Support icmp type for acl (#491)

* Support icmp type for acl * disk space
openconfig · Oct 28, 2024 · f81ef11 · f81ef11
1 parent 9453019
commit f81ef11
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 1 deletion.
diff --git a/cloudbuild/presubmit.yaml b/cloudbuild/presubmit.yaml
@@ -19,7 +19,7 @@ steps:
       - USERNAME=user
       - SSH_ARGS=--internal-ip --ssh-key-expire-after=1d
       - INSTANCE_NAME=kne-presubmit-$BUILD_ID
-      - INSTANCE_ARGS=--network cloudbuild-workers --image-project gep-kne --image-family kne --machine-type e2-standard-32 --scopes=cloud-platform
+      - INSTANCE_ARGS=--network cloudbuild-workers --image-project gep-kne --image-family kne --machine-type e2-standard-32 --scopes=cloud-platform --boot-disk-size=100GB
       - ZONE=us-central1-a
       - REMOTE_WORKSPACE=/tmp/workspace
       - COMMAND=sh -c "BUILD=$BUILD_ID /tmp/workspace/cloudbuild/presubmit.sh"

diff --git a/dataplane/saiserver/acl.go b/dataplane/saiserver/acl.go
@@ -19,6 +19,7 @@ import (
 	"context"
 	"encoding/binary"
 	"fmt"
+	"log/slog"
 	"math"
 	"sync"
 
@@ -232,6 +233,13 @@ func (a *acl) createAclEntryFields(req *saipb.CreateAclEntryRequest, id uint64,
 			Masks:   binary.BigEndian.AppendUint16(nil, uint16(req.GetFieldEtherType().GetMaskUint())),
 		})
 	}
+	if req.GetFieldIcmpType() != nil {
+		aReq.EntryDesc.GetFlow().Fields = append(aReq.EntryDesc.GetFlow().Fields, &fwdpb.PacketFieldMaskedBytes{
+			FieldId: &fwdpb.PacketFieldId{Field: &fwdpb.PacketField{FieldNum: fwdpb.PacketFieldNum_PACKET_FIELD_NUM_ICMP_TYPE}},
+			Bytes:   []byte{byte(req.GetFieldIcmpType().GetDataUint())},
+			Masks:   []byte{byte(req.GetFieldIcmpType().GetMaskUint())},
+		})
+	}
 	if req.GetFieldIcmpv6Type() != nil {
 		aReq.EntryDesc.GetFlow().Fields = append(aReq.EntryDesc.GetFlow().Fields, &fwdpb.PacketFieldMaskedBytes{
 			FieldId: &fwdpb.PacketFieldId{Field: &fwdpb.PacketField{FieldNum: fwdpb.PacketFieldNum_PACKET_FIELD_NUM_ICMP_TYPE}},
@@ -416,6 +424,7 @@ func (a *acl) RemoveAclEntry(ctx context.Context, req *saipb.RemoveAclEntryReque
 	if err := a.mgr.PopulateAllAttributes(fmt.Sprint(req.GetOid()), cReq); err != nil {
 		return nil, err
 	}
+	slog.InfoContext(ctx, "removing acl entry", "oid", req.Oid, "entry", cReq)
 	gb, ok := a.tableToLocation[cReq.GetTableId()]
 	if !ok {
 		return nil, status.Errorf(codes.FailedPrecondition, "table is not member of a group")