2 * Copyright (c) 2020 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
17 * @brief NAT port/address allocation lib
19 #ifndef included_nat_lib_h__
20 #define included_nat_lib_h__
22 #include <vlibapi/api.h>
24 /* NAT API Configuration flags */
25 #define foreach_nat_config_flag \
26 _(0x01, IS_TWICE_NAT) \
27 _(0x02, IS_SELF_TWICE_NAT) \
28 _(0x04, IS_OUT2IN_ONLY) \
29 _(0x08, IS_ADDR_ONLY) \
33 _(0x80, IS_EXT_HOST_VALID)
35 typedef enum nat_config_flags_t_
37 #define _(n,f) NAT_API_##f = n,
38 foreach_nat_config_flag
42 #define foreach_nat_counter _ (tcp) _ (udp) _ (icmp) _ (other) _ (drops)
44 #define foreach_nat_error \
45 _ (VALUE_EXIST, -1, "Value already exists") \
46 _ (NO_SUCH_ENTRY, -2, "No such entry") \
47 _ (UNKNOWN_PROTOCOL, -3, "Unknown protocol") \
48 _ (OUT_OF_TRANSLATIONS, -4, "Out of translations")
52 #define _(N, i, s) NAT_ERROR_##N = i,
57 #define foreach_nat_protocol \
58 _ (OTHER, 0, other, "other") \
59 _ (UDP, 1, udp, "udp") \
60 _ (TCP, 2, tcp, "tcp") \
61 _ (ICMP, 3, icmp, "icmp")
65 #define _(N, i, n, s) NAT_PROTOCOL_##N = i,
70 /* default protocol timeouts */
71 #define NAT_UDP_TIMEOUT 300
72 #define NAT_TCP_TRANSITORY_TIMEOUT 240
73 #define NAT_TCP_ESTABLISHED_TIMEOUT 7440
74 #define NAT_ICMP_TIMEOUT 60
89 static_always_inline void
90 nat_reset_timeouts (nat_timeouts_t * timeouts)
92 timeouts->udp = NAT_UDP_TIMEOUT;
93 timeouts->tcp.established = NAT_TCP_ESTABLISHED_TIMEOUT;
94 timeouts->tcp.transitory = NAT_TCP_TRANSITORY_TIMEOUT;
95 timeouts->icmp = NAT_ICMP_TIMEOUT;
98 static_always_inline u32
99 nat_session_get_timeout (nat_timeouts_t *timeouts, nat_protocol_t proto,
104 case NAT_PROTOCOL_ICMP:
105 return timeouts->icmp;
106 case NAT_PROTOCOL_UDP:
107 return timeouts->udp;
108 case NAT_PROTOCOL_TCP:
111 return timeouts->tcp.transitory;
113 return timeouts->tcp.established;
116 return timeouts->udp;
121 static_always_inline u32
122 nat_calc_bihash_buckets (u32 n_elts)
124 n_elts = n_elts / 2.5;
126 while (lower_pow2 * 2 < n_elts)
128 lower_pow2 = 2 * lower_pow2;
130 u64 upper_pow2 = 2 * lower_pow2;
131 if ((upper_pow2 - n_elts) < (n_elts - lower_pow2))
133 if (upper_pow2 <= UINT32_MAX)
141 u8 *format_nat_protocol (u8 *s, va_list *args);
143 uword unformat_nat_protocol (unformat_input_t *input, va_list *args);
145 #endif /* included_nat_lib_h__ */
147 * fd.io coding-style-patch-verification: ON
150 * eval: (c-set-style "gnu")