Team,
I am trying to dump the session table (show acl-plugin sessions) to view the
session info but don’t see any sessions getting created. Any input will be
helpful.
Plugin Version
vat# acl_plugin_get_version
vl_api_acl_plugin_get_version_reply_t_handler:133: ACL plugin version: 1.3
Following is the acl plugin configuration:
vat# acl_add_replace deny, ipv4 deny
vl_api_acl_add_replace_reply_t_handler:107: ACL index: 0
vat# acl_interface_set_acl_list sw_if_index 1 input 0 output 0
vat# acl_interface_set_acl_list sw_if_index 2 input 0 output 0
vat# acl_add_replace 0 permit src 192.168.1.10/32, permit
vl_api_acl_add_replace_reply_t_handler:107: ACL index: 0
vat# acl_dump
vl_api_acl_details_t_handler:193: acl_index: 0, count: 2
tag {}
ipv4 action 1 src 192.168.1.10/32 dst 0.0.0.0/0 proto 0 sport 0-65535 dport
0-65535 tcpflags 0 mask 0,
ipv4 action 1 src 0.0.0.0/0 dst 0.0.0.0/0 proto 0 sport 0-65535 dport
0-65535 tcpflags 0 mask 0
Client IP : 192.168.1.10
root@localhost:/sandbox/tests/vpp# nc 5.1.1.10 11000
fdsdsf
Server IP : 5.1.1.10
root@localhost:~# nc -l 11000
fdsdsf
Trace Info
Packet X
00:08:21:983273: acl-plugin-out-ip4-fa
acl-plugin: sw_if_index 2, next index 1, action: 1, match: acl 0 rule 0
trace_bits 00000000
pkt info 0000000000000000 0a01a8c000000000 0000000000000000 0a01010500000000
000200062af8a798 0502ffff00000002
output sw_if_index 2 (lsb16 2) l3 ip4 192.168.1.10 -> 5.1.1.10 l4 proto 6
l4_valid 1 port 42904 -> 11000 tcp flags (valid) 02 rsvd 0
00:08:21:983276: host-vpp_outside-output
host-vpp_outside
IP4: 02:fe:ec:db:35:b8 -> 92:93:a8:73:cd:7f
TCP: 192.168.1.10 -> 5.1.1.10
tos 0x00, ttl 63, length 60, checksum 0xee09
fragment id 0x85f5, flags DONT_FRAGMENT
TCP: 42904 -> 11000
seq. 0xd64e1be2 ack 0x00000000
flags 0x02 SYN, tcp header: 40 bytes
window 29200, checksum 0x0000
packet Y
00:08:21:983327: acl-plugin-in-ip4-fa
acl-plugin: sw_if_index 2, next index 1, action: 1, match: acl 0 rule 1
trace_bits 00000000
pkt info 0000000000000000 0a01010500000000 0000000000000000 0a01a8c000000000
00020006a7982af8 0712ffff00000002
input sw_if_index 2 (lsb16 2) l3 ip4 5.1.1.10 -> 192.168.1.10 l4 proto 6
l4_valid 1 port 11000 -> 42904 tcp flags (valid) 12 rsvd 0
00:08:21:983329: ip4-lookup
fib 0 dpo-idx 2 flow hash: 0x00000000
TCP: 5.1.1.10 -> 192.168.1.10
tos 0x00, ttl 64, length 60, checksum 0x72ff
vpp# show acl-plugin sessions
Sessions total: add 0 - del 0 = 0
Per-thread data:
Thread #0:
connection add/del stats:
sw_if_index 0: add 0 - del 0 = 0
sw_if_index 1: add 0 - del 0 = 0
sw_if_index 2: add 0 - del 0 = 0
connection timeout type lists:
fa_conn_list_head[0]: -1
fa_conn_list_head[1]: -1
fa_conn_list_head[2]: -1
Next expiry time: 0
Requeue until time: 0
Current time wait interval: 0
Count of deleted sessions: 0
Delete already deleted: 0
Session timers restarted: 0
Swipe until this time: 0
sw_if_index serviced bitmap: 0
pending clear intfc bitmap : 0
clear in progress: 0
interrupt is pending: 0
interrupt is needed: 0
interrupt is unwanted: 0
interrupt generation: 1898
Conn cleaner thread counters:
0: delete_by_sw_index events
0: delete_by_sw_index handled ok
0: unknown events received
0: session idle timers restarted
1898: event wait with timeout called
1: event wait w/o timeout called
1898: total event cycles
Interrupt generation: 1899
Sessions per interval: min 1 max 100 increment: 100 ms current: 500 ms
Session lookup hash table:
Hash table ACL plugin FA session bihash
0 active elements
0 free lists
0 linear search buckets
0 cache hits, 0 cache misses
vpp#
_______________________________________________
vpp-dev mailing list
vpp-dev@lists.fd.io
https://lists.fd.io/mailman/listinfo/vpp-dev
