Hello,
Looks to me there is a error in processing rule_id 2. Is the syntax
correct?
Thanks
/Shivaram
Here is the *output on cURL side*:
# curl -X POST -d '{"dl_src": "12:34:56:78:9a:bc", "actions": "DENY"}'
http://localhost:8080/firewall/rules/0090fb3771ee0000
{"switch_id: 0090fb3771ee0000": {"result": "success", "details": "Rule
added. : rule_id=1"}}
# curl -X POST -d '{"dl_type": "IPv4", "nw_dst": "10.100.5.0/24",
"actions": "DENY"}' http://localhost:8080/firewall/rules/0090fb3771ee0000
*{"switch_id: 0090fb3771ee0000": {"result": "success", "details": "Rule
added. : rule_id=2"}}*
# curl -X POST -d '{"dl_type": "IPv4", "nw_proto": "TCP", "actions":
"DENY"}' http://localhost:8080/firewall/rules/0090fb3771ee0000
{"switch_id: 0090fb3771ee0000": {"result": "success", "details": "Rule
added. : rule_id=3"}}
# curl -i -H "Accept: application/json" -X GET
http://localhost:8080/firewall/rules/0090fb3771ee0000
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Content-Length: 202
Date: Tue, 16 Apr 2013 07:09:49 GMT
{"switch_id: 0090fb3771ee0000": {*"rule_id: 3*": {"priority": 0, "dl_type":
"IPv4", "nw_proto": "TCP", "actions": "DENY"}, *"rule_id: 1"*: {"priority":
0, "dl_src": "12:34:56:78:9a:bc", "actions": "DENY"}}}
*Note: missing "rule_id: 2"*
*On the Ryu Controller:*
Registering dpid=40808612199530496
dpid=0090fb3771ee0000 : Join as firewall switch.
EVENT ofp_event->RestFirewallAPI EventOFPStatsReply
Entering Stats reply handler dpid=40808612199530496
127.0.0.1 - - [2013-04-16 00:08:06] "GET /firewall/module/status HTTP/1.1"
200 177 0.003101
127.0.0.1 - - [2013-04-16 00:08:27] "PUT /firewall/module/enable/all
HTTP/1.1" 200 209 0.000357
127.0.0.1 - - [2013-04-16 00:09:02] "POST /firewall/rules/0090fb3771ee0000
HTTP/1.1" 200 215 0.000532
127.0.0.1 - - [2013-04-16 00:09:14] "POST /firewall/rules/0090fb3771ee0000
HTTP/1.1" 200 215 0.000496
error msg ev version: 0x3 msg_type 0x1 xid 0xb0f9bc99 type 0x4 code 0x9
127.0.0.1 - - [2013-04-16 00:09:32] "POST /firewall/rules/0090fb3771ee0000
HTTP/1.1" 200 215 0.000493
EVENT ofp_event->RestFirewallAPI EventOFPStatsReply
Entering Stats reply handler dpid=40808612199530496
127.0.0.1 - - [2013-04-16 00:09:49] "GET /firewall/rules/0090fb3771ee0000
HTTP/1.1" 200 326 0.001302
*On the LINC Side* - after making 3 flow entries, only 2 are registered.:
(linc@linux-ksrb)1> linc_us3_flow:get_flow_table(0,0).
{flow_entry,{0,#Ref<0.0.0.798>},
0,
{ofp_match,[{ofp_field,openflow_basic,eth_type,false,
<<8,0>>,
undefined},
{ofp_field,openflow_basic,ip_proto,false,<<6>>,undefined}]},
<<0,0,0,0,0,0,0,3>>,
[],
{1366,96172,84508},
{infinity,0,0},
{infinity,0,0},
[]},
{flow_entry,{0,#Ref<0.0.0.789>},
0,
{ofp_match,[{ofp_field,openflow_basic,eth_src,false,
<<18,52,86,120,154,188>>,
undefined}]},
<<0,0,0,0,0,0,0,1>>,
[],
{1366,96142,212872},
{infinity,0,0},
{infinity,0,0},
[]}]
(linc@linux-ksrb)2>
*All Rules do get deleted.*
# curl -i -H "Accept: application/json" -X DELETE -d '{"rule_id":"all"}'
http://localhost:8080/firewall/rules/0090fb3771ee0000
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Content-Length: 96
Date: Tue, 16 Apr 2013 07:18:09 GMT
{"switch_id: 0090fb3771ee0000": {"result": "success", "details": "Rule
deleted. : ruleID=3,1,"}
*On the Controller side:*
127.0.0.1 - - [2013-04-16 00:18:09] "DELETE
/firewall/rules/0090fb3771ee0000 HTTP/1.1" 200 219 0.001526
LINC rules are deleted correctly.
Thanks
/Shivaram
On Sun, Apr 14, 2013 at 6:33 PM, watanabe.fumitaka <
[email protected]> wrote:
> Hello Shivaram,
>
> > 1. I could not delete an installed rule
>
> Please send command as follows.
>
> curl -X DELETE -d '{"rule_id":"1"}' http://localhost:8080/**
> firewall/rules/**0000000000000001<http://localhost:8080/firewall/rules/0000000000000001>
> curl -X DELETE -d '{"rule_id":"all"}' http://localhost:8080/**
> firewall/rules/**0000000000000001<http://localhost:8080/firewall/rules/0000000000000001>
>
>
> > 2. When I try to get all rules installed on the switch, I only get the
> 1st one.
>
> A cause is unclear.
> Is the flows installed on the switch ?
> (flow's cookie value is equal to "rule_id")
>
>
>
> Thanks.
>
>
>
> (2013年04月12日 23:30), Shivaram Mysore wrote:
>
>> Hello all,
>>
>> Please find this document which details how to get REST firewall service
>> working with LINC (running in OF 1.2 mode)
>>
>> https://github.com/**FlowForwarding/LINC-Switch/**
>> blob/master/docs/example-REST-**firewall.md<https://github.com/FlowForwarding/LINC-Switch/blob/master/docs/example-REST-firewall.md>
>>
>> There are still a couple of open issues with Ryu:
>>
>> 1. I could not delete an installed rule
>> 2. When I try to get all rules installed on the switch, I only get the
>> 1st one.
>>
>>
>> Thanks
>>
>> /Shivaram
>>
>>
>> ------------------------------**------------------------------**
>> ------------------
>> Precog is a next-generation analytics platform capable of advanced
>> analytics on semi-structured data. The platform includes APIs for building
>> apps and a phenomenal toolset for data science. Developers can use
>> our toolset for easy data analysis & visualization. Get a free account!
>> http://www2.precog.com/**precogplatform/**slashdotnewsletter<http://www2.precog.com/precogplatform/slashdotnewsletter>
>>
>>
>>
>> ______________________________**_________________
>> Ryu-devel mailing list
>> [email protected].**net <[email protected]>
>> https://lists.sourceforge.net/**lists/listinfo/ryu-devel<https://lists.sourceforge.net/lists/listinfo/ryu-devel>
>>
>>
>
--
Strong Authentication, SOA, Web Services, PKI, Software Architecture,
Product Strategy and Management Consultants:
http://www.truststix.com/
http://CloudSecurityProvider.blogspot.com
(415) 968-9231 <https://www.google.com/voice?pli=1#phones>
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Ryu-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ryu-devel
