Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[acl-loader] Bugfix for loading ACL rules matching L4 port range larger than 60000 #16303

Merged
merged 1 commit into from
Aug 30, 2023
Merged

[acl-loader] Bugfix for loading ACL rules matching L4 port range larger than 60000 #16303

merged 1 commit into from
Aug 30, 2023

Conversation

lizhijianrd
Copy link
Contributor

Why I did it

Fix #16189

Work item tracking
  • Microsoft ADO (number only): 24833787

How I did it

Fix the regex for L4 port range in openconfig_acl.py.

How to verify it

Build image and install on Arista-720DT DUT, then try the repro steps in #16189 and confirmed the ACL rule be setup correctly:

$ acl-loader update full --table_name SAMPLE_ACL_TABLE acl_rules.json
$ show acl rule
Table             Rule          Priority    Action    Match                           Status
----------------  ------------  ----------  --------  ------------------------------  --------
SAMPLE_ACL_TABLE  RULE_3000     7000        FORWARD   IP_TYPE: IPV6ANY                Active
                                                      L4_DST_PORT_RANGE: 34348-62227
                                                      L4_SRC_PORT_RANGE: 10275-62170
SAMPLE_ACL_TABLE  DEFAULT_RULE  1           DROP      IP_TYPE: IPV6ANY                Active

Which release branch to backport (provide reason below if selected)

  • 201811
  • 201911
  • 202006
  • 202012
  • 202106
  • 202111
  • 202205
  • 202211
  • 202305

Tested branch (Please provide the tested image version)

Description for the changelog

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

@bingwang-ms
Copy link
Contributor

Thanks @lizhijianrd
Can the change be covered by UT?

@bingwang-ms
Copy link
Contributor

Thanks @lizhijianrd Can the change be covered by UT?

The UT has to be in sonic-utilities, and has to be improved after this PR merged.

@yxieca yxieca merged commit 5e586a5 into sonic-net:master Aug 30, 2023
@mssonicbld
Copy link
Collaborator

Cherry-pick PR to 202205: #16345

mssonicbld pushed a commit to mssonicbld/sonic-buildimage that referenced this pull request Aug 30, 2023
@lizhijianrd @mssonicbld
Fix openconfig_acl.py (sonic-net#16303)
75b2105 
How I did it
Fix the regex for L4 port range in openconfig_acl.py.

How to verify it
Build image and install on Arista-720DT DUT, then try the repro steps in sonic-net#16189 and confirmed the ACL rule be setup correctly:
@mssonicbld
Copy link
Collaborator

Cherry-pick PR to 202211: #16346

@mssonicbld mssonicbld mentioned this pull request Aug 30, 2023
Merged
11 tasks
mssonicbld pushed a commit to mssonicbld/sonic-buildimage that referenced this pull request Aug 30, 2023
@lizhijianrd @mssonicbld
Fix openconfig_acl.py (sonic-net#16303)
9bb2f7d 
How I did it
Fix the regex for L4 port range in openconfig_acl.py.

How to verify it
Build image and install on Arista-720DT DUT, then try the repro steps in sonic-net#16189 and confirmed the ACL rule be setup correctly:
@mssonicbld mssonicbld mentioned this pull request Aug 30, 2023
Merged
11 tasks
mssonicbld pushed a commit that referenced this pull request Aug 30, 2023
@lizhijianrd @mssonicbld
Fix openconfig_acl.py (#16303)
4310b48 
How I did it
Fix the regex for L4 port range in openconfig_acl.py.

How to verify it
Build image and install on Arista-720DT DUT, then try the repro steps in #16189 and confirmed the ACL rule be setup correctly:
mssonicbld pushed a commit to mssonicbld/sonic-buildimage that referenced this pull request Sep 3, 2023
@lizhijianrd @mssonicbld
Fix openconfig_acl.py (sonic-net#16303)
a08f132 
How I did it
Fix the regex for L4 port range in openconfig_acl.py.

How to verify it
Build image and install on Arista-720DT DUT, then try the repro steps in sonic-net#16189 and confirmed the ACL rule be setup correctly:
@mssonicbld
Copy link
Collaborator

Cherry-pick PR to 202305: #16422

@mssonicbld mssonicbld mentioned this pull request Sep 3, 2023
Merged
11 tasks
mssonicbld added a commit that referenced this pull request Sep 3, 2023
@mssonicbld
Fix openconfig_acl.py (#16303) (#16422)
5e4cda9
yxieca pushed a commit that referenced this pull request Sep 6, 2023
@mssonicbld @lizhijianrd
Fix openconfig_acl.py (#16303) (#16345)
8cac746 
How I did it
Fix the regex for L4 port range in openconfig_acl.py.

How to verify it
Build image and install on Arista-720DT DUT, then try the repro steps in #16189 and confirmed the ACL rule be setup correctly:

Co-authored-by: Zhijian Li <zhijianli@microsoft.com>
sonic-otn pushed a commit to sonic-otn/sonic-buildimage that referenced this pull request Sep 20, 2023
@lizhijianrd @sonic-otn
Fix openconfig_acl.py (sonic-net#16303)
918cebe 
How I did it
Fix the regex for L4 port range in openconfig_acl.py.

How to verify it
Build image and install on Arista-720DT DUT, then try the repro steps in sonic-net#16189 and confirmed the ACL rule be setup correctly:
@lizhijianrd lizhijianrd deleted the fix-openconfig-acl-py branch October 9, 2024 06:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bingwang-ms bingwang-ms bingwang-ms approved these changes

@Blueve Blueve Awaiting requested review from Blueve

@qiluo-msft qiluo-msft Awaiting requested review from qiluo-msft

@ganglyu ganglyu Awaiting requested review from ganglyu

Assignees
No one assigned
Labels
Approved for 202305 Branch Included in 202205 Branch Included in 202211 Branch Included in 202305 Branch Request for 202205 Branch Request for 202211 Branch Request for 202305 Branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[acl-loader] Failed to load ACL rules matching L4 port range larger than 60000
5 participants
@lizhijianrd @bingwang-ms @mssonicbld @yxieca @StormLiangMS