ACL plugin

The aclplugin is a Core Agent Plugin designed to configure ACL in the VPP. Configuration managed by this plugin is modelled by acl proto file.

The configuration must be stored in ETCD using following keys:

/vnf-agent/<agent-label>/vpp/config/v1/acl/<acl-name>

JSON configuration example with vpp-agent-ctl

An example of basic ACL configuration in JSON format can be found with rules for MACIP, TCP, UDP

Built-in configuration example with vpp-agent-ctl

The vpp-agent-ctl binary also ships with some simple predefined acl configurations. It is meant to be used solely for testing purposes.

To configure a new acl acl1, use:

vpp-agent-ctl /opt/vpp-agent/dev/etcd.conf -acl

To delete the acl, use:

vpp-agent-ctl /opt/vpp-agent/dev/etcd.conf -acld

# Packages

aclidx

No description provided by the author

vppcalls

Package vppcalls contains wrappers over VPP ACL binary APIs and helpers to dump ACLs configured in VPP - per interface and total.

# Constants

EGRESS

Interface attribute according to the configuration.

INGRESS

Interface attribute according to the configuration.

L2

Interface attribute according to the configuration.

ACLConfigurator runs in the background in its own goroutine where it watches for any changes in the configuration of ACLs as modelled by the proto file "../model/acl/acl.proto" and stored in ETCD under the key "/vnf-agent/{agent-label}/vpp/config/v1/acl/".

ACLIfCacheEntry

ACLIfCacheEntry contains info about interface, aclID and whether it is MAC IP address.

# README

ACL plugin

# Packages

# Constants

# Structs