Skip to content

Commit

Permalink
Merge pull request sonic-net#16 from ZhaohuiS/feature/caclmgrd_extern…
Browse files Browse the repository at this point in the history
…al_client_warning_log

In sonic-net#9 , I added a new EXTERNAL_CLIENT table for supporting Restapi/gnmi control plane acls.
But if dest port is not defined, it will print traceback in syslog.
Avoiding this scenario, we add a default empty list for dst_ports and print a warning log and skip processing EXTERNAL_CLIENT table.

Signed-off-by: Zhaohui Sun zhaohuisun@microsoft.com
  • Loading branch information
ZhaohuiS authored Sep 8, 2022
2 parents 91c4c42 + b4b368d commit de54082
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions scripts/caclmgrd
Original file line number Diff line number Diff line change
Expand Up @@ -551,6 +551,8 @@ class ControlPlaneAclManager(daemon_base.DaemonBase):
ip_protocols = self.ACL_SERVICES[acl_service]["ip_protocols"]
if "dst_ports" in self.ACL_SERVICES[acl_service]:
dst_ports = self.ACL_SERVICES[acl_service]["dst_ports"]
else:
dst_ports = []

acl_rules = {}

Expand Down Expand Up @@ -604,6 +606,12 @@ class ControlPlaneAclManager(daemon_base.DaemonBase):
self.log_warning("Unable to determine if ACL table '{}' contains IPv4 or IPv6 rules. Skipping table..."
.format(table_name))
continue
# If no destination port found for this ACL table,
# log a message and skip processing this table.
if len(dst_ports) == 0:
self.log_warning("Required destination port not found for ACL table '{}'. Skipping table..."
.format(table_name))
continue
ipv4_src_ip_set = set()
ipv6_src_ip_set = set()
# For each ACL rule in this table (in descending order of priority)
Expand Down

0 comments on commit de54082

Please sign in to comment.