Skip to content

Commit

Permalink
[aclorch]: Refactor doAclTableTask and doAclRuleTask (sonic-net#318)
Browse files Browse the repository at this point in the history 
Add public functions to create/remove ACL rules/tables
  • Loading branch information
@sihuihan88
sihuihan88 authored and Shuotian Cheng committed Sep 22, 2017
1 parent 533ace2 commit 982efc3
Show file tree
Hide file tree
Showing 2 changed files with 107 additions and 81 deletions.
183 changes: 102 additions & 81 deletions orchagent/aclorch.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1067,6 +1067,104 @@ void AclOrch::doTask(Consumer &consumer)
}
}

void AclOrch::addAclTable(AclTable &newTable, string table_id)
{
sai_object_id_t table_oid = getTableById(table_id);

if (table_oid != SAI_NULL_OBJECT_ID)
{
// table already exists, delete it first
if (deleteUnbindAclTable(table_oid) == SAI_STATUS_SUCCESS)
{
SWSS_LOG_INFO("Successfully deleted ACL table %s", table_id.c_str());
m_AclTables.erase(table_oid);
}
}
if (createBindAclTable(newTable, table_oid) == SAI_STATUS_SUCCESS)
{
m_AclTables[table_oid] = newTable;
SWSS_LOG_INFO("Successfully created ACL table %s, oid: %lX", newTable.description.c_str(), table_oid);
}
else
{
SWSS_LOG_ERROR("Failed to create table %s", table_id.c_str());
}
}

void AclOrch::removeAclTable(string table_id)
{
sai_object_id_t table_oid = getTableById(table_id);
if (table_oid != SAI_NULL_OBJECT_ID)
{
if (deleteUnbindAclTable(table_oid) == SAI_STATUS_SUCCESS)
{
SWSS_LOG_INFO("Successfully deleted ACL table %s", table_id.c_str());
m_AclTables.erase(table_oid);
}
else
{
SWSS_LOG_ERROR("Failed to delete ACL table %s", table_id.c_str());
}
}
else
{
SWSS_LOG_ERROR("Failed to delete ACL table. Table %s does not exist", table_id.c_str());
}
}

void AclOrch::addAclRule(shared_ptr<AclRule> newRule, string table_id, string rule_id)
{
sai_object_id_t table_oid = getTableById(table_id);
auto ruleIter = m_AclTables[table_oid].rules.find(rule_id);
if (ruleIter != m_AclTables[table_oid].rules.end())
{
// rule already exists - delete it first
if (ruleIter->second->remove())
{
m_AclTables[table_oid].rules.erase(ruleIter);
SWSS_LOG_INFO("Successfully deleted ACL rule: %s", rule_id.c_str());
}
}
if (newRule->create())
{
m_AclTables[table_oid].rules[rule_id] = newRule;
SWSS_LOG_INFO("Successfully created ACL rule %s in table %s", rule_id.c_str(), table_id.c_str());
}
else
{
SWSS_LOG_ERROR("Failed to create rule in table %s", table_id.c_str());
}
}

void AclOrch::removeAclRule(string table_id, string rule_id)
{
sai_object_id_t table_oid = getTableById(table_id);
if (table_oid != SAI_NULL_OBJECT_ID)
{
auto ruleIter = m_AclTables[table_oid].rules.find(rule_id);
if (ruleIter != m_AclTables[table_oid].rules.end())
{
if (ruleIter->second->remove())
{
m_AclTables[table_oid].rules.erase(ruleIter);
SWSS_LOG_INFO("Successfully deleted ACL rule %s", rule_id.c_str());
}
else
{
SWSS_LOG_ERROR("Failed to delete ACL rule: %s", table_id.c_str());
}
}
else
{
SWSS_LOG_ERROR("Failed to delete ACL rule. Unknown rule %s", rule_id.c_str());
}
}
else
{
SWSS_LOG_ERROR("Failed to delete rule %s from ACL table %s. Table does not exist", rule_id.c_str(), table_id.c_str());
}
}

void AclOrch::doAclTableTask(Consumer &consumer)
{
SWSS_LOG_ENTER();
Expand Down Expand Up @@ -1124,26 +1222,7 @@ void AclOrch::doAclTableTask(Consumer &consumer)
// validate and create ACL Table
if (bAllAttributesOk && validateAclTable(newTable))
{
sai_object_id_t table_oid = getTableById(table_id);

if (table_oid != SAI_NULL_OBJECT_ID)
{
// table already exists, delete it first
if (deleteUnbindAclTable(table_oid) == SAI_STATUS_SUCCESS)
{
SWSS_LOG_INFO("Successfully deleted ACL table %s", table_id.c_str());
m_AclTables.erase(table_oid);
}
}
if (createBindAclTable(newTable, table_oid) == SAI_STATUS_SUCCESS)
{
m_AclTables[table_oid] = newTable;
SWSS_LOG_INFO("Successfully created ACL table %s, oid: %lX", newTable.description.c_str(), table_oid);
}
else
{
SWSS_LOG_ERROR("Failed to create table %s", table_id.c_str());
}
addAclTable(newTable, table_id);
}
else
{
Expand All @@ -1152,23 +1231,7 @@ void AclOrch::doAclTableTask(Consumer &consumer)
}
else if (op == DEL_COMMAND)
{
sai_object_id_t table_oid = getTableById(table_id);
if (table_oid != SAI_NULL_OBJECT_ID)
{
if (deleteUnbindAclTable(table_oid) == SAI_STATUS_SUCCESS)
{
SWSS_LOG_INFO("Successfully deleted ACL table %s", table_id.c_str());
m_AclTables.erase(table_oid);
}
else
{
SWSS_LOG_ERROR("Failed to delete ACL table %s", table_id.c_str());
}
}
else
{
SWSS_LOG_ERROR("Failed to delete ACL table. Table %s does not exist", table_id.c_str());
}
removeAclTable(table_id);
}
else
{
Expand Down Expand Up @@ -1244,25 +1307,7 @@ void AclOrch::doAclRuleTask(Consumer &consumer)
// validate and create ACL rule
if (bAllAttributesOk && newRule->validate())
{
auto ruleIter = m_AclTables[table_oid].rules.find(rule_id);
if (ruleIter != m_AclTables[table_oid].rules.end())
{
// rule already exists - delete it first
if (ruleIter->second->remove())
{
m_AclTables[table_oid].rules.erase(ruleIter);
SWSS_LOG_INFO("Successfully deleted ACL rule: %s", rule_id.c_str());
}
}
if (newRule->create())
{
m_AclTables[table_oid].rules[rule_id] = newRule;
SWSS_LOG_INFO("Successfully created ACL rule %s in table %s", rule_id.c_str(), table_id.c_str());
}
else
{
SWSS_LOG_ERROR("Failed to create rule in table %s", table_id.c_str());
}
addAclRule(newRule, table_id, rule_id);
}
else
{
Expand All @@ -1271,31 +1316,7 @@ void AclOrch::doAclRuleTask(Consumer &consumer)
}
else if (op == DEL_COMMAND)
{
sai_object_id_t table_oid = getTableById(table_id);
if (table_oid != SAI_NULL_OBJECT_ID)
{
auto ruleIter = m_AclTables[table_oid].rules.find(rule_id);
if (ruleIter != m_AclTables[table_oid].rules.end())
{
if (ruleIter->second->remove())
{
m_AclTables[table_oid].rules.erase(ruleIter);
SWSS_LOG_INFO("Successfully deleted ACL rule %s", rule_id.c_str());
}
else
{
SWSS_LOG_ERROR("Failed to delete ACL rule: %s", table_id.c_str());
}
}
else
{
SWSS_LOG_ERROR("Failed to delete ACL rule. Unknown rule %s", rule_id.c_str());
}
}
else
{
SWSS_LOG_ERROR("Failed to delete rule %s from ACL table %s. Table does not exist", rule_id.c_str(), table_id.c_str());
}
removeAclRule(table_id, rule_id);
}
else
{
Expand Down
5 changes: 5 additions & 0 deletions orchagent/aclorch.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -258,6 +258,11 @@ class AclOrch : public Orch, public Observer
NeighOrch *m_neighOrch;
RouteOrch *m_routeOrch;

void addAclTable(AclTable &aclTable, string table_id);
void removeAclTable(string table_id);
void addAclRule(shared_ptr<AclRule> aclRule, string table_id, string rule_id);
void removeAclRule(string table_id, string rule_id);

private:
void doTask(Consumer &consumer);
void doAclTableTask(Consumer &consumer);
Expand Down

0 comments on commit 982efc3

Please sign in to comment.