From 2402badf86bd853cabba1fe1b3ba6180405d7666 Mon Sep 17 00:00:00 2001 From: mickeyspiegel Date: Fri, 21 Jan 2022 17:32:50 -0800 Subject: [PATCH 1/5] Fix DTel acl rule creation The significant rewrite of aclorch when adding ACL_TABLE_TYPE configuration caused a bug that prevents configuration of any DTel rules. This is due to use of an incorrect set of enum mappings while determining which type of AclRule to create. This commit changes that set of enum mappings. This also updates the list of actions in the DTel Flow and Drop watchlist tables so that they match the existing allowed actions in DTel acl rules. Signed-off-by: mickeyspiegel --- orchagent/aclorch.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/orchagent/aclorch.cpp b/orchagent/aclorch.cpp index c3a9f23ec78..4509283559d 100644 --- a/orchagent/aclorch.cpp +++ b/orchagent/aclorch.cpp @@ -1272,7 +1272,7 @@ shared_ptr AclRule::makeShared(AclOrch *acl, MirrorOrch *mirror, DTelOr { return make_shared(acl, rule, table); } - else if (aclDTelFlowOpTypeLookup.find(action) != aclDTelFlowOpTypeLookup.cend()) + else if (aclDTelActionLookup.find(action) != aclDTelActionLookup.cend()) { if (!dtel) { @@ -4402,6 +4402,8 @@ void AclOrch::createDTelWatchListTables() .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_INNER_DST_IP)) .withAction(SAI_ACL_ACTION_TYPE_ACL_DTEL_FLOW_OP) .withAction(SAI_ACL_ACTION_TYPE_DTEL_INT_SESSION) + .withAction(SAI_ACL_ACTION_TYPE_DTEL_DROP_REPORT_ENABLE) + .withAction(SAI_ACL_ACTION_TYPE_DTEL_TAIL_DROP_REPORT_ENABLE) .withAction(SAI_ACL_ACTION_TYPE_DTEL_REPORT_ALL_PACKETS) .withAction(SAI_ACL_ACTION_TYPE_DTEL_FLOW_SAMPLE_PERCENT) .build() @@ -4419,6 +4421,7 @@ void AclOrch::createDTelWatchListTables() .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_IP_PROTOCOL)) .withAction(SAI_ACL_ACTION_TYPE_DTEL_DROP_REPORT_ENABLE) .withAction(SAI_ACL_ACTION_TYPE_DTEL_TAIL_DROP_REPORT_ENABLE) + .withAction(SAI_ACL_ACTION_TYPE_DTEL_REPORT_ALL_PACKETS) .build() ); dropWLTable.setDescription("Dataplane Telemetry Drop Watchlist table"); From 15f0b40c67b6f347c24ac78084f8e3c292cad3a7 Mon Sep 17 00:00:00 2001 From: mickeyspiegel Date: Fri, 11 Feb 2022 15:36:04 -0800 Subject: [PATCH 2/5] Remove DTel Drop Watchlist table and entry Since the 201911 release, the DTel drop actions have been supported in the DTel Flow Watchlist as well as the DTel Drop Watchlist. This allows for simplified operation where there is a single watchlist (DTel Flow Watchlist) that contains both flow and drop actions. The significant rewrite of aclorch when adding ACL_TABLE_TYPE configuration changed the way that the type of AclRule is determined. The current logic to distinguish between DTelFlow and DTelDrop AclRules is not correct. A fix to this logic would effectively remove the distinction between AclRules of type DTelFlow and DTelDrop, allowing for the larger set of actions supported by DTelFlow in either table. With this change in behavior, this seems like a good time to remove the DTel Drop Watchlist, leaving only the DTel Flow Watchlist that supports the superset of actions for both flow and drop. Signed-off-by: mickeyspiegel --- orchagent/aclorch.cpp | 87 ++----------------------------------------- orchagent/aclorch.h | 11 ------ orchagent/acltable.h | 1 - 3 files changed, 3 insertions(+), 96 deletions(-) diff --git a/orchagent/aclorch.cpp b/orchagent/aclorch.cpp index 4509283559d..c0634a68733 100644 --- a/orchagent/aclorch.cpp +++ b/orchagent/aclorch.cpp @@ -1279,16 +1279,7 @@ shared_ptr AclRule::makeShared(AclOrch *acl, MirrorOrch *mirror, DTelOr throw runtime_error("DTel feature is not enabled. Watchlists cannot be configured"); } - if (action == ACTION_DTEL_DROP_REPORT_ENABLE || - action == ACTION_DTEL_TAIL_DROP_REPORT_ENABLE || - action == ACTION_DTEL_REPORT_ALL_PACKETS) - { - return make_shared(acl, dtel, rule, table); - } - else - { - return make_shared(acl, dtel, rule, table); - } + return make_shared(acl, dtel, rule, table); } } @@ -2447,8 +2438,8 @@ void AclRuleDTelFlowWatchListEntry::onUpdate(SubjectType type, void *cntx) bool AclRuleDTelFlowWatchListEntry::update(const AclRule& rule) { - auto dtelDropWathcListRule = dynamic_cast(&rule); - if (!dtelDropWathcListRule) + auto dtelFlowWatchListRule = dynamic_cast(&rule); + if (!dtelFlowWatchListRule) { SWSS_LOG_ERROR("Cannot update DTEL flow watch list rule with a rule of a different type"); return false; @@ -2458,59 +2449,6 @@ bool AclRuleDTelFlowWatchListEntry::update(const AclRule& rule) return false; } -AclRuleDTelDropWatchListEntry::AclRuleDTelDropWatchListEntry(AclOrch *aclOrch, DTelOrch *dtel, string rule, string table) : - AclRule(aclOrch, rule, table), - m_pDTelOrch(dtel) -{ -} - -bool AclRuleDTelDropWatchListEntry::validateAddAction(string attr_name, string attr_val) -{ - SWSS_LOG_ENTER(); - - if (!m_pDTelOrch) - { - return false; - } - - sai_acl_action_data_t actionData; - string attr_value = to_upper(attr_val); - - if (attr_name != ACTION_DTEL_DROP_REPORT_ENABLE && - attr_name != ACTION_DTEL_TAIL_DROP_REPORT_ENABLE && - attr_name != ACTION_DTEL_REPORT_ALL_PACKETS) - { - return false; - } - - actionData.parameter.booldata = (attr_value == DTEL_ENABLED) ? true : false; - actionData.enable = (attr_value == DTEL_ENABLED) ? true : false; - - return setAction(aclDTelActionLookup[attr_name], actionData); -} - -bool AclRuleDTelDropWatchListEntry::validate() -{ - SWSS_LOG_ENTER(); - - if (!m_pDTelOrch) - { - return false; - } - - if ((m_rangeConfig.empty() && m_matches.empty()) || m_actions.size() == 0) - { - return false; - } - - return true; -} - -void AclRuleDTelDropWatchListEntry::onUpdate(SubjectType, void *) -{ - // Do nothing -} - AclRange::AclRange(sai_acl_range_type_t type, sai_object_id_t oid, int min, int max): m_oid(oid), m_refCnt(0), m_min(min), m_max(max), m_type(type) { @@ -4385,7 +4323,6 @@ void AclOrch::createDTelWatchListTables() AclTableTypeBuilder builder; AclTable flowWLTable(this, TABLE_TYPE_DTEL_FLOW_WATCHLIST); - AclTable dropWLTable(this, TABLE_TYPE_DTEL_DROP_WATCHLIST); flowWLTable.validateAddStage(ACL_STAGE_INGRESS); flowWLTable.validateAddType(builder @@ -4410,24 +4347,7 @@ void AclOrch::createDTelWatchListTables() ); flowWLTable.setDescription("Dataplane Telemetry Flow Watchlist table"); - dropWLTable.validateAddStage(ACL_STAGE_INGRESS); - dropWLTable.validateAddType(builder - .withBindPointType(SAI_ACL_BIND_POINT_TYPE_SWITCH) - .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_ETHER_TYPE)) - .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_SRC_IP)) - .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_DST_IP)) - .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_L4_SRC_PORT)) - .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_L4_DST_PORT)) - .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_IP_PROTOCOL)) - .withAction(SAI_ACL_ACTION_TYPE_DTEL_DROP_REPORT_ENABLE) - .withAction(SAI_ACL_ACTION_TYPE_DTEL_TAIL_DROP_REPORT_ENABLE) - .withAction(SAI_ACL_ACTION_TYPE_DTEL_REPORT_ALL_PACKETS) - .build() - ); - dropWLTable.setDescription("Dataplane Telemetry Drop Watchlist table"); - addAclTable(flowWLTable); - addAclTable(dropWLTable); } void AclOrch::deleteDTelWatchListTables() @@ -4435,7 +4355,6 @@ void AclOrch::deleteDTelWatchListTables() SWSS_LOG_ENTER(); removeAclTable(TABLE_TYPE_DTEL_FLOW_WATCHLIST); - removeAclTable(TABLE_TYPE_DTEL_DROP_WATCHLIST); } void AclOrch::registerFlexCounter(const AclRule& rule) diff --git a/orchagent/aclorch.h b/orchagent/aclorch.h index 9e6db3919c5..65b522520a9 100644 --- a/orchagent/aclorch.h +++ b/orchagent/aclorch.h @@ -355,17 +355,6 @@ class AclRuleDTelFlowWatchListEntry: public AclRule bool INT_session_valid; }; -class AclRuleDTelDropWatchListEntry: public AclRule -{ -public: - AclRuleDTelDropWatchListEntry(AclOrch *m_pAclOrch, DTelOrch *m_pDTelOrch, string rule, string table); - bool validateAddAction(string attr_name, string attr_value); - bool validate(); - void onUpdate(SubjectType, void *) override; -protected: - DTelOrch *m_pDTelOrch; -}; - class AclTable { public: diff --git a/orchagent/acltable.h b/orchagent/acltable.h index 3ec7f1a757e..2d91a84b986 100644 --- a/orchagent/acltable.h +++ b/orchagent/acltable.h @@ -31,7 +31,6 @@ extern "C" { #define TABLE_TYPE_PFCWD "PFCWD" #define TABLE_TYPE_CTRLPLANE "CTRLPLANE" #define TABLE_TYPE_DTEL_FLOW_WATCHLIST "DTEL_FLOW_WATCHLIST" -#define TABLE_TYPE_DTEL_DROP_WATCHLIST "DTEL_DROP_WATCHLIST" #define TABLE_TYPE_MCLAG "MCLAG" #define TABLE_TYPE_MUX "MUX" #define TABLE_TYPE_DROP "DROP" From 59f5a25ba43045ff374be09c6913505fb808cb2d Mon Sep 17 00:00:00 2001 From: mickeyspiegel Date: Mon, 21 Feb 2022 12:58:11 -0800 Subject: [PATCH 3/5] Terminology: DTelFlowWatchList to DTelWatchList Note: Leaving definition of TABLE_TYPE_DTEL_FLOW_WATCHLIST unchanged for backwards compatibility. Signed-off-by: mickeyspiegel --- orchagent/aclorch.cpp | 38 +++++++++++++++++++------------------- orchagent/aclorch.h | 4 ++-- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/orchagent/aclorch.cpp b/orchagent/aclorch.cpp index c0634a68733..bd2df7ab1f7 100644 --- a/orchagent/aclorch.cpp +++ b/orchagent/aclorch.cpp @@ -1279,7 +1279,7 @@ shared_ptr AclRule::makeShared(AclOrch *acl, MirrorOrch *mirror, DTelOr throw runtime_error("DTel feature is not enabled. Watchlists cannot be configured"); } - return make_shared(acl, dtel, rule, table); + return make_shared(acl, dtel, rule, table); } } @@ -2210,13 +2210,13 @@ bool AclTable::clear() return true; } -AclRuleDTelFlowWatchListEntry::AclRuleDTelFlowWatchListEntry(AclOrch *aclOrch, DTelOrch *dtel, string rule, string table) : +AclRuleDTelWatchListEntry::AclRuleDTelWatchListEntry(AclOrch *aclOrch, DTelOrch *dtel, string rule, string table) : AclRule(aclOrch, rule, table), m_pDTelOrch(dtel) { } -bool AclRuleDTelFlowWatchListEntry::validateAddAction(string attr_name, string attr_val) +bool AclRuleDTelWatchListEntry::validateAddAction(string attr_name, string attr_val) { SWSS_LOG_ENTER(); @@ -2298,7 +2298,7 @@ bool AclRuleDTelFlowWatchListEntry::validateAddAction(string attr_name, string a return setAction(aclDTelActionLookup[attr_name], actionData); } -bool AclRuleDTelFlowWatchListEntry::validate() +bool AclRuleDTelWatchListEntry::validate() { SWSS_LOG_ENTER(); @@ -2315,19 +2315,19 @@ bool AclRuleDTelFlowWatchListEntry::validate() return true; } -bool AclRuleDTelFlowWatchListEntry::createRule() +bool AclRuleDTelWatchListEntry::createRule() { SWSS_LOG_ENTER(); return activate(); } -bool AclRuleDTelFlowWatchListEntry::removeRule() +bool AclRuleDTelWatchListEntry::removeRule() { return deactivate(); } -bool AclRuleDTelFlowWatchListEntry::activate() +bool AclRuleDTelWatchListEntry::activate() { SWSS_LOG_ENTER(); @@ -2344,7 +2344,7 @@ bool AclRuleDTelFlowWatchListEntry::activate() return AclRule::createRule(); } -bool AclRuleDTelFlowWatchListEntry::deactivate() +bool AclRuleDTelWatchListEntry::deactivate() { SWSS_LOG_ENTER(); @@ -2375,7 +2375,7 @@ bool AclRuleDTelFlowWatchListEntry::deactivate() return true; } -void AclRuleDTelFlowWatchListEntry::onUpdate(SubjectType type, void *cntx) +void AclRuleDTelWatchListEntry::onUpdate(SubjectType type, void *cntx) { sai_acl_action_data_t actionData; sai_object_id_t session_oid = SAI_NULL_OBJECT_ID; @@ -2436,16 +2436,16 @@ void AclRuleDTelFlowWatchListEntry::onUpdate(SubjectType type, void *cntx) } } -bool AclRuleDTelFlowWatchListEntry::update(const AclRule& rule) +bool AclRuleDTelWatchListEntry::update(const AclRule& rule) { - auto dtelFlowWatchListRule = dynamic_cast(&rule); - if (!dtelFlowWatchListRule) + auto dtelWatchListRule = dynamic_cast(&rule); + if (!dtelWatchListRule) { - SWSS_LOG_ERROR("Cannot update DTEL flow watch list rule with a rule of a different type"); + SWSS_LOG_ERROR("Cannot update DTEL watch list rule with a rule of a different type"); return false; } - SWSS_LOG_ERROR("Updating DTEL flow watch list rule is currently not implemented"); + SWSS_LOG_ERROR("Updating DTEL watch list rule is currently not implemented"); return false; } @@ -4322,10 +4322,10 @@ void AclOrch::createDTelWatchListTables() AclTableTypeBuilder builder; - AclTable flowWLTable(this, TABLE_TYPE_DTEL_FLOW_WATCHLIST); + AclTable dtelWLTable(this, TABLE_TYPE_DTEL_FLOW_WATCHLIST); - flowWLTable.validateAddStage(ACL_STAGE_INGRESS); - flowWLTable.validateAddType(builder + dtelWLTable.validateAddStage(ACL_STAGE_INGRESS); + dtelWLTable.validateAddType(builder .withBindPointType(SAI_ACL_BIND_POINT_TYPE_SWITCH) .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_ETHER_TYPE)) .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_SRC_IP)) @@ -4345,9 +4345,9 @@ void AclOrch::createDTelWatchListTables() .withAction(SAI_ACL_ACTION_TYPE_DTEL_FLOW_SAMPLE_PERCENT) .build() ); - flowWLTable.setDescription("Dataplane Telemetry Flow Watchlist table"); + dtelWLTable.setDescription("Dataplane Telemetry Watchlist table"); - addAclTable(flowWLTable); + addAclTable(dtelWLTable); } void AclOrch::deleteDTelWatchListTables() diff --git a/orchagent/aclorch.h b/orchagent/aclorch.h index 65b522520a9..4a5c1c103e8 100644 --- a/orchagent/aclorch.h +++ b/orchagent/aclorch.h @@ -334,10 +334,10 @@ class AclRuleMirror: public AclRule MirrorOrch *m_pMirrorOrch {nullptr}; }; -class AclRuleDTelFlowWatchListEntry: public AclRule +class AclRuleDTelWatchListEntry: public AclRule { public: - AclRuleDTelFlowWatchListEntry(AclOrch *m_pAclOrch, DTelOrch *m_pDTelOrch, string rule, string table); + AclRuleDTelWatchListEntry(AclOrch *m_pAclOrch, DTelOrch *m_pDTelOrch, string rule, string table); bool validateAddAction(string attr_name, string attr_value); bool validate(); bool createRule(); From 5478919efa0356850ae849bbe834797296b05dbd Mon Sep 17 00:00:00 2001 From: KostiantynYarovyiBf Date: Mon, 14 Mar 2022 09:40:36 -0700 Subject: [PATCH 4/5] Create sonic-swss tests for dtel acl --- tests/test_dtel.py | 106 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 105 insertions(+), 1 deletion(-) diff --git a/tests/test_dtel.py b/tests/test_dtel.py index b45ba13972b..c8e86d6b7d3 100644 --- a/tests/test_dtel.py +++ b/tests/test_dtel.py @@ -211,7 +211,111 @@ def test_DtelQueueReportAttribs(self, dvs, testlog): assert False tbl._del("Ethernet0|0") - + + def test_DtelFlowWatchlist(self, dvs, testlog): + self.db = swsscommon.DBConnector(4, dvs.redis_sock, 0) + self.adb = swsscommon.DBConnector(1, dvs.redis_sock, 0) + self.table = "DTEL_FLOW_WATCHLIST" + + fields_1=[("PRIORITY", "30"), + ("ETHER_TYPE", "0x800"), + ("L4_DST_PORT", "1674"), + ("FLOW_OP", "POSTCARD"), + ("REPORT_ALL_PACKETS", "FALSE"), + ("DROP_REPORT_ENABLE", "TRUE"), + ("TAIL_DROP_REPORT_ENABLE", "TRUE")] + fields_2=[("PRIORITY", "40"), + ("ETHER_TYPE", "0x800"), + ("L4_DST_PORT", "1674"), + ("FLOW_OP", "POSTCARD"), + ("REPORT_ALL_PACKETS", "TRUE"), + ("DROP_REPORT_ENABLE", "FALSE"), + ("TAIL_DROP_REPORT_ENABLE", "FALSE")] + fields_3=[("PRIORITY", "50"), + ("ETHER_TYPE", "0x800"), + ("L4_DST_PORT", "1674"), + ("FLOW_OP", "POSTCARD"), + ("REPORT_ALL_PACKETS", "TRUE")] + fields_4=[("PRIORITY", "60"), + ("ETHER_TYPE", "0x800"), + ("L4_DST_PORT", "1674"), + ("REPORT_ALL_PACKETS", "TRUE"), + ("DROP_REPORT_ENABLE", "TRUE"), + ("TAIL_DROP_REPORT_ENABLE", "TRUE")] + fields_5=[("PRIORITY", "70"), + ("ETHER_TYPE", "0x800"), + ("L4_DST_PORT", "1674"), + ("FLOW_OP", "NOP"), + ("REPORT_ALL_PACKETS", "FALSE"), + ("DROP_REPORT_ENABLE", "TRUE"), + ("TAIL_DROP_REPORT_ENABLE", "TRUE")] + listfield = [fields_1, fields_2, fields_3, fields_4, fields_5] + + for field in listfield: + k = listfield.index(field) + rule = "RULE-" + str(k) + self._create_dtel_acl_rule(self.table, rule, field) + self._check_dtel_acl_rule(dvs, rule) + self._remove_dtel_acl_rule(self.table, rule) + + def _create_dtel_acl_rule(self, table, rule, field): + tbl = swsscommon.Table(self.db, "ACL_RULE") + fvs = swsscommon.FieldValuePairs(field) + tbl.set(table + "|" + rule, fvs) + time.sleep(1) + + def _remove_dtel_acl_rule(self, table, rule): + tbl = swsscommon.Table(self.db, "ACL_RULE") + tbl._del(table + "|" + rule) + time.sleep(1) + + def _check_dtel_acl_rule(self, dvs, rule): + time.sleep(1) + atbl = swsscommon.Table(self.adb, "ASIC_STATE:SAI_OBJECT_TYPE_ACL_ENTRY") + keys = atbl.getKeys() + acl_entry = [k for k in keys if k not in dvs.asicdb.default_acl_entries] + assert len(acl_entry) != 0 + (status, fvs) = atbl.get(acl_entry[0]) + value = dict(fvs) + assert status + + if rule == "RULE-0": + assert value["SAI_ACL_ENTRY_ATTR_PRIORITY"] == "30" + assert value["SAI_ACL_ENTRY_ATTR_FIELD_ETHER_TYPE"] == "2048&mask:0xffff" + assert value["SAI_ACL_ENTRY_ATTR_FIELD_L4_DST_PORT"] == "1674&mask:0xffff" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_ACL_DTEL_FLOW_OP"] == "SAI_ACL_DTEL_FLOW_OP_POSTCARD" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_REPORT_ALL_PACKETS"] == "disabled" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_DROP_REPORT_ENABLE"] == "true" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_TAIL_DROP_REPORT_ENABLE"] == "true" + elif rule == "RULE-1": + assert value["SAI_ACL_ENTRY_ATTR_PRIORITY"] == "40" + assert value["SAI_ACL_ENTRY_ATTR_FIELD_ETHER_TYPE"] == "2048&mask:0xffff" + assert value["SAI_ACL_ENTRY_ATTR_FIELD_L4_DST_PORT"] == "1674&mask:0xffff" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_ACL_DTEL_FLOW_OP"] == "SAI_ACL_DTEL_FLOW_OP_POSTCARD" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_REPORT_ALL_PACKETS"] == "true" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_DROP_REPORT_ENABLE"] == "disabled" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_TAIL_DROP_REPORT_ENABLE"] == "disabled" + elif rule == "RULE-2": + assert value["SAI_ACL_ENTRY_ATTR_PRIORITY"] == "50" + assert value["SAI_ACL_ENTRY_ATTR_FIELD_ETHER_TYPE"] == "2048&mask:0xffff" + assert value["SAI_ACL_ENTRY_ATTR_FIELD_L4_DST_PORT"] == "1674&mask:0xffff" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_ACL_DTEL_FLOW_OP"] == "SAI_ACL_DTEL_FLOW_OP_POSTCARD" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_REPORT_ALL_PACKETS"] == "true" + elif rule == "RULE-3": + assert value["SAI_ACL_ENTRY_ATTR_PRIORITY"] == "60" + assert value["SAI_ACL_ENTRY_ATTR_FIELD_ETHER_TYPE"] == "2048&mask:0xffff" + assert value["SAI_ACL_ENTRY_ATTR_FIELD_L4_DST_PORT"] == "1674&mask:0xffff" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_REPORT_ALL_PACKETS"] == "true" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_DROP_REPORT_ENABLE"] == "true" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_TAIL_DROP_REPORT_ENABLE"] == "true" + elif rule == "RULE-4": + assert value["SAI_ACL_ENTRY_ATTR_PRIORITY"] == "70" + assert value["SAI_ACL_ENTRY_ATTR_FIELD_ETHER_TYPE"] == "2048&mask:0xffff" + assert value["SAI_ACL_ENTRY_ATTR_FIELD_L4_DST_PORT"] == "1674&mask:0xffff" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_ACL_DTEL_FLOW_OP"] == "SAI_ACL_DTEL_FLOW_OP_NOP" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_REPORT_ALL_PACKETS"] == "disabled" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_DROP_REPORT_ENABLE"] == "true" + assert value["SAI_ACL_ENTRY_ATTR_ACTION_DTEL_TAIL_DROP_REPORT_ENABLE"] == "true" def test_DtelEventAttribs(self, dvs, testlog): From b7bc595689b57c1b22b5039c50e5b75cfe77f233 Mon Sep 17 00:00:00 2001 From: Myron Sosyak Date: Wed, 13 Apr 2022 13:41:59 +0000 Subject: [PATCH 5/5] Add more fileds in DTEL ACL table Signed-off-by: Myron Sosyak --- orchagent/aclorch.cpp | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/orchagent/aclorch.cpp b/orchagent/aclorch.cpp index bd2df7ab1f7..13c34439f08 100644 --- a/orchagent/aclorch.cpp +++ b/orchagent/aclorch.cpp @@ -4337,6 +4337,17 @@ void AclOrch::createDTelWatchListTables() .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_INNER_ETHER_TYPE)) .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_INNER_SRC_IP)) .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_INNER_DST_IP)) + .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_OUTER_VLAN_ID)) + .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_ACL_IP_TYPE)) + .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_TCP_FLAGS)) + .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_DSCP)) + .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_SRC_IPV6)) + .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_DST_IPV6)) + .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_ICMP_TYPE)) + .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_ICMP_CODE)) + .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_ICMPV6_TYPE)) + .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_ICMPV6_CODE)) + .withMatch(make_shared(SAI_ACL_TABLE_ATTR_FIELD_IPV6_NEXT_HEADER)) .withAction(SAI_ACL_ACTION_TYPE_ACL_DTEL_FLOW_OP) .withAction(SAI_ACL_ACTION_TYPE_DTEL_INT_SESSION) .withAction(SAI_ACL_ACTION_TYPE_DTEL_DROP_REPORT_ENABLE)