Skip to Content.
Sympa Menu

rare-dev - Re: [rare-dev] acls in table format instead of text

Subject: Rare project developers

List archive

Re: [rare-dev] acls in table format instead of text


Chronological Thread 
    < Chronological >      < Thread >
  • From: Carmen Misa Moreira <>
  • To: <>
  • Cc: <>
  • Subject: Re: [rare-dev] acls in table format instead of text
  • Date: Wed, 16 Mar 2022 11:54:38 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 188.184.36.17) smtp.rcpttodomain=mp.ls smtp.mailfrom=cern.ch; dmarc=bestguesspass action=none header.from=cern.ch; dkim=none (message not signed); arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HFKT6ZkT0Vejz+dUF8E1j7vyBQPE+gEe052bB96ij6o=; b=VtkJflRYe66QqESt34qZCAY7cc3eZBqPo9oHH5Ys38CNCvrvBOEo22TgkYPMgoZEg3uNsMpUmyId9x44WyNuyysjALSOklzxXs+izSx5pZMAF53PeqAXjOfzuPtFiiiw8cAu7KKGpF7uFeYr9jXmX79CmNKjhn5jOTV0134D5Hy0Fz73Dom/0Cwmu4L6/Y5QO7OJLQxQah2mWlr/Pu8LKCbnZUy6bsWapG5rQnO9LtpIDL0GezEwBHJEW2oX+nJIlkHV8v0bkerXJJDqzPvmDOiGvg1ufduUfKS69uWi0EV1tHv+EqZICdHe1iRlu8Lm39kKRmuz7ITN3swMAtlg4A==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HBIHJ6fSdueuWex+FLl+GCi6z8UuKt8Cnw0ydljwwSQ6a5Fgt+suwGjjXUsuIXEX1INcWsTn7NazEZGIVDJ+z4d+ifmMTZVdZGN9p+/Pez/XikXKD2dnn5oYNOdo2tCd5HxeYTmTRs2Yvu5peunqoRpBRRR3wzEbO7Vb/qKHZwKBqcLPyNOGdcwduhjl1W3/wjGFmQIBPZH8BB8kGn3n32JCaDXEOLxO72NkGWavC2Wno3VpGPN/00Q6+aQcaTb366EnqK0O+eVeBRdCT9fJS/CSvqDyr4MpQLUZRNNuhy1qTqSJkrJdd9YqlyvQc9EJY1RgjpSy8ZvwQUUSxbFd9w==
Hi Csaba,


This are the current values on the counters:

E513-E-YECWH-1#show access-list acl_all_ipv6_flowlabels
seq  txb  txp  rxb        rxp     last      timout    cfg
10   0+0  0+0  0+3468     0+34    00:11:57  00:00:00  permit all any all any all flow 131072&261632
20   0+0  0+0  0+2346     0+23    00:13:28  00:00:00  permit all any all any all flow 65540&261884
30   0+0  0+0  816+61487  12+578  00:00:18  00:00:00  permit all any all any all


And they seems to be properly exported by the sensor:

E513-E-YECWH-1#show sensor ifaces-acl
command=show access-list acl_all_ipv6_flowlabels
path=ifaces-acl/ifaces-acl
prefix=ifaces-acl
asked=47 times
reply=21 ms
output:
seq;txb;txp;rxb;rxp;last;timout;cfg
10;0+0;0+0;0+3468;0+34;00:08:12;00:00:00;permit all any all any all flow 131072&261632
20;0+0;0+0;0+2346;0+23;00:09:43;00:00:00;permit all any all any all flow 65540&261884
30;0+0;0+0;816+56229;12+526;00:00:06;00:00:00;permit all any all any all
yang:
module ifaces-acl {
  namespace "http://www.freertr.net/yang/ifaces-acl";;
  prefix "ifaces-acl";
  container ifaces-acl {
    list ifaces-acl {
      leaf txbtyp="sw" {
        type uint64;
      }
      leaf txbtype="hw" {
        type uint64;
      }
      leaf txptyp="sw" {
        type uint64;
      }
      leaf txptype="hw" {
        type uint64;
      }
      leaf rxbtyp="sw" {
        type uint64;
      }
      leaf rxbtype="hw" {
        type uint64;
      }
      leaf rxptyp="sw" {
        type uint64;
      }
      leaf rxptype="hw" {
        type uint64;
      }
    }
  }
}
prometheus:
# HELP ifaces_acl_txb column 1 of show access-list acl_all_ipv6_flowlabels
# TYPE ifaces_acl_txb gauge
ifaces_acl_txb{seq="10",typ="sw"} 0
ifaces_acl_txb{seq="10",type="hw"} 0
# HELP ifaces_acl_txp column 2 of show access-list acl_all_ipv6_flowlabels
# TYPE ifaces_acl_txp gauge
ifaces_acl_txp{seq="10",typ="sw"} 0
ifaces_acl_txp{seq="10",type="hw"} 0
# HELP ifaces_acl_rxb column 3 of show access-list acl_all_ipv6_flowlabels
# TYPE ifaces_acl_rxb gauge
ifaces_acl_rxb{seq="10",typ="sw"} 0
ifaces_acl_rxb{seq="10",type="hw"} 3468
# HELP ifaces_acl_rxp column 4 of show access-list acl_all_ipv6_flowlabels
# TYPE ifaces_acl_rxp gauge
ifaces_acl_rxp{seq="10",typ="sw"} 0
ifaces_acl_rxp{seq="10",type="hw"} 34
ifaces_acl_txb{seq="20",typ="sw"} 0
ifaces_acl_txb{seq="20",type="hw"} 0
ifaces_acl_txp{seq="20",typ="sw"} 0
ifaces_acl_txp{seq="20",type="hw"} 0
ifaces_acl_rxb{seq="20",typ="sw"} 0
ifaces_acl_rxb{seq="20",type="hw"} 2346
ifaces_acl_rxp{seq="20",typ="sw"} 0
ifaces_acl_rxp{seq="20",type="hw"} 23
ifaces_acl_txb{seq="30",typ="sw"} 0
ifaces_acl_txb{seq="30",type="hw"} 0
ifaces_acl_txp{seq="30",typ="sw"} 0
ifaces_acl_txp{seq="30",type="hw"} 0
ifaces_acl_rxb{seq="30",typ="sw"} 816
ifaces_acl_rxb{seq="30",type="hw"} 56229
ifaces_acl_rxp{seq="30",typ="sw"} 12
ifaces_acl_rxp{seq="30",type="hw"} 526
promwire: 78 9c a5 92 c1 8a c2 30 14 45 bf a0 ff f0 88 db 11 ec 8b 06 5d 74 29 b8 98 85 8b d9 b8 2a b1 a4 5a 88 36 26 75 ea 20 f3 27 f3 b1 a3 48 15 e3 23 06 ba 6d 2f 87 c3 79 39 fd 2d e6 9f 4b a8 4a 59 28 97 cb 42 e7 cd 69 0d 45 ad 8f bb 3d a4 50 97 e0 b6 75 0b b2 b8 fc 76 43 5d b9 06 ae 23 a9 75 5e 99 6f 91 97 ba 6e b5 5c 2b ed 92 01 7c ad 96 73 1f b5 91 c7 8d 4a 9e 3f 9e 9d 3a 64 2c 1d b1 8f e6 c7 64 cc b5 ec 17 46 a1 8d ca d8 f6 36 1a c0 ab af e9 7c b1 b7 af a1 7c 4d 84 af 89 f6 b5 8f be bc a7 af a5 fa da 88 be fe a6 f3 e5 63 31 25 95 ef 89 c7 bd 95 89 c4 36 22 b1 bf 79 28 93 0f 07 23 1e 17 fa c7 a2 2e 1a 04 99 f7 20 1b 61 e4 6f 3a 10 5e ee 41 36 08 b2 68 29 e4 64 03 1e d1 89 c7 74 0a 82 cc 7b 90 a5 8d a6 a9 08 ad 3a d4 44 20 ce c8 0c cf b8 14 43 a3 3b 0d 45 f2 0f c6 78 bd b6
csv:
1647427700100;ifaces_acl_10;0;0;0;0;0;3468;0;34
1647427700100;ifaces_acl_20;0;0;0;0;0;2346;0;23
1647427700100;ifaces_acl_30;0;0;0;0;816;56229;12;526
csvwire: 78 9c ab 98 63 62 6e 62 64 6e 6e 60 60 68 60 60 9d 99 96 98 9c 5a 1c 9f 98 9c 13 6f 68 60 8d 80 c6 26 66 16 60 8a d7 d0 0c 87 7a 23 64 f5 46 40 0d 60 0a b7 7a 63 84 6a 0b 43 33 6b 53 33 23 23 4b 6b 43 23 6b 53 23 33 5e 00 41 6f 25 1b
netconf:
/ifaces-acl/ifaces-acl/ifaces-acl<>10
/ifaces-acl/ifaces-acl/txbtyp="sw"<>0
/ifaces-acl/ifaces-acl/txbtype="hw"<>0
/ifaces-acl/ifaces-acl/txptyp="sw"<>0
/ifaces-acl/ifaces-acl/txptype="hw"<>0
/ifaces-acl/ifaces-acl/rxbtyp="sw"<>0
/ifaces-acl/ifaces-acl/rxbtype="hw"<>3468
/ifaces-acl/ifaces-acl/rxptyp="sw"<>0
/ifaces-acl/ifaces-acl/rxptype="hw"<>34
/ifaces-acl<>
/ifaces-acl/ifaces-acl/ifaces-acl<>20
/ifaces-acl/ifaces-acl/txbtyp="sw"<>0
/ifaces-acl/ifaces-acl/txbtype="hw"<>0
/ifaces-acl/ifaces-acl/txptyp="sw"<>0
/ifaces-acl/ifaces-acl/txptype="hw"<>0
/ifaces-acl/ifaces-acl/rxbtyp="sw"<>0
/ifaces-acl/ifaces-acl/rxbtype="hw"<>2346
/ifaces-acl/ifaces-acl/rxptyp="sw"<>0
/ifaces-acl/ifaces-acl/rxptype="hw"<>23
/ifaces-acl<>
/ifaces-acl/ifaces-acl/ifaces-acl<>30
/ifaces-acl/ifaces-acl/txbtyp="sw"<>0
/ifaces-acl/ifaces-acl/txbtype="hw"<>0
/ifaces-acl/ifaces-acl/txptyp="sw"<>0
/ifaces-acl/ifaces-acl/txptype="hw"<>0
/ifaces-acl/ifaces-acl/rxbtyp="sw"<>816
/ifaces-acl/ifaces-acl/rxbtype="hw"<>56229
/ifaces-acl/ifaces-acl/rxptyp="sw"<>12
/ifaces-acl/ifaces-acl/rxptype="hw"<>526
/ifaces-acl<>
xml:
<ifaces-acl><ifaces-acl><ifaces-acl>10
</ifaces-acl><txbtyp="sw">0
</txbtyp="sw"><txbtype="hw">0
</txbtype="hw"><txptyp="sw">0
</txptyp="sw"><txptype="hw">0
</txptype="hw"><rxbtyp="sw">0
</rxbtyp="sw"><rxbtype="hw">3468
</rxbtype="hw"><rxptyp="sw">0
</rxptyp="sw"><rxptype="hw">34
</rxptype="hw"></ifaces-acl>
<ifaces-acl><ifaces-acl>20
</ifaces-acl><txbtyp="sw">0
</txbtyp="sw"><txbtype="hw">0
</txbtype="hw"><txptyp="sw">0
</txptyp="sw"><txptype="hw">0
</txptype="hw"><rxbtyp="sw">0
</rxbtyp="sw"><rxbtype="hw">2346
</rxbtype="hw"><rxptyp="sw">0
</rxptyp="sw"><rxptype="hw">23
</rxptype="hw"></ifaces-acl>
<ifaces-acl><ifaces-acl>30
</ifaces-acl><txbtyp="sw">0
</txbtyp="sw"><txbtype="hw">0
</txbtype="hw"><txptyp="sw">0
</txptyp="sw"><txptype="hw">0
</txptype="hw"><rxbtyp="sw">816
</rxbtyp="sw"><rxbtype="hw">56229
</rxbtype="hw"><rxptyp="sw">12
</rxptyp="sw"><rxptype="hw">526
</rxptype="hw"></ifaces-acl>
</ifaces-acl>
xmlwire: 78 9c ab 98 93 96 98 9c 5a ac 9b 98 9c 63 67 93 89 9d 6d 68 c0 6b a3 8f 2c 57 52 91 54 52 59 60 ab 54 5c ae 64 07 92 43 e6 43 25 53 6d 95 32 50 64 a1 02 40 e9 02 34 bd 05 c8 7a 0b d0 f5 22 09 d8 14 a1 d9 8b cc 87 4a 42 95 1a 9b 98 59 c0 15 20 b4 17 a0 69 2f 40 d6 5e 80 ac 1d 2e 0d d3 8c 1c 00 bc b8 42 ca 68 e8 85 94 11 30 a8 28 08 29 23 63 f2 42 ca 78 30 86 94 85 a1 19 de b0 32 35 33 32 b2 c4 1b 58 86 46 78 43 cb d4 c8 8c 40 70 a1 f0 00 a4 d8 31 2c
kvgpb: | | 48 ad 8b df 92 f9 2f 0a 0e 45 35 31 33 2d 45 2d 59 45 43 57 48 2d 31 1a 0a 69 66 61 63 65 73 2d 61 63 6c 32 20 69 66 61 63 65 73 2d 61 63 6c 3a 69 66 61 63 65 73 2d 61 63 6c 2f 69 66 61 63 65 73 2d 61 63 6c 5a b3 01 7a 18 12 04 6b 65 79 73 7a 10 12 0a 69 66 61 63 65 73 2d 61 63 6c 2a 02 31 30 7a 96 01 12 07 63 6f 6e 74 65 6e 74 7a 0f 12 0b 74 78 62 74 79 70 3d 22 73 77 22 40 00 7a 10 12 0c 74 78 62 74 79 70 65 3d 22 68 77 22 40 00 7a 0f 12 0b 74 78 70 74 79 70 3d 22 73 77 22 40 00 7a 10 12 0c 74 78 70 74 79 70 65 3d 22 68 77 22 40 00 7a 0f 12 0b 72 78 62 74 79 70 3d 22 73 77 22 40 00 7a 11 12 0c 72 78 62 74 79 70 65 3d 22 68 77 22 40 8c 1b 7a 0f 12 0b 72 78 70 74 79 70 3d 22 73 77 22 40 00 7a 10 12 0c 72 78 70 74 79 70 65 3d 22 68 77 22 40 22 5a b3 01 7a 18 12 04 6b 65 79 73 7a 10 12 0a 69 66 61 63 65 73 2d 61 63 6c 2a 02 32 30 7a 96 01 12 07 63 6f 6e 74 65 6e 74 7a 0f 12 0b 74 78 62 74 79 70 3d 22 73 77 22 40 00 7a 10 12 0c 74 78 62 74 79 70 65 3d 22 68 77 22 40 00 7a 0f 12 0b 74 78 70 74 79 70 3d 22 73 77 22 40 00 7a 10 12 0c 74 78 70 74 79 70 65 3d 22 68 77 22 40 00 7a 0f 12 0b 72 78 62 74 79 70 3d 22 73 77 22 40 00 7a 11 12 0c 72 78 62 74 79 70 65 3d 22 68 77 22 40 aa 12 7a 0f 12 0b 72 78 70 74 79 70 3d 22 73 77 22 40 00 7a 10 12 0c 72 78 70 74 79 70 65 3d 22 68 77 22 40 17 5a b6 01 7a 18 12 04 6b 65 79 73 7a 10 12 0a 69 66 61 63 65 73 2d 61 63 6c 2a 02 33 30 7a 99 01 12 07 63 6f 6e 74 65 6e 74 7a 0f 12 0b 74 78 62 74 79 70 3d 22 73 77 22 40 00 7a 10 12 0c 74 78 62 74 79 70 65 3d 22 68 77 22 40 00 7a 0f 12 0b 74 78 70 74 79 70 3d 22 73 77 22 40 00 7a 10 12 0c 74 78 70 74 79 70 65 3d 22 68 77 22 40 00 7a 10 12 0b 72 78 62 74 79 70 3d 22 73 77 22 40 b0 06 7a 12 12 0c 72 78 62 74 79 70 65 3d 22 68 77 22 40 a5 b7 03 7a 0f 12 0b 72 78 70 74 79 70 3d 22 73 77 22 40 0c 7a 11 12 0c 72 78 70 74 79 70 65 3d 22 68 77 22 40 8e 04 68 c0 8b df 92 f9 2f
memory:


I added the sensor to both prometheus servers:

E513-E-YECWH-1(cfg)#sh run pro
proxy-profile oob
 vrf oob
 exit
server prometheus pr
 sensor ifaces-acl
 sensor ifaces-hw
 sensor ifaces-hwp
 sensor ifaces-sw
 sensor ifaces-swp
 interface ethernet1
 vrf oob
 exit
server prometheus PR-NMAAS
 port 9002
 sensor ifaces-acl
 sensor ifaces-hw
 sensor ifaces-hwp
 sensor ifaces-sw
 sensor ifaces-swp
 interface tunnel123
 vrf oob
 exit


Best regards,

Carmen Misa


On 16.03.22 09:58, mc36 wrote:
hi,


On 3/16/22 09:35, Carmen Misa Moreira wrote:
Hi Csaba,


Thank you I have just executed 'flash upgrade' but it takes some time.

okkk...


One question, in the past for the byte and packets counters they needed to be exported like here:

http://sources.freertr.net/misc/sensor/iface-byte.txt

instead look at this one:
http://sources.freertr.net/misc/sensor/traffic.txt
it have an example on how to split the sw/hw counters....

With this 'sensor' you create the tables and you define the command, for example, 'sho inter hwsumm' but now the command already exists 'show access-list nat4'. Thus, do I need the follow the same process and create the sensors or is different? Maybe is only needed to export the 'show access-list nat4' in 'server prometheus pr' without creating the sensor.

so first you need to create the sensor definition....
then you have to verify if it executes correctly and reports the needed counters: "sho sens acls"
then you'll have to mention it in the serv prom config of yours....
then you'll have to check if your prometheus server if still keeps your endpoint...
(prom could drop the endpoint if format error happens in the reports)
finally please send the file / create the patch / raise a pullreq @ github / whatever you prefer...

thanks,
cs




Best regards,

Carmen Misa


On 15.03.22 18:51, mc36 wrote:
hi,
fortunately the last piece arrived for the puzzle with this change:
https://github.com/mc36/freeRouter/commit/b9497927f6921d691fb212ad6ac6c2500ad65be5
now i see this:

mchome#show access-list nat4
seq   txb   txp   rxb                       rxp last           timout       cfg
10     0+0   0+0   286618+225726   2450+1499   00:00:00 00:00:00   deny all 10.0.0.0 255.0.0.0 all 10.0.0.0 255.0.0.0 all
20     0+0   0+0   13032+6396         251+123       00:00:03 00:00:00   deny all any all 224.0.0.0 240.0.0.0 all
30     0+0   0+0   105389+107208   1440+1443   00:00:00 00:00:00 permit all 10.0.0.0 255.0.0.0 all any all

mchome#

it'll be easily exportable via anything... :)
regards,
cs

Archive powered by MHonArc 2.6.19.

Top of Page