我想使用 Postman/Yang 模型将手动流添加到我的流表中。出于测试目的,我希望 SSH 流量会被丢弃,但我做不到。另一个匹配有效,例如仅通过 IP 目标地址。这是我尝试过的 XML:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<flow xmlns="urn:opendaylight:flow:inventory">
<hard-timeout>0</hard-timeout>
<idle-timeout>0</idle-timeout>
<priority>10</priority>
<flow-name>ssh_flow</flow-name>
<match>
<ethernet-match>
<ethernet-type>
<type>2048</type>
</ethernet-type>
</ethernet-match>
<ipv4-destination>192.168.4.1/24</ipv4-destination>
<ip-match>
<ip-protocol>6</ip-protocol>
<ip-dscp>2</ip-dscp>
<ip-ecn>2</ip-ecn>
</ip-match>
<tcp-destination-port>22</tcp-destination-port>
<in-port>1</in-port>
</match>
<id>1</id>
<table_id>0</table_id>
<instructions>
<instruction>
<order>0</order>
<apply-actions>
<action>
<drop-action/>
<order>0</order>
</action>
</apply-actions>
</instruction>
</instructions>
</flow>