = ACL_UPDATE_TIMER_MIN;
             }
@@ -209,7 +209,7 @@ class fib_acl_sync : public eos::agent_handler,
          update_status(STATUS_ACL_UPDATE_TIMER_MIN, acl_update_timer_min);
 
       } else if (option_name == CONFIG_ACL_UPDATE_TIMER_MAX) {
-         // acl_update_timer_max has changed. No need to schedule ACL update. 
+         // acl_update_timer_max has changed. No need to schedule ACL update.
          // This will be effective when we schedule the next ACL update.
 
          if (value.empty()) {
@@ -266,7 +266,7 @@ class fib_acl_sync : public eos::agent_handler,
          update_acl = true;
 
       } else if (option_name == CONFIG_VRF) {
-         // VRF changed. Schedule ACL update 
+         // VRF changed. Schedule ACL update
 
          if (value.empty()) {
             t.trace0("%s: Removed option %s", __FUNCTION__,
@@ -369,8 +369,8 @@ class fib_acl_sync : public eos::agent_handler,
 
       if (nodelay) {
          // Most likely a config change has occurred. Schedule immediate ACL
-         // update and reset the timeout to acl_update_timer_min. 
-         
+         // update and reset the timeout to acl_update_timer_min.
+
          timeout_time_is(eos::now());
          acl_update_timer = acl_update_timer_min;
          update_status(STATUS_ACL_UPDATE_TIMER, acl_update_timer);

diff --git a/mount_profile_eossdk_all b/mount_profile_eossdk_all
@@ -0,0 +1,28 @@
+agentName:EosSdk-%sliceId
+
+Include: EosSdk_acl.include
+Include: EosSdk_agent.include
+Include: EosSdk_class_map.include
+Include: EosSdk_decap_group.include
+Include: EosSdk_directflow.include
+Include: EosSdk_eth_intf.include
+Include: EosSdk_eth_lag_intf.include
+Include: EosSdk_eth_phy_intf.include
+Include: EosSdk_fib.include
+Include: EosSdk_hardware_table.include
+Include: EosSdk_intf.include
+Include: EosSdk_IntfMgrHelper.include
+Include: EosSdk_ip_intf.include
+Include: EosSdk_ip_route.include
+Include: EosSdk_lldp.include
+Include: EosSdk_mac_table.include
+Include: EosSdk_mlag.include
+Include: EosSdk_mpls_route.include
+Include: EosSdk_neighbor_table.include
+Include: EosSdk_nexthop_group.include
+Include: EosSdk_policy_map.include
+Include: EosSdk_subintf.include
+Include: EosSdk_system.include
+Include: EosSdk_vrf.include
+Include: EosSdk_GOpenFlow.include
+Include: EosSdk_bfd_session.include
diff --git a/version.m4 b/version.m4
@@ -1,2 +1,2 @@
 m4_define([_NAME_],[EosSdk])
-m4_define([_VERSION_],[1.12.3])
+m4_define([_VERSION_],[1.13.0])