summaryrefslogtreecommitdiffstats
path: root/VNFs/vACL
diff options
context:
space:
mode:
Diffstat (limited to 'VNFs/vACL')
-rw-r--r--VNFs/vACL/init.c2
-rw-r--r--VNFs/vACL/pipeline/pipeline_acl_be.c530
2 files changed, 105 insertions, 427 deletions
diff --git a/VNFs/vACL/init.c b/VNFs/vACL/init.c
index 42a1e43b..71dd50e4 100644
--- a/VNFs/vACL/init.c
+++ b/VNFs/vACL/init.c
@@ -1299,11 +1299,13 @@ int app_init(struct app_params *app)
app_init_pipelines(app);
app_init_threads(app);
+ #ifdef L3_STACK_SUPPORT
l3fwd_init();
create_arp_table();
create_nd_table();
populate_lpm_routes();
print_interface_details();
+ #endif
return 0;
}
diff --git a/VNFs/vACL/pipeline/pipeline_acl_be.c b/VNFs/vACL/pipeline/pipeline_acl_be.c
index b9386e61..3a9005fb 100644
--- a/VNFs/vACL/pipeline/pipeline_acl_be.c
+++ b/VNFs/vACL/pipeline/pipeline_acl_be.c
@@ -166,30 +166,6 @@ uint32_t local_get_nh_ipv4(uint32_t ip,
return 0;
}
-static void do_local_nh_ipv4_cache(uint32_t dest_if, struct pipeline_acl *p_acl)
-{
-
- /* Search for the entry and do local copy */
- int i;
-
- for (i = 0; i < MAX_ARP_RT_ENTRY; i++) {
- if (lib_arp_route_table[i].port == dest_if) {
-
- struct lib_arp_route_table_entry *lentry =
- &p_acl->local_lib_arp_route_table
- [p_acl->local_lib_arp_route_ent_cnt];
-
- lentry->ip = lib_arp_route_table[i].ip;
- lentry->mask = lib_arp_route_table[i].mask;
- lentry->port = lib_arp_route_table[i].port;
- lentry->nh = lib_arp_route_table[i].nh;
-
- p_acl->local_lib_arp_route_ent_cnt++;
- break;
- }
- }
-}
-
static uint32_t local_get_nh_ipv6(uint8_t *ip,
uint32_t *port,
uint8_t nhip[], struct pipeline_acl *p_acl)
@@ -239,32 +215,6 @@ static uint32_t local_get_nh_ipv6(uint8_t *ip,
}
return 0;
}
-void do_local_nh_ipv6_cache(uint32_t dest_if, struct pipeline_acl *p_acl)
-{
- /* Search for the entry and do local copy */
- int i, l;
-
- for (i = 0; i < MAX_ND_RT_ENTRY; i++) {
-
- if (lib_nd_route_table[i].port == dest_if) {
-
- struct lib_nd_route_table_entry *lentry =
- &p_acl->local_lib_nd_route_table
- [p_acl->local_lib_nd_route_ent_cnt];
-
- for (l = 0; l < 16; l++) {
- lentry->ipv6[l] = lib_nd_route_table[i].ipv6[l];
- lentry->nhipv6[l] =
- lib_nd_route_table[i].nhipv6[l];
- }
- lentry->depth = lib_nd_route_table[i].depth;
- lentry->port = lib_nd_route_table[i].port;
-
- p_acl->local_lib_nd_route_ent_cnt++;
- break;
- } /* if */
- } /* for */
-}
static uint8_t check_arp_icmp(struct rte_mbuf *pkt,
uint64_t pkt_mask, struct pipeline_acl *p_acl)
@@ -925,9 +875,9 @@ pkt_work_acl_key(struct rte_pipeline *p,
(dest_address, &dest_if, (struct ether_addr *) eth_dest);
*port_out_id = p_acl->port_out_id[dest_if];
if (arp_cache_dest_mac_present(dest_if)) {
- ether_addr_copy(get_link_hw_addr(dest_if), (struct ether_addr *)eth_src);
- arp_data_ptr[dest_if]->n_last_update = time(NULL);
-
+ ether_addr_copy(get_link_hw_addr(dest_if),
+ (struct ether_addr *)eth_src);
+ update_nhip_access(dest_if);
if (unlikely(ret_arp_data && ret_arp_data->num_pkts)) {
printf("sending buffered packets\n");
arp_send_buffered_pkts(ret_arp_data,
@@ -936,7 +886,7 @@ pkt_work_acl_key(struct rte_pipeline *p,
}
} else {
if (unlikely(ret_arp_data == NULL)) {
-
+ if (ACL_DEBUG)
printf("%s: NHIP Not Found, "
"outport_id: %d\n", __func__,
*port_out_id);
@@ -964,7 +914,8 @@ pkt_work_acl_key(struct rte_pipeline *p,
continue;
} else {
arp_pkts_mask |= pkt_mask;
- arp_queue_unresolved_packet(ret_arp_data, pkt);
+ arp_queue_unresolved_packet(ret_arp_data,
+ pkt);
continue;
}
}
@@ -1026,105 +977,60 @@ pkt_work_acl_key(struct rte_pipeline *p,
}
memcpy(dest_address, *dst_addr, sizeof(dest_address));
memset(nhip, 0, sizeof(nhip));
- ret = local_get_nh_ipv6(&dest_address[0], &dest_if,
- &nhip[0], p_acl);
-
- if (is_phy_port_privte(phy_port)) {
- if (!ret) {
- dest_if = get_prv_to_pub_port((
- uint32_t
- *)
- &dest_address[0], IP_VERSION_6);
- do_local_nh_ipv6_cache(dest_if, p_acl);
- *port_out_id =
- p_acl->port_out_id[dest_if];
- }
- // port = ACL_PUB_PORT_ID;
+ struct nd_entry_data *ret_nd_data = NULL;
+ ret_nd_data = get_dest_mac_address_ipv6_port
+ (dest_address, &dest_if, &hw_addr, &nhip[0]);
+ *port_out_id = p_acl->port_out_id[dest_if];
+ if (nd_cache_dest_mac_present(dest_if)) {
+ ether_addr_copy(get_link_hw_addr(dest_if),
+ (struct ether_addr *)eth_src);
+ update_nhip_access(dest_if);
+
+ if (unlikely(ret_nd_data && ret_nd_data->num_pkts)) {
+ printf("sending buffered packets\n");
+ p_acl->counters->tpkts_processed +=
+ ret_nd_data->num_pkts;
+ nd_send_buffered_pkts(ret_nd_data,
+ (struct ether_addr *)eth_dest, *port_out_id);
+ }
} else {
- if (!ret) {
- dest_if = get_pub_to_prv_port((
- uint32_t
- *)
- &dest_address[0], IP_VERSION_6);
- do_local_nh_ipv6_cache(dest_if, p_acl);
- *port_out_id =
- p_acl->port_out_id[dest_if];
+ if (unlikely(ret_nd_data == NULL)) {
+ if (ACL_DEBUG)
+ printf("ACL before drop pkt_mask "
+ "%lu, pkt_num %d\n", pkts_mask, pos);
+ pkts_mask &= ~(1LLU << pos);
+ if (ACL_DEBUG)
+ printf("ACL after drop pkt_mask "
+ "%lu, pkt_num %d\n", pkts_mask, pos);
+ p_acl->counters->pkts_drop++;
+ continue;
}
-// port = ACL_PRV_PORT_ID;
-
- }
- if (get_dest_mac_address_ipv6_port
- (dest_address, &dest_if, &hw_addr, &nhip[0])) {
- if (ACL_DEBUG) {
- printf("MAC found for port %d - "
- " %02x:%02x:%02x:%02x:%02x:%02x\n",
- phy_port, hw_addr.addr_bytes[0],
- hw_addr.addr_bytes[1],
- hw_addr.addr_bytes[2],
- hw_addr.addr_bytes[3],
- hw_addr.addr_bytes[4],
- hw_addr.addr_bytes[5]);
- printf("Dest MAC before - "
- "%02x:%02x:%02x:%02x:%02x:%02x\n",
- eth_dest[0], eth_dest[1],
- eth_dest[2], eth_dest[3],
- eth_dest[4], eth_dest[5]);
- }
- memcpy(eth_dest, &hw_addr,
- sizeof(struct ether_addr));
- if (ACL_DEBUG) {
- printf("PktP %p, dest_macP %p\n", pkt,
- eth_dest);
- printf("Dest MAC after - "
- "%02x:%02x:%02x:%02x:%02x:%02x\n",
- eth_dest[0], eth_dest[1],
- eth_dest[2], eth_dest[3],
- eth_dest[4], eth_dest[5]);
+ if (ret_nd_data->status == INCOMPLETE ||
+ ret_nd_data->status == PROBE) {
+ if (ret_nd_data->num_pkts >= NUM_DESC) {
+ /* Drop the pkt */
+ if (ACL_DEBUG)
+ printf("ACL before drop pkt_mask "
+ "%lu, pkt_num %d\n", pkts_mask, pos);
+ pkts_mask &= ~(1LLU << pos);
+ if (ACL_DEBUG)
+ printf("ACL after drop pkt_mask "
+ "%lu, pkt_num %d\n", pkts_mask, pos);
+ p_acl->counters->pkts_drop++;
+ continue;
+ } else {
+ arp_pkts_mask |= pkt_mask;
+ nd_queue_unresolved_packet(ret_nd_data,
+ pkt);
+ continue;
+ }
}
- if (is_phy_port_privte(phy_port))
- memcpy(eth_src,
- get_link_hw_addr(dest_if),
- sizeof(struct ether_addr));
- else
- memcpy(eth_src,
- get_link_hw_addr(dest_if),
- sizeof(struct ether_addr));
-/* memcpy(eth_src, get_link_hw_addr(p_acl->links_map[phy_port]), */
-/* sizeof(struct ether_addr)); */
- p_acl->counters->tpkts_processed++;
- p_acl->counters->bytes_processed +=
- packet_length;
}
- else {
-
-#if 0
- /* Request next neighbor for Ipv6 is yet to be done. */
- if (*nhip != 0) {
- if (ACL_DEBUG)
- printf
- ("ACL requesting ARP for ip %x, port %d\n",
- dest_address, phy_port);
-
- /* request_arp(p_acl->links_map[phy_port], *nhip); */
- }
-#endif
- /* Drop packet by changing the mask */
- if (ACL_DEBUG)
- printf("ACL before drop pkt_mask "
- "%lu, pkt_num %d\n",
- pkts_mask, pos);
- pkts_mask &= ~(1LLU << pos);
- if (ACL_DEBUG)
- printf("ACL after drop pkt_mask "
- "%lu, pkt_num %d\n",
- pkts_mask, pos);
- p_acl->counters->pkts_drop++;
- }
- }
+ } /* if (hdr_chk == IPv6_HDR_VERSION) */
}
@@ -1645,44 +1551,16 @@ pkt_work_acl_ipv4_key(struct rte_pipeline *p,
nhip));
uint32_t packet_length = rte_pktmbuf_pkt_len(pkt);
*nhip = 0;
- if (is_phy_port_privte(phy_port)) {
- dest_address = rte_bswap32(*dst_addr);
- ret =
- local_get_nh_ipv4(dest_address, &dest_if,
- nhip, p_acl);
- if (!ret) {
- dest_if =
- get_prv_to_pub_port(&dest_address,
- IP_VERSION_4);
- do_local_nh_ipv4_cache(dest_if, p_acl);
- }
- *port_out_id = p_acl->port_out_id[dest_if];
- }
- /* port = ACL_PUB_PORT_ID; */
- else {
- dest_address = rte_bswap32(*dst_addr);
-
- ret = local_get_nh_ipv4(dest_address, &dest_if,
- nhip, p_acl);
- if (!ret) {
- dest_if =
- get_pub_to_prv_port(&dest_address,
- IP_VERSION_4);
- do_local_nh_ipv4_cache(dest_if, p_acl);
- };
- *port_out_id = p_acl->port_out_id[dest_if];
- }
- /* port = ACL_PRV_PORT_ID; */
-
+ dest_address = rte_bswap32(*dst_addr);
struct arp_entry_data *ret_arp_data = NULL;
ret_arp_data = get_dest_mac_addr_port
(dest_address, &dest_if, (struct ether_addr *)eth_dest);
*port_out_id = p_acl->port_out_id[dest_if];
if (arp_cache_dest_mac_present(dest_if)) {
- ether_addr_copy(get_link_hw_addr(dest_if), (struct ether_addr *)eth_src);
- arp_data_ptr[dest_if]->n_last_update = time(NULL);
-
+ ether_addr_copy(get_link_hw_addr(dest_if),
+ (struct ether_addr *)eth_src);
+ update_nhip_access(dest_if);
if (unlikely(ret_arp_data && ret_arp_data->num_pkts)) {
printf("sending buffered packets\n");
arp_send_buffered_pkts(ret_arp_data,
@@ -1692,6 +1570,7 @@ pkt_work_acl_ipv4_key(struct rte_pipeline *p,
} else {
if (unlikely(ret_arp_data == NULL)) {
+ if (ACL_DEBUG)
printf("%s: NHIP Not Found, "
"outport_id: %d\n", __func__,
*port_out_id);
@@ -1833,17 +1712,6 @@ pkt_work_acl_ipv4_key(struct rte_pipeline *p,
else {
-#if 0
- /* Request next neighbor for Ipv6 is yet to be done. */
- if (*nhip != 0) {
- if (ACL_DEBUG)
- printf
- ("ACL requesting ARP for ip %x, port %d\n",
- dest_address, phy_port);
-
- /* request_arp(p_acl->links_map[phy_port], *nhip); */
- }
-#endif
/* Drop packet by changing the mask */
if (ACL_DEBUG)
printf("ACL before drop pkt_mask "
@@ -2331,151 +2199,6 @@ pkt_work_acl_ipv6_key(struct rte_pipeline *p,
uint8_t hdr_chk =
RTE_MBUF_METADATA_UINT8(pkt, MBUF_HDR_ROOM + ETH_HDR_SIZE);
hdr_chk = hdr_chk >> IP_VERSION_CHECK;
-#if 0
- if (hdr_chk == IPv4_HDR_VERSION) {
-
- struct acl_table_entry *entry =
- (struct acl_table_entry *)
- p_acl->acl_entries_ipv4[pos];
- uint16_t phy_port = entry->head.port_id;
- uint32_t *port_out_id =
- RTE_MBUF_METADATA_UINT32_PTR(pkt,
- META_DATA_OFFSET +
- offsetof(struct
- mbuf_acl_meta_data,
- output_port));
- /* *port_out_id = p_acl->links_map[phy_port]; */
- if (is_phy_port_privte(phy_port))
- *port_out_id = ACL_PUB_PORT_ID;
- else
- *port_out_id = ACL_PRV_PORT_ID;
- if (ACL_DEBUG)
- printf
- ("phy_port = %i,links_map[phy_port] = %i\n",
- phy_port, p_acl->links_map[phy_port]);
-
- /* header room + eth hdr size + dst_adr offset in ip header */
- uint32_t dst_addr_offset =
- MBUF_HDR_ROOM + ETH_HDR_SIZE + IP_HDR_DST_ADR_OFST;
- uint32_t *dst_addr =
- RTE_MBUF_METADATA_UINT32_PTR(pkt, dst_addr_offset);
- uint8_t *eth_dest =
- RTE_MBUF_METADATA_UINT8_PTR(pkt, MBUF_HDR_ROOM);
- uint8_t *eth_src =
- RTE_MBUF_METADATA_UINT8_PTR(pkt, MBUF_HDR_ROOM + 6);
- struct ether_addr hw_addr;
- uint32_t dest_address = rte_bswap32(*dst_addr);
- uint32_t *nhip = RTE_MBUF_METADATA_UINT32_PTR(pkt,
- META_DATA_OFFSET
- +
- offsetof
- (struct
- mbuf_acl_meta_data,
- nhip));
- uint32_t packet_length = rte_pktmbuf_pkt_len(pkt);
- *nhip = 0;
- if (is_phy_port_privte(phy_port)) {
- dest_address = rte_bswap32(*dst_addr);
- ret =
- local_get_nh_ipv4(dest_address, &dest_if,
- nhip, p_acl);
- if (!ret) {
- dest_if =
- get_prv_to_pub_port(&dest_address,
- IP_VERSION_4);
- do_local_nh_ipv4_cache(dest_if, p_acl);
- }
- *port_out_id = p_acl->port_out_id[dest_if];
- }
- /* port = ACL_PUB_PORT_ID; */
- else {
- dest_address = rte_bswap32(*dst_addr);
-
- ret = local_get_nh_ipv4(dest_address, &dest_if,
- nhip, p_acl);
- if (!ret) {
- dest_if =
- get_pub_to_prv_port(&dest_address,
- IP_VERSION_4);
- do_local_nh_ipv4_cache(dest_if, p_acl);
- };
- *port_out_id = p_acl->port_out_id[dest_if];
- }
- /* port = ACL_PRV_PORT_ID; */
-
- if (get_dest_mac_addr_port
- (dest_address, &dest_if, &hw_addr)) {
- if (ACL_DEBUG) {
- printf("MAC found for ip 0x%x, port "
- " %d - %02x:%02x:%02x:%02x:%02x:%02x\n",
- dest_address, phy_port,
- hw_addr.addr_bytes[0],
- hw_addr.addr_bytes[1],
- hw_addr.addr_bytes[2],
- hw_addr.addr_bytes[3],
- hw_addr.addr_bytes[4],
- hw_addr.addr_bytes[5]);
- printf("Dest MAC before - "
- "%02x:%02x:%02x:%02x:%02x:%02x\n",
- eth_dest[0], eth_dest[1],
- eth_dest[2], eth_dest[3],
- eth_dest[4], eth_dest[5]);
- }
-
- memcpy(eth_dest, &hw_addr,
- sizeof(struct ether_addr));
- if (ACL_DEBUG) {
- printf("PktP %p, dest_macP %p\n", pkt,
- eth_dest);
- printf("Dest MAC after - "
- "%02x:%02x:%02x:%02x:%02x:%02x\n",
- eth_dest[0], eth_dest[1],
- eth_dest[2], eth_dest[3],
- eth_dest[4], eth_dest[5]);
- }
- if (is_phy_port_privte(phy_port))
- memcpy(eth_src,
- get_link_hw_addr(dest_if),
- sizeof(struct ether_addr));
- else
- memcpy(eth_src,
- get_link_hw_addr(dest_if),
- sizeof(struct ether_addr));
- p_acl->counters->tpkts_processed++;
- p_acl->counters->bytes_processed +=
- packet_length;
- }
-
- else {
- if (*nhip != 0) {
-
- if (ACL_DEBUG)
-
- printf("ACL requesting ARP for "
- " ip %x, port %d\n",
- dest_address, phy_port);
- if (is_phy_port_privte(phy_port))
- request_arp(dest_if, *nhip);
-
- else
- request_arp(dest_if, *nhip);
-
- /* request_arp(p_acl->links_map[phy_port], *nhip); */
- }
- /* Drop packet by changing the mask */
- if (ACL_DEBUG)
- printf("ACL before drop pkt_mask "
- "%lu, pkt_num %d\n",
- pkts_mask, pos);
- pkts_mask &= ~(1LLU << pos);
- if (ACL_DEBUG)
- printf("ACL after drop pkt_mask "
- "%lu, pkt_num %d\n",
- pkts_mask, pos);
- p_acl->counters->pkts_drop++;
- }
- }
-#endif
if (hdr_chk == IPv6_HDR_VERSION) {
@@ -2531,109 +2254,62 @@ pkt_work_acl_ipv6_key(struct rte_pipeline *p,
}
memcpy(dest_address, *dst_addr, sizeof(dest_address));
memset(nhip, 0, sizeof(nhip));
- ret = local_get_nh_ipv6(&dest_address[0], &dest_if,
- &nhip[0], p_acl);
-
- if (is_phy_port_privte(phy_port)) {
- if (!ret) {
- dest_if = get_prv_to_pub_port((
- uint32_t
- *)
- &dest_address[0], IP_VERSION_6);
- do_local_nh_ipv6_cache(dest_if, p_acl);
- }
- // port = ACL_PUB_PORT_ID;
- *port_out_id =
- p_acl->port_out_id[dest_if];
+ struct nd_entry_data *ret_nd_data = NULL;
+ ret_nd_data = get_dest_mac_address_ipv6_port
+ (dest_address, &dest_if, &hw_addr, &nhip[0]);
+ *port_out_id = p_acl->port_out_id[dest_if];
+ if (nd_cache_dest_mac_present(dest_if)) {
+ ether_addr_copy(get_link_hw_addr(dest_if),
+ (struct ether_addr *)eth_src);
+ update_nhip_access(dest_if);
+
+ if (unlikely(ret_nd_data && ret_nd_data->num_pkts)) {
+ printf("sending buffered packets\n");
+ p_acl->counters->tpkts_processed +=
+ ret_nd_data->num_pkts;
+ nd_send_buffered_pkts(ret_nd_data,
+ (struct ether_addr *)eth_dest, *port_out_id);
+ }
} else {
- if (!ret) {
- dest_if = get_pub_to_prv_port((
- uint32_t
- *)
- &dest_address[0], IP_VERSION_6);
- do_local_nh_ipv6_cache(dest_if, p_acl);
+ if (unlikely(ret_nd_data == NULL)) {
+ if (ACL_DEBUG)
+ printf("ACL before drop pkt_mask "
+ "%lu, pkt_num %d\n", pkts_mask, pos);
+ pkts_mask &= ~(1LLU << pos);
+ if (ACL_DEBUG)
+ printf("ACL after drop pkt_mask "
+ "%lu, pkt_num %d\n", pkts_mask, pos);
+ p_acl->counters->pkts_drop++;
+ continue;
}
- // port = ACL_PRV_PORT_ID;
- *port_out_id =
- p_acl->port_out_id[dest_if];
-
- }
- if (get_dest_mac_address_ipv6_port
- (dest_address, &dest_if, &hw_addr, &nhip[0])) {
- if (ACL_DEBUG) {
- printf("MAC found for port %d "
- "- %02x:%02x:%02x:%02x:%02x:%02x\n",
- phy_port, hw_addr.addr_bytes[0],
- hw_addr.addr_bytes[1],
- hw_addr.addr_bytes[2],
- hw_addr.addr_bytes[3],
- hw_addr.addr_bytes[4],
- hw_addr.addr_bytes[5]);
- printf("Dest MAC before - "
- " %02x:%02x:%02x:%02x:%02x:%02x\n",
- eth_dest[0], eth_dest[1],
- eth_dest[2], eth_dest[3],
- eth_dest[4], eth_dest[5]);
- }
- memcpy(eth_dest, &hw_addr,
- sizeof(struct ether_addr));
- if (ACL_DEBUG) {
- printf("PktP %p, dest_macP %p\n", pkt,
- eth_dest);
- printf("Dest MAC after - "
- " %02x:%02x:%02x:%02x:%02x:%02x\n",
- eth_dest[0], eth_dest[1],
- eth_dest[2], eth_dest[3],
- eth_dest[4], eth_dest[5]);
+ if (ret_nd_data->status == INCOMPLETE ||
+ ret_nd_data->status == PROBE) {
+ if (ret_nd_data->num_pkts >= NUM_DESC) {
+ /* Drop the pkt */
+ if (ACL_DEBUG)
+ printf("ACL before drop pkt_mask "
+ "%lu, pkt_num %d\n", pkts_mask, pos);
+ pkts_mask &= ~(1LLU << pos);
+ if (ACL_DEBUG)
+ printf("ACL after drop pkt_mask "
+ "%lu, pkt_num %d\n", pkts_mask, pos);
+ p_acl->counters->pkts_drop++;
+ continue;
+ } else {
+ arp_pkts_mask |= pkt_mask;
+ nd_queue_unresolved_packet(ret_nd_data,
+ pkt);
+ continue;
+ }
}
- if (is_phy_port_privte(phy_port))
- memcpy(eth_src,
- get_link_hw_addr(dest_if),
- sizeof(struct ether_addr));
- else
- memcpy(eth_src,
- get_link_hw_addr(dest_if),
- sizeof(struct ether_addr));
- /*
- * memcpy(eth_src, get_link_hw_addr(p_acl->links_map[phy_port]),
- * sizeof(struct ether_addr));
- */
- p_acl->counters->tpkts_processed++;
- p_acl->counters->bytes_processed +=
- packet_length;
}
- else {
-
-#if 0
- /* Request next neighbor for Ipv6 is yet to be done. */
- if (*nhip != 0) {
- if (ACL_DEBUG)
- printf
- ("ACL requesting ARP for ip %x, port %d\n",
- dest_address, phy_port);
-
- /* request_arp(p_acl->links_map[phy_port], *nhip); */
- }
-#endif
- /* Drop packet by changing the mask */
- if (ACL_DEBUG)
- printf("ACL before drop pkt_mask "
- " %lu, pkt_num %d\n",
- pkts_mask, pos);
- pkts_mask &= ~(1LLU << pos);
- if (ACL_DEBUG)
- printf("ACL after drop pkt_mask "
- " %lu, pkt_num %d\n",
- pkts_mask, pos);
- p_acl->counters->pkts_drop++;
- }
}
- }
+ } /* end of for loop */
pkts_drop_mask = keep_mask & ~pkts_mask;
rte_pipeline_ah_packet_drop(p, pkts_drop_mask);