matthew/sonic-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[caclmgrd] Fix application of IPv6 service ACL rules (#3917)

Browse Source
This commit is contained in:
Joe LeVeque 2019-12-19 07:15:27 -08:00 committed by GitHub
parent 1e05a41c7f
commit 77d636256b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
files/image_config/caclmgrd/caclmgrd
View File

@ -194,13 +194,14 @@ class ControlPlaneAclManager(object):
continue continue
# If we haven't determined the IP version for this ACL table yet, # If we haven't determined the IP version for this ACL table yet,
# try to do it now. We determine heuristically based on whether the # try to do it now. We attempt to determine heuristically based on
# src IP is an IPv4 or IPv6 address. # whether the src or dst IP of this rule is an IPv4 or IPv6 address.
if not table_ip_version and "SRC_IP" in rule_props and rule_props["SRC_IP"]: if not table_ip_version:
ip_addr = ipaddress.IPAddress(rule_props["SRC_IP"].split("/")[0]) if (("SRC_IPV6" in rule_props and rule_props["SRC_IPV6"]) or
if isinstance(ip_addr, ipaddress.IPv6Address): ("DST_IPV6" in rule_props and rule_props["DST_IPV6"])):
table_ip_version = 6 table_ip_version = 6
elif isinstance(ip_addr, ipaddress.IPv4Address): elif (("SRC_IP" in rule_props and rule_props["SRC_IP"]) or
("DST_IP" in rule_props and rule_props["DST_IP"])):
table_ip_version = 4 table_ip_version = 4
# If we were unable to determine whether this ACL table contains # If we were unable to determine whether this ACL table contains