From 859b4793d2b18f8cfaf1f3359e8266fba6c97539 Mon Sep 17 00:00:00 2001
From: jingwenxie <jingwenxie@microsoft.com>
Date: Thu, 30 Jun 2022 10:09:54 +0800
Subject: [PATCH] [yang] update TCP_FLAGS format in sonic-acl.yang (#11270)

Why I did it
Fix #11224
TCP_FLAGS supports flags/mask pattern.

How I did it
Change the pattern.

How to verify it
Add unit test.
---
 .../tests/yang_model_tests/tests/acl.json     |  3 ++
 .../yang_model_tests/tests_config/acl.json    | 40 ++++++++++++++++++-
 .../yang-templates/sonic-acl.yang.j2          |  2 +-
 3 files changed, 42 insertions(+), 3 deletions(-)

diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json b/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json
index b7968e2407..3bfb0611fb 100644
--- a/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json
+++ b/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json
@@ -129,5 +129,8 @@
     },
     "ACL_RULE_WITH_VALID_MIRROR_INGRESS_ACTION": {
         "desc": "Configure ACL_RULE with valid mirror action."
+    },
+    "ACL_RULE_VALID_TCP_FLAGS": {
+        "desc": "Configure ACL_RULE with valid TCP_FLAGS."
     }
 }
diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json b/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json
index d98645b8a1..6c3d3ad3ec 100644
--- a/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json
+++ b/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json
@@ -953,7 +953,7 @@
                         "ACL_TABLE_NAME": "EVERFLOW_DSCP",
                         "policy_desc": "EVERFLOW_DSCP",
                         "ports": [
-			    ""
+                            ""
                         ],
                         "stage": "ingress",
                         "type": "MIRROR_DSCP"
@@ -981,7 +981,7 @@
                         "ACL_TABLE_NAME": "EVERFLOW_DSCP",
                         "policy_desc": "EVERFLOW_DSCP",
                         "ports": [
-			    ""
+                            ""
                         ],
                         "stage": "ingress",
                         "type": "MIRROR_DSCP"
@@ -1003,5 +1003,41 @@
                 ]
             }
         }
+    },
+    "ACL_RULE_VALID_TCP_FLAGS": {
+        "sonic-acl:sonic-acl": {
+            "sonic-acl:ACL_RULE": {
+                "ACL_RULE_LIST": [
+                    {
+                        "ACL_TABLE_NAME": "TCP_FLAGS_TEST",
+                        "ETHER_TYPE": "2048",
+                        "PACKET_ACTION": "DROP",
+                        "PRIORITY": 9981,
+                        "TCP_FLAGS": "0x24",
+                        "RULE_NAME": "Rule_19"
+                    },
+                    {
+                        "ACL_TABLE_NAME": "TCP_FLAGS_TEST",
+                        "ETHER_TYPE": "2048",
+                        "PACKET_ACTION": "DROP",
+                        "PRIORITY": 9981,
+                        "TCP_FLAGS": "0x24/0x24",
+                        "RULE_NAME": "Rule_20"
+                    }
+
+                ]
+            },
+            "sonic-acl:ACL_TABLE": {
+                "ACL_TABLE_LIST": [
+                    {
+                        "ACL_TABLE_NAME": "TCP_FLAGS_TEST",
+                        "policy_desc": "TCP_FLAGS_TEST",
+                        "ports": [ "" ],
+                        "stage": "INGRESS",
+                        "type": "L3"
+                    }
+                ]
+            }
+        }
     }
 }
diff --git a/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 b/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2
index 2a527aa2bc..e9461be2ce 100644
--- a/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2
+++ b/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2
@@ -184,7 +184,7 @@ module sonic-acl {
 
 				leaf TCP_FLAGS {
 					type string {
-						pattern '0[x][0-9a-fA-F]{1,2}|0[X][0-9a-fA-F]{1,2}';
+						pattern '0[xX][0-9a-fA-F]{1,2}(/0[xX][0-9a-fA-F]{1,2})?';
 					}
 				}