Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[caclmgrd] Fix application of IPv6 service ACL rules #3917

Merged
merged 1 commit into from
Dec 19, 2019
Merged

[caclmgrd] Fix application of IPv6 service ACL rules #3917

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 7 additions & 6 deletions files/image_config/caclmgrd/caclmgrd
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -194,13 +194,14 @@ class ControlPlaneAclManager(object):
continue

# If we haven't determined the IP version for this ACL table yet,
# try to do it now. We determine heuristically based on whether the
# src IP is an IPv4 or IPv6 address.
if not table_ip_version and "SRC_IP" in rule_props and rule_props["SRC_IP"]:
ip_addr = ipaddress.IPAddress(rule_props["SRC_IP"].split("/")[0])
if isinstance(ip_addr, ipaddress.IPv6Address):
# try to do it now. We attempt to determine heuristically based on
# whether the src or dst IP of this rule is an IPv4 or IPv6 address.
if not table_ip_version:
if (("SRC_IPV6" in rule_props and rule_props["SRC_IPV6"]) or
("DST_IPV6" in rule_props and rule_props["DST_IPV6"])):
table_ip_version = 6
elif isinstance(ip_addr, ipaddress.IPv4Address):
elif (("SRC_IP" in rule_props and rule_props["SRC_IP"]) or
("DST_IP" in rule_props and rule_props["DST_IP"])):
table_ip_version = 4

# If we were unable to determine whether this ACL table contains
Expand Down