@2060497

EosSdk.i

@@ -215,6 +215,7 @@ void throw_py_error(error const& err) {
 %include "eos/types/intf.h"
 %include "eos/intf.h"
 %include "eos/ip.h"
+%include "eos/types/acl.h"
 %include "eos/acl.h"
 %include "eos/aresolve.h"
 %include "eos/directflow.h"
@@ -241,7 +242,9 @@ void throw_py_error(error const& err) {
 %include "eos/ip_route.h"
 %include "eos/types/mpls_route.h"
 %include "eos/mpls_route.h"
+%include "eos/types/policy_map.h"
 %include "eos/policy_map.h"
+%include "eos/types/class_map.h"
 %include "eos/class_map.h"
 %include "eos/exception.h"
 %include "eos/sdk.h"

Makefile.am

@@ -37,6 +37,7 @@ libeos_la_SOURCES += nexthop_group.cpp
 libeos_la_SOURCES += panic.cpp
 libeos_la_SOURCES += neighbor_table.cpp
 libeos_la_SOURCES += policy_map.cpp
+libeos_la_SOURCES += policy_map_types.cpp
 libeos_la_SOURCES += sdk.cpp
 libeos_la_SOURCES += system.cpp
 libeos_la_SOURCES += timer.cpp

eos/acl.h

@@ -4,7 +4,6 @@
 #ifndef EOS_ACL_H
 #define EOS_ACL_H
 
-#include <list>
 #include <utility>
 
 #include <eos/base.h>
@@ -14,350 +13,9 @@
 #include <eos/ip.h>
 #include <eos/intf.h>
 
-namespace eos {
-
-class acl_internal;
-
-/// The ACL type, of which valid types are either IPv4, IPv6, or Ethernet.
-enum acl_type_t {
-   ACL_TYPE_NULL,
-   ACL_TYPE_IPV4,
-   ACL_TYPE_IPV6,
-   ACL_TYPE_ETH,
-   ACL_TYPE_MPLS,
-};
-
-/**
- * The direction in which an ACL is applied.
- * To apply in both directions, use both operations in order.
- */
-enum acl_direction_t {
-   ACL_DIRECTION_NULL,
-   ACL_IN,
-   ACL_OUT,
-};
-
-/// The type of range operator for TTL and port specifications below.
-enum acl_range_operator_t {
-   ACL_RANGE_NULL,
-   ACL_RANGE_ANY,
-   ACL_RANGE_EQ,
-   ACL_RANGE_GT,
-   ACL_RANGE_LT,
-   ACL_RANGE_NEQ,
-   ACL_RANGE_BETWEEN,
-};
-
-/// The action to take for an individual ACL rule
-enum acl_action_t {
-   ACL_ACTION_NULL,
-   ACL_PERMIT,
-   ACL_DENY,
-};
-
-/// TCP flags used in IP rules to specify which TCP flags to match
-enum acl_tcp_flag_t {
-   ACL_TCP_NULL = 0,
-   ACL_TCP_FIN = 1,
-   ACL_TCP_SYN = 2,
-   ACL_TCP_RST = 4,
-   ACL_TCP_PSH = 8,
-   ACL_TCP_ACK = 16,
-   ACL_TCP_URG = 32,
-};
-
-/**
- * A TTL specifier, used in an IP ACL rule to define TTLs to match.
- *
- * Create an instance of the classes below, such as a
- * acl_ttl_spec_gt_t to specify matching TTLs greater than the value
- * passed.
- */
-class EOS_SDK_PUBLIC acl_ttl_spec_t {
- public:
-   acl_ttl_spec_t();  // Default TTL spec; matches any TTL
-
-   acl_range_operator_t oper() const;
-   uint8_t ttl() const;
-
-   void oper_is(acl_range_operator_t a);
-   void ttl_is(uint8_t u);
-
- protected:
-   acl_range_operator_t oper_;  // BETWEEN is not supported.
-   uint8_t ttl_;
-   friend class acl_internal;
-};
-
-/// Matches an exact TTL
-class EOS_SDK_PUBLIC acl_ttl_spec_eq_t : public acl_ttl_spec_t {
- public:
-   explicit acl_ttl_spec_eq_t(uint8_t ttl);
-   friend class acl_internal;
-};
-
-/// Matches all TTLs except this
-class EOS_SDK_PUBLIC acl_ttl_spec_neq_t : public acl_ttl_spec_t {
- public:
-   explicit acl_ttl_spec_neq_t(uint8_t ttl);
-   friend class acl_internal;
-};
-
-/// Matches TTLs greater than this
-class EOS_SDK_PUBLIC acl_ttl_spec_gt_t : public acl_ttl_spec_t {
- public:
-   explicit acl_ttl_spec_gt_t(uint8_t ttl);
-   friend class acl_internal;
-};
-
-/// Matches TTLs less than this
-class EOS_SDK_PUBLIC acl_ttl_spec_lt_t : public acl_ttl_spec_t {
- public:
-   explicit acl_ttl_spec_lt_t(uint8_t ttl);
-   friend class acl_internal;
-};
-
-/// Matches any TTL value
-class EOS_SDK_PUBLIC acl_ttl_spec_any_t : public acl_ttl_spec_t {
- public:
-   explicit acl_ttl_spec_any_t();
-   friend class acl_internal;
-};
+#include <eos/types/acl.h>
 
-/**
- * A UDP or TCP port specifier.
- *
- * Pick one of either:
- * - acl_port_spec_eq_t : Matches 1-10 port numbers
- * - acl_port_spec_neq_t : Doesn't match these 1-10 ports
- * - acl_port_spec_lt_t : Matches ports less than the value
- * - acl_port_spec_gt_t : Matches ports greater than the value
- * - acl_port_spec_between_t : Matches ports between the two values
- */
-class EOS_SDK_PUBLIC acl_port_spec_t {
- public:
-   acl_port_spec_t();  // Default port spec; matches any port
-   acl_range_operator_t oper() const;
-   std::list<uint16_t> const & ports() const;
-
-   void oper_is(acl_range_operator_t a);
-   void ports_is(std::list<uint16_t> const & l);
- protected:
-   acl_range_operator_t oper_;
-   std::list<uint16_t> ports_;
-
-   friend class acl_internal;
-};
-
-/// Matches one or more ports exactly
-class EOS_SDK_PUBLIC acl_port_spec_eq_t : public acl_port_spec_t {
- public:
-   explicit acl_port_spec_eq_t(uint16_t port);
-   explicit acl_port_spec_eq_t(std::list<uint16_t> const & ports);
-   friend class acl_internal;
-};
-
-/// Matches every port except these one or more ports
-class EOS_SDK_PUBLIC acl_port_spec_neq_t : public acl_port_spec_t {
- public:
-   explicit acl_port_spec_neq_t(uint16_t port);
-   explicit acl_port_spec_neq_t(std::list<uint16_t> const & ports);
-
-   friend class acl_internal;
-};
-
-/// Matches ports between low and high
-class EOS_SDK_PUBLIC acl_port_spec_between_t : public acl_port_spec_t {
- public:
-   acl_port_spec_between_t(uint16_t low, uint16_t high);
-   friend class acl_internal;
-};
-
-/// Matches ports greater than this
-class EOS_SDK_PUBLIC acl_port_spec_gt_t : public acl_port_spec_t {
- public:
-   explicit acl_port_spec_gt_t(uint16_t port);
-   friend class acl_internal;
-};
-
-/// Matches ports less than this
-class EOS_SDK_PUBLIC acl_port_spec_lt_t : public acl_port_spec_t {
- public:
-   explicit acl_port_spec_lt_t(uint16_t port);
-   friend class acl_internal;
-};
-
-/// Matches any port number
-class EOS_SDK_PUBLIC acl_port_spec_any_t : public acl_port_spec_t {
- public:
-   explicit acl_port_spec_any_t();
-   friend class acl_internal;
-};
-
-/// An ACL key is the combination of its name and ACL type (IPv4, IPv6 or ETH)
-class EOS_SDK_PUBLIC acl_key_t {
- public:
-   acl_key_t();
-   acl_key_t(std::string const & acl_name, acl_type_t acl_type);
-
-   std::string const acl_name() const;
-   acl_type_t acl_type() const;
-
-   bool operator() (acl_key_t const &, acl_key_t const &) const;
-   bool operator==(acl_key_t const &) const;
-
-  private:
-   std::string acl_name_;
-   acl_type_t acl_type_;
-};
-
-// Classes that represent access lists (ACLs)
-// Access lists are sequences of rules specifying per-packet rules
-// filters apply to either IPv4, IPv6 or ETH (layer 2) traffic and are
-// attached to traffic arriving (in) or leaving (out) on zero or more
-// interfaces.
-
-// To use ACL rules in these libraries, construct the appropriate
-// concrete type of rule you desire, either a:
-//  * acl_rule_ip_t  or a
-//  * acl_rule_eth_t
-
-// Base parameters common to all filter types are defined on the parent
-// acl_base_filter_t, such as 'log' to enable logging of packets matching
-// the rule, and the action applied to packets matching the rule.
-
-/**
- * Base ACL rule class containing common fields.
- *
- * Instead of this, instantiate one of the concrete rule classes.
- */
-class EOS_SDK_PUBLIC acl_rule_base_t {
- public:
-  bool log() const;
-  bool tracked() const;
-  acl_action_t action() const;
-
-  void log_is(bool l);
-  void tracked_is(bool t);
-  void action_is(acl_action_t a);
-
- private:
-   acl_action_t action_;
-   bool log_;
-   bool tracked_;
-
- protected:
-   acl_rule_base_t() EOS_SDK_PRIVATE;
-};
-
-/// An individual ACL rule for IPv4 or IPv6 ACLs
-class EOS_SDK_PUBLIC acl_rule_ip_t : public acl_rule_base_t {
- public:
-   acl_rule_ip_t();
-   vlan_id_t inner_vlan() const;
-   vlan_id_t vlan() const;
-   vlan_id_t vlan_mask() const;
-   vlan_id_t inner_vlan_mask() const;
-   ip_addr_mask_t source_addr() const;
-   ip_addr_mask_t destination_addr() const;
-   acl_port_spec_t source_port() const;
-   acl_port_spec_t destination_port() const;
-   acl_ttl_spec_t ttl() const;
-   uint8_t ip_protocol() const;
-   uint16_t tcp_flags() const;
-   bool established() const;
-   uint16_t icmp_type() const;
-   uint16_t icmp_code() const;
-   uint8_t priority_value() const;
-   uint8_t priority_mask() const;
-   bool match_fragments() const;
-   bool match_ip_priority() const;
-
-   void vlan_is(vlan_id_t v);
-   void vlan_mask_is(vlan_id_t v);
-   void inner_vlan_is(vlan_id_t v);
-   void inner_vlan_mask_is(vlan_id_t v);
-   void ip_protocol_is(uint8_t ip);
-   void ttl_is(acl_ttl_spec_t t);
-   void source_addr_is(ip_addr_mask_t const & ip);
-   void destination_addr_is(ip_addr_mask_t const & ip);
-   void source_port_is(acl_port_spec_t const & a);
-   void destination_port_is(acl_port_spec_t const & a);
-   void tcp_flags_is(uint16_t n);
-   void established_is(bool b);
-   void icmp_type_is(uint16_t n);
-   void icmp_code_is(uint16_t n);
-   void priority_value_is(uint8_t n);
-   void priority_mask_is(uint8_t n);
-   void match_fragments_is(bool b);
-   void match_ip_priority_is(bool b);
- private:
-   vlan_id_t vlan_;
-   vlan_id_t vlan_mask_;
-   vlan_id_t inner_vlan_;
-   vlan_id_t inner_vlan_mask_;
-
-   uint8_t ip_protocol_;
-
-   acl_ttl_spec_t ttl_;
-
-   ip_addr_mask_t source_addr_;
-   ip_addr_mask_t destination_addr_;
-
-   acl_port_spec_t source_port_;
-   acl_port_spec_t destination_port_;
-
-   // Bitmask of TCP flags to match, if set
-   uint16_t tcp_flags_;
-   // Match "established" connections
-   bool established_;
-
-   // Match a specific ICMP type and code
-   // The default value 0xFFFF matches all types or codes
-   uint16_t icmp_type_;
-   uint16_t icmp_code_;
-
-   uint8_t priority_value_;// 0..63, DSCP match to value (IPv4);traffic class (IPv6)
-   uint8_t priority_mask_; // supported for IPv6 only
-   bool match_fragments_;  // match IP fragments?
-   // Match DSCP (IPv4) or TE (IPv6) data provided in priority_{value,mask}
-   bool match_ip_priority_;
-};
-
-/// An Ethernet ACL, which can be applied to Ethernet, Vlan, and MLAG interfaces.
-class EOS_SDK_PUBLIC acl_rule_eth_t : public acl_rule_base_t {
- public:
-   acl_rule_eth_t();
-
-   vlan_id_t vlan() const;
-   vlan_id_t vlan_mask() const;
-   vlan_id_t inner_vlan() const;
-   vlan_id_t inner_vlan_mask() const;
-   eth_addr_t source_addr() const;
-   eth_addr_t source_mask() const;
-   eth_addr_t destination_addr() const;
-   eth_addr_t destination_mask() const;
-
-   void vlan_is(vlan_id_t v);
-   void vlan_mask_is(vlan_id_t v);
-   void inner_vlan_is(vlan_id_t v);
-   void inner_vlan_mask_is(vlan_id_t v);
-   void source_addr_is(eth_addr_t const & e);
-   void source_mask_is(eth_addr_t const & e);
-   void destination_addr_is(eth_addr_t const & e);
-   void destination_mask_is(eth_addr_t const & e);
-
- private:
-   vlan_id_t vlan_;
-   vlan_id_t vlan_mask_;
-   vlan_id_t inner_vlan_;
-   vlan_id_t inner_vlan_mask_;
-
-   eth_addr_t source_addr_;
-   eth_addr_t source_mask_;
-   eth_addr_t destination_addr_;
-   eth_addr_t destination_mask_;
-};
+namespace eos {
 
 class acl_mgr;