From 13a0d7e60c4d70fadc46b8c5656ca671402a45a9 Mon Sep 17 00:00:00 2001 From: bingwang-ms <66248323+bingwang-ms@users.noreply.github.com> Date: Mon, 11 Mar 2024 10:13:12 -0700 Subject: [PATCH] Fix yang model for ICMP and ICMPV6 (#18311) * Fix yang model for ICMP and ICMPV6 * Change ICMP type and code to 0-255 --- .../tests/yang_model_tests/tests/acl.json | 6 + .../yang_model_tests/tests_config/acl.json | 110 ++++++++++++++++++ .../yang-templates/sonic-acl.yang.j2 | 8 +- 3 files changed, 120 insertions(+), 4 deletions(-) diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json b/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json index 779a96d02bce..18f053e2a300 100644 --- a/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json +++ b/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json @@ -20,6 +20,12 @@ "ACL_RULE_WITH_VALID_OUT_PORTS": { "desc": "Configure ACL_RULE with valid OUT_PORTS." }, + "ACL_RULE_WITH_VALID_ICMPV4_CODE": { + "desc": "Configure ACL_RULE with valid ICMPV4 type and code." + }, + "ACL_RULE_WITH_VALID_ICMPV6_CODE": { + "desc": "Configure ACL_RULE with valid ICMPV6 type and code." + }, "ACL_TABLE_EMPTY_PORTS": { "desc": "Configure ACL_TABLE with empty ports." }, diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json b/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json index aa908fdb754d..6f39ab6e41cb 100644 --- a/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json +++ b/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json @@ -590,6 +590,116 @@ } } }, + "ACL_RULE_WITH_VALID_ICMPV4_CODE": { + "sonic-acl:sonic-acl": { + "sonic-acl:ACL_RULE": { + "ACL_RULE_LIST": [ + { + "ACL_TABLE_NAME": "NO-NSW-PACL-V4", + "ICMP_CODE": 0, + "ICMP_TYPE": 0, + "IP_TYPE": "IPV4", + "PACKET_ACTION": "FORWARD", + "PRIORITY": 999960, + "RULE_NAME": "Rule_40" + } + ] + }, + "sonic-acl:ACL_TABLE": { + "ACL_TABLE_LIST": [ + { + "ACL_TABLE_NAME": "NO-NSW-PACL-V4", + "policy_desc": "Filter IPv4", + "ports": [ + "Ethernet0", + "Ethernet1" + ], + "stage": "EGRESS", + "type": "L3" + } + ] + } + }, + "sonic-port:sonic-port": { + "sonic-port:PORT": { + "PORT_LIST": [ + { + "admin_status": "up", + "alias": "eth0", + "description": "Ethernet0", + "lanes": "0,1,2,3", + "mtu": 9000, + "name": "Ethernet0", + "speed": 25000 + }, + { + "admin_status": "up", + "alias": "eth1", + "description": "Ethernet1", + "lanes": "4,5,6,7", + "mtu": 9000, + "name": "Ethernet1", + "speed": 25000 + } + ] + } + } + }, + "ACL_RULE_WITH_VALID_ICMPV6_CODE": { + "sonic-acl:sonic-acl": { + "sonic-acl:ACL_RULE": { + "ACL_RULE_LIST": [ + { + "ACL_TABLE_NAME": "NO-NSW-PACL-V6", + "ICMPV6_CODE": 0, + "ICMPV6_TYPE": 129, + "IP_TYPE": "IPV6", + "PACKET_ACTION": "FORWARD", + "PRIORITY": 999960, + "RULE_NAME": "Rule_40" + } + ] + }, + "sonic-acl:ACL_TABLE": { + "ACL_TABLE_LIST": [ + { + "ACL_TABLE_NAME": "NO-NSW-PACL-V6", + "policy_desc": "Filter IPv6", + "ports": [ + "Ethernet0", + "Ethernet1" + ], + "stage": "EGRESS", + "type": "L3" + } + ] + } + }, + "sonic-port:sonic-port": { + "sonic-port:PORT": { + "PORT_LIST": [ + { + "admin_status": "up", + "alias": "eth0", + "description": "Ethernet0", + "lanes": "0,1,2,3", + "mtu": 9000, + "name": "Ethernet0", + "speed": 25000 + }, + { + "admin_status": "up", + "alias": "eth1", + "description": "Ethernet1", + "lanes": "4,5,6,7", + "mtu": 9000, + "name": "Ethernet1", + "speed": 25000 + } + ] + } + } + }, "ACL_TABLE_DEFAULT_VALUE_STAGE": { "sonic-acl:sonic-acl": { "sonic-acl:ACL_TABLE": { diff --git a/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 b/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 index 513c467094f7..882dbf8ef9c3 100644 --- a/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 +++ b/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 @@ -202,13 +202,13 @@ module sonic-acl { when "not(IP_TYPE) or boolean(IP_TYPE[.='ANY' or .='IP' or .='IPV4' or .='IPv4ANY' or .='ARP'])"; leaf ICMP_TYPE { type uint8 { - range 1..44; + range 0..255; } } leaf ICMP_CODE { type uint8 { - range 1..16; + range 0..255; } } } @@ -217,13 +217,13 @@ module sonic-acl { when "not(IP_TYPE) or boolean(IP_TYPE[.='ANY' or .='IP' or .='IPV6' or .='IPv6ANY'])"; leaf ICMPV6_TYPE { type uint8 { - range 1..44; + range 0..255; } } leaf ICMPV6_CODE { type uint8 { - range 1..16; + range 0..255; } } }