Hi VPP, Now we have encountered one problem in acl configuration. 1. I set the client destination port as `12345` and `12346`, the client IP addresses are `10.1.1.30` and `10.1.1.32`, named `client1` and `client2`, respectively. The server has the IP address of `10.1.1.31`. Here is my topologic graph. [cid:image001.png@01D45817.7285A400] 2. I used vpp_api_test for configuration. I have tested that when acl rule is set to be "deny the `10.1.1.30` address", in other words, l2 acl rules, and it works. 3. When I set acl rule as deny destination port as `12345`, permit destination port as `12346`, and permit all ipv4, command is as follows: ``` acl_add_replace 0 deny ipv4 dport 12345, permit ipv4 dport 12346, permit ipv4 ``` and add it on the tap4 output port. ``` acl_interface_set_acl_list tap4 output 0 ``` However, when the server exposes `12345` port and client accesses the port `12345`, it blocks. when the server exposes `12346` port and client accesses the port `12346`, it blocks, too. It seems that the acl configuration doesn't take effect. What should I do?
Regards, Bingfeng IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#10716): https://lists.fd.io/g/vpp-dev/message/10716 Mute This Topic: https://lists.fd.io/mt/26422162/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
