ipng/vppcfg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refuse to work with ACLs if there are duplicate tags -- it means something/somebody has been inserting them outside of vppcfg, and this breaks the requirement that vppcfg.acls. is the same uniquely identified vpp.acl.tag

Browse Source
This commit is contained in:
Pim van Pelt
2023-01-16 19:07:04 +00:00
parent f654e78ed5
commit ace08ac052
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
vppcfg/vpp/vppapi.py
View File

@ -127,6 +127,7 @@ class VPPApi:
"l2xcs": {}, "l2xcs": {},
"taps": {}, "taps": {},
"acls": {}, "acls": {},
"acl_tags": {},
} }
return True return True
@ -355,6 +356,12 @@ class VPPApi:
api_response = self.vpp.api.acl_dump(acl_index=0xFFFFFFFF) api_response = self.vpp.api.acl_dump(acl_index=0xFFFFFFFF)
for acl in api_response: for acl in api_response:
self.cache["acls"][acl.acl_index] = acl self.cache["acls"][acl.acl_index] = acl
if acl.tag in self.cache["acl_tags"]:
self.logger.error(
f"Duplicate ACL tag '{acl.tag}' found - cannot safely preoceed, bailing"
)
return False
self.cache["acl_tags"][acl.tag] = acl.acl_index
self.logger.debug("Retrieving interface ACLs") self.logger.debug("Retrieving interface ACLs")
api_response = self.vpp.api.acl_interface_list_dump() api_response = self.vpp.api.acl_interface_list_dump()