From 7f1b5797a7e5301ca6faf97b188ad9aa9c88a93d Mon Sep 17 00:00:00 2001 From: Zhijian Li Date: Wed, 23 Aug 2023 02:26:04 +0800 Subject: [PATCH] [YANG SONIC-ACL] Fix Yang definition of IN_PORTS and OUT_PORTS (#16220) How I did it Update Yang definition of IN_PORTS and OUT_PORTS to string. Since we cannot split the string with comma (,) and validate each substring is a valid SONiC port name. The only restriction for them is must be a string. How to verify it Verified by building sonic_yang_models-1.0-py3-none-any.whl. While building the target package, unit tests were run and passed. Build a SONiC image based on 202205 branch and installed on physical DUT. Re try the steps in [Yang] Incorrect definition of IN_PORTS and OUT_PORTS in sonic-acl.yang #16190 and can see below success response: --- .../tests/yang_model_tests/tests/acl.json | 6 + .../yang_model_tests/tests_config/acl.json | 108 ++++++++++++++++++ .../yang-templates/sonic-acl.yang.j2 | 12 +- 3 files changed, 120 insertions(+), 6 deletions(-) diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json b/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json index a3d21104794e..0f0d11a529ac 100644 --- a/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json +++ b/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json @@ -14,6 +14,12 @@ "eStrKey" : "Mandatory", "eStr": ["ACL_RULE", "PRIORITY"] }, + "ACL_RULE_WITH_VALID_IN_PORTS": { + "desc": "Configure ACL_RULE with valid IN_PORTS." + }, + "ACL_RULE_WITH_VALID_OUT_PORTS": { + "desc": "Configure ACL_RULE with valid OUT_PORTS." + }, "ACL_TABLE_EMPTY_PORTS": { "desc": "Configure ACL_TABLE with empty ports." }, diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json b/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json index ce5a9839d0d9..11633164a166 100644 --- a/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json +++ b/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json @@ -482,6 +482,114 @@ } } }, + "ACL_RULE_WITH_VALID_IN_PORTS": { + "sonic-acl:sonic-acl": { + "sonic-acl:ACL_RULE": { + "ACL_RULE_LIST": [ + { + "ACL_TABLE_NAME": "NO-NSW-PACL-V4", + "IN_PORTS": "Ethernet0,Ethernet1", + "PACKET_ACTION": "FORWARD", + "PRIORITY": 9999, + "RULE_NAME": "Rule_20", + "SRC_IPV6": "2001::1/64" + } + ] + }, + "sonic-acl:ACL_TABLE": { + "ACL_TABLE_LIST": [ + { + "ACL_TABLE_NAME": "NO-NSW-PACL-V4", + "policy_desc": "Filter IPv4", + "ports": [ + "Ethernet0", + "Ethernet1" + ], + "stage": "INGRESS", + "type": "L3" + } + ] + } + }, + "sonic-port:sonic-port": { + "sonic-port:PORT": { + "PORT_LIST": [ + { + "admin_status": "up", + "alias": "eth0", + "description": "Ethernet0", + "lanes": "0,1,2,3", + "mtu": 9000, + "name": "Ethernet0", + "speed": 25000 + }, + { + "admin_status": "up", + "alias": "eth1", + "description": "Ethernet1", + "lanes": "4,5,6,7", + "mtu": 9000, + "name": "Ethernet1", + "speed": 25000 + } + ] + } + } + }, + "ACL_RULE_WITH_VALID_OUT_PORTS": { + "sonic-acl:sonic-acl": { + "sonic-acl:ACL_RULE": { + "ACL_RULE_LIST": [ + { + "ACL_TABLE_NAME": "NO-NSW-PACL-V4", + "OUT_PORTS": "Ethernet0,Ethernet1", + "PACKET_ACTION": "FORWARD", + "PRIORITY": 9999, + "RULE_NAME": "Rule_20", + "SRC_IPV6": "2001::1/64" + } + ] + }, + "sonic-acl:ACL_TABLE": { + "ACL_TABLE_LIST": [ + { + "ACL_TABLE_NAME": "NO-NSW-PACL-V4", + "policy_desc": "Filter IPv4", + "ports": [ + "Ethernet0", + "Ethernet1" + ], + "stage": "EGRESS", + "type": "L3" + } + ] + } + }, + "sonic-port:sonic-port": { + "sonic-port:PORT": { + "PORT_LIST": [ + { + "admin_status": "up", + "alias": "eth0", + "description": "Ethernet0", + "lanes": "0,1,2,3", + "mtu": 9000, + "name": "Ethernet0", + "speed": 25000 + }, + { + "admin_status": "up", + "alias": "eth1", + "description": "Ethernet1", + "lanes": "4,5,6,7", + "mtu": 9000, + "name": "Ethernet1", + "speed": 25000 + } + ] + } + } + }, "ACL_TABLE_DEFAULT_VALUE_STAGE": { "sonic-acl:sonic-acl": { "sonic-acl:ACL_TABLE": { diff --git a/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 b/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 index 360c096880b1..633aa73152c9 100644 --- a/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 +++ b/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 @@ -128,14 +128,14 @@ module sonic-acl { } } - leaf-list IN_PORTS { - /* Values in leaf list are UNIQUE */ - type uint16; + leaf IN_PORTS { + /* Values is a list of SONiC port name (/port:sonic-port/port:PORT/port:PORT_LIST/port:name) joined by comma */ + type string; } - leaf-list OUT_PORTS { - /* Values in leaf list are UNIQUE */ - type uint16; + leaf OUT_PORTS { + /* Values is a list of SONiC port name (/port:sonic-port/port:PORT/port:PORT_LIST/port:name) joined by comma */ + type string; } choice src_port {