ipng/vppcfg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

acl: consistency in error messages, reformatted, and updated unittests

Browse Source
This commit is contained in:
Pim van Pelt
2023-01-16 22:20:41 +00:00
parent 7914659fa5
commit 818c45e09c
4 changed files with 21 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
vppcfg/config/acl.py
View File

@ -303,57 +303,57 @@ def validate_acls(yaml):
if src_low_port is None or src_high_port is None:
msgs.append(
f"acl {aclname} term {terms} could not understand source port"
f"acl {aclname} term {terms} could not understand source-port"
)
result = False
else:
if src_low_port > src_high_port:
msgs.append(
f"acl {aclname} term {terms} source low port is higher than source high port"
f"acl {aclname} term {terms} source-port low value is greater than high value"
)
result = False
if src_low_port < 0 or src_low_port > 65535:
msgs.append(
f"acl {aclname} term {terms} source low port is not between [0,65535]"
f"acl {aclname} term {terms} source-port low value is not between [0,65535]"
)
result = False
if src_high_port < 0 or src_high_port > 65535:
msgs.append(
f"acl {aclname} term {terms} source high port is not between [0,65535]"
f"acl {aclname} term {terms} source-port high value is not between [0,65535]"
)
result = False
if dst_low_port is None or dst_high_port is None:
msgs.append(
f"acl {aclname} term {terms} could not understand destination port"
f"acl {aclname} term {terms} could not understand destination-port"
)
result = False
else:
if dst_low_port > dst_high_port:
msgs.append(
f"acl {aclname} term {terms} destination low port is higher than destination high port"
f"acl {aclname} term {terms} destination-port low value is greater than high value"
)
result = False
if dst_low_port < 0 or dst_low_port > 65535:
msgs.append(
f"acl {aclname} term {terms} destination low port is not between [0,65535]"
f"acl {aclname} term {terms} destination-port low value is not between [0,65535]"
)
result = False
if dst_high_port < 0 or dst_high_port > 65535:
msgs.append(
f"acl {aclname} term {terms} destination high port is not between [0,65535]"
f"acl {aclname} term {terms} destination-port high value is not between [0,65535]"
)
result = False
if not proto in [1, 58]:
if "icmp-code" in orig_acl_term:
msgs.append(
f"acl {aclname} term {terms} icmp-code can only be specified for protocol icmp or icmp-ipv6"
f"acl {aclname} term {terms} icmp-code can only be specified for protocol icmp or ipv6-icmp"
)
result = False
if "icmp-type" in orig_acl_term:
msgs.append(
f"acl {aclname} term {terms} icmp-type can only be specified for protocol icmp or icmp-ipv6"
f"acl {aclname} term {terms} icmp-type can only be specified for protocol icmp or ipv6-icmp"
)
result = False
else:
@ -361,12 +361,12 @@ def validate_acls(yaml):
icmp_type_low, icmp_type_high = get_icmp_low_high(acl_term["icmp-type"])
if icmp_code_low > icmp_code_high:
msgs.append(
f"acl {aclname} term {terms} icmp-code low value is higher than high value"
f"acl {aclname} term {terms} icmp-code low value is greater than high value"
)
result = False
if icmp_type_low > icmp_type_high:
msgs.append(
f"acl {aclname} term {terms} icmp-type low value is higher than high value"
f"acl {aclname} term {terms} icmp-type low value is greater than high value"
)
result = False

3
vppcfg/unittest/yaml/error-acl2.yaml
View File

@ -3,8 +3,7 @@ test:
errors:
expected:
- "acl .* term .* source and destination family do not overlap"
- "acl .* term .* family any has no source"
- "acl .* term .* family any has no destination"
- "acl .* term .* family any has no (source|destination)"
count: 8
---
prefixlists:

11
vppcfg/unittest/yaml/error-acl3.yaml
View File

@ -2,13 +2,10 @@ test:
description: "Ways in which port ranges can fail"
errors:
expected:
- "acl .* term .* could not understand source port"
- "acl .* term .* could not understand destination port"
- "acl .* term .* source low port is higher than source high port"
- "acl .* term .* source (high|low) port is not between \\[0,65535\\]"
- "acl .* term .* destination (high|low) port is not between \\[0,65535\\]"
- "acl .* term .* source-port can only be specified for protocol tcp or udp"
- "acl .* term .* destination-port can only be specified for protocol tcp or udp"
- "acl .* term .* could not understand (source|destination)-port"
- "acl .* term .* (source|destination)-port low value is greater than high value"
- "acl .* term .* (source|destination)-port (low|high) value is not between \\[0,65535\\]"
- "acl .* term .* (source|destination)-port can only be specified for protocol tcp or udp"
count: 7
---
acls:

8
vppcfg/unittest/yaml/error-acl5.yaml
View File

@ -2,10 +2,10 @@ test:
description: "Ways in which ICMP code and type can fail"
errors:
expected:
- "acl .* term .* icmp-type can only be specified for protocol icmp or icmp-ipv6"
- "acl .* term .* icmp-code can only be specified for protocol icmp or icmp-ipv6"
- "acl .* term .* icmp-code low value is higher than high value"
- "acl .* term .* icmp-type low value is higher than high value"
- "acl .* term .* icmp-type can only be specified for protocol icmp or ipv6-icmp"
- "acl .* term .* icmp-code can only be specified for protocol icmp or ipv6-icmp"
- "acl .* term .* icmp-code low value is greater than high value"
- "acl .* term .* icmp-type low value is greater than high value"
count: 8
---
acls: