0c1f2c4a0b
Each command are merged into one: cmd_firewall_parsed. ADD command format is changed: p <pipeline ID> firewall add priority <priority> ipv4 <sipaddr> <sipdepth> <dipaddr> <dipdepth> <sport0> <sport1> <dport0> <dport1> <proto> <protomask> port <port ID> and bulk command was modified: 1. firewall add bulk File line format: priority <priority> ipv4 <sipaddr> <sipdepth> <dipaddr> <dipdepth> <sport0> <sport1> <dport0> <dport1> <proto> <protomask> port <port ID> (protomask is a hex value) File line example: priority 0 ipv4 1.2.3.0 24 10.20.30.40 32 0 63 64 127 6 0xF port 3 2. firewall del bulk File line format: ipv4 <sipaddr> <sipdepth> <dipaddr> <dipdepth> <sport0> <sport1> <dport0> <dport1> <proto> <protomask> File line example: ipv4 1.2.3.0 24 10.20.30.40 32 0 63 64 127 6 0xF Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com> Acked-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
69 lines
2.5 KiB
INI
69 lines
2.5 KiB
INI
; BSD LICENSE
|
|
;
|
|
; Copyright(c) 2015-2016 Intel Corporation. All rights reserved.
|
|
; All rights reserved.
|
|
;
|
|
; Redistribution and use in source and binary forms, with or without
|
|
; modification, are permitted provided that the following conditions
|
|
; are met:
|
|
;
|
|
; * Redistributions of source code must retain the above copyright
|
|
; notice, this list of conditions and the following disclaimer.
|
|
; * Redistributions in binary form must reproduce the above copyright
|
|
; notice, this list of conditions and the following disclaimer in
|
|
; the documentation and/or other materials provided with the
|
|
; distribution.
|
|
; * Neither the name of Intel Corporation nor the names of its
|
|
; contributors may be used to endorse or promote products derived
|
|
; from this software without specific prior written permission.
|
|
;
|
|
; THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
; "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
; LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
|
; A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
; OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
; SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
; LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
; DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
; THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
; (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
; OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
; _______________
|
|
; RXQ0.0 --->| |---> TXQ0.0
|
|
; | |
|
|
; RXQ1.0 --->| |---> TXQ1.0
|
|
; | Firewall |
|
|
; RXQ2.0 --->| |---> TXQ2.0
|
|
; | |
|
|
; RXQ3.0 --->| |---> TXQ3.0
|
|
; |_______________|
|
|
; |
|
|
; +-----------> SINK0 (default rule)
|
|
;
|
|
; Input packet: Ethernet/IPv4
|
|
;
|
|
; Packet buffer layout:
|
|
; # Field Name Offset (Bytes) Size (Bytes)
|
|
; 0 Mbuf 0 128
|
|
; 1 Headroom 128 128
|
|
; 2 Ethernet header 256 14
|
|
; 3 IPv4 header 270 20
|
|
|
|
[EAL]
|
|
log_level = 0
|
|
|
|
[PIPELINE0]
|
|
type = MASTER
|
|
core = 0
|
|
|
|
[PIPELINE1]
|
|
type = FIREWALL
|
|
core = 1
|
|
pktq_in = RXQ0.0 RXQ1.0 RXQ2.0 RXQ3.0
|
|
pktq_out = TXQ0.0 TXQ1.0 TXQ2.0 TXQ3.0 SINK0
|
|
n_rules = 4096
|
|
pkt_type = ipv4
|
|
;pkt_type = vlan_ipv4
|
|
;pkt_type = qinq_ipv4
|