go.ligato.io/vpp-agent/v3@v3.5.0/tests/robot/libraries/acl/acl_utils.py

go.ligato.io/vpp-agent/v3@v3.5.0/tests/robot/libraries/acl/acl_utils.py (about)

     1  import vpp_api
     2  
     3  from robot.api import logger
     4  
     5  
     6  def acl_dump(host, username, password, node):
     7  
     8      # Use max uint32 value to dump all ACLs
     9      int_max = 4294967295
    10  
    11      data = vpp_api.vpp_api.execute_api(
    12          host, username, password, node, "acl_dump", acl_index=int_max)
    13  
    14      acls = []
    15      for item in data[0]["api_reply"]:
    16          acls.append(process_acl_dump(item))
    17  
    18      return acls
    19  
    20  
    21  def process_acl_dump(data):
    22      """
    23      Process API reply acl_dump and return dictionary of usable values.
    24  
    25      :param data: API reply from acl_dump call,
    26      :type data: dict
    27      :return: Values ready for comparison with Agent or ETCD values.
    28      :rtype: dict
    29      """
    30  
    31      if len(data) > 1:
    32          logger.debug(len(data))
    33          logger.trace(data)
    34          raise RuntimeError("Data contains more than one API reply.")
    35  
    36      data = data["acl_details"]
    37  
    38      ipv6 = int(data["r"][0]["is_ipv6"])
    39      protocol = int(data["r"][0]["proto"])
    40  
    41      destination_prefix = data["r"][0]["dst_ip_prefix_len"]
    42      source_prefix = data["r"][0]["src_ip_prefix_len"]
    43  
    44      if ipv6:
    45          destination_address = data["r"][0]["dst_ip_addr"]["ipv6"]
    46          source_address = data["r"][0]["src_ip_addr"]["ipv6"]
    47      else:
    48          destination_address = data["r"][0]["dst_ip_addr"]["ipv4"]
    49          source_address = data["r"][0]["src_ip_addr"]["ipv4"]
    50  
    51      destination_network = "/".join([
    52          str(destination_address),
    53          str(destination_prefix)])
    54      source_network = "/".join([
    55          str(source_address),
    56          str(source_prefix)])
    57  
    58      output = {
    59          "acl_name": data["tag"],
    60          "acl_action": data["r"][0]["is_permit"],
    61          "ipv6": ipv6,
    62          "protocol": protocol,
    63          "destination_network": destination_network,
    64          "source_network": source_network,
    65          "destination_port_low": data["r"][0]["dstport_or_icmpcode_first"],
    66          "destination_port_high": data["r"][0]["dstport_or_icmpcode_last"],
    67          "source_port_low": data["r"][0]["srcport_or_icmptype_first"],
    68          "source_port_high": data["r"][0]["srcport_or_icmptype_last"],
    69          "icmp_code_low": data["r"][0]["dstport_or_icmpcode_first"],
    70          "icmp_code_high": data["r"][0]["dstport_or_icmpcode_last"],
    71          "icmp_type_low": data["r"][0]["srcport_or_icmptype_first"],
    72          "icmp_type_high": data["r"][0]["srcport_or_icmptype_last"]
    73      }
    74  
    75      if protocol == 6:
    76          try:
    77              output["tcp_flags_mask"] = data["r"][0]["tcp_flags_mask"]
    78              output["tcp_flags_value"] = data["r"][0]["tcp_flags_value"]
    79          except KeyError:
    80              pass
    81  
    82      return output
    83  
    84  
    85  def filter_acl_dump_by_name(data, name):
    86      for item in data:
    87          if str(item["acl_name"]) == str(name):
    88              return item
    89      else:
    90          raise RuntimeError("ACL not found by name {name}.".format(name=name))