Acl deny all#467
Closed
simone-dell wants to merge 7 commits intosonic-net:masterfrom
simone-dell:ACL-Deny-All
Closed
Acl deny all#467simone-dell wants to merge 7 commits intosonic-net:masterfrom simone-dell:ACL-Deny-All
simone-dell wants to merge 7 commits intosonic-net:masterfrom
simone-dell:ACL-Deny-All
Conversation
Added ICMP test - create ptf icmp packet and make sure it is rejected based on drop icmp rule
prsunny
reviewed
Feb 14, 2018
| exp_pkt = exp_pkt0.copy() | ||
| pkt['IP'].src = "10.0.0.2" | ||
| exp_pkt['IP'].src = "10.0.0.2" | ||
| pkt['IP'].proto=0x1 |
Contributor
There was a problem hiding this comment.
Just FYI, proto is already 1, since you created the packet using simple_icmp_packet.
| }, | ||
| "ip": { | ||
| "config": { | ||
| "protocol":1, |
Contributor
There was a problem hiding this comment.
I think its a tab space issue, can you correct the alignment?
lguohan
reviewed
Apr 5, 2018
| - "acltb_test_rules-del.json" | ||
| - "acltb_test_rules_part_1.json" | ||
| - "acltb_test_rules_part_2.json" | ||
| - "acltb_test_rules_deny_all.json" |
lguohan
reviewed
Apr 5, 2018
| - verbose=True | ||
| - router_mac=\"{{ ansible_Ethernet0['macaddress'] }}\" | ||
| - switch_info=\"/tmp/acltb_switch_info.txt\" | ||
| - testbed_type=\"{{ testbed_type }}\" |
Contributor
There was a problem hiding this comment.
not sure now all test will pass in this case.
matthew-soulsby
pushed a commit
to matthew-soulsby/sonic-mgmt
that referenced
this pull request
Jul 1, 2025
…t_acl.py` (sonic-net#467) <!-- Please make sure you've read and understood our contributing guidelines; https://github.com/sonic-net/SONiC/blob/gh-pages/CONTRIBUTING.md Please provide following information to help code review process a bit easier: --> ### Description of PR <!-- - Please include a summary of the change and which issue is fixed. - Please also include relevant motivation and context. Where should reviewer start? background context? - List any dependencies that are required for this change. --> Summary: Fixes sonic-net#19219 ### Type of change <!-- - Fill x for your type of change. - e.g. - [x] Bug fix --> - [x] Bug fix - [ ] Testbed and Framework(new/improvement) - [ ] New Test case - [ ] Skipped for non-supported platforms - [ ] Test case improvement ### Back port request - [ ] 202205 - [ ] 202305 - [ ] 202311 - [ ] 202405 - [ ] 202411 - [ ] 202505 ### Approach #### What is the motivation for this PR? Stop test failures because ACL counters weren't being updated within the previous 10s window #### How did you do it? Increase the delay before collecting counters in `test_acl.py` #### How did you verify/test it? https://elastictest.org/scheduler/testplan/685d4ca77c68e1a8ec7df01e #### Any platform specific information? N/A #### Supported testbed topology if it's a new test case? N/A ### Documentation <!-- (If it's a new feature, new test case) Did you update documentation/Wiki relevant to your implementation? Link to the wiki page? --> N/A
kazinator-arista
pushed a commit
to kazinator-arista/sonic-mgmt
that referenced
this pull request
Mar 4, 2026
swss: * e34104e 2018-04-13 | [pfcwd]: support BIG_RED_SWITCH mode (sonic-net#467) (HEAD, origin/201803) [sihuihan88] * 1f857d5 2018-04-25 | [buffermgr]: remove the item from consumer queue if invalid (sonic-net#489) [sihuihan88] utilities: * 0b9bb2b 2018-04-26 | Stop services before pushing new config during "load_minigraph" (sonic-net#247) (HEAD, origin/201803) [Prince Sunny] * dc119c9 2018-04-18 | [show logging] For following, change 'tail -f' to 'tail -F' in order to retry in the case log is rotated (sonic-net#240) [Joe LeVeque] * 08da428 2018-04-16 | [pfcwd]: add cli to enable/disable BIG_RED_SWITCH mode (sonic-net#237) [sihuihan88] Signed-off-by: Guohan Lu <gulv@microsoft.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description of PR
Fixes # (issue)
Type of change
Approach
How did you do it? added some tasks that load a deny all rule into the acl table, and then run same python script to make sure all packets are dropped
How did you verify/test it? In my local repo
Any platform specific information? no
Supported testbed topology if it's a new test case? t1, t1-Lag, t1-64-lag
Documentation