From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by dpdk.org (Postfix) with ESMTP id 2BAD73798 for ; Fri, 6 May 2016 18:00:40 +0200 (CEST) Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga103.jf.intel.com with ESMTP; 06 May 2016 09:00:39 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.24,587,1455004800"; d="scan'208";a="970234040" Received: from unknown (HELO Sent) ([10.217.248.166]) by orsmga002.jf.intel.com with SMTP; 06 May 2016 09:00:36 -0700 Received: by Sent (sSMTP sendmail emulation); Fri, 06 May 2016 18:00:15 +0200 From: Michal Jastrzebski To: dev@dpdk.org Cc: Daniel Mrzyglod Date: Fri, 6 May 2016 17:57:28 +0200 Message-Id: <1462550250-1256-5-git-send-email-michalx.k.jastrzebski@intel.com> X-Mailer: git-send-email 2.7.0 In-Reply-To: <1462550250-1256-1-git-send-email-michalx.k.jastrzebski@intel.com> References: <1462550250-1256-1-git-send-email-michalx.k.jastrzebski@intel.com> Subject: [dpdk-dev] [PATCH 4/6] examples/ip_pipeline: modifies firewall pipeline CLI X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 May 2016 16:00:41 -0000 Each command are merged into one: cmd_firewall_parsed. ADD command format is changed: p firewall add priority ipv4 port and bulk command was modified: 1. firewall add bulk File line format: priority ipv4 port (protomask is a hex value) File line example: priority 0 ipv4 1.2.3.0 24 10.20.30.40 32 0 63 64 127 6 0xF port 3 2. firewall del bulk File line format: ipv4 File line example: ipv4 1.2.3.0 24 10.20.30.40 32 0 63 64 127 6 0xF Signed-off-by: Daniel Mrzyglod --- examples/ip_pipeline/pipeline/pipeline_firewall.c | 1336 +++++++++------------ 1 file changed, 593 insertions(+), 743 deletions(-) diff --git a/examples/ip_pipeline/pipeline/pipeline_firewall.c b/examples/ip_pipeline/pipeline/pipeline_firewall.c index fd897d5..fb7a44a 100644 --- a/examples/ip_pipeline/pipeline/pipeline_firewall.c +++ b/examples/ip_pipeline/pipeline/pipeline_firewall.c @@ -30,9 +30,11 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - +#include #include #include +#include +#include #include #include @@ -50,6 +52,8 @@ #include "app.h" #include "pipeline_common_fe.h" #include "pipeline_firewall.h" +#include "parser.h" + #define BUF_SIZE 1024 @@ -276,26 +280,32 @@ static int app_pipeline_add_bulk_parse_file(char *filename, struct app_pipeline_add_bulk_params *params) { - FILE *f; + FILE *f = NULL; char file_buf[BUF_SIZE]; - uint32_t i; + uint32_t i, line = 0; int status = 0; f = fopen(filename, "r"); - if (f == NULL) + if (f == NULL) { + if (getcwd(file_buf, sizeof(file_buf)) != NULL) + printf("not found file %s in the current working dir %s\n", + filename, file_buf); return -1; + } params->n_keys = 0; while (fgets(file_buf, BUF_SIZE, f) != NULL) - params->n_keys++; + if (file_buf[0] != '\0' && file_buf[0] != '\n' && file_buf[0] != '#') + params->n_keys++; rewind(f); if (params->n_keys == 0) { + printf("not found any keys in the file %s\n", filename); status = -1; goto end; } - params->keys = rte_malloc(NULL, + params->keys = rte_zmalloc(NULL, params->n_keys * sizeof(struct pipeline_firewall_key), RTE_CACHE_LINE_SIZE); if (params->keys == NULL) { @@ -321,137 +331,152 @@ app_pipeline_add_bulk_parse_file(char *filename, i = 0; while (fgets(file_buf, BUF_SIZE, f) != NULL) { - char *str; + char *tokens[17]; + uint32_t n_tokens = RTE_DIM(tokens); + status = parse_tokenize_string(file_buf, tokens, &n_tokens); + uint32_t priority = 0; + struct in_addr sipaddr; + uint32_t sipdepth = 0; + struct in_addr dipaddr; + uint32_t dipdepth = 0; + uint16_t sport0 = 0; + uint16_t sport1 = 0; + uint16_t dport0 = 0; + uint16_t dport1 = 0; + uint8_t proto = 0; + uint8_t protomask = 0; + uint32_t port_id = 0; - str = strtok(file_buf, " "); - if (str == NULL) { - status = -1; - goto end; + if (n_tokens == 0 || tokens[0][0] == '#') { + line++; + continue; } - params->priorities[i] = atoi(str); - str = strtok(NULL, " ."); - if (str == NULL) { + if (status != 0) { + printf("Too many tokens\n"); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.src_ip = atoi(str)<<24; - str = strtok(NULL, " ."); - if (str == NULL) { + if (n_tokens != 15) { + printf("Bad number of tokens at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.src_ip |= atoi(str)<<16; - str = strtok(NULL, " ."); - if (str == NULL) { + if (strcmp(tokens[0], "priority") != 0) { + printf("Incorrect string for priority at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.src_ip |= atoi(str)<<8; - str = strtok(NULL, " ."); - if (str == NULL) { + if (parser_read_uint32(&priority, tokens[1])) { + printf("Incorrect format for priority at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.src_ip |= atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (strcmp(tokens[2], "ipv4")) { status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.src_ip_mask = atoi(str); - str = strtok(NULL, " ."); - if (str == NULL) { + if (parse_ipv4_addr(tokens[3], &sipaddr)) { + printf("Incorrect format for sipaddr at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_ip = atoi(str)<<24; - str = strtok(NULL, " ."); - if (str == NULL) { + if (parser_read_uint32(&sipdepth, tokens[4])) { + printf("Incorrect format for sipdepth at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_ip |= atoi(str)<<16; - str = strtok(NULL, " ."); - if (str == NULL) { + if (parse_ipv4_addr(tokens[5], &dipaddr)) { + printf("Incorrect format for dipaddr at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_ip |= atoi(str)<<8; - str = strtok(NULL, " ."); - if (str == NULL) { + if (parser_read_uint32(&dipdepth, tokens[6])) { + printf("Incorrect format for dipdepth at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_ip |= atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (parser_read_uint16(&sport0, tokens[7])) { + printf("Incorrect format for sport0 at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_ip_mask = atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (parser_read_uint16(&sport1, tokens[8])) { + printf("Incorrect format for sport1 at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.src_port_from = atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (parser_read_uint16(&dport0, tokens[9])) { + printf("Incorrect format for dport0 at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.src_port_to = atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (parser_read_uint16(&dport1, tokens[10])) { + printf("Incorrect format for dport1 at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_port_from = atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (parser_read_uint8(&proto, tokens[11])) { + printf("Incorrect format for proto at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_port_to = atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + char *e; + protomask = strtoul(tokens[12], &e, 16); + if (*e || errno == EINVAL || errno == ERANGE) { + printf("Incorrect format for protomask - should be in hex at line" + " %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.proto = atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (strcmp(tokens[13], "port")) { + printf("string supported port at line %d\n", line + 1); status = -1; goto end; } - /* Need to add 2 to str to skip leading 0x */ - params->keys[i].key.ipv4_5tuple.proto_mask = strtol(str+2, NULL, 16); - str = strtok(NULL, " "); - if (str == NULL) { + if (parser_read_uint32(&port_id, tokens[14])) { + printf("Incorrect format for port ID at line %d\n", line + 1); status = -1; goto end; } - params->port_ids[i] = atoi(str); + params->keys[i].type = PIPELINE_FIREWALL_IPV4_5TUPLE; + params->keys[i].key.ipv4_5tuple.src_ip = rte_bswap32( + (uint32_t) sipaddr.s_addr); + params->keys[i].key.ipv4_5tuple.src_ip_mask = sipdepth; + params->keys[i].key.ipv4_5tuple.dst_ip = rte_bswap32( + (uint32_t) dipaddr.s_addr); + params->keys[i].key.ipv4_5tuple.dst_ip_mask = dipdepth; + params->keys[i].key.ipv4_5tuple.src_port_from = sport0; + params->keys[i].key.ipv4_5tuple.src_port_to = sport1; + params->keys[i].key.ipv4_5tuple.dst_port_from = dport0; + params->keys[i].key.ipv4_5tuple.dst_port_to = dport1; + params->keys[i].key.ipv4_5tuple.proto = proto; + params->keys[i].key.ipv4_5tuple.proto_mask = protomask; + params->port_ids[i] = port_id; + params->priorities[i] = priority; + + line++; i++; + + } end: @@ -463,26 +488,32 @@ static int app_pipeline_del_bulk_parse_file(char *filename, struct app_pipeline_del_bulk_params *params) { - FILE *f; + FILE *f = NULL; char file_buf[BUF_SIZE]; - uint32_t i; + uint32_t i, line = 0; int status = 0; f = fopen(filename, "r"); - if (f == NULL) + if (f == NULL) { + if (getcwd(file_buf, sizeof(file_buf)) != NULL) + printf("not found file %s in the current working dir %s\n", + filename, file_buf); return -1; + } params->n_keys = 0; while (fgets(file_buf, BUF_SIZE, f) != NULL) - params->n_keys++; + if (file_buf[0] != '\0' && file_buf[0] != '\n' && file_buf[0] != '#') + params->n_keys++; rewind(f); if (params->n_keys == 0) { + printf("not found any keys in the file %s\n", filename); status = -1; goto end; } - params->keys = rte_malloc(NULL, + params->keys = rte_zmalloc(NULL, params->n_keys * sizeof(struct pipeline_firewall_key), RTE_CACHE_LINE_SIZE); if (params->keys == NULL) { @@ -492,124 +523,123 @@ app_pipeline_del_bulk_parse_file(char *filename, i = 0; while (fgets(file_buf, BUF_SIZE, f) != NULL) { - char *str; + char *tokens[17]; + uint32_t n_tokens = RTE_DIM(tokens); + status = parse_tokenize_string(file_buf, tokens, &n_tokens); + struct in_addr sipaddr; + uint32_t sipdepth = 0; + struct in_addr dipaddr; + uint32_t dipdepth; + uint16_t sport0 = 0; + uint16_t sport1 = 0; + uint16_t dport0 = 0; + uint16_t dport1 = 0; + uint8_t proto = 0; + uint8_t protomask = 0; - str = strtok(file_buf, " ."); - if (str == NULL) { - status = -1; - goto end; - } - params->keys[i].key.ipv4_5tuple.src_ip = atoi(str)<<24; - - str = strtok(NULL, " ."); - if (str == NULL) { - status = -1; - goto end; - } - params->keys[i].key.ipv4_5tuple.src_ip |= atoi(str)<<16; + if (n_tokens == 0 || tokens[0][0] == '#') { + line++; + continue; + } - str = strtok(NULL, " ."); - if (str == NULL) { + if (status != 0) { + printf("Too many tokens\n"); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.src_ip |= atoi(str)<<8; - str = strtok(NULL, " ."); - if (str == NULL) { + if (n_tokens != 11) { status = -1; + printf("\nToo many tokens in bulk file at line %d\n", line + 1); goto end; } - params->keys[i].key.ipv4_5tuple.src_ip |= atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (strcmp(tokens[0], "ipv4")) { + printf("\nThe line should begin with string 'ipv4' %d\n", line + 1); status = -1; - goto end; - } - params->keys[i].key.ipv4_5tuple.src_ip_mask = atoi(str); + goto end; } - str = strtok(NULL, " ."); - if (str == NULL) { + if (parse_ipv4_addr(tokens[1], &sipaddr)) { + printf("\nIncorrect format for sipaddr at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_ip = atoi(str)<<24; - str = strtok(NULL, " ."); - if (str == NULL) { + if (parser_read_uint32(&sipdepth, tokens[2])) { + printf("\nIncorrect format for sipdepth at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_ip |= atoi(str)<<16; - str = strtok(NULL, " ."); - if (str == NULL) { + if (parse_ipv4_addr(tokens[3], &dipaddr)) { + printf("\nIncorrect format for dipaddr at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_ip |= atoi(str)<<8; - str = strtok(NULL, " ."); - if (str == NULL) { + if (parser_read_uint32(&dipdepth, tokens[4])) { + printf("\nIncorrect format for dipdepth at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_ip |= atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (parser_read_uint16(&sport0, tokens[5])) { + printf("\nIncorrect format for sport0 at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_ip_mask = atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (parser_read_uint16(&sport1, tokens[6])) { + printf("\nIncorrect format for sport1 at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.src_port_from = atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (parser_read_uint16(&dport0, tokens[7])) { + printf("\nIncorrect format for dport0 at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.src_port_to = atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (parser_read_uint16(&dport1, tokens[8])) { + printf("\nIncorrect format for dport1 at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_port_from = atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + if (parser_read_uint8(&proto, tokens[9])) { + printf("\nIncorrect format for proto at line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.dst_port_to = atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { + char *e; + protomask = strtoul(tokens[10], &e, 16); + if (*e || errno == EINVAL || errno == ERANGE) { + printf("\nIncorrect format for protomask - should be in hex at " + "line %d\n", line + 1); status = -1; goto end; } - params->keys[i].key.ipv4_5tuple.proto = atoi(str); - str = strtok(NULL, " "); - if (str == NULL) { - status = -1; - goto end; - } - /* Need to add 2 to str to skip leading 0x */ - params->keys[i].key.ipv4_5tuple.proto_mask = strtol(str+2, NULL, 16); params->keys[i].type = PIPELINE_FIREWALL_IPV4_5TUPLE; + params->keys[i].key.ipv4_5tuple.src_ip = rte_bswap32( + (uint32_t) sipaddr.s_addr); + params->keys[i].key.ipv4_5tuple.src_ip_mask = sipdepth; + params->keys[i].key.ipv4_5tuple.dst_ip = rte_bswap32( + (uint32_t) dipaddr.s_addr); + params->keys[i].key.ipv4_5tuple.dst_ip_mask = dipdepth; + params->keys[i].key.ipv4_5tuple.src_port_from = sport0; + params->keys[i].key.ipv4_5tuple.src_port_to = sport1; + params->keys[i].key.ipv4_5tuple.dst_port_from = dport0; + params->keys[i].key.ipv4_5tuple.dst_port_to = dport1; + params->keys[i].key.ipv4_5tuple.proto = proto; + params->keys[i].key.ipv4_5tuple.proto_mask = protomask; + line++; i++; + } for (i = 0; i < params->n_keys; i++) { @@ -1196,663 +1226,483 @@ app_pipeline_firewall_delete_default_rule(struct app_params *app, return 0; } -/* - * p firewall add ipv4 - */ - -struct cmd_firewall_add_ipv4_result { +struct cmd_firewall_parsed_result { cmdline_fixed_string_t p_string; uint32_t pipeline_id; cmdline_fixed_string_t firewall_string; - cmdline_fixed_string_t add_string; - cmdline_fixed_string_t ipv4_string; - int32_t priority; - cmdline_ipaddr_t src_ip; - uint32_t src_ip_mask; - cmdline_ipaddr_t dst_ip; - uint32_t dst_ip_mask; - uint16_t src_port_from; - uint16_t src_port_to; - uint16_t dst_port_from; - uint16_t dst_port_to; - uint8_t proto; - uint8_t proto_mask; - uint8_t port_id; + cmdline_multi_string_t multi_string; }; -static void -cmd_firewall_add_ipv4_parsed( - void *parsed_result, - __attribute__((unused)) struct cmdline *cl, - void *data) -{ - struct cmd_firewall_add_ipv4_result *params = parsed_result; +static void cmd_firewall_parsed(void *parsed_result, + __attribute__((unused)) struct cmdline *cl, void *data) { + struct cmd_firewall_parsed_result *params = parsed_result; struct app_params *app = data; - struct pipeline_firewall_key key; int status; + struct pipeline_firewall_key key; - key.type = PIPELINE_FIREWALL_IPV4_5TUPLE; - key.key.ipv4_5tuple.src_ip = rte_bswap32( - (uint32_t) params->src_ip.addr.ipv4.s_addr); - key.key.ipv4_5tuple.src_ip_mask = params->src_ip_mask; - key.key.ipv4_5tuple.dst_ip = rte_bswap32( - (uint32_t) params->dst_ip.addr.ipv4.s_addr); - key.key.ipv4_5tuple.dst_ip_mask = params->dst_ip_mask; - key.key.ipv4_5tuple.src_port_from = params->src_port_from; - key.key.ipv4_5tuple.src_port_to = params->src_port_to; - key.key.ipv4_5tuple.dst_port_from = params->dst_port_from; - key.key.ipv4_5tuple.dst_port_to = params->dst_port_to; - key.key.ipv4_5tuple.proto = params->proto; - key.key.ipv4_5tuple.proto_mask = params->proto_mask; - - status = app_pipeline_firewall_add_rule(app, - params->pipeline_id, - &key, - params->priority, - params->port_id); - - if (status != 0) { - printf("Command failed\n"); - return; - } -} - -cmdline_parse_token_string_t cmd_firewall_add_ipv4_p_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_ipv4_result, p_string, - "p"); - -cmdline_parse_token_num_t cmd_firewall_add_ipv4_pipeline_id = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_ipv4_result, pipeline_id, - UINT32); - -cmdline_parse_token_string_t cmd_firewall_add_ipv4_firewall_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_ipv4_result, - firewall_string, "firewall"); - -cmdline_parse_token_string_t cmd_firewall_add_ipv4_add_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_ipv4_result, - add_string, "add"); - -cmdline_parse_token_string_t cmd_firewall_add_ipv4_ipv4_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_ipv4_result, - ipv4_string, "ipv4"); - -cmdline_parse_token_num_t cmd_firewall_add_ipv4_priority = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_ipv4_result, priority, - INT32); - -cmdline_parse_token_ipaddr_t cmd_firewall_add_ipv4_src_ip = - TOKEN_IPV4_INITIALIZER(struct cmd_firewall_add_ipv4_result, src_ip); - -cmdline_parse_token_num_t cmd_firewall_add_ipv4_src_ip_mask = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_ipv4_result, src_ip_mask, - UINT32); - -cmdline_parse_token_ipaddr_t cmd_firewall_add_ipv4_dst_ip = - TOKEN_IPV4_INITIALIZER(struct cmd_firewall_add_ipv4_result, dst_ip); - -cmdline_parse_token_num_t cmd_firewall_add_ipv4_dst_ip_mask = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_ipv4_result, dst_ip_mask, - UINT32); - -cmdline_parse_token_num_t cmd_firewall_add_ipv4_src_port_from = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_ipv4_result, - src_port_from, UINT16); - -cmdline_parse_token_num_t cmd_firewall_add_ipv4_src_port_to = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_ipv4_result, - src_port_to, UINT16); - -cmdline_parse_token_num_t cmd_firewall_add_ipv4_dst_port_from = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_ipv4_result, - dst_port_from, UINT16); - -cmdline_parse_token_num_t cmd_firewall_add_ipv4_dst_port_to = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_ipv4_result, - dst_port_to, UINT16); - -cmdline_parse_token_num_t cmd_firewall_add_ipv4_proto = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_ipv4_result, - proto, UINT8); - -cmdline_parse_token_num_t cmd_firewall_add_ipv4_proto_mask = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_ipv4_result, - proto_mask, UINT8); - -cmdline_parse_token_num_t cmd_firewall_add_ipv4_port_id = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_ipv4_result, - port_id, UINT8); - -cmdline_parse_inst_t cmd_firewall_add_ipv4 = { - .f = cmd_firewall_add_ipv4_parsed, - .data = NULL, - .help_str = "Firewall rule add", - .tokens = { - (void *) &cmd_firewall_add_ipv4_p_string, - (void *) &cmd_firewall_add_ipv4_pipeline_id, - (void *) &cmd_firewall_add_ipv4_firewall_string, - (void *) &cmd_firewall_add_ipv4_add_string, - (void *) &cmd_firewall_add_ipv4_ipv4_string, - (void *) &cmd_firewall_add_ipv4_priority, - (void *) &cmd_firewall_add_ipv4_src_ip, - (void *) &cmd_firewall_add_ipv4_src_ip_mask, - (void *) &cmd_firewall_add_ipv4_dst_ip, - (void *) &cmd_firewall_add_ipv4_dst_ip_mask, - (void *) &cmd_firewall_add_ipv4_src_port_from, - (void *) &cmd_firewall_add_ipv4_src_port_to, - (void *) &cmd_firewall_add_ipv4_dst_port_from, - (void *) &cmd_firewall_add_ipv4_dst_port_to, - (void *) &cmd_firewall_add_ipv4_proto, - (void *) &cmd_firewall_add_ipv4_proto_mask, - (void *) &cmd_firewall_add_ipv4_port_id, - NULL, - }, -}; - -/* - * p firewall del ipv4 - */ - -struct cmd_firewall_del_ipv4_result { - cmdline_fixed_string_t p_string; - uint32_t pipeline_id; - cmdline_fixed_string_t firewall_string; - cmdline_fixed_string_t del_string; - cmdline_fixed_string_t ipv4_string; - cmdline_ipaddr_t src_ip; - uint32_t src_ip_mask; - cmdline_ipaddr_t dst_ip; - uint32_t dst_ip_mask; - uint16_t src_port_from; - uint16_t src_port_to; - uint16_t dst_port_from; - uint16_t dst_port_to; + uint32_t priority; + struct in_addr sipaddr; + uint32_t sipdepth; + struct in_addr dipaddr; + uint32_t dipdepth; + uint16_t sport0; + uint16_t sport1; + uint16_t dport0; + uint16_t dport1; uint8_t proto; - uint8_t proto_mask; -}; + uint8_t protomask; + uint32_t port_id; + char *filepath; -static void -cmd_firewall_del_ipv4_parsed( - void *parsed_result, - __attribute__((unused)) struct cmdline *cl, - void *data) -{ - struct cmd_firewall_del_ipv4_result *params = parsed_result; - struct app_params *app = data; - struct pipeline_firewall_key key; - int status; - - key.type = PIPELINE_FIREWALL_IPV4_5TUPLE; - key.key.ipv4_5tuple.src_ip = rte_bswap32( - (uint32_t) params->src_ip.addr.ipv4.s_addr); - key.key.ipv4_5tuple.src_ip_mask = params->src_ip_mask; - key.key.ipv4_5tuple.dst_ip = rte_bswap32( - (uint32_t) params->dst_ip.addr.ipv4.s_addr); - key.key.ipv4_5tuple.dst_ip_mask = params->dst_ip_mask; - key.key.ipv4_5tuple.src_port_from = params->src_port_from; - key.key.ipv4_5tuple.src_port_to = params->src_port_to; - key.key.ipv4_5tuple.dst_port_from = params->dst_port_from; - key.key.ipv4_5tuple.dst_port_to = params->dst_port_to; - key.key.ipv4_5tuple.proto = params->proto; - key.key.ipv4_5tuple.proto_mask = params->proto_mask; - - status = app_pipeline_firewall_delete_rule(app, - params->pipeline_id, - &key); + char *tokens[17]; + uint32_t n_tokens = RTE_DIM(tokens); + status = parse_tokenize_string(params->multi_string, tokens, &n_tokens); if (status != 0) { - printf("Command failed\n"); + printf("Too many tokens\n"); return; } -} -cmdline_parse_token_string_t cmd_firewall_del_ipv4_p_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_ipv4_result, p_string, - "p"); - -cmdline_parse_token_num_t cmd_firewall_del_ipv4_pipeline_id = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_del_ipv4_result, pipeline_id, - UINT32); - -cmdline_parse_token_string_t cmd_firewall_del_ipv4_firewall_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_ipv4_result, - firewall_string, "firewall"); - -cmdline_parse_token_string_t cmd_firewall_del_ipv4_del_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_ipv4_result, - del_string, "del"); - -cmdline_parse_token_string_t cmd_firewall_del_ipv4_ipv4_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_ipv4_result, - ipv4_string, "ipv4"); - -cmdline_parse_token_ipaddr_t cmd_firewall_del_ipv4_src_ip = - TOKEN_IPV4_INITIALIZER(struct cmd_firewall_del_ipv4_result, src_ip); - -cmdline_parse_token_num_t cmd_firewall_del_ipv4_src_ip_mask = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_del_ipv4_result, src_ip_mask, - UINT32); - -cmdline_parse_token_ipaddr_t cmd_firewall_del_ipv4_dst_ip = - TOKEN_IPV4_INITIALIZER(struct cmd_firewall_del_ipv4_result, dst_ip); - -cmdline_parse_token_num_t cmd_firewall_del_ipv4_dst_ip_mask = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_del_ipv4_result, dst_ip_mask, - UINT32); - -cmdline_parse_token_num_t cmd_firewall_del_ipv4_src_port_from = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_del_ipv4_result, - src_port_from, UINT16); - -cmdline_parse_token_num_t cmd_firewall_del_ipv4_src_port_to = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_del_ipv4_result, src_port_to, - UINT16); - -cmdline_parse_token_num_t cmd_firewall_del_ipv4_dst_port_from = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_del_ipv4_result, - dst_port_from, UINT16); - -cmdline_parse_token_num_t cmd_firewall_del_ipv4_dst_port_to = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_del_ipv4_result, - dst_port_to, UINT16); - -cmdline_parse_token_num_t cmd_firewall_del_ipv4_proto = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_del_ipv4_result, - proto, UINT8); - -cmdline_parse_token_num_t cmd_firewall_del_ipv4_proto_mask = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_del_ipv4_result, proto_mask, - UINT8); - -cmdline_parse_inst_t cmd_firewall_del_ipv4 = { - .f = cmd_firewall_del_ipv4_parsed, - .data = NULL, - .help_str = "Firewall rule delete", - .tokens = { - (void *) &cmd_firewall_del_ipv4_p_string, - (void *) &cmd_firewall_del_ipv4_pipeline_id, - (void *) &cmd_firewall_del_ipv4_firewall_string, - (void *) &cmd_firewall_del_ipv4_del_string, - (void *) &cmd_firewall_del_ipv4_ipv4_string, - (void *) &cmd_firewall_del_ipv4_src_ip, - (void *) &cmd_firewall_del_ipv4_src_ip_mask, - (void *) &cmd_firewall_del_ipv4_dst_ip, - (void *) &cmd_firewall_del_ipv4_dst_ip_mask, - (void *) &cmd_firewall_del_ipv4_src_port_from, - (void *) &cmd_firewall_del_ipv4_src_port_to, - (void *) &cmd_firewall_del_ipv4_dst_port_from, - (void *) &cmd_firewall_del_ipv4_dst_port_to, - (void *) &cmd_firewall_del_ipv4_proto, - (void *) &cmd_firewall_del_ipv4_proto_mask, - NULL, - }, -}; - -/* - * p firewall add bulk - */ - -struct cmd_firewall_add_bulk_result { - cmdline_fixed_string_t p_string; - uint32_t pipeline_id; - cmdline_fixed_string_t firewall_string; - cmdline_fixed_string_t add_string; - cmdline_fixed_string_t bulk_string; - cmdline_fixed_string_t file_path; -}; - -static void -cmd_firewall_add_bulk_parsed( - void *parsed_result, - __attribute__((unused)) struct cmdline *cl, - void *data) -{ - struct cmd_firewall_add_bulk_result *params = parsed_result; - struct app_params *app = data; - int status; - - struct app_pipeline_add_bulk_params add_bulk_params; - - status = app_pipeline_add_bulk_parse_file(params->file_path, &add_bulk_params); - if (status != 0) { - printf("Command failed\n"); - goto end; + if ((n_tokens > 0) && (0 != strcmp(tokens[0], "add")) && (0 != strcmp(tokens[0], "del")) + && (0 != strcmp(tokens[0], "ls"))) { + printf("Usage: \n p firewall add ... \n p firewall del... \n p firewall ls\n"); + return; } - status = app_pipeline_firewall_add_bulk(app, params->pipeline_id, add_bulk_params.keys, - add_bulk_params.n_keys, add_bulk_params.priorities, add_bulk_params.port_ids); - if (status != 0) { - printf("Command failed\n"); - goto end; + /* Parsing add command*/ + if ((n_tokens > 0) && (0 == strcmp(tokens[0], "add"))) { + if (n_tokens > 18) { + printf("Command failed firewall add too many arguments\n"); + return; + } + if (n_tokens < 2) { + printf( + "Usage: \n p firewall add priority ... \n p " + "firewall add bulk ... \n p firewall default ..\n"); + return; + } + + /* Parsing add priority */ + if (0 == strcmp(tokens[1], "priority")) { + + if (n_tokens > 16) { + printf( + "Usage\n too many arguments\n p firewall " + "add priority ipv4 " + " " + " port \n"); + return; + } + + if (n_tokens < 16) { + printf( + "Usage\nnot enough arguments\n p firewall" + " add priority ipv4 " + " " + " port \n"); + return; + } + + if (parser_read_uint32(&priority, tokens[2])) { + printf("Incorrect format for priority\n"); + return; + } + + if (strcmp(tokens[3], "ipv4")) { + printf("string supported ipv4\n"); + return; + } + + if (parse_ipv4_addr(tokens[4], &sipaddr)) { + printf("Incorrect format for sipaddr\n"); + return; + } + + if (parser_read_uint32(&sipdepth, tokens[5])) { + printf("Incorrect format for sipdepth\n"); + return; + } + + if (parse_ipv4_addr(tokens[6], &dipaddr)) { + printf("Incorrect format for dipaddr\n"); + return; + } + + if (parser_read_uint32(&dipdepth, tokens[7])) { + printf("Incorrect format for dipdepth\n"); + return; + } + + if (parser_read_uint16(&sport0, tokens[8])) { + printf("Incorrect format for sport0\n"); + return; + } + + if (parser_read_uint16(&sport1, tokens[9])) { + printf("Incorrect format for sport1\n"); + return; + } + + if (parser_read_uint16(&dport0, tokens[10])) { + printf("Incorrect format for dport0\n"); + return; + } + + if (parser_read_uint16(&dport1, tokens[11])) { + printf("Incorrect format for dport1\n"); + return; + } + + if (parser_read_uint8(&proto, tokens[12])) { + printf("Incorrect format for proto\n"); + return; + } + + char *e; + protomask = strtoul(tokens[13], &e, 16); + if (*e || errno == EINVAL || errno == ERANGE) { + printf("Incorrect format for protomask - should be in hex \n"); + return; + } + + if (strcmp(tokens[14], "port")) { + printf("string supported port\n"); + return; + } + + if (parser_read_uint32(&port_id, tokens[15])) { + printf("Incorrect format for port ID\n"); + return; + } + + key.type = PIPELINE_FIREWALL_IPV4_5TUPLE; + key.key.ipv4_5tuple.src_ip = rte_bswap32((uint32_t) sipaddr.s_addr); + key.key.ipv4_5tuple.src_ip_mask = sipdepth; + key.key.ipv4_5tuple.dst_ip = rte_bswap32((uint32_t) dipaddr.s_addr); + key.key.ipv4_5tuple.dst_ip_mask = dipdepth; + key.key.ipv4_5tuple.src_port_from = sport0; + key.key.ipv4_5tuple.src_port_to = sport1; + key.key.ipv4_5tuple.dst_port_from = dport0; + key.key.ipv4_5tuple.dst_port_to = dport1; + key.key.ipv4_5tuple.proto = proto; + key.key.ipv4_5tuple.proto_mask = protomask; + + status = app_pipeline_firewall_add_rule(app, params->pipeline_id, + &key, priority, port_id); + + if (status != 0) + printf("Command failed\n"); + + return; + + } + + /* Parsing add default */ + if ((0 == strcmp(tokens[1], "default")) + && (0 != strcmp(tokens[1], "bulk")) + && (0 != strcmp(tokens[1], "priority"))) { + if (n_tokens > 3) { + printf( + "too many arguments: \np firewall add " + "default "); + return; + } + + if (n_tokens < 3) { + printf( + "not enough arguments \np firewall add " + "default "); + return; + } + + if (parser_read_uint32(&port_id, tokens[2])) { + printf("Incorrect format for port ID\n"); + return; + } + + status = app_pipeline_firewall_add_default_rule(app, + params->pipeline_id, port_id); + + if (status != 0) + printf("Command failed\n"); + + return; + } + + /* Parsing add bulk */ + if (0 == strcmp(tokens[1], "bulk")) { + if (n_tokens > 3) { + printf( + "too many arguments: \np firewall add " + "bulk "); + return; + } + + if (n_tokens < 3) { + printf( + "not enough arguments \np firewall add " + "bulk "); + return; + } + + filepath = tokens[2]; + printf("%s", filepath); + + struct app_pipeline_add_bulk_params add_bulk_params; + memset(&add_bulk_params, 0, sizeof(struct app_pipeline_add_bulk_params)); + + status = app_pipeline_add_bulk_parse_file(filepath, + &add_bulk_params); + if (status != 0) { + printf("Command failed\n"); + goto end; + } + + status = app_pipeline_firewall_add_bulk(app, params->pipeline_id, + add_bulk_params.keys, add_bulk_params.n_keys, + add_bulk_params.priorities, add_bulk_params.port_ids); + if (status != 0) { + printf("Command failed\n"); + goto end; + } + + return; + + end: + rte_free(add_bulk_params.keys); + rte_free(add_bulk_params.priorities); + rte_free(add_bulk_params.port_ids); + return; + + } } -end: - rte_free(add_bulk_params.keys); - rte_free(add_bulk_params.priorities); - rte_free(add_bulk_params.port_ids); -} - -cmdline_parse_token_string_t cmd_firewall_add_bulk_p_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_bulk_result, p_string, - "p"); - -cmdline_parse_token_num_t cmd_firewall_add_bulk_pipeline_id = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_bulk_result, pipeline_id, - UINT32); - -cmdline_parse_token_string_t cmd_firewall_add_bulk_firewall_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_bulk_result, - firewall_string, "firewall"); - -cmdline_parse_token_string_t cmd_firewall_add_bulk_add_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_bulk_result, - add_string, "add"); - -cmdline_parse_token_string_t cmd_firewall_add_bulk_bulk_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_bulk_result, - bulk_string, "bulk"); - -cmdline_parse_token_string_t cmd_firewall_add_bulk_file_path_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_bulk_result, - file_path, NULL); - -cmdline_parse_inst_t cmd_firewall_add_bulk = { - .f = cmd_firewall_add_bulk_parsed, - .data = NULL, - .help_str = "Firewall rule add bulk", - .tokens = { - (void *) &cmd_firewall_add_bulk_p_string, - (void *) &cmd_firewall_add_bulk_pipeline_id, - (void *) &cmd_firewall_add_bulk_firewall_string, - (void *) &cmd_firewall_add_bulk_add_string, - (void *) &cmd_firewall_add_bulk_bulk_string, - (void *) &cmd_firewall_add_bulk_file_path_string, - NULL, - }, -}; - -/* - * p firewall del bulk - */ - -struct cmd_firewall_del_bulk_result { - cmdline_fixed_string_t p_string; - uint32_t pipeline_id; - cmdline_fixed_string_t firewall_string; - cmdline_fixed_string_t del_string; - cmdline_fixed_string_t bulk_string; - cmdline_fixed_string_t file_path; -}; - -static void -cmd_firewall_del_bulk_parsed( - void *parsed_result, - __attribute__((unused)) struct cmdline *cl, - void *data) -{ - struct cmd_firewall_del_bulk_result *params = parsed_result; - struct app_params *app = data; - int status; - - struct app_pipeline_del_bulk_params del_bulk_params; - - status = app_pipeline_del_bulk_parse_file(params->file_path, &del_bulk_params); - if (status != 0) { - printf("Command failed\n"); - goto end; + /* Parsing del command */ + if ((n_tokens > 0) && (0 == strcmp(tokens[0], "del"))) { + if (n_tokens > 15) { + printf("Command failed firewall add too many arguments\n"); + return; + } + if (n_tokens < 2) { + printf( + "Usage: \n p firewall del ipv4 ... \n p firewall " + "del bulk ... \n p firewall del default ...\n"); + return; + } + + if (strcmp(tokens[1], "ipv4") == 0) { + if (n_tokens > 12) { + printf( + "too many arguments: \np firewall del" + " ipv4 .. "); + return; + } + + if (n_tokens < 12) { + printf( + "not enough arguments \np firewall del" + " ipv4 .. "); + return; + } + + if (parse_ipv4_addr(tokens[2], &sipaddr)) { + printf("Incorrect format for sipaddr\n"); + return; + } + + if (parser_read_uint32(&sipdepth, tokens[3])) { + printf("Incorrect format for sipdepth\n"); + return; + } + + if (parse_ipv4_addr(tokens[4], &dipaddr)) { + printf("Incorrect format for dipaddr\n"); + return; + } + + if (parser_read_uint32(&dipdepth, tokens[5])) { + printf("Incorrect format for dipdepth\n"); + return; + } + + if (parser_read_uint16(&sport0, tokens[6])) { + printf("Incorrect format for sport0\n"); + return; + } + + if (parser_read_uint16(&sport1, tokens[7])) { + printf("Incorrect format for sport1\n"); + return; + } + if (parser_read_uint16(&dport0, tokens[8])) { + printf("Incorrect format for dport0\n"); + return; + } + + if (parser_read_uint16(&dport1, tokens[9])) { + printf("Incorrect format for dport1\n"); + return; + } + + if (parser_read_uint8(&proto, tokens[10])) { + printf("Incorrect format for proto\n"); + return; + } + + char *e; + protomask = strtoul(tokens[11], &e, 16); + if (*e || errno == EINVAL || errno == ERANGE) { + printf("Incorrect format for protomask - should be in hex \n"); + return; + } + + key.type = PIPELINE_FIREWALL_IPV4_5TUPLE; + key.key.ipv4_5tuple.src_ip = rte_bswap32((uint32_t) sipaddr.s_addr); + key.key.ipv4_5tuple.src_ip_mask = sipdepth; + key.key.ipv4_5tuple.dst_ip = rte_bswap32((uint32_t) dipaddr.s_addr); + key.key.ipv4_5tuple.dst_ip_mask = dipdepth; + key.key.ipv4_5tuple.src_port_from = sport0; + key.key.ipv4_5tuple.src_port_to = sport1; + key.key.ipv4_5tuple.dst_port_from = dport0; + key.key.ipv4_5tuple.dst_port_to = dport1; + key.key.ipv4_5tuple.proto = proto; + key.key.ipv4_5tuple.proto_mask = protomask; + + status = app_pipeline_firewall_delete_rule(app, params->pipeline_id, + &key); + + if (status != 0) + printf("Command failed\n"); + + return; + } + + /* del bulk */ + if (strcmp(tokens[1], "bulk") == 0) { + if (n_tokens > 3) { + printf( + "too many arguments: \np firewall del " + "bulk "); + return; + } + + if (n_tokens < 3) { + printf( + "not enough arguments \np firewall del" + " bulk "); + return; + } + + filepath = tokens[2]; + struct app_pipeline_del_bulk_params del_bulk_params; + memset(&del_bulk_params, 0, sizeof(struct app_pipeline_del_bulk_params)); + + status = app_pipeline_del_bulk_parse_file(filepath, + &del_bulk_params); + if (status != 0) { + printf("Command failed\n"); + goto end1; + } + + status = app_pipeline_firewall_delete_bulk(app, params->pipeline_id, + del_bulk_params.keys, del_bulk_params.n_keys); + if (status != 0) { + printf("Command failed\n"); + goto end1; + } + return; + + end1: rte_free(del_bulk_params.keys); + return; + + } + + if (strcmp(tokens[1], "default") == 0) { + if (n_tokens > 2) { + printf( + "too many arguments: \np firewall del " + "default"); + return; + } + + if (n_tokens < 2) { + printf( + "not enough arguments \np firewall del " + "default"); + return; + } + + status = app_pipeline_firewall_delete_default_rule(app, + params->pipeline_id); + + if (status != 0) + printf("Command failed\n"); + + return; + + } } - status = app_pipeline_firewall_delete_bulk(app, params->pipeline_id, - del_bulk_params.keys, del_bulk_params.n_keys); - if (status != 0) { - printf("Command failed\n"); - goto end; - } - -end: - rte_free(del_bulk_params.keys); -} - -cmdline_parse_token_string_t cmd_firewall_del_bulk_p_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_bulk_result, p_string, - "p"); - -cmdline_parse_token_num_t cmd_firewall_del_bulk_pipeline_id = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_del_bulk_result, pipeline_id, - UINT32); - -cmdline_parse_token_string_t cmd_firewall_del_bulk_firewall_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_bulk_result, - firewall_string, "firewall"); - -cmdline_parse_token_string_t cmd_firewall_del_bulk_add_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_bulk_result, - del_string, "del"); - -cmdline_parse_token_string_t cmd_firewall_del_bulk_bulk_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_bulk_result, - bulk_string, "bulk"); - -cmdline_parse_token_string_t cmd_firewall_del_bulk_file_path_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_bulk_result, - file_path, NULL); - -cmdline_parse_inst_t cmd_firewall_del_bulk = { - .f = cmd_firewall_del_bulk_parsed, - .data = NULL, - .help_str = "Firewall rule del bulk", - .tokens = { - (void *) &cmd_firewall_del_bulk_p_string, - (void *) &cmd_firewall_del_bulk_pipeline_id, - (void *) &cmd_firewall_del_bulk_firewall_string, - (void *) &cmd_firewall_del_bulk_add_string, - (void *) &cmd_firewall_del_bulk_bulk_string, - (void *) &cmd_firewall_del_bulk_file_path_string, - NULL, - }, -}; + /* Parsing ls command */ + if ((n_tokens > 0) && (0 == strcmp(tokens[0], "ls"))) { -/* - * p firewall add default - */ -struct cmd_firewall_add_default_result { - cmdline_fixed_string_t p_string; - uint32_t pipeline_id; - cmdline_fixed_string_t firewall_string; - cmdline_fixed_string_t add_string; - cmdline_fixed_string_t default_string; - uint8_t port_id; -}; + if (n_tokens > 1) { + printf("Command firewall ls too many arguments\n"); + return; + } -static void -cmd_firewall_add_default_parsed( - void *parsed_result, - __attribute__((unused)) struct cmdline *cl, - void *data) -{ - struct cmd_firewall_add_default_result *params = parsed_result; - struct app_params *app = data; - int status; + status = app_pipeline_firewall_ls(app, params->pipeline_id); - status = app_pipeline_firewall_add_default_rule(app, - params->pipeline_id, - params->port_id); + if (status != 0) + printf("Command firewall ls failed\n"); - if (status != 0) { - printf("Command failed\n"); return; - } -} - -cmdline_parse_token_string_t cmd_firewall_add_default_p_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_default_result, - p_string, "p"); - -cmdline_parse_token_num_t cmd_firewall_add_default_pipeline_id = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_default_result, - pipeline_id, UINT32); -cmdline_parse_token_string_t cmd_firewall_add_default_firewall_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_default_result, - firewall_string, "firewall"); - -cmdline_parse_token_string_t cmd_firewall_add_default_add_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_default_result, - add_string, "add"); - -cmdline_parse_token_string_t cmd_firewall_add_default_default_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_add_default_result, - default_string, "default"); - -cmdline_parse_token_num_t cmd_firewall_add_default_port_id = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_add_default_result, port_id, - UINT8); - -cmdline_parse_inst_t cmd_firewall_add_default = { - .f = cmd_firewall_add_default_parsed, - .data = NULL, - .help_str = "Firewall default rule add", - .tokens = { - (void *) &cmd_firewall_add_default_p_string, - (void *) &cmd_firewall_add_default_pipeline_id, - (void *) &cmd_firewall_add_default_firewall_string, - (void *) &cmd_firewall_add_default_add_string, - (void *) &cmd_firewall_add_default_default_string, - (void *) &cmd_firewall_add_default_port_id, - NULL, - }, -}; - -/* - * p firewall del default - */ -struct cmd_firewall_del_default_result { - cmdline_fixed_string_t p_string; - uint32_t pipeline_id; - cmdline_fixed_string_t firewall_string; - cmdline_fixed_string_t del_string; - cmdline_fixed_string_t default_string; -}; - -static void -cmd_firewall_del_default_parsed( - void *parsed_result, - __attribute__((unused)) struct cmdline *cl, - void *data) -{ - struct cmd_firewall_del_default_result *params = parsed_result; - struct app_params *app = data; - int status; - - status = app_pipeline_firewall_delete_default_rule(app, - params->pipeline_id); - - if (status != 0) { - printf("Command failed\n"); - return; } -} - -cmdline_parse_token_string_t cmd_firewall_del_default_p_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_default_result, - p_string, "p"); -cmdline_parse_token_num_t cmd_firewall_del_default_pipeline_id = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_del_default_result, - pipeline_id, UINT32); - -cmdline_parse_token_string_t cmd_firewall_del_default_firewall_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_default_result, - firewall_string, "firewall"); - -cmdline_parse_token_string_t cmd_firewall_del_default_del_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_default_result, - del_string, "del"); - -cmdline_parse_token_string_t cmd_firewall_del_default_default_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_del_default_result, - default_string, "default"); - -cmdline_parse_inst_t cmd_firewall_del_default = { - .f = cmd_firewall_del_default_parsed, - .data = NULL, - .help_str = "Firewall default rule delete", - .tokens = { - (void *) &cmd_firewall_del_default_p_string, - (void *) &cmd_firewall_del_default_pipeline_id, - (void *) &cmd_firewall_del_default_firewall_string, - (void *) &cmd_firewall_del_default_del_string, - (void *) &cmd_firewall_del_default_default_string, - NULL, - }, -}; - -/* - * p firewall ls - */ - -struct cmd_firewall_ls_result { - cmdline_fixed_string_t p_string; - uint32_t pipeline_id; - cmdline_fixed_string_t firewall_string; - cmdline_fixed_string_t ls_string; -}; - -static void -cmd_firewall_ls_parsed( - void *parsed_result, - __attribute__((unused)) struct cmdline *cl, - void *data) -{ - struct cmd_firewall_ls_result *params = parsed_result; - struct app_params *app = data; - int status; - - status = app_pipeline_firewall_ls(app, params->pipeline_id); - - if (status != 0) { - printf("Command failed\n"); - return; - } } -cmdline_parse_token_string_t cmd_firewall_ls_p_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_ls_result, p_string, +cmdline_parse_token_string_t cmd_firewall_p_string = + TOKEN_STRING_INITIALIZER(struct cmd_firewall_parsed_result, p_string, "p"); -cmdline_parse_token_num_t cmd_firewall_ls_pipeline_id = - TOKEN_NUM_INITIALIZER(struct cmd_firewall_ls_result, pipeline_id, +cmdline_parse_token_num_t cmd_firewall_pipeline_id = + TOKEN_NUM_INITIALIZER(struct cmd_firewall_parsed_result, pipeline_id, UINT32); -cmdline_parse_token_string_t cmd_firewall_ls_firewall_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_ls_result, +cmdline_parse_token_string_t cmd_firewall_firewall_string = + TOKEN_STRING_INITIALIZER(struct cmd_firewall_parsed_result, firewall_string, "firewall"); -cmdline_parse_token_string_t cmd_firewall_ls_ls_string = - TOKEN_STRING_INITIALIZER(struct cmd_firewall_ls_result, ls_string, - "ls"); +static cmdline_parse_token_string_t cmd_firewall_multi_string = + TOKEN_STRING_INITIALIZER(struct cmd_firewall_parsed_result, multi_string, + TOKEN_STRING_MULTI); -cmdline_parse_inst_t cmd_firewall_ls = { - .f = cmd_firewall_ls_parsed, +cmdline_parse_inst_t cmd_firewall = { + .f = cmd_firewall_parsed, .data = NULL, - .help_str = "Firewall rule list", + .help_str = "\n p firewall add priority ipv4 " + " " + " port \n" + "\n p firewall add bulk \n" + "\n p firewall add default \n" + "\n p firewall del ipv4 " + " " + " \n" + "\n p firewall del bulk \n" + "\n p firewall del default \n" + "\n p firewall ls \n", .tokens = { - (void *) &cmd_firewall_ls_p_string, - (void *) &cmd_firewall_ls_pipeline_id, - (void *) &cmd_firewall_ls_firewall_string, - (void *) &cmd_firewall_ls_ls_string, + (void *) &cmd_firewall_p_string, + (void *) &cmd_firewall_pipeline_id, + (void *) &cmd_firewall_firewall_string, + (void *)&cmd_firewall_multi_string, NULL, }, }; static cmdline_parse_ctx_t pipeline_cmds[] = { - (cmdline_parse_inst_t *) &cmd_firewall_add_ipv4, - (cmdline_parse_inst_t *) &cmd_firewall_del_ipv4, - (cmdline_parse_inst_t *) &cmd_firewall_add_bulk, - (cmdline_parse_inst_t *) &cmd_firewall_del_bulk, - (cmdline_parse_inst_t *) &cmd_firewall_add_default, - (cmdline_parse_inst_t *) &cmd_firewall_del_default, - (cmdline_parse_inst_t *) &cmd_firewall_ls, + (cmdline_parse_inst_t *) &cmd_firewall, NULL, }; -- 1.9.1