Team,
I am trying to dump the session table (show acl-plugin sessions) to view the 
session info but don’t see any sessions getting created. Any input will be 
helpful.

Plugin Version
vat# acl_plugin_get_version
vl_api_acl_plugin_get_version_reply_t_handler:133: ACL plugin version: 1.3

Following is the acl plugin configuration:
vat# acl_add_replace deny, ipv4 deny
vl_api_acl_add_replace_reply_t_handler:107: ACL index: 0
vat# acl_interface_set_acl_list sw_if_index 1  input 0  output 0
vat# acl_interface_set_acl_list sw_if_index 2 input 0  output 0
vat# acl_add_replace  0 permit src 192.168.1.10/32, permit
vl_api_acl_add_replace_reply_t_handler:107: ACL index: 0
vat# acl_dump
vl_api_acl_details_t_handler:193: acl_index: 0, count: 2
   tag {}
   ipv4 action 1 src 192.168.1.10/32 dst 0.0.0.0/0 proto 0 sport 0-65535 dport 
0-65535 tcpflags 0 mask 0,
   ipv4 action 1 src 0.0.0.0/0 dst 0.0.0.0/0 proto 0 sport 0-65535 dport 
0-65535 tcpflags 0 mask 0

Client IP : 192.168.1.10

root@localhost:/sandbox/tests/vpp# nc   5.1.1.10 11000
fdsdsf

Server IP :   5.1.1.10
root@localhost:~# nc -l 11000
fdsdsf

Trace Info

Packet X
00:08:21:983273: acl-plugin-out-ip4-fa
  acl-plugin: sw_if_index 2, next index 1, action: 1, match: acl 0 rule 0 
trace_bits 00000000
  pkt info 0000000000000000 0a01a8c000000000 0000000000000000 0a01010500000000 
000200062af8a798 0502ffff00000002
   output sw_if_index 2 (lsb16 2) l3 ip4 192.168.1.10 -> 5.1.1.10 l4 proto 6 
l4_valid 1 port 42904 -> 11000 tcp flags (valid) 02 rsvd 0
00:08:21:983276: host-vpp_outside-output
  host-vpp_outside
  IP4: 02:fe:ec:db:35:b8 -> 92:93:a8:73:cd:7f
  TCP: 192.168.1.10 -> 5.1.1.10
    tos 0x00, ttl 63, length 60, checksum 0xee09
    fragment id 0x85f5, flags DONT_FRAGMENT
  TCP: 42904 -> 11000
    seq. 0xd64e1be2 ack 0x00000000
    flags 0x02 SYN, tcp header: 40 bytes
    window 29200, checksum 0x0000

packet Y
00:08:21:983327: acl-plugin-in-ip4-fa
  acl-plugin: sw_if_index 2, next index 1, action: 1, match: acl 0 rule 1 
trace_bits 00000000
  pkt info 0000000000000000 0a01010500000000 0000000000000000 0a01a8c000000000 
00020006a7982af8 0712ffff00000002
   input sw_if_index 2 (lsb16 2) l3 ip4 5.1.1.10 -> 192.168.1.10 l4 proto 6 
l4_valid 1 port 11000 -> 42904 tcp flags (valid) 12 rsvd 0
00:08:21:983329: ip4-lookup
  fib 0 dpo-idx 2 flow hash: 0x00000000
  TCP: 5.1.1.10 -> 192.168.1.10
    tos 0x00, ttl 64, length 60, checksum 0x72ff

vpp# show acl-plugin sessions
Sessions total: add 0 - del 0 = 0


Per-thread data:
Thread #0:
  connection add/del stats:
    sw_if_index 0: add 0 - del 0 = 0
    sw_if_index 1: add 0 - del 0 = 0
    sw_if_index 2: add 0 - del 0 = 0
  connection timeout type lists:
  fa_conn_list_head[0]: -1
  fa_conn_list_head[1]: -1
  fa_conn_list_head[2]: -1
  Next expiry time: 0
  Requeue until time: 0
  Current time wait interval: 0
  Count of deleted sessions: 0
  Delete already deleted: 0
  Session timers restarted: 0
  Swipe until this time: 0
  sw_if_index serviced bitmap: 0
  pending clear intfc bitmap : 0
  clear in progress: 0
  interrupt is pending: 0
  interrupt is needed: 0
  interrupt is unwanted: 0
  interrupt generation: 1898


Conn cleaner thread counters:
                                0: delete_by_sw_index events
                                0: delete_by_sw_index handled ok
                                0: unknown events received
                                0: session idle timers restarted
                             1898: event wait with timeout called
                                1: event wait w/o timeout called
                             1898: total event cycles
Interrupt generation: 1899
Sessions per interval: min 1 max 100 increment: 100 ms current: 500 ms

Session lookup hash table:
Hash table ACL plugin FA session bihash
    0 active elements
    0 free lists
    0 linear search buckets
    0 cache hits, 0 cache misses


vpp#
_______________________________________________
vpp-dev mailing list
vpp-dev@lists.fd.io
https://lists.fd.io/mailman/listinfo/vpp-dev

Reply via email to