Thanks, normal work
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#19961): https://lists.fd.io/g/vpp-dev/message/19961
Mute This Topic: https://lists.fd.io/mt/84811042/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/v
Hi, The previous screenshot shows ipv4(acl_dump)
Very strange
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#19948): https://lists.fd.io/g/vpp-dev/message/19948
Mute This Topic: https://lists.fd.io/mt/84811042/21656
Group Owner: vpp-dev+ow...@lists
Thanks for testing !
The l4 “port” values without l4 protocol value set do not make sense and thus
are ignored. (Since they mean totally different things for TCP and ICMP). So
your rule becomes “permit+reflect any any” which is what you observe in your
test.
See function make_mask_and_match_f
acl_add_replace permit+reflect dport 21
acl_add_replace deny
acl_interface_set_acl_list enp10s0 input 9 output 8 9
ssh can be accessed, but I don’t understand
VPP version:v21.06
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#19946): https://lists.
