Gitiles
Code Review Sign In
gerrit.onosproject.org / onos / 6085585ef705b62911f04e3e173e9bccc9c171d6 / . / pipelines / fabric / impl / src / main / resources / include / control / acl.p4
blob: 80efa8f470f3a4cde8b4a2d6b78e02b3763cded0 [file] [log] [blame]
Carmelo Casconeb5324e72018-11-25 02:26:32 -0800[diff] [blame]1/*
2 * Copyright 2017-present Open Networking Foundation
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <core.p4>
18#include <v1model.p4>
19
20#include "../define.p4"
21#include "../header.p4"
22
23control Acl (inout parsed_headers_t hdr,
24 inout fabric_metadata_t fabric_metadata,
25 inout standard_metadata_t standard_metadata) {
26
27 /*
28 * ACL Table.
29 */
30 direct_counter(CounterType.packets_and_bytes) acl_counter;
31
32 action set_next_id_acl(next_id_t next_id) {
33 fabric_metadata.next_id = next_id;
34 acl_counter.count();
35 }
36
37 // Send immendiatelly to CPU - skip the rest of ingress.
38 action punt_to_cpu() {
39 standard_metadata.egress_spec = CPU_PORT;
40 fabric_metadata.skip_next = _TRUE;
41 acl_counter.count();
42 }
43
Daniele Moro01ca2ab2019-06-25 11:48:48 -0700[diff] [blame]44 // Set clone session id for a I2E clone session
45 action set_clone_session_id(bit<32> clone_id) {
Daniele Moro3b7a21b2019-06-25 17:33:40 -0700[diff] [blame]46 clone3(CloneType.I2E, clone_id, {standard_metadata.ingress_port});
Carmelo Casconeb5324e72018-11-25 02:26:32 -0800[diff] [blame]47 acl_counter.count();
48 }
49
50 action drop() {
Carmelo Cascone9b607da2019-05-08 14:03:01 -0700[diff] [blame]51 mark_to_drop(standard_metadata);
Carmelo Casconeb5324e72018-11-25 02:26:32 -0800[diff] [blame]52 fabric_metadata.skip_next = _TRUE;
53 acl_counter.count();
54 }
55
56 action nop_acl() {
57 acl_counter.count();
58 }
59
60 table acl {
61 key = {
62 standard_metadata.ingress_port: ternary @name("ig_port"); // 9
63 fabric_metadata.ip_proto: ternary @name("ip_proto"); // 8
64 fabric_metadata.l4_sport: ternary @name("l4_sport"); // 16
65 fabric_metadata.l4_dport: ternary @name("l4_dport"); // 16
Daniele Moro60855852019-12-13 17:24:33 -0800[diff] [blame^]66 hdr.ethernet.dst_addr: ternary @name("eth_dst"); // 48
67 hdr.ethernet.src_addr: ternary @name("eth_src"); // 48
Carmelo Casconeb5324e72018-11-25 02:26:32 -0800[diff] [blame]68 hdr.vlan_tag.vlan_id: ternary @name("vlan_id"); // 12
Daniele Moro693d76f2019-09-24 14:34:07 -0700[diff] [blame]69 hdr.eth_type.value: ternary @name("eth_type"); //16
Carmelo Casconeb5324e72018-11-25 02:26:32 -0800[diff] [blame]70 hdr.ipv4.src_addr: ternary @name("ipv4_src"); // 32
71 hdr.ipv4.dst_addr: ternary @name("ipv4_dst"); // 32
72 hdr.icmp.icmp_type: ternary @name("icmp_type"); // 8
73 hdr.icmp.icmp_code: ternary @name("icmp_code"); // 8
74 }
75
76 actions = {
77 set_next_id_acl;
78 punt_to_cpu;
Daniele Moro01ca2ab2019-06-25 11:48:48 -0700[diff] [blame]79 set_clone_session_id;
Carmelo Casconeb5324e72018-11-25 02:26:32 -0800[diff] [blame]80 drop;
81 nop_acl;
82 }
83
84 const default_action = nop_acl();
Carmelo Cascone70e816b2019-03-19 16:15:47 -0700[diff] [blame]85 size = ACL_TABLE_SIZE;
Carmelo Casconeb5324e72018-11-25 02:26:32 -0800[diff] [blame]86 counters = acl_counter;
87 }
88
89 apply {
90 acl.apply();
91 }
92}