Correct syntax errors in PNA_CONNTRACK version of code (#331)

sonic-net · Feb 2, 2023 · c6a6dda · c6a6dda
1 parent 2be7a8c
commit c6a6dda
Showing 1 changed file with 33 additions and 27 deletions.
diff --git a/dash-pipeline/bmv2/dash_conntrack.p4 b/dash-pipeline/bmv2/dash_conntrack.p4
@@ -40,7 +40,8 @@ control ConntrackIn(inout headers_t hdr,
 {
   action conntrackIn_allow () {
   /* Invalidate entry based on TCP flags */
-          if (hdr.tcp.flags & 0x101 /* FIN/RST */) {
+          // If FIN is 1 (0b000001), or if RST is 1 (0b000100):
+          if ((hdr.tcp.flags & 0b000101 /* FIN/RST */) != 0) {
             set_entry_expire_time(EXPIRE_TIME_PROFILE_NOW); // New PNA extern
             /* set entry to be purged */
           }
@@ -49,27 +50,28 @@ control ConntrackIn(inout headers_t hdr,
   }
 
   action conntrackIn_miss() {
+          // TODO: Should this be ((hdr.tcp.flags & 0x2) != 0) instead?
           if (hdr.tcp.flags == 0x2 /* SYN */) {
             if (meta.direction == direction_t.OUTBOUND) {
-               add_entry("conntrackIn_allow"); // New PNA Extern
-               //adding failiure to be eventually handled
-               set_entry_expire_time(EXPIRE_TIME_PROFILE_LONG);
+               // New PNA Extern
+               add_entry("conntrackIn_allow", {}, EXPIRE_TIME_PROFILE_LONG);
+               //adding failure to be eventually handled
             }
           }
   }
 
   table conntrackIn {
       key = {
-          directionNeutralAddr(meta.direction, hdr.ipv4.srcAddr, hdr.ipv4.dstAddr):
-              exact;
-          directionNeutralAddr(meta.direction, hdr.ipv4.dstAddr, hdr.ipv4.srcAddr):
-              exact;
+          directionNeutralAddr(meta.direction, hdr.ipv4.src_addr, hdr.ipv4.dst_addr):
+              exact @name("ipv4_addr1");
+          directionNeutralAddr(meta.direction, hdr.ipv4.dst_addr, hdr.ipv4.src_addr):
+              exact @name("ipv4_addr2");
           hdr.ipv4.protocol : exact;
-          directionNeutralPort(meta.direction, hdr.tcp.srcPort, hdr.tcp.dstPort):
-              exact;
-          directionNeutralPort(meta.direction, hdr.tcp.dstPort, hdr.tcp.srcPort):
-              exact;
-          meta.eni : exact;
+          directionNeutralPort(meta.direction, hdr.tcp.src_port, hdr.tcp.dst_port):
+              exact @name("tcp_port1");
+          directionNeutralPort(meta.direction, hdr.tcp.dst_port, hdr.tcp.src_port):
+              exact @name("tcp_port2");
+          meta.eni_id : exact;
       }
       actions = {
           conntrackIn_allow;
@@ -91,7 +93,8 @@ control ConntrackOut(inout headers_t hdr,
 {
   action conntrackOut_allow () {
   /* Invalidate entry based on TCP flags */
-          if (hdr.tcp.flags & 0x101 /* FIN/RST */) {
+          // If FIN is 1 (0b000001), or if RST is 1 (0b000100):
+          if ((hdr.tcp.flags & 0b000101 /* FIN/RST */) != 0) {
             set_entry_expire_time(EXPIRE_TIME_PROFILE_NOW); // New PNA extern
             /* set entry to be purged */
           }
@@ -100,27 +103,28 @@ control ConntrackOut(inout headers_t hdr,
   }
 
   action conntrackOut_miss() {
+          // TODO: Should this be ((hdr.tcp.flags & 0x2) != 0) instead?
           if (hdr.tcp.flags == 0x2 /* SYN */) {
             if (meta.direction == direction_t.INBOUND) {
-               add_entry("ConntrackOut_allow"); // New PNA Extern
-               //adding failiure to be eventually handled
-               set_entry_expire_time(EXPIRE_TIME_PROFILE_LONG);
+               // New PNA Extern
+               add_entry("conntrackOut_allow", {}, EXPIRE_TIME_PROFILE_LONG);
+               //adding failure to be eventually handled
             }
           }
   }
 
   table conntrackOut {
       key = {
-          directionNeutralAddr(meta.direction, hdr.ipv4.srcAddr, hdr.ipv4.dstAddr):
-              exact;
-          directionNeutralAddr(meta.direction, hdr.ipv4.dstAddr, hdr.ipv4.srcAddr):
-              exact;
+          directionNeutralAddr(meta.direction, hdr.ipv4.src_addr, hdr.ipv4.dst_addr):
+              exact @name("ipv4_addr1");
+          directionNeutralAddr(meta.direction, hdr.ipv4.dst_addr, hdr.ipv4.src_addr):
+              exact @name("ipv4_addr2");
           hdr.ipv4.protocol : exact;
-          directionNeutralPort(meta.direction, hdr.tcp.srcPort, hdr.tcp.dstPort):
-              exact;
-          directionNeutralPort(meta.direction, hdr.tcp.dstPort, hdr.tcp.srcPort):
-              exact;
-          meta.eni : exact;
+          directionNeutralPort(meta.direction, hdr.tcp.src_port, hdr.tcp.dst_port):
+              exact @name("tcp_port1");
+          directionNeutralPort(meta.direction, hdr.tcp.dst_port, hdr.tcp.src_port):
+              exact @name("tcp_port2");
+          meta.eni_id : exact;
       }
       actions = {
           conntrackOut_allow;
@@ -149,6 +153,7 @@ state_graph ConnGraphOut(inout state_context flow_ctx,
 {
     state START {
         /* Only for new connections */
+        // TODO: Should flags condition be ((headers.tcp.flags & 0x2) == 0) ?
         if (!headers.tcp.isValid() || headers.tcp.flags != 0x2 /* SYN */) {
             return;
         }
@@ -162,7 +167,8 @@ state_graph ConnGraphOut(inout state_context flow_ctx,
         meta.conntrack_data.allow_out = true;
 
         /* Remove connection based on TCP flags */
-        if (headers.tcp.flags & 0x101 /* FIN/RST */) {
+        // If FIN is 1 (0b000001), or if RST is 1 (0b000100):
+        if ((headers.tcp.flags & 0b000101 /* FIN/RST */) != 0) {
             transition START;
         }
     }