diff --git a/orchagent/aclorch.cpp b/orchagent/aclorch.cpp index 8dd92a2f2379..84c56c0dc0ff 100644 --- a/orchagent/aclorch.cpp +++ b/orchagent/aclorch.cpp @@ -107,6 +107,11 @@ static acl_rule_attr_lookup_t aclDTelActionLookup = { ACTION_DTEL_REPORT_ALL_PACKETS, SAI_ACL_ENTRY_ATTR_ACTION_DTEL_REPORT_ALL_PACKETS } }; +static acl_rule_attr_lookup_t aclOtherActionLookup = +{ + { ACTION_COUNTER, SAI_ACL_ENTRY_ATTR_ACTION_COUNTER} +}; + static acl_packet_action_lookup_t aclPacketActionLookup = { { PACKET_ACTION_FORWARD, SAI_PACKET_ACTION_FORWARD }, @@ -635,6 +640,7 @@ bool AclTableTypeParser::parseAclTableTypeActions(const std::string& value, AclT auto l3Action = aclL3ActionLookup.find(action); auto mirrorAction = aclMirrorStageLookup.find(action); auto dtelAction = aclDTelActionLookup.find(action); + auto otherAction = aclOtherActionLookup.find(action); if (l3Action != aclL3ActionLookup.end()) { @@ -648,11 +654,16 @@ bool AclTableTypeParser::parseAclTableTypeActions(const std::string& value, AclT { saiActionAttr = dtelAction->second; } + else if (otherAction != aclOtherActionLookup.end()) + { + saiActionAttr = otherAction->second; + } else { SWSS_LOG_ERROR("Unknown action %s", action.c_str()); return false; } + SWSS_LOG_INFO("Added action %s", action.c_str()); builder.withAction(AclEntryActionToAclAction(saiActionAttr)); } @@ -4439,10 +4450,12 @@ void AclOrch::doAclTableTypeTask(Consumer &consumer) } addAclTableType(builder.build()); + SWSS_LOG_NOTICE("Created ACL table type %s", key.c_str()); } else if (op == DEL_COMMAND) { removeAclTableType(key); + SWSS_LOG_NOTICE("Removed ACL table type %s", key.c_str()); } else { diff --git a/orchagent/aclorch.h b/orchagent/aclorch.h index 737f5516a044..3a71fa7f6c09 100644 --- a/orchagent/aclorch.h +++ b/orchagent/aclorch.h @@ -65,6 +65,7 @@ #define ACTION_DTEL_TAIL_DROP_REPORT_ENABLE "TAIL_DROP_REPORT_ENABLE" #define ACTION_DTEL_FLOW_SAMPLE_PERCENT "FLOW_SAMPLE_PERCENT" #define ACTION_DTEL_REPORT_ALL_PACKETS "REPORT_ALL_PACKETS" +#define ACTION_COUNTER "COUNTER" #define PACKET_ACTION_FORWARD "FORWARD" #define PACKET_ACTION_DROP "DROP" diff --git a/tests/dvslib/dvs_acl.py b/tests/dvslib/dvs_acl.py index 266761c5685d..a4801891cdac 100644 --- a/tests/dvslib/dvs_acl.py +++ b/tests/dvslib/dvs_acl.py @@ -54,7 +54,8 @@ def create_acl_table_type( self, name: str, matches: List[str], - bpoint_types: List[str] + bpoint_types: List[str], + actions: List[str] ) -> None: """Create a new ACL table type in Config DB. @@ -62,10 +63,12 @@ def create_acl_table_type( name: The name for the new ACL table type. matches: A list of matches to use in ACL table. bpoint_types: A list of bind point types to use in ACL table. + actions: A list of actions to use in ACL table """ table_type_attrs = { "matches@": ",".join(matches), - "bind_points@": ",".join(bpoint_types) + "bind_points@": ",".join(bpoint_types), + "actions@": ",".join(actions) } self.config_db.create_entry(self.CDB_ACL_TABLE_TYPE_NAME, name, table_type_attrs) @@ -306,6 +309,26 @@ def verify_acl_table_port_binding( self.verify_acl_table_group_members(acl_table_id, acl_table_group_ids, num_tables) + + def verify_acl_table_action_list( + self, + acl_table_id: str, + expected_action_list: List[str], + ) -> None: + """Verify that the ACL table has specified action list. + Args: + acl_table_id: The ACL table that is being checked. + expected_action_list: The expected action list set to the given ACL table. + """ + fvs = self.asic_db.wait_for_entry(self.ADB_ACL_TABLE_NAME, acl_table_id) + action_list_str = fvs.get('SAI_ACL_TABLE_ATTR_ACL_ACTION_TYPE_LIST') + action_count, actions = action_list_str.split(':') + action_list = actions.split(',') + assert (int(action_count) == len(action_list)) + for action in expected_action_list: + assert action in action_list + + def create_acl_rule( self, table_name: str, diff --git a/tests/test_acl_egress_table.py b/tests/test_acl_egress_table.py index 0697dae6ee62..c96af7464458 100644 --- a/tests/test_acl_egress_table.py +++ b/tests/test_acl_egress_table.py @@ -14,6 +14,8 @@ "VLAN_ID" ] CUSTOM_TABLE_TYPE_BPOINT_TYPES = ["PORT","PORTCHANNEL"] +CUSTOM_TABLE_TYPE_ACTIONS = ["PACKET_ACTION,COUNTER"] +EXPECTED_ACTION_LIST = ['SAI_ACL_ACTION_TYPE_PACKET_ACTION','SAI_ACL_ACTION_TYPE_COUNTER'] TABLE_NAME = "EGRESS_TEST" BIND_PORTS = ["Ethernet0", "Ethernet4"] RULE_NAME = "EGRESS_TEST_RULE" @@ -23,7 +25,7 @@ class TestEgressAclTable: @pytest.fixture def egress_acl_table(self, dvs_acl): try: - dvs_acl.create_acl_table_type(TABLE_TYPE, CUSTOM_TABLE_TYPE_MATCHES, CUSTOM_TABLE_TYPE_BPOINT_TYPES) + dvs_acl.create_acl_table_type(TABLE_TYPE, CUSTOM_TABLE_TYPE_MATCHES, CUSTOM_TABLE_TYPE_BPOINT_TYPES, CUSTOM_TABLE_TYPE_ACTIONS) dvs_acl.create_acl_table(TABLE_NAME, TABLE_TYPE, BIND_PORTS, stage="egress") yield dvs_acl.get_acl_table_ids(1)[0] finally: @@ -33,7 +35,7 @@ def egress_acl_table(self, dvs_acl): def test_EgressAclTableCreationDeletion(self, dvs_acl): try: - dvs_acl.create_acl_table_type(TABLE_TYPE, CUSTOM_TABLE_TYPE_MATCHES, CUSTOM_TABLE_TYPE_BPOINT_TYPES) + dvs_acl.create_acl_table_type(TABLE_TYPE, CUSTOM_TABLE_TYPE_MATCHES, CUSTOM_TABLE_TYPE_BPOINT_TYPES, CUSTOM_TABLE_TYPE_ACTIONS) dvs_acl.create_acl_table(TABLE_NAME, TABLE_TYPE, BIND_PORTS, stage="egress") acl_table_id = dvs_acl.get_acl_table_ids(1)[0] @@ -41,6 +43,7 @@ def test_EgressAclTableCreationDeletion(self, dvs_acl): dvs_acl.verify_acl_table_group_members(acl_table_id, acl_table_group_ids, 1) dvs_acl.verify_acl_table_port_binding(acl_table_id, BIND_PORTS, 1, stage="egress") + dvs_acl.verify_acl_table_action_list(acl_table_id, EXPECTED_ACTION_LIST) finally: dvs_acl.remove_acl_table(TABLE_NAME) dvs_acl.remove_acl_table_type(TABLE_TYPE)