ovn-nbctl: Add ACL commands.

[cascardo/ovs.git] / ovn / utilities / ovn-nbctl.8.xml

diff --git a/ovn/utilities/ovn-nbctl.8.xml b/ovn/utilities/ovn-nbctl.8.xml
index ba3cc82..1555b02 100644 (file)
--- a/ovn/utilities/ovn-nbctl.8.xml
+++ b/ovn/utilities/ovn-nbctl.8.xml
@@ -66,6 +66,34 @@
       </dd>
     </dl>
 
+    <h1>ACL Commands</h1>
+    <dl>
+      <dt><code>acl-add</code> <var>lswitch</var> <var>direction</var> <var>priority</var> <var>match</var> <var>action</var> [<code>log</code>]</dt>
+      <dd>
+        Adds the specified ACL to <var>lswitch</var>.
+        <var>direction</var> must be either <code>from-lport</code> or
+        <code>to-lport</code>.  <var>priority</var> must be between
+        <code>1</code> and <code>65534</code>, inclusive.  If
+        <code>log</code> is supplied, packet logging is enabled for the
+        ACL.  A full description of the fields are in <code>ovn-nb</code>(5).
+      </dd>
+
+      <dt><code>acl-del</code> <var>lswitch</var> [<var>direction</var> [<var>priority</var> <var>match</var>]]</dt>
+      <dd>
+        Deletes ACLs from <var>lswitch</var>.  If only
+        <var>lswitch</var> is supplied, all the ACLs from the logical
+        switch are deleted.  If <var>direction</var> is also specified,
+        then all the flows in that direction will be deleted from the
+        logical switch.  If all the fields are given, then a single flow
+        that matches all the fields will be deleted.
+      </dd>
+
+      <dt><code>acl-list</code> <var>lswitch</var></dt>
+      <dd>
+        Lists the ACLs on <var>lswitch</var>.
+      </dd>
+    </dl>
+
     <h1>Logical Port Commands</h1>
     <dl>
       <dt><code>lport-add</code> <var>lswitch</var> <var>lport</var></dt>