Skip to content

Commit

Permalink
feat(evpnipsec): adding evpn ipsec files
Browse files Browse the repository at this point in the history
Signed-off-by: atulpatel261194 <Atul.Patel@intel.com>
  • Loading branch information
atulpatel261194 committed Nov 12, 2024
1 parent 9cf56d1 commit 4e435df
Show file tree
Hide file tree
Showing 7 changed files with 3,571 additions and 1 deletion.
3 changes: 2 additions & 1 deletion cmd/cmd.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"os"

"github.com/opiproject/godpu/cmd/common"
"github.com/opiproject/godpu/cmd/evpnipsec"
"github.com/opiproject/godpu/cmd/inventory"
"github.com/opiproject/godpu/cmd/ipsec"
"github.com/opiproject/godpu/cmd/network"
Expand Down Expand Up @@ -37,7 +38,7 @@ func NewCommand() *cobra.Command {
c.AddCommand(ipsec.NewIPSecCommand())
c.AddCommand(storage.NewStorageCommand())
c.AddCommand(network.NewEvpnCommand())

c.AddCommand(evpnipsec.NewEvpnIPSecCommand())
flags := c.PersistentFlags()
flags.String(common.AddrCmdLineArg, "localhost:50151", "address of OPI gRPC server")
flags.String(common.TLSFiles, "", "TLS files in client_cert:client_key:ca_cert format.")
Expand Down
163 changes: 163 additions & 0 deletions cmd/evpnipsec/ipsec-evpn.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,163 @@
// SPDX-License-Identifier: Apache-2.0
// Copyright (c) 2022-2023 Dell Inc, or its subsidiaries.

// Package evpnipsec implements the ipsec related CLI commands
package evpnipsec

import (
"context"
"fmt"
"log"
"time"

"github.com/opiproject/godpu/cmd/common"
"github.com/opiproject/godpu/evpnipsec"
"github.com/spf13/cobra"
)

// AddSaCommand Add Sa Command
func AddSaCommand() *cobra.Command {
var (
src string
dst string
spi uint32
proto int32
ifID uint32
reqid uint32
mode int32
intrface string
encAlg int32
encKey string
intAlg int32
intKey string
replayWindow uint32
tfc uint32
encap int32
esn int32
copyDf int32
copyEcn int32
copyDscp int32
initiator int32
inbound int32
update int32
)

var cmd = &cobra.Command{
Use: "add-sa",
Aliases: []string{"c"},
Short: "add-sa functionality",
Args: cobra.NoArgs,
Run: func(c *cobra.Command, _ []string) {
tlsFiles, err := c.Flags().GetString(common.TLSFiles)
cobra.CheckErr(err)

addr, err := c.Flags().GetString(common.AddrCmdLineArg)
cobra.CheckErr(err)

ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()

IPSecEvpnClient, err := evpnipsec.NewIPSecClient(addr, tlsFiles)
if err != nil {
log.Printf("error creating logical bridge: %s\n", err)
}
data, err := IPSecEvpnClient.AddSA(ctx,
src, dst, spi, proto, ifID, reqid, mode, intrface, encAlg, encKey, intAlg, intKey,
replayWindow, tfc, encap, esn, copyDf, copyEcn, copyDscp, initiator, inbound, update,
)
if err != nil {
log.Printf("error creating logical bridge: %s\n", err)
}
fmt.Println("AddSAReq marshaled successfully:", data)
},
}

cmd.Flags().StringVar(&src, "src", "", "Source address or hostname")
cmd.Flags().StringVar(&dst, "dst", "", "Destination address or hostname")
cmd.Flags().Uint32Var(&spi, "spi", 0, "SPI")
cmd.Flags().Int32Var(&proto, "proto", 0, "Protocol (ESP/AH)")
cmd.Flags().Uint32Var(&ifID, "if_id", 0, "Interface ID")
cmd.Flags().Uint32Var(&reqid, "reqid", 0, "Reqid")
cmd.Flags().Int32Var(&mode, "mode", 0, "Mode (tunnel, transport...)")
cmd.Flags().StringVar(&intrface, "interface", "", "Network interface restricting policy")
cmd.Flags().Int32Var(&encAlg, "enc_alg", 0, "Encryption algorithm")
cmd.Flags().StringVar(&encKey, "enc_key", "", "Encryption key")
cmd.Flags().Int32Var(&intAlg, "int_alg", 0, "Integrity protection algorithm")
cmd.Flags().StringVar(&intKey, "int_key", "", "Integrity protection key")
cmd.Flags().Uint32Var(&replayWindow, "replay_window", 0, "Anti-replay window size")
cmd.Flags().Uint32Var(&tfc, "tfc", 0, "Traffic Flow Confidentiality padding")
cmd.Flags().Int32Var(&encap, "encap", 0, "Enable UDP encapsulation for NAT traversal")
cmd.Flags().Int32Var(&esn, "esn", 0, "Mark the SA should apply to packets after processing")
cmd.Flags().Int32Var(&copyDf, "copy_df", 0, "Copy the DF bit to the outer IPv4 header in tunnel mode")
cmd.Flags().Int32Var(&copyEcn, "copy_ecn", 0, "Copy the ECN header field to/from the outer header")
cmd.Flags().Int32Var(&copyDscp, "copy_dscp", 0, "Copy the DSCP header field to/from the outer header")
cmd.Flags().Int32Var(&initiator, "initiator", 0, "TRUE if initiator of the exchange creating the SA")
cmd.Flags().Int32Var(&inbound, "inbound", 0, "TRUE if this is an inbound SA")
cmd.Flags().Int32Var(&update, "update", 0, "TRUE if an SPI has already been allocated for this SA")

return cmd
}

// DelSaCommand tests the del SA
func DelSaCommand() *cobra.Command {
var (
src string
dst string
spi uint32
proto int32
ifID uint32
)

var cmd = &cobra.Command{
Use: "Del-sa",
Aliases: []string{"c"},
Short: "add-sa functionality",
Args: cobra.NoArgs,
Run: func(c *cobra.Command, _ []string) {
tlsFiles, err := c.Flags().GetString(common.TLSFiles)
cobra.CheckErr(err)

addr, err := c.Flags().GetString(common.AddrCmdLineArg)
cobra.CheckErr(err)
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
IPSecEvpnClient, err := evpnipsec.NewIPSecClient(addr, tlsFiles)
if err != nil {
log.Printf("error creating logical bridge: %s\n", err)
}
data, err := IPSecEvpnClient.DelSA(ctx, src, dst, spi, proto, ifID)
if err != nil {
log.Printf("error creating logical bridge: %s\n", err)
}
fmt.Println("AddSAReq marshaled successfully:", data)
},
}

cmd.Flags().StringVar(&src, "src", "", "Source address or hostname")
cmd.Flags().StringVar(&dst, "dst", "", "Destination address or hostname")
cmd.Flags().Uint32Var(&spi, "spi", 0, "SPI")
cmd.Flags().Int32Var(&proto, "proto", 0, "Protocol (ESP/AH)")
cmd.Flags().Uint32Var(&ifID, "if_id", 0, "Interface ID")

return cmd
}

// NewEvpnIPSecCommand tests the inventory
func NewEvpnIPSecCommand() *cobra.Command {
cmd := &cobra.Command{
Use: "evpnipsec",
Aliases: []string{"g"},
Short: "Tests ipsec functionality",
Args: cobra.NoArgs,
Run: func(cmd *cobra.Command, _ []string) {
err := cmd.Help()
if err != nil {
log.Fatalf("[ERROR] %s", err.Error())
}
},
}

cmd.AddCommand(AddSaCommand())
cmd.AddCommand(DelSaCommand())
return cmd
}
Loading

0 comments on commit 4e435df

Please sign in to comment.