class XrlPacketAclTarget

Helper class for helping with packet ACL configuration transactions via an Xrl interface. More...

 
LOGO
 Annotated List  Files  Globals  Hierarchy  Index  Top

Public Types

Public Methods

Protected Types

Protected Methods

Protected Members


Detailed Description

Helper class for helping with packet ACL configuration transactions via an Xrl interface.

The class provides error messages suitable for Xrl return values and does some extra checking not in the PaTransactionManager class.

PaBrowseState (struct)

PaBrowseState

[protected]

Used to hold state for clients reading snapshots of the ACL tables.

typedef map<uint32_t, PaBrowseState> PaBrowseDB

PaBrowseDB

[protected]

EventLoop& _e

_e

[protected]

PaTransactionManager& _pat

_pat

[protected]

uint32_t _browse_timeout_ms

_browse_timeout_ms

[protected]

uint32_t _next_token

_next_token

[protected]

PaBrowseDB _bdb

_bdb

[protected]

void  crank_token ()

crank_token

[protected]

void  timeout_browse (uint32_t token)

timeout_browse

[protected]

inline const EventLoop&  eventloop ()

eventloop

[const]

inline uint32_t  browse_timeout_ms ()

browse_timeout_ms

[const]

enum { BROWSE_TIMEOUT_MS = 15000 }

 XrlPacketAclTarget (XrlCmdMap* cmds, EventLoop& e, PaTransactionManager& pat, uint32_t browse_timeout_ms = BROWSE_TIMEOUT_MS)

XrlPacketAclTarget

Constructor.

Parameters:

eventloopan EventLoop which will be used for scheduling timers.
cmdsan XrlCmdMap that the commands associated with the target should be added to. This is typically the XrlRouter associated with the target.
pata PaTransactionManager which manages accesses to the underlying ACL tables.
 ~XrlPacketAclTarget ()

~XrlPacketAclTarget

[virtual]

Destructor.

Dissociates instance commands from command map.

bool  set_command_map (XrlCmdMap* cmds)

set_command_map

Set command map.

Parameters:

cmdspointer to command map to associate commands with. This argument is typically a pointer to the XrlRouter associated with the target.

Returns: true on success, false if cmds is null or a command map has already been supplied.

Reimplemented from XrlPacketAclTargetBase.

inline const string&  name ()

name

[const]

Get Xrl instance name associated with command map.

Reimplemented from XrlPacketAclTargetBase.

inline const char*  version ()

version

[const]

Get version string of instance.

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  common_0_1_get_target_name ( string& name)

common_0_1_get_target_name

[protected]

Function that needs to be implemented to:

Get name of Xrl Target

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  common_0_1_get_version ( string& version)

common_0_1_get_version

[protected]

Function that needs to be implemented to:

Get version string from Xrl Target

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  common_0_1_get_status ( uint32_t& status, string& reason)

common_0_1_get_status

[protected]

Function that needs to be implemented to:

Get status of Xrl Target

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  common_0_1_shutdown ()

common_0_1_shutdown

[protected]

Function that needs to be implemented to:

Request clean shutdown of Xrl Target

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_get_backend ( string& name)

packet_acl_0_1_get_backend

[protected]

Function that needs to be implemented to: Get the name of the ACL back-end provider currently in use.

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_set_backend ( const string& name)

packet_acl_0_1_set_backend

[protected]

Function that needs to be implemented to: Set the underlying packet ACL provider type in use. NOTE: If XORP rules currently exist, this operation will perform an implicit flush and reload when switching to the new provider.

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_get_version ( string& version)

packet_acl_0_1_get_version

[protected]

Function that needs to be implemented to: Get the underlying packet ACL provider version in use.

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_start_transaction ( uint32_t& tid)

packet_acl_0_1_start_transaction

[protected]

Function that needs to be implemented to: Start an ACL configuration transaction.

Parameters:

tidThe number of the newly started transaction.

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_commit_transaction ( const uint32_t& tid)

packet_acl_0_1_commit_transaction

[protected]

Function that needs to be implemented to: Commit a previously started ACL configuration transaction.

Parameters:

tidThe number of the transaction to commit.

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_abort_transaction ( const uint32_t& tid)

packet_acl_0_1_abort_transaction

[protected]

Function that needs to be implemented to: Abort an ACL configuration transaction in progress.

Parameters:

tidThe number of the transaction to abort.

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_add_entry4 ( const uint32_t& tid, const string& ifname, const string& vifname, const IPv4Net& src, const IPv4Net& dst, const uint32_t& proto, const uint32_t& sport, const uint32_t& dport, const string& action)

packet_acl_0_1_add_entry4

[protected]

Function that needs to be implemented to: Add an IPv6 family ACL entry.

Parameters:

tidThe number of the transaction for this operation.
ifnameName of the interface where this filter is to be applied.
vifnameName of the vif where this filter is to be applied.
srcSource IPv6 address with network prefix.
dstDestination IPv6 address with network prefix.
protoIP protocol number for match (0-255, 255 is wildcard).
sportSource TCP/UDP port (0-65535, 0 is wildcard).
dportDestination TCP/UDP port (0-65535, 0 is wildcard).
actionAction to take when this ACL entry is matched.

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_delete_entry4 ( const uint32_t& tid, const string& ifname, const string& vifname, const IPv4Net& src, const IPv4Net& dst, const uint32_t& proto, const uint32_t& sport, const uint32_t& dport)

packet_acl_0_1_delete_entry4

[protected]

Function that needs to be implemented to: Delete an IPv4 family ACL entry.

Parameters:

tidThe number of the transaction for this operation.
ifnameName of the interface where this filter is to be deleted.
vifnameName of the vif where this filter is to be deleted.
srcSource IPv4 address with network prefix.
dstDestination IPv4 address with network prefix.
protoIP protocol number for match (0-255, 255 is wildcard).
sportSource TCP/UDP port (0-65535, 0 is wildcard).
dportDestination TCP/UDP port (0-65535, 0 is wildcard).

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_delete_all_entries4 ( const uint32_t& tid)

packet_acl_0_1_delete_all_entries4

[protected]

Function that needs to be implemented to: Delete all IPv4 family ACL entries.

Parameters:

tidThe number of the transaction for this operation.

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_get_entry_list_start4 ( uint32_t& token, bool& more)

packet_acl_0_1_get_entry_list_start4

[protected]

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_get_entry_list_next4 ( const uint32_t& token, string& ifname, string& vifname, IPv4Net& src, IPv4Net& dst, uint32_t& proto, uint32_t& sport, uint32_t& dport, string& action, bool& more)

packet_acl_0_1_get_entry_list_next4

[protected]

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_add_entry6 ( const uint32_t& tid, const string& ifname, const string& vifname, const IPv6Net& src, const IPv6Net& dst, const uint32_t& proto, const uint32_t& sport, const uint32_t& dport, const string& action)

packet_acl_0_1_add_entry6

[protected]

Function that needs to be implemented to: Add an IPv6 family ACL entry.

Parameters:

tidThe number of the transaction for this operation.
ifnameName of the interface where this filter is to be applied.
vifnameName of the vif where this filter is to be applied.
srcSource IPv6 address with network prefix.
dstDestination IPv6 address with network prefix.
protoIP protocol number for match (0-255, 255 is wildcard).
sportSource TCP/UDP port (0-65535, 0 is wildcard).
dportDestination TCP/UDP port (0-65535, 0 is wildcard).
actionAction to take when this filter is matched.

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_delete_entry6 ( const uint32_t& tid, const string& ifname, const string& vifname, const IPv6Net& src, const IPv6Net& dst, const uint32_t& proto, const uint32_t& sport, const uint32_t& dport)

packet_acl_0_1_delete_entry6

[protected]

Function that needs to be implemented to: Delete an IPv6 family ACL entry.

Parameters:

tidThe number of the transaction for this operation.
ifnameName of the interface where this filter is to be deleted.
vifnameName of the vif where this filter is to be deleted.
srcSource IPv6 address with network prefix.
dstDestination IPv6 address with network prefix.
protoIP protocol number for match (0-255, 255 is wildcard).
sportSource TCP/UDP port (0-65535, 0 is wildcard).
dportDestination TCP/UDP port (0-65535, 0 is wildcard).

Reimplemented from XrlPacketAclTargetBase.

XrlCmdError  packet_acl_0_1_delete_all_entries6 ( const uint32_t& tid)

packet_acl_0_1_delete_all_entries6

[protected]

Function that needs to be implemented to: Delete all IPv6 family ACL entries.

Parameters:

tidThe number of the transaction for this operation.

Reimplemented from XrlPacketAclTargetBase.


Generated by: pavlin on possum.icir.org on Thu Mar 9 04:43:06 2006, using kdoc $.