faucet.acl module

Configuration for ACLs.

class faucet.acl.ACL(_id, dp_id, conf)[source]

Bases: faucet.conf.Conf

Contains the state for an ACL, including the configuration.

ACL Config

ACLs are configured under the ‘acls’ configuration block. The acls block contains a dictionary of individual acls each keyed by its name.

Each acl contains a list of rules, a packet will have the first matching rule applied to it.

Each rule is a dictionary containing the single key ‘rule’ with the value the matches and actions for the rule.

The matches are key/values based on the ryu RESTFul API. The key ‘actions’ contains a dictionary with keys/values as follows:

  • allow (bool): if True allow the packet to continue through the Faucet pipeline, if False drop the packet.
  • meter (str): meter to apply to the packet
  • output (dict): used to output a packet directly. details below.
  • cookie (int): set flow cookie to this value on this flow

The output action contains a dictionary with the following elements:

  • port (int or string): the port to output the packet to
  • ports (list): a list of the ports the packet can be output through
  • set_fields (list): a list of fields to set with values
  • dl_dst (str): old style request to set eth_dst to a value (set_fields recommended)
  • swap_vid (int): rewrite the vlan vid of the packet when outputting
  • failover (dict): Output with a failover port. The following elements can be configured.
  • group_id (int): the ofp group id to use for the group
actions_types = {'output': <class 'dict'>, 'meter': <class 'dict'>, 'mirror': (<class 'str'>, <class 'int'>), 'allow': <class 'int'>}
defaults = {'exact_match': False, 'rules': None}
defaults_types = {'exact_match': <class 'bool'>, 'rules': <class 'list'>}
exact_match = None
mirror_destinations = set()
output_actions_types = {'dl_dst': <class 'str'>, 'set_fields': <class 'list'>, 'vlan_vids': <class 'list'>, 'swap_vid': <class 'int'>, 'port': (<class 'str'>, <class 'int'>), 'ports': <class 'list'>, 'pop_vlans': <class 'int'>, 'failover': <class 'dict'>, 'vlan_vid': <class 'int'>}
rule_types = {'description': <class 'str'>, 'actions': <class 'dict'>, 'cookie': <class 'int'>}
rules = None
to_conf()[source]