Skip to content

Commit ca9557c

Browse files
mauriciovasquezbernalmauriciovasquezbernal
committed
pcn-firewall: port to transaparent service
pcn-firewall is a perfect example of a transparent service, it drops or let packets pass according to the configured rules. This commit make the necessary changes to port this service to the transparent service approach. Signed-off-by: Mauricio Vasquez B <mauriciovasquezbernal@gmail.com>
1 parent e9e29df commit ca9557c

87 files changed

Lines changed: 628 additions & 2368 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

src/services/pcn-firewall/datamodel/firewall.yang

Lines changed: 3 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ module firewall {
44
prefix "firewall";
55

66
import polycube-base { prefix "polycube-base"; }
7-
import polycube-standard-base { prefix "polycube-standard-base"; }
7+
import polycube-transparent-base { prefix "polycube-transparent-base"; }
88

99
organization "Polycube open source project";
1010
description "YANG data model for the Polycube Firewall service";
@@ -14,7 +14,7 @@ module firewall {
1414
polycube-base:service-name "firewall";
1515
polycube-base:service-min-kernel-version "4.14.0";
1616

17-
uses "polycube-standard-base:standard-base-yang-module";
17+
uses "polycube-transparent-base:transparent-base-yang-module";
1818

1919
typedef action {
2020
type enumeration {
@@ -97,16 +97,6 @@ module firewall {
9797
}
9898
}
9999

100-
leaf ingress-port {
101-
type string;
102-
description "Name for the ingress port, from which arrives traffic processed by INGRESS chain (by default it's the first port of the cube)";
103-
}
104-
105-
leaf egress-port {
106-
type string;
107-
description "Name for the egress port, from which arrives traffic processed by EGRESS chain (by default it's the second port of the cube)";
108-
}
109-
110100
leaf conntrack {
111101
type enumeration {
112102
enum ON;
@@ -126,7 +116,7 @@ module firewall {
126116
leaf interactive {
127117
type boolean;
128118
description "Interactive mode applies new rules immediately; if 'false', the command 'apply-rules' has to be used to apply all the rules at once. Default is TRUE.";
129-
default true;
119+
default true;
130120
}
131121

132122
list session-table {

src/services/pcn-firewall/src/CMakeLists.txt

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,6 @@ add_library(pcn-firewall SHARED
2323
ChainStats.cpp
2424
SessionTable.cpp
2525
Firewall.cpp
26-
Ports.cpp
2726
Firewall-lib.cpp
2827
Utils.cpp)
2928

0 commit comments

Comments
 (0)