Open Ethernet Networking (OpEN) API Guide and Reference Manual  3.12.0.1
openapi_dynamic_arp_inspection.h
Go to the documentation of this file.
1 
9 /*********************************************************************
10 *
11 * Copyright 2016-2023 Broadcom.
12 *
13 * Licensed under the Apache License, Version 2.0 (the "License");
14 * you may not use this file except in compliance with the License.
15 * You may obtain a copy of the License at
16 *
17 * http://www.apache.org/licenses/LICENSE-2.0
18 *
19 * Unless required by applicable law or agreed to in writing, software
20 * distributed under the License is distributed on an "AS IS" BASIS,
21 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22 * See the License for the specific language governing permissions and
23 * limitations under the License.
24 *
25 * Licensed under the Apache License, Version 2.0 (the "License");
26 * you may not use this file except in compliance with the License.
27 * You may obtain a copy of the License at
28 *
29 * http://www.apache.org/licenses/LICENSE-2.0
30 *
31 * Unless required by applicable law or agreed to in writing, software
32 * distributed under the License is distributed on an "AS IS" BASIS,
33 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
34 * See the License for the specific language governing permissions and
35 * limitations under the License.
36 *
37 **********************************************************************
38 *
39 * @filename openapi_dynamic_arp_inspection.h
40 *
41 * @purpose Dynamic ARP table configuration and status.
42 *
43 * @component OPEN
44 *
45 * @create 12/16/2016
46 *
47 * @end
48 *
49 **********************************************************************/
50 #ifndef OPENAPI_DYNAMIC_ARP_INSPECTION_H_INCLUDED
51 #define OPENAPI_DYNAMIC_ARP_INSPECTION_H_INCLUDED
52 
53 #include <stdio.h>
54 #include <stddef.h>
55 #include <sys/un.h>
56 
57 #include "openapi_common.h"
58 
59 #define OPEN_ARP_ACL_NAME_LEN_MIN 1
60 #define OPEN_ARP_ACL_NAME_LEN_MAX 32
63 typedef enum
64 {
65  OPEN_ARP_ACL_RULE_ACTION_PERMIT = 1,
66  OPEN_ARP_ACL_RULE_ACTION_DENY = 2
67 } OPEN_ARP_ACL_RULE_ACTION_t;
68 
69 #define OPEN_DAI_BURST_INTERVAL_MIN 1
70 #define OPEN_DAI_BURST_INTERVAL_MAX 15
71 
72 #define OPEN_DAI_RATE_LIMIT_MIN 0
73 #define OPEN_DAI_RATE_LIMIT_MAX 300
74 
76 typedef struct DAI_VLAN_STATS_S
77 {
78  uint32_t forwarded;
79  uint32_t dropped;
80  uint32_t dhcpDrops;
81  uint32_t dhcpPermits;
82  uint32_t aclDrops;
83  uint32_t aclPermits;
84  uint32_t aclDenials;
85  uint32_t sMacFailures;
86  uint32_t dMacFailures;
87  uint32_t ipValidFailures;
88 } OPEN_DAI_VLAN_STATS_t;
89 
90 /*****************************************************************/
103 open_error_t openapiArpAclGet(openapiClientHandle_t *client_handle,
104  open_buffdesc *aclName);
105 
106 /*****************************************************************/
126 open_error_t openapiArpAclRuleNextGet(openapiClientHandle_t *client_handle,
127  open_buffdesc *aclName,
128  open_inet_addr_t ipAddr,
129  open_buffdesc *macAddr,
130  open_inet_addr_t *ipAddrNext,
131  open_buffdesc *macAddrNext);
132 
133 /*****************************************************************/
154 open_error_t openapiArpAclRuleNextGetV2(openapiClientHandle_t *client_handle,
155  open_buffdesc *aclName,
156  uint32_t seqNo,
157  uint32_t *seqNoNext,
158  open_inet_addr_t *ipAddrNext,
159  open_buffdesc *macAddrNext,
160  OPEN_ARP_ACL_RULE_ACTION_t *actionNext);
161 
162 /*****************************************************************/
176 open_error_t openapiArpAclNextGet(openapiClientHandle_t *client_handle,
177  open_buffdesc *aclName,
178  open_buffdesc *aclNameNext);
179 
180 /*****************************************************************/
196 open_error_t openapiDaiSourceMacValidateModeSet(openapiClientHandle_t *client_handle,
197  OPEN_CONTROL_t mode);
198 
199 /*****************************************************************/
214 open_error_t openapiDaiSourceMacValidateModeGet(openapiClientHandle_t *client_handle,
215  OPEN_CONTROL_t *mode);
216 
217 /*****************************************************************/
233 open_error_t openapiDaiDestMacValidateModeSet(openapiClientHandle_t *client_handle,
234  OPEN_CONTROL_t mode);
235 
236 /*****************************************************************/
251 open_error_t openapiDaiDestMacValidateModeGet(openapiClientHandle_t *client_handle,
252  OPEN_CONTROL_t *mode);
253 
254 /*****************************************************************/
270 open_error_t openapiDaiIpAddrValidateModeSet(openapiClientHandle_t *client_handle,
271  OPEN_CONTROL_t mode);
272 
273 /*****************************************************************/
288 open_error_t openapiDaiIpAddrValidateModeGet(openapiClientHandle_t *client_handle,
289  OPEN_CONTROL_t *mode);
290 
291 /*************************************************************************/
306 open_error_t openapiDaiIntfTrustGet(openapiClientHandle_t *client_handle, uint32_t ifNum,
307  OPEN_BOOL_t *trustMode);
308 
309 /*************************************************************************/
325 open_error_t openapiDaiIntfTrustSet(openapiClientHandle_t *client_handle, uint32_t ifNum,
326  OPEN_BOOL_t trustMode);
327 
328 /*************************************************************************/
344 open_error_t openapiDaiIntfRateLimitGet(openapiClientHandle_t *client_handle,
345  uint32_t ifNum, int32_t *rate);
346 
347 /*************************************************************************/
364 open_error_t openapiDaiIntfRateLimitSet(openapiClientHandle_t *client_handle,
365  uint32_t ifNum, int32_t rate);
366 
367 /*************************************************************************/
383 open_error_t openapiDaiIntfBurstIntervalGet(openapiClientHandle_t *client_handle,
384  uint32_t ifNum, int32_t *burstInterval);
385 
386 /*************************************************************************/
403 open_error_t openapiDaiIntfBurstIntervalSet(openapiClientHandle_t *client_handle,
404  uint32_t ifNum, int32_t burstInterval);
405 
406 /*************************************************************************/
421 open_error_t openapiDaiVlanStatsGet(openapiClientHandle_t *client_handle, uint32_t vlanId,
422  OPEN_DAI_VLAN_STATS_t *vlanStats);
423 
424 /*************************************************************************/
440 open_error_t openapiDaiVlanNextGet(openapiClientHandle_t *client_handle,
441  uint32_t vlanId, uint32_t *nextVlan);
442 
443 /*************************************************************************/
459 open_error_t openapiDaiVlanEnableGet(openapiClientHandle_t *client_handle,
460  uint32_t vlanId, uint32_t *val);
461 
462 /*************************************************************************/
477 open_error_t openapiDaiVlanEnableSet(openapiClientHandle_t *client_handle,
478  uint32_t vlanId, uint32_t val);
479 
480 /*************************************************************************/
496 open_error_t openapiDaiVlanLoggingEnableGet(openapiClientHandle_t *client_handle,
497  uint32_t vlanId, uint32_t *val);
498 
499 /*************************************************************************/
514 open_error_t openapiDaiVlanLoggingEnableSet(openapiClientHandle_t *client_handle,
515  uint32_t vlanId, uint32_t val);
516 
517 /*************************************************************************/
532 open_error_t openapiDaiVlanArpAclStaticFlagGet(openapiClientHandle_t *client_handle,
533  uint32_t vlanId,
534  uint32_t *staticFlag);
535 
536 /*************************************************************************/
551 open_error_t openapiDaiVlanArpAclStaticFlagSet(openapiClientHandle_t *client_handle,
552  uint32_t vlanId,
553  uint32_t staticFlag);
554 
555 /*************************************************************************/
568 open_error_t openapiDaiVlanStatsClear(openapiClientHandle_t *client_handle);
569 
570 /*************************************************************************/
588 open_error_t openapiArpAclRuleAdd(openapiClientHandle_t *client_handle,
589  open_buffdesc *bufd, uint32_t seqNo,
590  uint32_t ipAddr, open_buffdesc *macAddr,
591  OPEN_ARP_ACL_RULE_ACTION_t action);
592 
593 /*************************************************************************/
608 open_error_t openapiArpAclRuleDelete(openapiClientHandle_t *client_handle,
609  open_buffdesc *bufd, uint32_t seqNo);
610 
611 /*************************************************************************/
626 open_error_t openapiDaiVlanArpAclGet(openapiClientHandle_t *client_handle,
627  uint32_t vlanId, open_buffdesc *aclName);
628 
629 
630 /*************************************************************************/
652 open_error_t openapiDaiVlanARPAclRangeSet(openapiClientHandle_t *client_handle,
653  open_buffdesc *aclName,
654  uint32_t vlanStart, uint32_t vlanEnd,
655  uint32_t val, uint32_t staticFlag);
656 
657 /*************************************************************************/
674 open_error_t openapiDaiVlanArpAclSet(openapiClientHandle_t *client_handle,
675  uint32_t vlanId, open_buffdesc *aclName);
676 
677 /*************************************************************************/
691 open_error_t openapiArpAclCreate(openapiClientHandle_t *client_handle,
692  open_buffdesc *bufd);
693 
694 /*************************************************************************/
708 open_error_t openapiArpAclDelete(openapiClientHandle_t *client_handle,
709  open_buffdesc *bufd);
710 
711 
712 #endif /* OPENAPI_DYNAMIC_ARP_INSPECTION_H_INCLUDED */
713 
openapiDaiVlanStatsClear
open_error_t openapiDaiVlanStatsClear(openapiClientHandle_t *client_handle)
Clear DAI statistics on all vlans.
openapiDaiVlanArpAclSet
open_error_t openapiDaiVlanArpAclSet(openapiClientHandle_t *client_handle, uint32_t vlanId, open_buffdesc *aclName)
Set/reset the ARP ACL Name for a vlan.
openapiDaiVlanNextGet
open_error_t openapiDaiVlanNextGet(openapiClientHandle_t *client_handle, uint32_t vlanId, uint32_t *nextVlan)
Get the next vlan id eligible for DAI configuration, given the current vlan id.
openapiDaiIntfRateLimitGet
open_error_t openapiDaiIntfRateLimitGet(openapiClientHandle_t *client_handle, uint32_t ifNum, int32_t *rate)
Get rate limit value of incoming ARP packets on untrusted interfaces.
openapiDaiVlanStatsGet
open_error_t openapiDaiVlanStatsGet(openapiClientHandle_t *client_handle, uint32_t vlanId, OPEN_DAI_VLAN_STATS_t *vlanStats)
Get DAI statistics on a VLAN.
openapiDaiIntfRateLimitSet
open_error_t openapiDaiIntfRateLimitSet(openapiClientHandle_t *client_handle, uint32_t ifNum, int32_t rate)
Set rate limit value of incoming ARP packets on untrusted interfaces.
openapiDaiIntfTrustSet
open_error_t openapiDaiIntfTrustSet(openapiClientHandle_t *client_handle, uint32_t ifNum, OPEN_BOOL_t trustMode)
Set API for whether DAI considers a port trusted.
openapiArpAclGet
open_error_t openapiArpAclGet(openapiClientHandle_t *client_handle, open_buffdesc *aclName)
API to Check if an ARP ACL exists.
openapiDaiSourceMacValidateModeGet
open_error_t openapiDaiSourceMacValidateModeGet(openapiClientHandle_t *client_handle, OPEN_CONTROL_t *mode)
Get the global dynamic ARP inspection source MAC validate mode.
openapiArpAclNextGet
open_error_t openapiArpAclNextGet(openapiClientHandle_t *client_handle, open_buffdesc *aclName, open_buffdesc *aclNameNext)
API to get the next ARP ACL entry.
open_error_t
open_error_t
OPEN uses these enumerators to indicate the error codes.
Definition: openapi_common.h:64
openapiArpAclRuleAdd
open_error_t openapiArpAclRuleAdd(openapiClientHandle_t *client_handle, open_buffdesc *bufd, uint32_t seqNo, uint32_t ipAddr, open_buffdesc *macAddr, OPEN_ARP_ACL_RULE_ACTION_t action)
API to add rule to ARP ACL.
OPEN_ARP_ACL_RULE_ACTION_PERMIT
PERMIT action.
Definition: openapi_dynamic_arp_inspection.h:65
openapiArpAclRuleNextGet
open_error_t openapiArpAclRuleNextGet(openapiClientHandle_t *client_handle, open_buffdesc *aclName, open_inet_addr_t ipAddr, open_buffdesc *macAddr, open_inet_addr_t *ipAddrNext, open_buffdesc *macAddrNext)
API not supported.
openapiDaiIntfBurstIntervalSet
open_error_t openapiDaiIntfBurstIntervalSet(openapiClientHandle_t *client_handle, uint32_t ifNum, int32_t burstInterval)
Set burst interval value of incoming ARP packets on untrusted interfaces.
openapiArpAclRuleNextGetV2
open_error_t openapiArpAclRuleNextGetV2(openapiClientHandle_t *client_handle, open_buffdesc *aclName, uint32_t seqNo, uint32_t *seqNoNext, open_inet_addr_t *ipAddrNext, open_buffdesc *macAddrNext, OPEN_ARP_ACL_RULE_ACTION_t *actionNext)
API to get the next ARP ACL Rule in the given ACL.
open_buffdesc
Definition: openapi_common.h:138
openapiClientHandle_s
Definition: openapi_common.h:131
openapiArpAclCreate
open_error_t openapiArpAclCreate(openapiClientHandle_t *client_handle, open_buffdesc *bufd)
API to create ARP ACL (extensible version).
openapiDaiVlanLoggingEnableSet
open_error_t openapiDaiVlanLoggingEnableSet(openapiClientHandle_t *client_handle, uint32_t vlanId, uint32_t val)
Set API to enable or disable DAI logging for a VLAN.
openapiDaiIpAddrValidateModeGet
open_error_t openapiDaiIpAddrValidateModeGet(openapiClientHandle_t *client_handle, OPEN_CONTROL_t *mode)
Get the global dynamic ARP inspection IP address validate mode.
openapiDaiSourceMacValidateModeSet
open_error_t openapiDaiSourceMacValidateModeSet(openapiClientHandle_t *client_handle, OPEN_CONTROL_t mode)
Set the global dynamic ARP inspection source MAC validate mode.
openapiDaiVlanLoggingEnableGet
open_error_t openapiDaiVlanLoggingEnableGet(openapiClientHandle_t *client_handle, uint32_t vlanId, uint32_t *val)
Get API for whether DAI logging is enabled or disabled on a VLAN.
openapiDaiIpAddrValidateModeSet
open_error_t openapiDaiIpAddrValidateModeSet(openapiClientHandle_t *client_handle, OPEN_CONTROL_t mode)
Set the global dynamic ARP inspection IP address validate mode.
DAI_VLAN_STATS_S
Dynamic ARP Inspection vlan statistics.
Definition: openapi_dynamic_arp_inspection.h:76
openapiDaiIntfBurstIntervalGet
open_error_t openapiDaiIntfBurstIntervalGet(openapiClientHandle_t *client_handle, uint32_t ifNum, int32_t *burstInterval)
Get burst interval value of incoming ARP packets on untrusted interfaces.
openapiDaiDestMacValidateModeGet
open_error_t openapiDaiDestMacValidateModeGet(openapiClientHandle_t *client_handle, OPEN_CONTROL_t *mode)
Get the global dynamic ARP inspection destination MAC validate mode.
OPEN_CONTROL_t
OPEN_CONTROL_t
OPEN uses these enumerators to indicate enable or disable for a given config or status parameter...
Definition: openapi_common.h:163
openapiDaiVlanEnableGet
open_error_t openapiDaiVlanEnableGet(openapiClientHandle_t *client_handle, uint32_t vlanId, uint32_t *val)
Get API for whether Dynamic ARP Inspection is enabled or disabled on a VLAN.
openapiArpAclDelete
open_error_t openapiArpAclDelete(openapiClientHandle_t *client_handle, open_buffdesc *bufd)
API to delete ARP ACL (extensible version).
openapiDaiDestMacValidateModeSet
open_error_t openapiDaiDestMacValidateModeSet(openapiClientHandle_t *client_handle, OPEN_CONTROL_t mode)
Set the global dynamic ARP inspection destination MAC validate mode.
OPEN_BOOL_t
OPEN_BOOL_t
OPEN uses these enumerators to indicate true or false for a given config or status parameter...
Definition: openapi_common.h:179
openapiDaiVlanArpAclGet
open_error_t openapiDaiVlanArpAclGet(openapiClientHandle_t *client_handle, uint32_t vlanId, open_buffdesc *aclName)
Get the ARP ACL Name for a vlan (Extended Version).
openapi_common.h
OPEN_DAI_VLAN_STATS_t
struct DAI_VLAN_STATS_S OPEN_DAI_VLAN_STATS_t
Dynamic ARP Inspection vlan statistics.
openapiDaiIntfTrustGet
open_error_t openapiDaiIntfTrustGet(openapiClientHandle_t *client_handle, uint32_t ifNum, OPEN_BOOL_t *trustMode)
Get API for whether DAI considers a port trusted.
openapiArpAclRuleDelete
open_error_t openapiArpAclRuleDelete(openapiClientHandle_t *client_handle, open_buffdesc *bufd, uint32_t seqNo)
API to remove rule from ARP ACL.
OPEN_ARP_ACL_RULE_ACTION_DENY
DENY action.
Definition: openapi_dynamic_arp_inspection.h:66
openapiDaiVlanARPAclRangeSet
open_error_t openapiDaiVlanARPAclRangeSet(openapiClientHandle_t *client_handle, open_buffdesc *aclName, uint32_t vlanStart, uint32_t vlanEnd, uint32_t val, uint32_t staticFlag)
Apply the ARP ACL to a range of VLANs.
OPEN_ARP_ACL_RULE_ACTION_t
OPEN_ARP_ACL_RULE_ACTION_t
OpEN uses this enumeration to define ARP ACL Rule Actions.
Definition: openapi_dynamic_arp_inspection.h:63
openapiDaiVlanEnableSet
open_error_t openapiDaiVlanEnableSet(openapiClientHandle_t *client_handle, uint32_t vlanId, uint32_t val)
Set API to enable or disable Dynamic ARP Inspection on a VLAN.
openapiDaiVlanArpAclStaticFlagGet
open_error_t openapiDaiVlanArpAclStaticFlagGet(openapiClientHandle_t *client_handle, uint32_t vlanId, uint32_t *staticFlag)
Get the ARP ACL static flag for a vlan.
openapiDaiVlanArpAclStaticFlagSet
open_error_t openapiDaiVlanArpAclStaticFlagSet(openapiClientHandle_t *client_handle, uint32_t vlanId, uint32_t staticFlag)
Set the ARP ACL static flag for a vlan.
open_inet_addr_s
Definition: openapi_common.h:302