Committed by
Gerrit Code Review
Add onos-acl tool
Change-Id: I291c19fa60e73029f7ce9a1286a2dd79c62429af
Showing
1 changed file
with
67 additions
and
0 deletions
tools/test/bin/onos-acl
0 → 100644
| 1 | +#!/bin/bash | ||
| 2 | +# ------------------------------------------------------------------------------------------------- | ||
| 3 | +# ONOS ACL tool. | ||
| 4 | +# Usage: | ||
| 5 | +# onos-acl node_ip [allow|deny|del] [--srcIp srcIp] [--dstIp dstIp] [--ipProto ipProto] [--dstTpPort dstTpPort] [--alcId aclId] | ||
| 6 | +# onos-acl node_ip --json acl-config.json | ||
| 7 | +# ------------------------------------------------------------------------------------------------- | ||
| 8 | + | ||
| 9 | +[ ! -d "$ONOS_ROOT" ] && echo "ONOS_ROOT is not defined" >&2 && exit 1 | ||
| 10 | +. $ONOS_ROOT/tools/build/envDefaults | ||
| 11 | +. $ONOS_ROOT/tools/test/bin/find-node.sh | ||
| 12 | + | ||
| 13 | +fail="--fail" | ||
| 14 | +[ "$1" == "-v" ] && shift && fail="" | ||
| 15 | + | ||
| 16 | +node=$(find_node $1) | ||
| 17 | + | ||
| 18 | +if [ "$2" == "--json" ]; then | ||
| 19 | + shift | ||
| 20 | + file=$2 | ||
| 21 | + curl $fail -sSL --user $ONOS_WEB_USER:$ONOS_WEB_PASS \ | ||
| 22 | + -X POST -H 'Content-Type:application/json' \ | ||
| 23 | + http://$node:8181/onos/v1/acl/rules -d@$file | ||
| 24 | + | ||
| 25 | +else | ||
| 26 | + policy="${2:deny}" | ||
| 27 | + srcIp="" | ||
| 28 | + dstIp="" | ||
| 29 | + ipProto="" | ||
| 30 | + dstTpPort="" | ||
| 31 | + aclId="" | ||
| 32 | + | ||
| 33 | + while [ "$#" -gt 3 ]; do | ||
| 34 | + if [ "$3" == "--srcIp" ]; then | ||
| 35 | + shift && srcIp="$3" && shift | ||
| 36 | + elif [ "$3" == "--dstIp" ]; then | ||
| 37 | + shift && dstIp="$3" && shift | ||
| 38 | + elif [ "$3" == "--ipProto" ]; then | ||
| 39 | + shift && ipProto="$3" && shift | ||
| 40 | + elif [ "$3" == "--dstTpPort" ]; then | ||
| 41 | + shift && dstTpPort="$3" && shift | ||
| 42 | + elif [ "$3" == "--aclId" ]; then | ||
| 43 | + shift && aclId="$3" && shift | ||
| 44 | + else | ||
| 45 | + shift | ||
| 46 | + fi | ||
| 47 | + done | ||
| 48 | + | ||
| 49 | + if [ "$policy" == "del" ]; then | ||
| 50 | + curl $fail -sSL --user $ONOS_WEB_USER:$ONOS_WEB_PASS \ | ||
| 51 | + -X DELETE http://$node:8181/onos/v1/acl/rules/$aclId | ||
| 52 | + | ||
| 53 | + else | ||
| 54 | + | ||
| 55 | + aclRule="{\"action\": \"$policy\"" | ||
| 56 | + [ "$srcIp" != "" ] && aclRule="$aclRule, \"srcIp\":\"$srcIp\"" | ||
| 57 | + [ "$dstIp" != "" ] && aclRule="$aclRule, \"dstIp\":\"$dstIp\"" | ||
| 58 | + [ "$ipProto" != "" ] && aclRule="$aclRule, \"ipProto\":\"$ipProto\"" | ||
| 59 | + [ "$dstTpPort" != "" ] && aclRule="$aclRule, \"dstTpPort\":\"$dstTpPort\"" | ||
| 60 | + aclRule="$aclRule}" | ||
| 61 | + | ||
| 62 | + curl $fail -sSL --user $ONOS_WEB_USER:$ONOS_WEB_PASS \ | ||
| 63 | + -X POST -H 'Content-Type:application/json' \ | ||
| 64 | + http://$node:8181/onos/v1/acl/rules -d "$aclRule" | ||
| 65 | + fi | ||
| 66 | + | ||
| 67 | +fi |
-
Please register or login to post a comment