2 * Copyright (c) 2020 Cisco and/or its affiliates.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @brief NAT44 plugin API implementation
21 #include <vnet/ip/ip_types_api.h>
22 #include <vlibmemory/api.h>
24 #include <vnet/fib/fib_table.h>
26 #include <nat/lib/nat_inlines.h>
27 #include <nat/lib/ipfix_logging.h>
29 #include <nat/nat44-ed/nat44_ed.h>
31 #include <nat/nat44-ed/nat44_ed.api_enum.h>
32 #include <nat/nat44-ed/nat44_ed.api_types.h>
34 #include <nat/nat44-ed/nat44_ed_inlines.h>
36 #define REPLY_MSG_ID_BASE sm->msg_id_base
37 #include <vlibapi/api_helper_macros.h>
42 vl_api_nat44_ed_plugin_enable_disable_t_handler (
43 vl_api_nat44_ed_plugin_enable_disable_t *mp)
45 snat_main_t *sm = &snat_main;
46 nat44_config_t c = { 0 };
47 vl_api_nat44_ed_plugin_enable_disable_reply_t *rmp;
52 if ((mp->flags & NAT44_API_IS_STATIC_MAPPING_ONLY) ||
53 (mp->flags & NAT44_API_IS_CONNECTION_TRACKING))
55 rv = VNET_API_ERROR_UNSUPPORTED;
59 c.sessions = ntohl (mp->sessions);
60 c.inside_vrf = ntohl (mp->inside_vrf);
61 c.outside_vrf = ntohl (mp->outside_vrf);
63 rv = nat44_plugin_enable (c);
68 rv = nat44_plugin_disable ();
71 REPLY_MACRO (VL_API_NAT44_ED_PLUGIN_ENABLE_DISABLE_REPLY);
75 vl_api_nat44_ed_set_fq_options_t_handler (vl_api_nat44_ed_set_fq_options_t *mp)
77 snat_main_t *sm = &snat_main;
78 vl_api_nat44_ed_set_fq_options_reply_t *rmp;
80 u32 frame_queue_nelts = ntohl (mp->frame_queue_nelts);
81 rv = nat44_ed_set_frame_queue_nelts (frame_queue_nelts);
82 REPLY_MACRO (VL_API_NAT44_ED_SET_FQ_OPTIONS_REPLY);
86 vl_api_nat44_ed_show_fq_options_t_handler (
87 vl_api_nat44_ed_show_fq_options_t *mp)
89 snat_main_t *sm = &snat_main;
90 vl_api_nat44_ed_show_fq_options_reply_t *rmp;
92 /* clang-format off */
93 REPLY_MACRO2_ZERO (VL_API_NAT44_ED_SHOW_FQ_OPTIONS_REPLY,
95 rmp->frame_queue_nelts = htonl (sm->frame_queue_nelts);
100 /* Old API calls hold back because of deprecation
101 * nat44_ed replacement should be used */
104 vl_api_nat_set_workers_t_handler (vl_api_nat_set_workers_t * mp)
106 snat_main_t *sm = &snat_main;
107 vl_api_nat_set_workers_reply_t *rmp;
112 mask = clib_net_to_host_u64 (mp->worker_mask);
114 if (sm->num_workers < 2)
116 rv = VNET_API_ERROR_FEATURE_DISABLED;
120 bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask));
121 rv = snat_set_workers (bitmap);
122 clib_bitmap_free (bitmap);
125 REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY);
129 send_nat_worker_details (u32 worker_index, vl_api_registration_t * reg,
132 vl_api_nat_worker_details_t *rmp;
133 snat_main_t *sm = &snat_main;
134 vlib_worker_thread_t *w =
135 vlib_worker_threads + worker_index + sm->first_worker_index;
137 rmp = vl_msg_api_alloc (sizeof (*rmp));
138 clib_memset (rmp, 0, sizeof (*rmp));
139 rmp->_vl_msg_id = ntohs (VL_API_NAT_WORKER_DETAILS + sm->msg_id_base);
140 rmp->context = context;
141 rmp->worker_index = htonl (worker_index);
142 rmp->lcore_id = htonl (w->cpu_id);
143 strncpy ((char *) rmp->name, (char *) w->name, ARRAY_LEN (rmp->name) - 1);
145 vl_api_send_msg (reg, (u8 *) rmp);
149 vl_api_nat_worker_dump_t_handler (vl_api_nat_worker_dump_t * mp)
151 vl_api_registration_t *reg;
152 snat_main_t *sm = &snat_main;
155 reg = vl_api_client_index_to_registration (mp->client_index);
159 vec_foreach (worker_index, sm->workers)
161 send_nat_worker_details (*worker_index, reg, mp->context);
166 vl_api_nat44_set_session_limit_t_handler (vl_api_nat44_set_session_limit_t *
169 snat_main_t *sm = &snat_main;
170 vl_api_nat44_set_session_limit_reply_t *rmp;
173 rv = nat44_set_session_limit
174 (ntohl (mp->session_limit), ntohl (mp->vrf_id));
176 REPLY_MACRO (VL_API_NAT44_SET_SESSION_LIMIT_REPLY);
180 vl_api_nat_set_log_level_t_handler (vl_api_nat_set_log_level_t * mp)
182 snat_main_t *sm = &snat_main;
183 vl_api_nat_set_log_level_reply_t *rmp;
186 if (sm->log_level > NAT_LOG_DEBUG)
187 rv = VNET_API_ERROR_UNSUPPORTED;
189 sm->log_level = mp->log_level;
191 REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY);
195 vl_api_nat_ipfix_enable_disable_t_handler (vl_api_nat_ipfix_enable_disable_t *
198 snat_main_t *sm = &snat_main;
199 vl_api_nat_ipfix_enable_disable_reply_t *rmp;
202 rv = nat_ipfix_logging_enable_disable (mp->enable,
205 clib_host_to_net_u16 (mp->src_port));
207 REPLY_MACRO (VL_API_NAT_IPFIX_ENABLE_DISABLE_REPLY);
211 vl_api_nat_set_timeouts_t_handler (vl_api_nat_set_timeouts_t * mp)
213 snat_main_t *sm = &snat_main;
214 vl_api_nat_set_timeouts_reply_t *rmp;
217 sm->timeouts.udp = ntohl (mp->udp);
218 sm->timeouts.tcp.established = ntohl (mp->tcp_established);
219 sm->timeouts.tcp.transitory = ntohl (mp->tcp_transitory);
220 sm->timeouts.icmp = ntohl (mp->icmp);
222 REPLY_MACRO (VL_API_NAT_SET_TIMEOUTS_REPLY);
226 vl_api_nat_get_timeouts_t_handler (vl_api_nat_get_timeouts_t * mp)
228 snat_main_t *sm = &snat_main;
229 vl_api_nat_get_timeouts_reply_t *rmp;
232 REPLY_MACRO2 (VL_API_NAT_GET_TIMEOUTS_REPLY,
234 rmp->udp = htonl (sm->timeouts.udp);
235 rmp->tcp_established = htonl (sm->timeouts.tcp.established);
236 rmp->tcp_transitory = htonl (sm->timeouts.tcp.transitory);
237 rmp->icmp = htonl (sm->timeouts.icmp);
242 vl_api_nat_set_mss_clamping_t_handler (vl_api_nat_set_mss_clamping_t * mp)
244 snat_main_t *sm = &snat_main;
245 vl_api_nat_set_mss_clamping_reply_t *rmp;
249 sm->mss_clamping = ntohs (mp->mss_value);
251 sm->mss_clamping = 0;
253 REPLY_MACRO (VL_API_NAT_SET_MSS_CLAMPING_REPLY);
257 vl_api_nat_get_mss_clamping_t_handler (vl_api_nat_get_mss_clamping_t * mp)
259 snat_main_t *sm = &snat_main;
260 vl_api_nat_get_mss_clamping_reply_t *rmp;
263 REPLY_MACRO2 (VL_API_NAT_GET_MSS_CLAMPING_REPLY,
265 rmp->enable = sm->mss_clamping ? 1 : 0;
266 rmp->mss_value = htons (sm->mss_clamping);
271 vl_api_nat44_add_del_address_range_t_handler
272 (vl_api_nat44_add_del_address_range_t * mp)
274 snat_main_t *sm = &snat_main;
275 vl_api_nat44_add_del_address_range_reply_t *rmp;
276 ip4_address_t this_addr;
277 u8 is_add, twice_nat;
278 u32 start_host_order, end_host_order;
285 twice_nat = mp->flags & NAT_API_IS_TWICE_NAT;
287 tmp = (u32 *) mp->first_ip_address;
288 start_host_order = clib_host_to_net_u32 (tmp[0]);
289 tmp = (u32 *) mp->last_ip_address;
290 end_host_order = clib_host_to_net_u32 (tmp[0]);
292 count = (end_host_order - start_host_order) + 1;
294 vrf_id = clib_host_to_net_u32 (mp->vrf_id);
297 nat_log_info ("%U - %U, %d addresses...",
298 format_ip4_address, mp->first_ip_address,
299 format_ip4_address, mp->last_ip_address, count);
301 memcpy (&this_addr.as_u8, mp->first_ip_address, 4);
303 for (i = 0; i < count; i++)
307 rv = nat44_ed_add_address (&this_addr, vrf_id, twice_nat);
311 rv = nat44_ed_del_address (this_addr, twice_nat);
317 increment_v4_address (&this_addr);
321 REPLY_MACRO (VL_API_NAT44_ADD_DEL_ADDRESS_RANGE_REPLY);
325 send_nat44_address_details (snat_address_t * a,
326 vl_api_registration_t * reg, u32 context,
329 vl_api_nat44_address_details_t *rmp;
330 snat_main_t *sm = &snat_main;
332 rmp = vl_msg_api_alloc (sizeof (*rmp));
333 clib_memset (rmp, 0, sizeof (*rmp));
334 rmp->_vl_msg_id = ntohs (VL_API_NAT44_ADDRESS_DETAILS + sm->msg_id_base);
335 clib_memcpy (rmp->ip_address, &(a->addr), 4);
336 if (a->fib_index != ~0)
338 fib_table_t *fib = fib_table_get (a->fib_index, FIB_PROTOCOL_IP4);
339 rmp->vrf_id = ntohl (fib->ft_table_id);
344 rmp->flags |= NAT_API_IS_TWICE_NAT;
345 rmp->context = context;
347 vl_api_send_msg (reg, (u8 *) rmp);
351 vl_api_nat44_address_dump_t_handler (vl_api_nat44_address_dump_t * mp)
353 vl_api_registration_t *reg;
354 snat_main_t *sm = &snat_main;
357 reg = vl_api_client_index_to_registration (mp->client_index);
361 vec_foreach (a, sm->addresses)
362 send_nat44_address_details (a, reg, mp->context, 0);
363 vec_foreach (a, sm->twice_nat_addresses)
364 send_nat44_address_details (a, reg, mp->context, 1);
368 vl_api_nat44_interface_add_del_feature_t_handler
369 (vl_api_nat44_interface_add_del_feature_t * mp)
371 vl_api_nat44_interface_add_del_feature_reply_t *rmp;
372 snat_main_t *sm = &snat_main;
377 VALIDATE_SW_IF_INDEX (mp);
379 is_inside = mp->flags & NAT_API_IS_INSIDE;
380 sw_if_index = ntohl (mp->sw_if_index);
384 rv = nat44_ed_add_interface (sw_if_index, is_inside);
388 rv = nat44_ed_del_interface (sw_if_index, is_inside);
391 BAD_SW_IF_INDEX_LABEL;
392 REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_FEATURE_REPLY);
396 send_nat44_interface_details (snat_interface_t * i,
397 vl_api_registration_t * reg, u32 context)
399 vl_api_nat44_interface_details_t *rmp;
400 snat_main_t *sm = &snat_main;
402 rmp = vl_msg_api_alloc (sizeof (*rmp));
403 clib_memset (rmp, 0, sizeof (*rmp));
404 rmp->_vl_msg_id = ntohs (VL_API_NAT44_INTERFACE_DETAILS + sm->msg_id_base);
405 rmp->sw_if_index = ntohl (i->sw_if_index);
407 if (nat44_ed_is_interface_inside (i))
408 rmp->flags |= NAT_API_IS_INSIDE;
409 if (nat44_ed_is_interface_outside (i))
410 rmp->flags |= NAT_API_IS_OUTSIDE;
412 rmp->context = context;
414 vl_api_send_msg (reg, (u8 *) rmp);
418 vl_api_nat44_interface_dump_t_handler (vl_api_nat44_interface_dump_t * mp)
420 vl_api_registration_t *reg;
421 snat_main_t *sm = &snat_main;
424 reg = vl_api_client_index_to_registration (mp->client_index);
428 pool_foreach (i, sm->interfaces)
430 send_nat44_interface_details (i, reg, mp->context);
434 static_always_inline int
435 add_del_dummy_output_interface (u32 sw_if_index, u8 is_inside, u8 is_add)
437 snat_main_t *sm = &snat_main;
441 pool_foreach (i, sm->output_feature_dummy_interfaces)
443 if (i->sw_if_index == sw_if_index)
447 pool_put (sm->output_feature_dummy_interfaces, i);
456 pool_get (sm->output_feature_dummy_interfaces, i);
457 i->sw_if_index = sw_if_index;
461 i->flags |= NAT_INTERFACE_FLAG_IS_INSIDE;
465 i->flags |= NAT_INTERFACE_FLAG_IS_OUTSIDE;
476 vl_api_nat44_interface_add_del_output_feature_t_handler
477 (vl_api_nat44_interface_add_del_output_feature_t * mp)
479 vl_api_nat44_interface_add_del_output_feature_reply_t *rmp;
480 snat_main_t *sm = &snat_main;
484 VALIDATE_SW_IF_INDEX (mp);
486 sw_if_index = ntohl (mp->sw_if_index);
488 // register all interfaces in the dummy structure
489 rv = add_del_dummy_output_interface (
490 sw_if_index, mp->flags & NAT_API_IS_INSIDE, mp->is_add);
492 if (!(mp->flags & NAT_API_IS_INSIDE))
496 rv = nat44_ed_add_output_interface (sw_if_index);
500 rv = nat44_ed_del_output_interface (sw_if_index);
504 BAD_SW_IF_INDEX_LABEL;
505 REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_OUTPUT_FEATURE_REPLY);
509 send_nat44_interface_output_feature_details (snat_interface_t * i,
510 vl_api_registration_t * reg,
513 vl_api_nat44_interface_output_feature_details_t *rmp;
514 snat_main_t *sm = &snat_main;
516 rmp = vl_msg_api_alloc (sizeof (*rmp));
517 clib_memset (rmp, 0, sizeof (*rmp));
519 ntohs (VL_API_NAT44_INTERFACE_OUTPUT_FEATURE_DETAILS + sm->msg_id_base);
520 rmp->sw_if_index = ntohl (i->sw_if_index);
521 rmp->context = context;
523 if (nat44_ed_is_interface_inside (i))
525 rmp->flags |= NAT_API_IS_INSIDE;
528 vl_api_send_msg (reg, (u8 *) rmp);
532 vl_api_nat44_interface_output_feature_dump_t_handler
533 (vl_api_nat44_interface_output_feature_dump_t * mp)
535 vl_api_registration_t *reg;
536 snat_main_t *sm = &snat_main;
539 reg = vl_api_client_index_to_registration (mp->client_index);
543 pool_foreach (i, sm->output_feature_dummy_interfaces)
545 send_nat44_interface_output_feature_details (i, reg, mp->context);
550 vl_api_nat44_ed_add_del_output_interface_t_handler (
551 vl_api_nat44_ed_add_del_output_interface_t *mp)
553 vl_api_nat44_ed_add_del_output_interface_reply_t *rmp;
554 snat_main_t *sm = &snat_main;
557 VALIDATE_SW_IF_INDEX_END (mp);
561 rv = nat44_ed_add_output_interface (mp->sw_if_index);
565 rv = nat44_ed_del_output_interface (mp->sw_if_index);
569 REPLY_MACRO_END (VL_API_NAT44_ED_ADD_DEL_OUTPUT_INTERFACE_REPLY);
573 #include <nat/nat44-ed/nat44_ed.api.h>
576 send_nat44_ed_output_interface_details (u32 index, vl_api_registration_t *rp,
579 snat_main_t *sm = &snat_main;
580 vl_api_nat44_ed_output_interface_details_t *rmp;
581 snat_interface_t *i =
582 pool_elt_at_index (sm->output_feature_interfaces, index);
584 /* Make sure every field is initiated (or don't skip the clib_memset()) */
585 REPLY_MACRO_DETAILS4 (
586 VL_API_NAT44_ED_OUTPUT_INTERFACE_DETAILS, rp, context, ({
587 rmp->sw_if_index = i->sw_if_index;
589 /* Endian hack until apigen registers _details
590 * endian functions */
591 vl_api_nat44_ed_output_interface_details_t_endian (rmp);
592 rmp->_vl_msg_id = htons (rmp->_vl_msg_id);
593 rmp->context = htonl (rmp->context);
598 vl_api_nat44_ed_output_interface_get_t_handler (
599 vl_api_nat44_ed_output_interface_get_t *mp)
601 vl_api_nat44_ed_output_interface_get_reply_t *rmp;
602 snat_main_t *sm = &snat_main;
605 if (pool_elts (sm->output_feature_interfaces) == 0)
607 REPLY_MACRO (VL_API_NAT44_ED_OUTPUT_INTERFACE_GET_REPLY);
611 REPLY_AND_DETAILS_MACRO (
612 VL_API_NAT44_ED_OUTPUT_INTERFACE_GET_REPLY, sm->output_feature_interfaces,
613 ({ send_nat44_ed_output_interface_details (cursor, rp, mp->context); }));
617 vl_api_nat44_add_del_static_mapping_t_handler
618 (vl_api_nat44_add_del_static_mapping_t * mp)
620 vl_api_nat44_add_del_static_mapping_reply_t *rmp;
622 snat_main_t *sm = &snat_main;
625 ip4_address_t l_addr, e_addr, pool_addr = { 0 };
626 u32 sw_if_index, flags = 0, vrf_id;
627 u16 l_port = 0, e_port = 0;
628 ip_protocol_t proto = 0;
631 memcpy (&l_addr.as_u8, mp->local_ip_address, 4);
633 if (mp->flags & NAT_API_IS_ADDR_ONLY)
635 flags |= NAT_SM_FLAG_ADDR_ONLY;
639 l_port = mp->local_port;
640 e_port = mp->external_port;
641 proto = mp->protocol;
644 if (mp->flags & NAT_API_IS_TWICE_NAT)
646 flags |= NAT_SM_FLAG_TWICE_NAT;
649 if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
651 flags |= NAT_SM_FLAG_SELF_TWICE_NAT;
654 if (mp->flags & NAT_API_IS_OUT2IN_ONLY)
656 flags |= NAT_SM_FLAG_OUT2IN_ONLY;
659 sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
660 if (sw_if_index != ~0)
662 flags |= NAT_SM_FLAG_SWITCH_ADDRESS;
666 memcpy (&e_addr.as_u8, mp->external_ip_address, 4);
669 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
673 mp->tag[sizeof (mp->tag) - 1] = 0;
674 tag = format (0, "%s", mp->tag);
675 vec_terminate_c_string (tag);
677 rv = nat44_ed_add_static_mapping (l_addr, e_addr, l_port, e_port, proto,
678 vrf_id, sw_if_index, flags, pool_addr,
684 rv = nat44_ed_del_static_mapping (l_addr, e_addr, l_port, e_port, proto,
685 vrf_id, sw_if_index, flags);
687 REPLY_MACRO (VL_API_NAT44_ADD_DEL_STATIC_MAPPING_REPLY);
691 vl_api_nat44_add_del_static_mapping_v2_t_handler
692 (vl_api_nat44_add_del_static_mapping_v2_t * mp)
694 vl_api_nat44_add_del_static_mapping_v2_reply_t *rmp;
696 snat_main_t *sm = &snat_main;
699 ip4_address_t l_addr, e_addr, pool_addr;
700 u32 sw_if_index, flags = 0, vrf_id;
701 u16 l_port = 0, e_port = 0;
705 memcpy (&l_addr.as_u8, mp->local_ip_address, 4);
706 memcpy (&pool_addr.as_u8, mp->pool_ip_address, 4);
708 if (pool_addr.as_u32 != 0)
710 flags |= NAT_SM_FLAG_EXACT_ADDRESS;
713 if (mp->flags & NAT_API_IS_ADDR_ONLY)
715 flags |= NAT_SM_FLAG_ADDR_ONLY;
719 l_port = mp->local_port;
720 e_port = mp->external_port;
723 if (mp->flags & NAT_API_IS_TWICE_NAT)
725 flags |= NAT_SM_FLAG_TWICE_NAT;
728 if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
730 flags |= NAT_SM_FLAG_SELF_TWICE_NAT;
733 if (mp->flags & NAT_API_IS_OUT2IN_ONLY)
735 flags |= NAT_SM_FLAG_OUT2IN_ONLY;
738 sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
741 flags |= NAT_SM_FLAG_SWITCH_ADDRESS;
745 memcpy (&e_addr.as_u8, mp->external_ip_address, 4);
748 proto = mp->protocol;
749 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
753 mp->tag[sizeof (mp->tag) - 1] = 0;
754 tag = format (0, "%s", mp->tag);
755 vec_terminate_c_string (tag);
757 rv = nat44_ed_add_static_mapping (l_addr, e_addr, l_port, e_port, proto,
758 vrf_id, sw_if_index, flags, pool_addr,
764 rv = nat44_ed_del_static_mapping (l_addr, e_addr, l_port, e_port, proto,
765 vrf_id, sw_if_index, flags);
767 REPLY_MACRO (VL_API_NAT44_ADD_DEL_STATIC_MAPPING_V2_REPLY);
771 send_nat44_static_mapping_details (snat_static_mapping_t * m,
772 vl_api_registration_t * reg, u32 context)
774 vl_api_nat44_static_mapping_details_t *rmp;
775 snat_main_t *sm = &snat_main;
776 u32 len = sizeof (*rmp);
778 rmp = vl_msg_api_alloc (len);
779 clib_memset (rmp, 0, len);
781 ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
783 clib_memcpy (rmp->local_ip_address, &(m->local_addr), 4);
784 clib_memcpy (rmp->external_ip_address, &(m->external_addr), 4);
785 rmp->external_sw_if_index = ~0;
786 rmp->vrf_id = htonl (m->vrf_id);
787 rmp->context = context;
789 // convert these in new api
791 if (is_sm_self_twice_nat (m->flags))
793 rmp->flags |= NAT_API_IS_SELF_TWICE_NAT;
796 if (is_sm_out2in_only (m->flags))
798 rmp->flags |= NAT_API_IS_OUT2IN_ONLY;
801 if (is_sm_twice_nat (m->flags))
803 rmp->flags |= NAT_API_IS_TWICE_NAT;
806 if (is_sm_addr_only (m->flags))
808 rmp->flags |= NAT_API_IS_ADDR_ONLY;
812 rmp->protocol = m->proto;
813 rmp->external_port = m->external_port;
814 rmp->local_port = m->local_port;
818 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
820 vl_api_send_msg (reg, (u8 *) rmp);
824 send_nat44_static_map_resolve_details (snat_static_mapping_resolve_t *m,
825 vl_api_registration_t *reg, u32 context)
827 vl_api_nat44_static_mapping_details_t *rmp;
828 snat_main_t *sm = &snat_main;
830 rmp = vl_msg_api_alloc (sizeof (*rmp));
831 clib_memset (rmp, 0, sizeof (*rmp));
833 ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
834 clib_memcpy (rmp->local_ip_address, &(m->l_addr), 4);
835 rmp->external_sw_if_index = htonl (m->sw_if_index);
836 rmp->vrf_id = htonl (m->vrf_id);
837 rmp->context = context;
839 if (is_sm_twice_nat (m->flags))
841 rmp->flags |= NAT_API_IS_TWICE_NAT;
844 if (is_sm_addr_only (m->flags))
846 rmp->flags |= NAT_API_IS_ADDR_ONLY;
850 rmp->protocol = m->proto;
851 rmp->external_port = m->e_port;
852 rmp->local_port = m->l_port;
856 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
858 vl_api_send_msg (reg, (u8 *) rmp);
862 vl_api_nat44_static_mapping_dump_t_handler (vl_api_nat44_static_mapping_dump_t
865 vl_api_registration_t *reg;
866 snat_main_t *sm = &snat_main;
867 snat_static_mapping_t *m;
868 snat_static_mapping_resolve_t *rp;
871 reg = vl_api_client_index_to_registration (mp->client_index);
875 pool_foreach (m, sm->static_mappings)
877 if (!is_sm_identity_nat (m->flags) && !is_sm_lb (m->flags))
878 send_nat44_static_mapping_details (m, reg, mp->context);
881 for (j = 0; j < vec_len (sm->sm_to_resolve); j++)
883 rp = sm->sm_to_resolve + j;
884 if (!is_sm_identity_nat (rp->flags))
885 send_nat44_static_map_resolve_details (rp, reg, mp->context);
890 vl_api_nat44_add_del_identity_mapping_t_handler
891 (vl_api_nat44_add_del_identity_mapping_t * mp)
893 vl_api_nat44_add_del_identity_mapping_reply_t *rmp;
895 snat_main_t *sm = &snat_main;
898 ip4_address_t addr, pool_addr = { 0 };
899 u32 sw_if_index, flags, vrf_id;
900 ip_protocol_t proto = 0;
904 flags = NAT_SM_FLAG_IDENTITY_NAT;
906 if (mp->flags & NAT_API_IS_ADDR_ONLY)
908 flags |= NAT_SM_FLAG_ADDR_ONLY;
913 proto = mp->protocol;
916 sw_if_index = clib_net_to_host_u32 (mp->sw_if_index);
917 if (sw_if_index != ~0)
919 flags |= NAT_SM_FLAG_SWITCH_ADDRESS;
923 memcpy (&addr.as_u8, mp->ip_address, 4);
926 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
930 mp->tag[sizeof (mp->tag) - 1] = 0;
931 tag = format (0, "%s", mp->tag);
932 vec_terminate_c_string (tag);
934 rv = nat44_ed_add_static_mapping (addr, addr, port, port, proto, vrf_id,
935 sw_if_index, flags, pool_addr, tag);
940 rv = nat44_ed_del_static_mapping (addr, addr, port, port, proto, vrf_id,
943 REPLY_MACRO (VL_API_NAT44_ADD_DEL_IDENTITY_MAPPING_REPLY);
947 send_nat44_identity_mapping_details (snat_static_mapping_t * m, int index,
948 vl_api_registration_t * reg, u32 context)
950 vl_api_nat44_identity_mapping_details_t *rmp;
951 snat_main_t *sm = &snat_main;
952 nat44_lb_addr_port_t *local = pool_elt_at_index (m->locals, index);
954 rmp = vl_msg_api_alloc (sizeof (*rmp));
955 clib_memset (rmp, 0, sizeof (*rmp));
957 ntohs (VL_API_NAT44_IDENTITY_MAPPING_DETAILS + sm->msg_id_base);
959 if (is_sm_addr_only (m->flags))
960 rmp->flags |= NAT_API_IS_ADDR_ONLY;
962 clib_memcpy (rmp->ip_address, &(m->local_addr), 4);
963 rmp->port = m->local_port;
964 rmp->sw_if_index = ~0;
965 rmp->vrf_id = htonl (local->vrf_id);
966 rmp->protocol = m->proto;
967 rmp->context = context;
969 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
971 vl_api_send_msg (reg, (u8 *) rmp);
975 send_nat44_identity_map_resolve_details (snat_static_mapping_resolve_t *m,
976 vl_api_registration_t *reg,
979 vl_api_nat44_identity_mapping_details_t *rmp;
980 snat_main_t *sm = &snat_main;
982 rmp = vl_msg_api_alloc (sizeof (*rmp));
983 clib_memset (rmp, 0, sizeof (*rmp));
985 ntohs (VL_API_NAT44_IDENTITY_MAPPING_DETAILS + sm->msg_id_base);
987 if (is_sm_addr_only (m->flags))
988 rmp->flags = (vl_api_nat_config_flags_t) NAT_API_IS_ADDR_ONLY;
990 rmp->port = m->l_port;
991 rmp->sw_if_index = htonl (m->sw_if_index);
992 rmp->vrf_id = htonl (m->vrf_id);
993 rmp->protocol = m->proto;
994 rmp->context = context;
996 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
998 vl_api_send_msg (reg, (u8 *) rmp);
1002 vl_api_nat44_identity_mapping_dump_t_handler
1003 (vl_api_nat44_identity_mapping_dump_t * mp)
1005 vl_api_registration_t *reg;
1006 snat_main_t *sm = &snat_main;
1007 snat_static_mapping_t *m;
1008 snat_static_mapping_resolve_t *rp;
1011 reg = vl_api_client_index_to_registration (mp->client_index);
1015 pool_foreach (m, sm->static_mappings)
1017 if (is_sm_identity_nat (m->flags) && !is_sm_lb (m->flags))
1019 pool_foreach_index (j, m->locals)
1021 send_nat44_identity_mapping_details (m, j, reg, mp->context);
1026 for (j = 0; j < vec_len (sm->sm_to_resolve); j++)
1028 rp = sm->sm_to_resolve + j;
1029 if (is_sm_identity_nat (rp->flags))
1030 send_nat44_identity_map_resolve_details (rp, reg, mp->context);
1035 vl_api_nat44_add_del_interface_addr_t_handler
1036 (vl_api_nat44_add_del_interface_addr_t * mp)
1038 snat_main_t *sm = &snat_main;
1039 vl_api_nat44_add_del_interface_addr_reply_t *rmp;
1040 u32 sw_if_index = ntohl (mp->sw_if_index);
1044 VALIDATE_SW_IF_INDEX (mp);
1046 twice_nat = mp->flags & NAT_API_IS_TWICE_NAT;
1050 rv = nat44_ed_add_interface_address (sw_if_index, twice_nat);
1054 rv = nat44_ed_del_interface_address (sw_if_index, twice_nat);
1057 BAD_SW_IF_INDEX_LABEL;
1059 REPLY_MACRO (VL_API_NAT44_ADD_DEL_INTERFACE_ADDR_REPLY);
1063 send_nat44_interface_addr_details (u32 sw_if_index,
1064 vl_api_registration_t * reg, u32 context,
1067 vl_api_nat44_interface_addr_details_t *rmp;
1068 snat_main_t *sm = &snat_main;
1070 rmp = vl_msg_api_alloc (sizeof (*rmp));
1071 clib_memset (rmp, 0, sizeof (*rmp));
1073 ntohs (VL_API_NAT44_INTERFACE_ADDR_DETAILS + sm->msg_id_base);
1074 rmp->sw_if_index = ntohl (sw_if_index);
1077 rmp->flags = (vl_api_nat_config_flags_t) NAT_API_IS_TWICE_NAT;
1078 rmp->context = context;
1080 vl_api_send_msg (reg, (u8 *) rmp);
1084 vl_api_nat44_interface_addr_dump_t_handler (vl_api_nat44_interface_addr_dump_t
1087 snat_main_t *sm = &snat_main;
1088 vl_api_registration_t *reg;
1089 snat_address_resolve_t *ap;
1091 reg = vl_api_client_index_to_registration (mp->client_index);
1095 vec_foreach (ap, sm->addr_to_resolve)
1097 send_nat44_interface_addr_details (ap->sw_if_index, reg, mp->context,
1102 static nat44_lb_addr_port_t *
1103 unformat_nat44_lb_addr_port (vl_api_nat44_lb_addr_port_t *addr_port_pairs,
1104 u32 addr_port_pair_num)
1107 nat44_lb_addr_port_t *lb_addr_port_pairs = 0, lb_addr_port;
1108 vl_api_nat44_lb_addr_port_t *ap;
1110 for (i = 0; i < addr_port_pair_num; i++)
1112 ap = &addr_port_pairs[i];
1113 clib_memset (&lb_addr_port, 0, sizeof (lb_addr_port));
1114 clib_memcpy (&lb_addr_port.addr, ap->addr, 4);
1115 lb_addr_port.port = ap->port;
1116 lb_addr_port.probability = ap->probability;
1117 lb_addr_port.vrf_id = clib_net_to_host_u32 (ap->vrf_id);
1118 vec_add1 (lb_addr_port_pairs, lb_addr_port);
1121 return lb_addr_port_pairs;
1125 vl_api_nat44_add_del_lb_static_mapping_t_handler (
1126 vl_api_nat44_add_del_lb_static_mapping_t *mp)
1128 snat_main_t *sm = &snat_main;
1129 vl_api_nat44_add_del_lb_static_mapping_reply_t *rmp;
1130 nat44_lb_addr_port_t *locals = 0;
1131 ip4_address_t e_addr;
1132 ip_protocol_t proto;
1137 locals = unformat_nat44_lb_addr_port (mp->locals,
1138 clib_net_to_host_u32 (mp->local_num));
1139 clib_memcpy (&e_addr, mp->external_addr, 4);
1140 proto = mp->protocol;
1142 if (mp->flags & NAT_API_IS_TWICE_NAT)
1144 flags |= NAT_SM_FLAG_TWICE_NAT;
1146 else if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
1148 flags |= NAT_SM_FLAG_SELF_TWICE_NAT;
1151 if (mp->flags & NAT_API_IS_OUT2IN_ONLY)
1153 flags |= NAT_SM_FLAG_OUT2IN_ONLY;
1158 mp->tag[sizeof (mp->tag) - 1] = 0;
1159 tag = format (0, "%s", mp->tag);
1160 vec_terminate_c_string (tag);
1162 rv = nat44_ed_add_lb_static_mapping (
1163 e_addr, mp->external_port, proto, locals, flags, tag,
1164 clib_net_to_host_u32 (mp->affinity));
1168 rv = nat44_ed_del_lb_static_mapping (e_addr, mp->external_port, proto,
1174 REPLY_MACRO (VL_API_NAT44_ADD_DEL_LB_STATIC_MAPPING_REPLY);
1178 vl_api_nat44_lb_static_mapping_add_del_local_t_handler (
1179 vl_api_nat44_lb_static_mapping_add_del_local_t *mp)
1181 snat_main_t *sm = &snat_main;
1182 vl_api_nat44_lb_static_mapping_add_del_local_reply_t *rmp;
1184 ip4_address_t e_addr, l_addr;
1185 ip_protocol_t proto;
1187 clib_memcpy (&e_addr, mp->external_addr, 4);
1188 clib_memcpy (&l_addr, mp->local.addr, 4);
1189 proto = mp->protocol;
1191 rv = nat44_ed_add_del_lb_static_mapping_local (
1192 e_addr, mp->external_port, l_addr, mp->local.port, proto,
1193 clib_net_to_host_u32 (mp->local.vrf_id), mp->local.probability,
1196 REPLY_MACRO (VL_API_NAT44_LB_STATIC_MAPPING_ADD_DEL_LOCAL_REPLY);
1200 send_nat44_lb_static_mapping_details (snat_static_mapping_t *m,
1201 vl_api_registration_t *reg, u32 context)
1203 vl_api_nat44_lb_static_mapping_details_t *rmp;
1204 snat_main_t *sm = &snat_main;
1205 nat44_lb_addr_port_t *ap;
1206 vl_api_nat44_lb_addr_port_t *locals;
1209 rmp = vl_msg_api_alloc (
1210 sizeof (*rmp) + (pool_elts (m->locals) * sizeof (nat44_lb_addr_port_t)));
1212 clib_memset (rmp, 0, sizeof (*rmp));
1214 ntohs (VL_API_NAT44_LB_STATIC_MAPPING_DETAILS + sm->msg_id_base);
1216 clib_memcpy (rmp->external_addr, &(m->external_addr), 4);
1217 rmp->external_port = m->external_port;
1218 rmp->protocol = m->proto;
1219 rmp->context = context;
1221 if (is_sm_self_twice_nat (m->flags))
1223 rmp->flags |= NAT_API_IS_SELF_TWICE_NAT;
1226 if (is_sm_out2in_only (m->flags))
1228 rmp->flags |= NAT_API_IS_OUT2IN_ONLY;
1231 if (is_sm_twice_nat (m->flags))
1233 rmp->flags |= NAT_API_IS_TWICE_NAT;
1237 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
1239 locals = (vl_api_nat44_lb_addr_port_t *) rmp->locals;
1240 pool_foreach (ap, m->locals)
1242 clib_memcpy (locals->addr, &(ap->addr), 4);
1243 locals->port = ap->port;
1244 locals->probability = ap->probability;
1245 locals->vrf_id = ntohl (ap->vrf_id);
1249 rmp->local_num = ntohl (local_num);
1251 vl_api_send_msg (reg, (u8 *) rmp);
1255 vl_api_nat44_lb_static_mapping_dump_t_handler (
1256 vl_api_nat44_lb_static_mapping_dump_t *mp)
1258 vl_api_registration_t *reg;
1259 snat_main_t *sm = &snat_main;
1260 snat_static_mapping_t *m;
1262 reg = vl_api_client_index_to_registration (mp->client_index);
1266 pool_foreach (m, sm->static_mappings)
1268 if (is_sm_lb (m->flags))
1269 send_nat44_lb_static_mapping_details (m, reg, mp->context);
1274 vl_api_nat44_del_session_t_handler (vl_api_nat44_del_session_t *mp)
1276 snat_main_t *sm = &snat_main;
1277 vl_api_nat44_del_session_reply_t *rmp;
1278 ip4_address_t addr, eh_addr;
1284 memcpy (&addr.as_u8, mp->address, 4);
1286 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
1287 memcpy (&eh_addr.as_u8, mp->ext_host_address, 4);
1288 eh_port = mp->ext_host_port;
1290 is_in = mp->flags & NAT_API_IS_INSIDE;
1292 rv = nat44_ed_del_session (sm, &addr, port, &eh_addr, eh_port, mp->protocol,
1295 REPLY_MACRO (VL_API_NAT44_DEL_SESSION_REPLY);
1299 vl_api_nat44_forwarding_enable_disable_t_handler (
1300 vl_api_nat44_forwarding_enable_disable_t *mp)
1302 vl_api_nat44_forwarding_enable_disable_reply_t *rmp;
1303 snat_main_t *sm = &snat_main;
1305 nat44_ed_forwarding_enable_disable (mp->enable);
1306 REPLY_MACRO (VL_API_NAT44_FORWARDING_ENABLE_DISABLE_REPLY);
1310 vl_api_nat44_forwarding_is_enabled_t_handler (
1311 vl_api_nat44_forwarding_is_enabled_t *mp)
1313 vl_api_registration_t *reg;
1314 snat_main_t *sm = &snat_main;
1315 vl_api_nat44_forwarding_is_enabled_reply_t *rmp;
1317 reg = vl_api_client_index_to_registration (mp->client_index);
1321 rmp = vl_msg_api_alloc (sizeof (*rmp));
1322 clib_memset (rmp, 0, sizeof (*rmp));
1324 ntohs (VL_API_NAT44_FORWARDING_IS_ENABLED_REPLY + sm->msg_id_base);
1325 rmp->context = mp->context;
1327 rmp->enabled = sm->forwarding_enabled;
1329 vl_api_send_msg (reg, (u8 *) rmp);
1332 /* Obsolete calls hold back because of deprecation
1333 * should not be used */
1336 vl_api_nat_set_addr_and_port_alloc_alg_t_handler (
1337 vl_api_nat_set_addr_and_port_alloc_alg_t *mp)
1339 snat_main_t *sm = &snat_main;
1340 vl_api_nat_set_addr_and_port_alloc_alg_reply_t *rmp;
1341 int rv = VNET_API_ERROR_UNSUPPORTED;
1342 REPLY_MACRO (VL_API_NAT_SET_ADDR_AND_PORT_ALLOC_ALG_REPLY);
1346 vl_api_nat_get_addr_and_port_alloc_alg_t_handler (
1347 vl_api_nat_get_addr_and_port_alloc_alg_t *mp)
1349 snat_main_t *sm = &snat_main;
1350 vl_api_nat_get_addr_and_port_alloc_alg_reply_t *rmp;
1351 int rv = VNET_API_ERROR_UNSUPPORTED;
1352 REPLY_MACRO (VL_API_NAT_GET_ADDR_AND_PORT_ALLOC_ALG_REPLY);
1356 vl_api_nat_ha_set_listener_t_handler (vl_api_nat_ha_set_listener_t *mp)
1358 snat_main_t *sm = &snat_main;
1359 vl_api_nat_ha_set_listener_reply_t *rmp;
1360 int rv = VNET_API_ERROR_UNSUPPORTED;
1361 REPLY_MACRO (VL_API_NAT_HA_SET_LISTENER_REPLY);
1365 vl_api_nat_ha_get_listener_t_handler (vl_api_nat_ha_get_listener_t *mp)
1367 snat_main_t *sm = &snat_main;
1368 vl_api_nat_ha_get_listener_reply_t *rmp;
1369 int rv = VNET_API_ERROR_UNSUPPORTED;
1370 REPLY_MACRO (VL_API_NAT_HA_GET_LISTENER_REPLY);
1374 vl_api_nat_ha_set_failover_t_handler (vl_api_nat_ha_set_failover_t *mp)
1376 snat_main_t *sm = &snat_main;
1377 vl_api_nat_ha_set_failover_reply_t *rmp;
1378 int rv = VNET_API_ERROR_UNSUPPORTED;
1379 REPLY_MACRO (VL_API_NAT_HA_SET_FAILOVER_REPLY);
1383 vl_api_nat_ha_get_failover_t_handler (vl_api_nat_ha_get_failover_t *mp)
1385 snat_main_t *sm = &snat_main;
1386 vl_api_nat_ha_get_failover_reply_t *rmp;
1387 int rv = VNET_API_ERROR_UNSUPPORTED;
1388 REPLY_MACRO (VL_API_NAT_HA_GET_FAILOVER_REPLY);
1392 vl_api_nat_ha_flush_t_handler (vl_api_nat_ha_flush_t *mp)
1394 snat_main_t *sm = &snat_main;
1395 vl_api_nat_ha_flush_reply_t *rmp;
1396 int rv = VNET_API_ERROR_UNSUPPORTED;
1397 REPLY_MACRO (VL_API_NAT_HA_FLUSH_REPLY);
1401 vl_api_nat_ha_resync_t_handler (vl_api_nat_ha_resync_t *mp)
1403 snat_main_t *sm = &snat_main;
1404 vl_api_nat_ha_resync_reply_t *rmp;
1405 int rv = VNET_API_ERROR_UNSUPPORTED;
1406 REPLY_MACRO (VL_API_NAT_HA_RESYNC_REPLY);
1410 vl_api_nat44_del_user_t_handler (vl_api_nat44_del_user_t *mp)
1412 snat_main_t *sm = &snat_main;
1413 vl_api_nat44_del_user_reply_t *rmp;
1414 int rv = VNET_API_ERROR_UNSUPPORTED;
1415 REPLY_MACRO (VL_API_NAT44_DEL_USER_REPLY);
1419 vl_api_nat44_session_cleanup_t_handler (vl_api_nat44_session_cleanup_t *mp)
1421 snat_main_t *sm = &snat_main;
1422 vl_api_nat44_session_cleanup_reply_t *rmp;
1423 int rv = VNET_API_ERROR_UNSUPPORTED;
1424 REPLY_MACRO (VL_API_NAT44_SESSION_CLEANUP_REPLY);
1428 vl_api_nat44_plugin_enable_disable_t_handler (
1429 vl_api_nat44_plugin_enable_disable_t *mp)
1431 snat_main_t *sm = &snat_main;
1432 nat44_config_t c = { 0 };
1433 vl_api_nat44_plugin_enable_disable_reply_t *rmp;
1438 if ((mp->flags & NAT44_API_IS_STATIC_MAPPING_ONLY) ||
1439 (mp->flags & NAT44_API_IS_CONNECTION_TRACKING) || mp->users ||
1442 rv = VNET_API_ERROR_UNSUPPORTED;
1446 c.sessions = ntohl (mp->sessions);
1447 c.inside_vrf = ntohl (mp->inside_vrf);
1448 c.outside_vrf = ntohl (mp->outside_vrf);
1450 rv = nat44_plugin_enable (c);
1455 rv = nat44_plugin_disable ();
1458 REPLY_MACRO (VL_API_NAT44_PLUGIN_ENABLE_DISABLE_REPLY);
1462 vl_api_nat_control_ping_t_handler (vl_api_nat_control_ping_t *mp)
1464 vl_api_nat_control_ping_reply_t *rmp;
1465 snat_main_t *sm = &snat_main;
1468 REPLY_MACRO2 (VL_API_NAT_CONTROL_PING_REPLY,
1469 ({ rmp->vpe_pid = ntohl (getpid ()); }));
1473 vl_api_nat_show_config_t_handler (vl_api_nat_show_config_t *mp)
1475 vl_api_nat_show_config_reply_t *rmp;
1476 snat_main_t *sm = &snat_main;
1479 REPLY_MACRO2_ZERO (VL_API_NAT_SHOW_CONFIG_REPLY, ({
1480 rmp->translation_buckets =
1481 htonl (sm->translation_buckets);
1482 rmp->user_buckets = 0;
1483 rmp->max_translations_per_user = 0;
1484 rmp->outside_vrf_id = htonl (sm->outside_vrf_id);
1485 rmp->inside_vrf_id = htonl (sm->inside_vrf_id);
1486 rmp->static_mapping_only = 0;
1487 rmp->static_mapping_connection_tracking = 0;
1488 rmp->endpoint_dependent = 1;
1489 rmp->out2in_dpo = 0;
1494 vl_api_nat_show_config_2_t_handler (vl_api_nat_show_config_2_t *mp)
1496 vl_api_nat_show_config_2_reply_t *rmp;
1497 snat_main_t *sm = &snat_main;
1501 VL_API_NAT_SHOW_CONFIG_2_REPLY, ({
1502 rmp->translation_buckets = htonl (sm->translation_buckets);
1503 rmp->user_buckets = 0;
1504 rmp->max_translations_per_user = 0;
1505 rmp->outside_vrf_id = htonl (sm->outside_vrf_id);
1506 rmp->inside_vrf_id = htonl (sm->inside_vrf_id);
1507 rmp->static_mapping_only = 0;
1508 rmp->static_mapping_connection_tracking = 0;
1509 rmp->endpoint_dependent = 1;
1510 rmp->out2in_dpo = 0;
1511 rmp->max_translations_per_thread =
1512 clib_net_to_host_u32 (sm->max_translations_per_thread);
1513 rmp->max_users_per_thread = 0;
1518 vl_api_nat44_show_running_config_t_handler (
1519 vl_api_nat44_show_running_config_t *mp)
1521 vl_api_nat44_show_running_config_reply_t *rmp;
1522 snat_main_t *sm = &snat_main;
1523 nat44_config_t *rc = &sm->rconfig;
1527 VL_API_NAT44_SHOW_RUNNING_CONFIG_REPLY, ({
1528 rmp->inside_vrf = htonl (rc->inside_vrf);
1529 rmp->outside_vrf = htonl (rc->outside_vrf);
1531 rmp->sessions = htonl (rc->sessions);
1532 rmp->translation_buckets = htonl (sm->translation_buckets);
1536 rmp->user_buckets = 0;
1537 rmp->user_sessions = 0;
1539 rmp->timeouts.udp = htonl (sm->timeouts.udp);
1540 rmp->timeouts.tcp_established = htonl (sm->timeouts.tcp.established);
1541 rmp->timeouts.tcp_transitory = htonl (sm->timeouts.tcp.transitory);
1542 rmp->timeouts.icmp = htonl (sm->timeouts.icmp);
1544 rmp->forwarding_enabled = sm->forwarding_enabled == 1;
1545 // consider how to split functionality between subplugins
1546 rmp->ipfix_logging_enabled = nat_ipfix_logging_enabled ();
1547 rmp->flags |= NAT44_IS_ENDPOINT_DEPENDENT;
1551 /* user (internal host) key */
1570 u32 nstaticsessions;
1577 clib_bihash_8_8_t user_hash;
1578 } user_create_helper_t;
1581 send_nat44_user_details (snat_user_t *u, vl_api_registration_t *reg,
1584 vl_api_nat44_user_details_t *rmp;
1585 snat_main_t *sm = &snat_main;
1586 ip4_main_t *im = &ip4_main;
1588 rmp = vl_msg_api_alloc (sizeof (*rmp));
1589 clib_memset (rmp, 0, sizeof (*rmp));
1590 rmp->_vl_msg_id = ntohs (VL_API_NAT44_USER_DETAILS + sm->msg_id_base);
1592 if (!pool_is_free_index (im->fibs, u->fib_index))
1594 fib_table_t *fib = fib_table_get (u->fib_index, FIB_PROTOCOL_IP4);
1595 rmp->vrf_id = ntohl (fib->ft_table_id);
1598 clib_memcpy (rmp->ip_address, &(u->addr), 4);
1599 rmp->nsessions = ntohl (u->nsessions);
1600 rmp->nstaticsessions = ntohl (u->nstaticsessions);
1601 rmp->context = context;
1603 vl_api_send_msg (reg, (u8 *) rmp);
1607 nat_ed_user_create_helper (user_create_helper_t *uch, snat_session_t *s)
1610 k.addr = s->in2out.addr;
1611 k.fib_index = s->in2out.fib_index;
1612 clib_bihash_kv_8_8_t key, value;
1616 if (clib_bihash_search_8_8 (&uch->user_hash, &key, &value))
1618 pool_get (uch->users, u);
1620 u->fib_index = k.fib_index;
1622 u->nstaticsessions = 0;
1623 key.value = u - uch->users;
1624 clib_bihash_add_del_8_8 (&uch->user_hash, &key, 1);
1628 u = pool_elt_at_index (uch->users, value.value);
1630 if (nat44_ed_is_session_static (s))
1632 ++u->nstaticsessions;
1641 format_user_kvp (u8 *s, va_list *args)
1643 clib_bihash_kv_8_8_t *v = va_arg (*args, clib_bihash_kv_8_8_t *);
1646 s = format (s, "%U fib %d user-index %llu", format_ip4_address, &k.addr,
1647 k.fib_index, v->value);
1652 nat_ed_users_create (snat_main_per_thread_data_t *tsm,
1653 user_create_helper_t *uch)
1656 clib_bihash_init_8_8 (&uch->user_hash, "users", uch->user_buckets, 0);
1657 clib_bihash_set_kvp_format_fn_8_8 (&uch->user_hash, format_user_kvp);
1658 pool_foreach (s, tsm->sessions)
1660 nat_ed_user_create_helper (uch, s);
1665 nat_ed_users_destroy (user_create_helper_t *uch)
1667 pool_free (uch->users);
1668 clib_bihash_free_8_8 (&uch->user_hash);
1672 vl_api_nat44_user_dump_t_handler (vl_api_nat44_user_dump_t * mp)
1674 user_create_helper_t uch;
1675 vl_api_registration_t *reg;
1676 snat_main_t *sm = &snat_main;
1677 snat_main_per_thread_data_t *tsm;
1680 clib_memset (&uch, 0, sizeof (uch));
1682 uch.user_buckets = nat_calc_bihash_buckets (1024);
1684 reg = vl_api_client_index_to_registration (mp->client_index);
1688 vec_foreach (tsm, sm->per_thread_data)
1690 nat_ed_users_create (tsm, &uch);
1691 pool_foreach (u, uch.users)
1693 send_nat44_user_details (u, reg, mp->context);
1695 nat_ed_users_destroy (&uch);
1700 send_nat44_user_session_details (snat_session_t * s,
1701 vl_api_registration_t * reg, u32 context)
1703 vl_api_nat44_user_session_details_t *rmp;
1704 snat_main_t *sm = &snat_main;
1706 rmp = vl_msg_api_alloc (sizeof (*rmp));
1707 clib_memset (rmp, 0, sizeof (*rmp));
1709 ntohs (VL_API_NAT44_USER_SESSION_DETAILS + sm->msg_id_base);
1710 clib_memcpy (rmp->outside_ip_address, (&s->out2in.addr), 4);
1711 clib_memcpy (rmp->inside_ip_address, (&s->in2out.addr), 4);
1713 if (nat44_ed_is_session_static (s))
1714 rmp->flags |= NAT_API_IS_STATIC;
1716 if (nat44_ed_is_twice_nat_session (s))
1717 rmp->flags |= NAT_API_IS_TWICE_NAT;
1719 rmp->flags |= NAT_API_IS_EXT_HOST_VALID;
1721 rmp->last_heard = clib_host_to_net_u64 ((u64) s->last_heard);
1722 rmp->total_bytes = clib_host_to_net_u64 (s->total_bytes);
1723 rmp->total_pkts = ntohl (s->total_pkts);
1724 rmp->context = context;
1725 rmp->outside_port = s->out2in.port;
1726 rmp->inside_port = s->in2out.port;
1727 rmp->protocol = clib_host_to_net_u16 (s->proto);
1728 clib_memcpy (rmp->ext_host_address, &s->ext_host_addr, 4);
1729 rmp->ext_host_port = s->ext_host_port;
1730 if (nat44_ed_is_twice_nat_session (s))
1732 clib_memcpy (rmp->ext_host_nat_address, &s->ext_host_nat_addr, 4);
1733 rmp->ext_host_nat_port = s->ext_host_nat_port;
1736 vl_api_send_msg (reg, (u8 *) rmp);
1740 vl_api_nat44_user_session_dump_t_handler (vl_api_nat44_user_session_dump_t *
1743 snat_main_per_thread_data_t *tsm;
1744 snat_main_t *sm = &snat_main;
1745 vl_api_registration_t *reg;
1746 snat_user_key_t ukey;
1750 reg = vl_api_client_index_to_registration (mp->client_index);
1754 clib_memcpy (&ukey.addr, mp->ip_address, 4);
1755 ip.src_address.as_u32 = ukey.addr.as_u32;
1756 ukey.fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->vrf_id));
1757 if (sm->num_workers > 1)
1758 tsm = vec_elt_at_index (
1759 sm->per_thread_data,
1760 nat44_ed_get_in2out_worker_index (0, &ip, ukey.fib_index, 0));
1762 tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
1764 pool_foreach (s, tsm->sessions) {
1765 if (s->in2out.addr.as_u32 == ukey.addr.as_u32)
1767 send_nat44_user_session_details (s, reg, mp->context);
1773 send_nat44_user_session_v2_details (snat_session_t *s,
1774 vl_api_registration_t *reg, u32 context)
1776 vl_api_nat44_user_session_v2_details_t *rmp;
1777 snat_main_t *sm = &snat_main;
1778 u64 now = vlib_time_now (sm->vnet_main->vlib_main);
1779 u64 sess_timeout_time = 0;
1781 rmp = vl_msg_api_alloc (sizeof (*rmp));
1782 clib_memset (rmp, 0, sizeof (*rmp));
1784 ntohs (VL_API_NAT44_USER_SESSION_V2_DETAILS + sm->msg_id_base);
1785 clib_memcpy (rmp->outside_ip_address, (&s->out2in.addr), 4);
1786 clib_memcpy (rmp->inside_ip_address, (&s->in2out.addr), 4);
1788 if (nat44_ed_is_session_static (s))
1789 rmp->flags |= NAT_API_IS_STATIC;
1791 if (nat44_ed_is_twice_nat_session (s))
1792 rmp->flags |= NAT_API_IS_TWICE_NAT;
1794 rmp->flags |= NAT_API_IS_EXT_HOST_VALID;
1796 rmp->last_heard = clib_host_to_net_u64 ((u64) s->last_heard);
1797 rmp->total_bytes = clib_host_to_net_u64 (s->total_bytes);
1798 rmp->total_pkts = ntohl (s->total_pkts);
1799 rmp->context = context;
1800 rmp->outside_port = s->out2in.port;
1801 rmp->inside_port = s->in2out.port;
1802 rmp->protocol = clib_host_to_net_u16 (s->proto);
1803 clib_memcpy (rmp->ext_host_address, &s->ext_host_addr, 4);
1804 rmp->ext_host_port = s->ext_host_port;
1805 if (nat44_ed_is_twice_nat_session (s))
1807 clib_memcpy (rmp->ext_host_nat_address, &s->ext_host_nat_addr, 4);
1808 rmp->ext_host_nat_port = s->ext_host_nat_port;
1811 sess_timeout_time = s->last_heard + nat44_session_get_timeout (sm, s);
1812 rmp->is_timed_out = (now >= sess_timeout_time);
1814 vl_api_send_msg (reg, (u8 *) rmp);
1818 vl_api_nat44_user_session_v2_dump_t_handler (
1819 vl_api_nat44_user_session_v2_dump_t *mp)
1821 snat_main_per_thread_data_t *tsm;
1822 snat_main_t *sm = &snat_main;
1823 vl_api_registration_t *reg;
1824 snat_user_key_t ukey;
1828 reg = vl_api_client_index_to_registration (mp->client_index);
1832 clib_memcpy (&ukey.addr, mp->ip_address, 4);
1833 ip.src_address.as_u32 = ukey.addr.as_u32;
1834 ukey.fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->vrf_id));
1835 if (sm->num_workers > 1)
1836 tsm = vec_elt_at_index (
1837 sm->per_thread_data,
1838 nat44_ed_get_in2out_worker_index (0, &ip, ukey.fib_index, 0));
1840 tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
1842 pool_foreach (s, tsm->sessions)
1844 if (s->in2out.addr.as_u32 == ukey.addr.as_u32)
1846 send_nat44_user_session_v2_details (s, reg, mp->context);
1851 /* API definitions */
1852 #include <vnet/format_fns.h>
1853 #include <nat/nat44-ed/nat44_ed.api.c>
1855 /* Set up the API message handling tables */
1857 nat44_api_hookup (vlib_main_t * vm)
1859 snat_main_t *sm = &snat_main;
1860 sm->msg_id_base = setup_message_id_table ();
1865 * fd.io coding-style-patch-verification: ON
1868 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob