Add required acl actions (#308)

* vrf * tests
openconfig · Oct 20, 2023 · 36dd1f5 · 36dd1f5
1 parent b9db82d
commit 36dd1f5
Show file tree

Hide file tree

Showing 2 changed files with 139 additions and 4 deletions.
diff --git a/dataplane/standalone/saiserver/acl.go b/dataplane/standalone/saiserver/acl.go
@@ -262,13 +262,25 @@ func (a *acl) CreateAclEntry(ctx context.Context, req *saipb.CreateAclEntryReque
 	if len(aReq.EntryDesc.GetFlow().Fields) == 0 {
 		return nil, status.Error(codes.InvalidArgument, "either no fields or not unsupports fields in entry req")
 	}
-	switch {
-	case req.ActionSetVrf != nil:
+
+	if req.ActionSetVrf != nil {
 		aReq.Actions = append(aReq.Actions,
 			fwdconfig.Action(fwdconfig.UpdateAction(fwdpb.UpdateType_UPDATE_TYPE_SET, fwdpb.PacketFieldNum_PACKET_FIELD_NUM_PACKET_VRF).
 				WithUint64Value(req.GetActionSetVrf().GetOid())).Build())
-	case req.ActionPacketAction != nil:
-		req.GetActionPacketAction().GetInt()
+	}
+	if req.ActionPacketAction != nil {
+		switch req.GetActionPacketAction().GetPacketAction() {
+		case saipb.PacketAction_PACKET_ACTION_DROP,
+			saipb.PacketAction_PACKET_ACTION_TRAP, // COPY and DROP
+			saipb.PacketAction_PACKET_ACTION_DENY: // COPY_CANCEL and DROP
+			aReq.Actions = append(aReq.Actions, &fwdpb.ActionDesc{ActionType: fwdpb.ActionType_ACTION_TYPE_DROP})
+		case saipb.PacketAction_PACKET_ACTION_FORWARD,
+			saipb.PacketAction_PACKET_ACTION_LOG,     // COPY and FORWARD
+			saipb.PacketAction_PACKET_ACTION_TRANSIT: // COPY_CANCEL and FORWARD
+			aReq.Actions = append(aReq.Actions, &fwdpb.ActionDesc{ActionType: fwdpb.ActionType_ACTION_TYPE_CONTINUE}) // Packets are forwarded by default so continue.
+		default:
+			return nil, status.Errorf(codes.InvalidArgument, "unknown packet action type: %v", req.GetActionPacketAction().GetPacketAction())
+		}
 	}
 	if _, err := a.dataplane.TableEntryAdd(ctx, aReq); err != nil {
 		return nil, err

diff --git a/dataplane/standalone/saiserver/acl_test.go b/dataplane/standalone/saiserver/acl_test.go
@@ -180,6 +180,129 @@ func TestCreateAclEntry(t *testing.T) {
 				},
 			},
 		},
+	}, {
+		desc: "vrf action",
+		req: &saipb.CreateAclEntryRequest{
+			TableId: proto.Uint64(1),
+			FieldDstIp: &saipb.AclFieldData{
+				Data: &saipb.AclFieldData_DataIp{
+					DataIp: []byte{127, 0, 0, 1},
+				},
+				Mask: &saipb.AclFieldData_MaskIp{
+					MaskIp: []byte{255, 255, 255, 0},
+				},
+			},
+			ActionSetVrf: &saipb.AclActionData{
+				Parameter: &saipb.AclActionData_Oid{
+					Oid: 1,
+				},
+			},
+		},
+		want: &fwdpb.TableEntryAddRequest{
+			ContextId: &fwdpb.ContextId{Id: "foo"},
+			TableId:   &fwdpb.TableId{ObjectId: &fwdpb.ObjectId{Id: "1"}},
+			EntryDesc: &fwdpb.EntryDesc{
+				Entry: &fwdpb.EntryDesc_Flow{
+					Flow: &fwdpb.FlowEntryDesc{
+						Id: 1,
+						Fields: []*fwdpb.PacketFieldMaskedBytes{{
+							FieldId: &fwdpb.PacketFieldId{Field: &fwdpb.PacketField{FieldNum: fwdpb.PacketFieldNum_PACKET_FIELD_NUM_IP_ADDR_DST}},
+							Bytes:   []byte{127, 0, 0, 1},
+							Masks:   []byte{255, 255, 255, 0},
+						}},
+					},
+				},
+			},
+			Actions: []*fwdpb.ActionDesc{{
+				ActionType: fwdpb.ActionType_ACTION_TYPE_UPDATE,
+				Action: &fwdpb.ActionDesc_Update{
+					Update: &fwdpb.UpdateActionDesc{
+						FieldId: &fwdpb.PacketFieldId{
+							Field: &fwdpb.PacketField{
+								FieldNum: fwdpb.PacketFieldNum_PACKET_FIELD_NUM_PACKET_VRF,
+							},
+						},
+						Field: &fwdpb.PacketFieldId{Field: &fwdpb.PacketField{}},
+						Type:  fwdpb.UpdateType_UPDATE_TYPE_SET,
+						Value: binary.BigEndian.AppendUint64(nil, 1),
+					},
+				},
+			}},
+		},
+	}, {
+		desc: "drop action",
+		req: &saipb.CreateAclEntryRequest{
+			TableId: proto.Uint64(1),
+			FieldDstIp: &saipb.AclFieldData{
+				Data: &saipb.AclFieldData_DataIp{
+					DataIp: []byte{127, 0, 0, 1},
+				},
+				Mask: &saipb.AclFieldData_MaskIp{
+					MaskIp: []byte{255, 255, 255, 0},
+				},
+			},
+			ActionPacketAction: &saipb.AclActionData{
+				Parameter: &saipb.AclActionData_PacketAction{
+					PacketAction: saipb.PacketAction_PACKET_ACTION_DROP,
+				},
+			},
+		},
+		want: &fwdpb.TableEntryAddRequest{
+			ContextId: &fwdpb.ContextId{Id: "foo"},
+			TableId:   &fwdpb.TableId{ObjectId: &fwdpb.ObjectId{Id: "1"}},
+			EntryDesc: &fwdpb.EntryDesc{
+				Entry: &fwdpb.EntryDesc_Flow{
+					Flow: &fwdpb.FlowEntryDesc{
+						Id: 1,
+						Fields: []*fwdpb.PacketFieldMaskedBytes{{
+							FieldId: &fwdpb.PacketFieldId{Field: &fwdpb.PacketField{FieldNum: fwdpb.PacketFieldNum_PACKET_FIELD_NUM_IP_ADDR_DST}},
+							Bytes:   []byte{127, 0, 0, 1},
+							Masks:   []byte{255, 255, 255, 0},
+						}},
+					},
+				},
+			},
+			Actions: []*fwdpb.ActionDesc{{
+				ActionType: fwdpb.ActionType_ACTION_TYPE_DROP,
+			}},
+		},
+	}, {
+		desc: "forward action",
+		req: &saipb.CreateAclEntryRequest{
+			TableId: proto.Uint64(1),
+			FieldDstIp: &saipb.AclFieldData{
+				Data: &saipb.AclFieldData_DataIp{
+					DataIp: []byte{127, 0, 0, 1},
+				},
+				Mask: &saipb.AclFieldData_MaskIp{
+					MaskIp: []byte{255, 255, 255, 0},
+				},
+			},
+			ActionPacketAction: &saipb.AclActionData{
+				Parameter: &saipb.AclActionData_PacketAction{
+					PacketAction: saipb.PacketAction_PACKET_ACTION_FORWARD,
+				},
+			},
+		},
+		want: &fwdpb.TableEntryAddRequest{
+			ContextId: &fwdpb.ContextId{Id: "foo"},
+			TableId:   &fwdpb.TableId{ObjectId: &fwdpb.ObjectId{Id: "1"}},
+			EntryDesc: &fwdpb.EntryDesc{
+				Entry: &fwdpb.EntryDesc_Flow{
+					Flow: &fwdpb.FlowEntryDesc{
+						Id: 1,
+						Fields: []*fwdpb.PacketFieldMaskedBytes{{
+							FieldId: &fwdpb.PacketFieldId{Field: &fwdpb.PacketField{FieldNum: fwdpb.PacketFieldNum_PACKET_FIELD_NUM_IP_ADDR_DST}},
+							Bytes:   []byte{127, 0, 0, 1},
+							Masks:   []byte{255, 255, 255, 0},
+						}},
+					},
+				},
+			},
+			Actions: []*fwdpb.ActionDesc{{
+				ActionType: fwdpb.ActionType_ACTION_TYPE_CONTINUE,
+			}},
+		},
 	}}
 	for _, tt := range tests {
 		t.Run(tt.desc, func(t *testing.T) {