Hello,
I am using l3fwd-acl example code and would like to know the intention of
ACL_DENY_SIGNATURE in the code.
Is ACL rules programmed to drop packets and not for any other
functionality? I see that userdata is ignored for ACL and programmed with
ACL_DENY_SIGNATURE + count. After classification, results are checked and
packets forwarded or dropped as in send_one_packet
static inline void
send_one_packet(struct rte_mbuf *m, uint32_t res)
{
if (likely((res & ACL_DENY_SIGNATURE) == 0 && res != 0)) {
/* forward packets */
send_single_packet(m,
(uint8_t)(res - FWD_PORT_SHIFT));
...
}
In the ACL case, "res" is always (ACL_DENY_SIGNATURE + acl_cnt) and packets
are dropped.
Is this correct?
Looking at the acl library I did not see statistics associated with the
rules so the library doesn't provide anything related to statistics?
Finally, I see the acl library has api 'rte_acl_add_rules' but nothing on
modifying/deleting existing rules?
Thanks,
Ravi
