| Carmelo Cascone | b5324e7 | 2018-11-25 02:26:32 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2017-present Open Networking Foundation |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | #include <core.p4> |
| 18 | #include <v1model.p4> |
| 19 | |
| 20 | #include "../define.p4" |
| 21 | #include "../header.p4" |
| 22 | |
| 23 | control Acl (inout parsed_headers_t hdr, |
| 24 | inout fabric_metadata_t fabric_metadata, |
| 25 | inout standard_metadata_t standard_metadata) { |
| 26 | |
| Wailok Shum | 4f51bde | 2021-06-11 22:48:41 +0800 | [diff] [blame] | 27 | ipv4_addr_t ipv4_src = 0; |
| 28 | ipv4_addr_t ipv4_dst = 0; |
| 29 | bit<8> ip_proto = 0; |
| 30 | l4_port_t l4_sport = 0; |
| 31 | l4_port_t l4_dport = 0; |
| 32 | |
| Carmelo Cascone | b5324e7 | 2018-11-25 02:26:32 -0800 | [diff] [blame] | 33 | /* |
| 34 | * ACL Table. |
| 35 | */ |
| 36 | direct_counter(CounterType.packets_and_bytes) acl_counter; |
| 37 | |
| 38 | action set_next_id_acl(next_id_t next_id) { |
| 39 | fabric_metadata.next_id = next_id; |
| 40 | acl_counter.count(); |
| 41 | } |
| 42 | |
| 43 | // Send immendiatelly to CPU - skip the rest of ingress. |
| 44 | action punt_to_cpu() { |
| 45 | standard_metadata.egress_spec = CPU_PORT; |
| 46 | fabric_metadata.skip_next = _TRUE; |
| 47 | acl_counter.count(); |
| 48 | } |
| 49 | |
| Daniele Moro | 01ca2ab | 2019-06-25 11:48:48 -0700 | [diff] [blame] | 50 | // Set clone session id for a I2E clone session |
| 51 | action set_clone_session_id(bit<32> clone_id) { |
| Daniele Moro | 3b7a21b | 2019-06-25 17:33:40 -0700 | [diff] [blame] | 52 | clone3(CloneType.I2E, clone_id, {standard_metadata.ingress_port}); |
| Carmelo Cascone | b5324e7 | 2018-11-25 02:26:32 -0800 | [diff] [blame] | 53 | acl_counter.count(); |
| 54 | } |
| 55 | |
| 56 | action drop() { |
| Carmelo Cascone | 9b607da | 2019-05-08 14:03:01 -0700 | [diff] [blame] | 57 | mark_to_drop(standard_metadata); |
| Carmelo Cascone | b5324e7 | 2018-11-25 02:26:32 -0800 | [diff] [blame] | 58 | fabric_metadata.skip_next = _TRUE; |
| 59 | acl_counter.count(); |
| 60 | } |
| 61 | |
| 62 | action nop_acl() { |
| 63 | acl_counter.count(); |
| 64 | } |
| 65 | |
| 66 | table acl { |
| 67 | key = { |
| Wailok Shum | 4f51bde | 2021-06-11 22:48:41 +0800 | [diff] [blame] | 68 | standard_metadata.ingress_port : ternary @name("ig_port"); // 9 |
| 69 | hdr.ethernet.dst_addr : ternary @name("eth_dst"); // 48 |
| 70 | hdr.ethernet.src_addr : ternary @name("eth_src"); // 48 |
| 71 | hdr.vlan_tag.vlan_id : ternary @name("vlan_id"); // 12 |
| 72 | hdr.eth_type.value : ternary @name("eth_type"); // 16 |
| 73 | ipv4_src : ternary @name("ipv4_src"); // 32 |
| 74 | ipv4_dst : ternary @name("ipv4_dst"); // 32 |
| 75 | ip_proto : ternary @name("ip_proto"); // 8 |
| 76 | hdr.icmp.icmp_type : ternary @name("icmp_type"); // 8 |
| 77 | hdr.icmp.icmp_code : ternary @name("icmp_code"); // 8 |
| 78 | l4_sport : ternary @name("l4_sport"); // 16 |
| 79 | l4_dport : ternary @name("l4_dport"); // 16 |
| Wailok Shum | fb7e787 | 2021-06-18 17:30:08 +0800 | [diff] [blame^] | 80 | fabric_metadata.port_type : ternary @name("port_type"); // 2 |
| Carmelo Cascone | b5324e7 | 2018-11-25 02:26:32 -0800 | [diff] [blame] | 81 | } |
| 82 | |
| 83 | actions = { |
| 84 | set_next_id_acl; |
| 85 | punt_to_cpu; |
| Daniele Moro | 01ca2ab | 2019-06-25 11:48:48 -0700 | [diff] [blame] | 86 | set_clone_session_id; |
| Carmelo Cascone | b5324e7 | 2018-11-25 02:26:32 -0800 | [diff] [blame] | 87 | drop; |
| 88 | nop_acl; |
| 89 | } |
| 90 | |
| 91 | const default_action = nop_acl(); |
| Carmelo Cascone | 70e816b | 2019-03-19 16:15:47 -0700 | [diff] [blame] | 92 | size = ACL_TABLE_SIZE; |
| Carmelo Cascone | b5324e7 | 2018-11-25 02:26:32 -0800 | [diff] [blame] | 93 | counters = acl_counter; |
| 94 | } |
| 95 | |
| 96 | apply { |
| Wailok Shum | 4f51bde | 2021-06-11 22:48:41 +0800 | [diff] [blame] | 97 | if (hdr.gtpu.isValid() && hdr.inner_ipv4.isValid()) { |
| 98 | ipv4_src = hdr.inner_ipv4.src_addr; |
| 99 | ipv4_dst = hdr.inner_ipv4.dst_addr; |
| 100 | ip_proto = hdr.inner_ipv4.protocol; |
| 101 | if (hdr.inner_tcp.isValid()) { |
| 102 | l4_sport = hdr.inner_tcp.sport; |
| 103 | l4_dport = hdr.inner_tcp.dport; |
| 104 | } else if (hdr.inner_udp.isValid()) { |
| 105 | l4_sport = hdr.inner_udp.sport; |
| 106 | l4_dport = hdr.inner_udp.dport; |
| 107 | } |
| 108 | } else if (hdr.ipv4.isValid()) { |
| 109 | ipv4_src = hdr.ipv4.src_addr; |
| 110 | ipv4_dst = hdr.ipv4.dst_addr; |
| 111 | ip_proto = hdr.ipv4.protocol; |
| 112 | if (hdr.tcp.isValid()) { |
| 113 | l4_sport = hdr.tcp.sport; |
| 114 | l4_dport = hdr.tcp.dport; |
| 115 | } else if (hdr.udp.isValid()) { |
| 116 | l4_sport = hdr.udp.sport; |
| 117 | l4_dport = hdr.udp.dport; |
| 118 | } |
| 119 | } |
| Carmelo Cascone | b5324e7 | 2018-11-25 02:26:32 -0800 | [diff] [blame] | 120 | acl.apply(); |
| 121 | } |
| 122 | } |