Hi, Thank you for testing my patch!
I will post this patch with some updates, later. Thanks, Iwase On 2016年11月17日 21:03, Ruy Takata wrote: > Works here. Thanks a lot. > > Em 16 de nov de 2016 21:48, "Iwase Yusuke" <[email protected]> > escreveu: > >> Hi, >> >> As you pointed, rest_firewall seems to have a bug. >> >> Does the attached patch fix this problem? >> >> Thanks, >> Iwase >> >> On 2016年11月17日 02:08, Ruy Takata wrote: >> >>> Dear all, >>> >>> I am using the firewall app in Ryu, and I am creating some rules like >>> below: >>> >>> *curl -X POST -d '{"nw_src": "**10.0.0.1/32 <http://10.0.0.1/32>**", >>> "nw_dst": "**10.0.0.2/32 <http://10.0.0.2/32>**", "nw_proto": "ICMP" >>> }' **http://localhost:8080/firewall/rules/all >>> <http://localhost:8080/firewall/rules/all>* >>> >>> *curl -X POST -d '{"nw_src": "**10.0.0.1/32 <http://10.0.0.1/32>**", >>> "nw_dst": "**10.0.0.3/32 <http://10.0.0.3/32>**", "nw_proto": "ICMP", >>> "actions": "DENY"}' **http://localhost:8080/firewall/rules/all >>> <http://localhost:8080/firewall/rules/all>* >>> >>> *curl -X POST -d '{"nw_src": "**10.0.0.1/32 <http://10.0.0.1/32>**", >>> "nw_dst": "**10.0.0.4/32 <http://10.0.0.4/32>**", "nw_proto": "ICMP", >>> "actions": "ALLOW"}' **http://localhost:8080/firewall/rules/all >>> <http://localhost:8080/firewall/rules/all>* >>> >>> When I list the rules the result aways show actions: DENY >>> >>> *[* >>> >>> * {* >>> >>> * "access_control_list" : [* >>> >>> * {* >>> >>> * "rules" : [* >>> >>> * {* >>> >>> * "nw_proto" : "ICMP",* >>> >>> * "actions" : "DENY",* >>> >>> * "nw_dst" : "10.0.0.2",* >>> >>> * "priority" : 1,* >>> >>> * "nw_src" : "10.0.0.1",* >>> >>> * "dl_type" : "IPv4",* >>> >>> * "rule_id" : 1* >>> >>> * },* >>> >>> * {* >>> >>> * "nw_proto" : "ICMP",* >>> >>> * "rule_id" : 2,* >>> >>> * "dl_type" : "IPv4",* >>> >>> * "nw_src" : "10.0.0.1",* >>> >>> * "actions" : "DENY",* >>> >>> * "nw_dst" : "10.0.0.3",* >>> >>> * "priority" : 1* >>> >>> * },* >>> >>> * {* >>> >>> * "nw_proto" : "ICMP",* >>> >>> * "actions" : "DENY",* >>> >>> * "nw_dst" : "10.0.0.4",* >>> >>> * "priority" : 1,* >>> >>> * "nw_src" : "10.0.0.1",* >>> >>> * "dl_type" : "IPv4",* >>> >>> * "rule_id" : 3* >>> >>> * }* >>> >>> * ]* >>> >>> * }* >>> >>> * ],* >>> >>> * "switch_id" : "0000000000000001"* >>> >>> * }* >>> >>> *]* >>> >>> In mininet, the result is: >>> >>> *mininet> dpctl dump-flows -O OpenFlow13* >>> >>> **** s1 >>> ------------------------------------------------------------------------* >>> >>> *OFPST_FLOW reply (OF1.3) (xid=0x2):* >>> >>> * cookie=0x0, duration=132.176s, table=0, n_packets=21, n_bytes=1674, >>> priority=65535 actions=drop* >>> >>> * cookie=0x0, duration=132.176s, table=0, n_packets=0, n_bytes=0, >>> priority=0 actions=CONTROLLER:128* >>> >>> * cookie=0x0, duration=132.176s, table=0, n_packets=0, n_bytes=0, >>> priority=65534,arp actions=NORMAL* >>> >>> * cookie=0x1, duration=117.815s, table=0, n_packets=0, n_bytes=0, >>> priority=1,icmp,nw_src=10.0.0.1,nw_dst=10.0.0.2 actions=NORMAL* >>> >>> * cookie=0x2, duration=117.777s, table=0, n_packets=0, n_bytes=0, >>> priority=1,icmp,nw_src=10.0.0.1,nw_dst=10.0.0.3 actions=CONTROLLER:128* >>> >>> * cookie=0x3, duration=117.106s, table=0, n_packets=0, n_bytes=0, >>> priority=1,icmp,nw_src=10.0.0.1,nw_dst=10.0.0.4 actions=NORMAL* >>> >>> Is this a bug? >>> >>> >>> >>> ------------------------------------------------------------ >>> ------------------ >>> >>> >>> >>> _______________________________________________ >>> Ryu-devel mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/ryu-devel >>> >>> > > > > ------------------------------------------------------------------------------ > > > > _______________________________________________ > Ryu-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/ryu-devel > ------------------------------------------------------------------------------ _______________________________________________ Ryu-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ryu-devel
