2 * nat_ipfix_logging.c - NAT Events IPFIX logging
4 * Copyright (c) 2016 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <vnet/ipfix-export/flow_report.h>
19 #include <vlibmemory/api.h>
20 #include <nat/nat_ipfix_logging.h>
22 snat_ipfix_logging_main_t snat_ipfix_logging_main;
24 #define NAT44_SESSION_CREATE_LEN 26
25 #define NAT_ADDRESSES_EXHAUTED_LEN 13
26 #define MAX_ENTRIES_PER_USER_LEN 21
27 #define MAX_SESSIONS_LEN 17
28 #define MAX_BIBS_LEN 17
29 #define MAX_FRAGMENTS_IP4_LEN 21
30 #define MAX_FRAGMENTS_IP6_LEN 33
31 #define NAT64_BIB_LEN 38
32 #define NAT64_SES_LEN 62
34 #define NAT44_SESSION_CREATE_FIELD_COUNT 8
35 #define NAT_ADDRESSES_EXHAUTED_FIELD_COUNT 3
36 #define MAX_ENTRIES_PER_USER_FIELD_COUNT 5
37 #define MAX_SESSIONS_FIELD_COUNT 4
38 #define MAX_BIBS_FIELD_COUNT 4
39 #define MAX_FRAGMENTS_FIELD_COUNT 5
40 #define NAT64_BIB_FIELD_COUNT 8
41 #define NAT64_SES_FIELD_COUNT 12
48 snat_protocol_t snat_proto;
52 } snat_ipfix_logging_nat44_ses_args_t;
57 } snat_ipfix_logging_addr_exhausted_args_t;
63 } snat_ipfix_logging_max_entries_per_user_args_t;
68 } nat_ipfix_logging_max_sessions_args_t;
73 } nat_ipfix_logging_max_bibs_args_t;
79 } nat_ipfix_logging_max_frags_ip4_args_t;
85 } nat_ipfix_logging_max_frags_ip6_args_t;
100 } nat_ipfix_logging_nat64_ses_args_t;
111 } nat_ipfix_logging_nat64_bib_args_t;
113 #define skip_if_disabled() \
115 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; \
116 if (PREDICT_TRUE (!silm->enabled)) \
121 * @brief Create an IPFIX template packet rewrite string
123 * @param frm flow report main
124 * @param fr flow report
125 * @param collector_address collector address
126 * @param src_address source address
127 * @param collector_port collector
128 * @param event NAT event ID
129 * @param quota_event NAT quota exceeded event ID
131 * @returns template packet
134 snat_template_rewrite (flow_report_main_t * frm,
136 ip4_address_t * collector_address,
137 ip4_address_t * src_address,
139 nat_event_t event, quota_exceed_event_t quota_event)
141 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
144 ipfix_message_header_t *h;
145 ipfix_set_header_t *s;
146 ipfix_template_header_t *t;
147 ipfix_field_specifier_t *f;
148 ipfix_field_specifier_t *first_field;
150 ip4_ipfix_template_packet_t *tp;
152 flow_report_stream_t *stream;
154 stream = &frm->streams[fr->stream_index];
155 silm->stream_index = fr->stream_index;
157 if (event == NAT_ADDRESSES_EXHAUTED)
159 field_count = NAT_ADDRESSES_EXHAUTED_FIELD_COUNT;
160 silm->addr_exhausted_template_id = fr->template_id;
162 else if (event == NAT44_SESSION_CREATE)
164 field_count = NAT44_SESSION_CREATE_FIELD_COUNT;
165 silm->nat44_session_template_id = fr->template_id;
167 else if (event == NAT64_BIB_CREATE)
169 field_count = NAT64_BIB_FIELD_COUNT;
170 silm->nat64_bib_template_id = fr->template_id;
172 else if (event == NAT64_SESSION_CREATE)
174 field_count = NAT64_SES_FIELD_COUNT;
175 silm->nat64_ses_template_id = fr->template_id;
177 else if (event == QUOTA_EXCEEDED)
179 if (quota_event == MAX_ENTRIES_PER_USER)
181 field_count = MAX_ENTRIES_PER_USER_FIELD_COUNT;
182 silm->max_entries_per_user_template_id = fr->template_id;
184 else if (quota_event == MAX_SESSION_ENTRIES)
186 field_count = MAX_SESSIONS_FIELD_COUNT;
187 silm->max_sessions_template_id = fr->template_id;
189 else if (quota_event == MAX_BIB_ENTRIES)
191 field_count = MAX_BIBS_FIELD_COUNT;
192 silm->max_bibs_template_id = fr->template_id;
194 else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY)
196 field_count = MAX_FRAGMENTS_FIELD_COUNT;
197 silm->max_frags_ip4_template_id = fr->template_id;
199 else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6)
201 field_count = MAX_FRAGMENTS_FIELD_COUNT;
202 silm->max_frags_ip6_template_id = fr->template_id;
206 /* allocate rewrite space */
207 vec_validate_aligned (rewrite,
208 sizeof (ip4_ipfix_template_packet_t)
209 + field_count * sizeof (ipfix_field_specifier_t) - 1,
210 CLIB_CACHE_LINE_BYTES);
212 tp = (ip4_ipfix_template_packet_t *) rewrite;
213 ip = (ip4_header_t *) & tp->ip4;
214 udp = (udp_header_t *) (ip + 1);
215 h = (ipfix_message_header_t *) (udp + 1);
216 s = (ipfix_set_header_t *) (h + 1);
217 t = (ipfix_template_header_t *) (s + 1);
218 first_field = f = (ipfix_field_specifier_t *) (t + 1);
220 ip->ip_version_and_header_length = 0x45;
222 ip->protocol = IP_PROTOCOL_UDP;
223 ip->src_address.as_u32 = src_address->as_u32;
224 ip->dst_address.as_u32 = collector_address->as_u32;
225 udp->src_port = clib_host_to_net_u16 (stream->src_port);
226 udp->dst_port = clib_host_to_net_u16 (collector_port);
227 udp->length = clib_host_to_net_u16 (vec_len (rewrite) - sizeof (*ip));
229 /* FIXUP: message header export_time */
230 h->domain_id = clib_host_to_net_u32 (stream->domain_id);
232 /* Add TLVs to the template */
233 if (event == NAT_ADDRESSES_EXHAUTED)
235 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds, 8);
237 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
239 f->e_id_length = ipfix_e_id_length (0, natPoolId, 4);
242 else if (event == NAT44_SESSION_CREATE)
244 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds, 8);
246 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
248 f->e_id_length = ipfix_e_id_length (0, sourceIPv4Address, 4);
250 f->e_id_length = ipfix_e_id_length (0, postNATSourceIPv4Address, 4);
252 f->e_id_length = ipfix_e_id_length (0, protocolIdentifier, 1);
254 f->e_id_length = ipfix_e_id_length (0, sourceTransportPort, 2);
256 f->e_id_length = ipfix_e_id_length (0, postNAPTSourceTransportPort, 2);
258 f->e_id_length = ipfix_e_id_length (0, ingressVRFID, 4);
261 else if (event == NAT64_BIB_CREATE)
263 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds, 8);
265 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
267 f->e_id_length = ipfix_e_id_length (0, sourceIPv6Address, 16);
269 f->e_id_length = ipfix_e_id_length (0, postNATSourceIPv4Address, 4);
271 f->e_id_length = ipfix_e_id_length (0, protocolIdentifier, 1);
273 f->e_id_length = ipfix_e_id_length (0, sourceTransportPort, 2);
275 f->e_id_length = ipfix_e_id_length (0, postNAPTSourceTransportPort, 2);
277 f->e_id_length = ipfix_e_id_length (0, ingressVRFID, 4);
280 else if (event == NAT64_SESSION_CREATE)
282 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds, 8);
284 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
286 f->e_id_length = ipfix_e_id_length (0, sourceIPv6Address, 16);
288 f->e_id_length = ipfix_e_id_length (0, postNATSourceIPv4Address, 4);
290 f->e_id_length = ipfix_e_id_length (0, protocolIdentifier, 1);
292 f->e_id_length = ipfix_e_id_length (0, sourceTransportPort, 2);
294 f->e_id_length = ipfix_e_id_length (0, postNAPTSourceTransportPort, 2);
296 f->e_id_length = ipfix_e_id_length (0, destinationIPv6Address, 16);
298 f->e_id_length = ipfix_e_id_length (0, postNATDestinationIPv4Address, 4);
300 f->e_id_length = ipfix_e_id_length (0, destinationTransportPort, 2);
302 f->e_id_length = ipfix_e_id_length (0, postNAPTDestinationTransportPort,
305 f->e_id_length = ipfix_e_id_length (0, ingressVRFID, 4);
308 else if (event == QUOTA_EXCEEDED)
310 if (quota_event == MAX_ENTRIES_PER_USER)
312 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
315 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
317 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
319 f->e_id_length = ipfix_e_id_length (0, maxEntriesPerUser, 4);
321 f->e_id_length = ipfix_e_id_length (0, sourceIPv4Address, 4);
324 else if (quota_event == MAX_SESSION_ENTRIES)
326 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
329 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
331 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
333 f->e_id_length = ipfix_e_id_length (0, maxSessionEntries, 4);
336 else if (quota_event == MAX_BIB_ENTRIES)
338 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
341 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
343 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
345 f->e_id_length = ipfix_e_id_length (0, maxBIBEntries, 4);
348 else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY)
350 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
353 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
355 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
357 f->e_id_length = ipfix_e_id_length (0, maxFragmentsPendingReassembly,
360 f->e_id_length = ipfix_e_id_length (0, sourceIPv4Address, 4);
363 else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6)
365 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
368 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
370 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
372 f->e_id_length = ipfix_e_id_length (0, maxFragmentsPendingReassembly,
375 f->e_id_length = ipfix_e_id_length (0, sourceIPv6Address, 16);
380 /* Back to the template packet... */
381 ip = (ip4_header_t *) & tp->ip4;
382 udp = (udp_header_t *) (ip + 1);
384 ASSERT (f - first_field);
385 /* Field count in this template */
386 t->id_count = ipfix_id_count (fr->template_id, f - first_field);
388 /* set length in octets */
390 ipfix_set_id_length (2 /* set_id */ , (u8 *) f - (u8 *) s);
392 /* message length in octets */
393 h->version_length = version_length ((u8 *) f - (u8 *) h);
395 ip->length = clib_host_to_net_u16 ((u8 *) f - (u8 *) ip);
396 ip->checksum = ip4_header_checksum (ip);
402 snat_template_rewrite_addr_exhausted (flow_report_main_t * frm,
404 ip4_address_t * collector_address,
405 ip4_address_t * src_address,
407 ipfix_report_element_t *elts,
408 u32 n_elts, u32 *stream_index)
410 return snat_template_rewrite (frm, fr, collector_address, src_address,
411 collector_port, NAT_ADDRESSES_EXHAUTED, 0);
415 snat_template_rewrite_nat44_session (flow_report_main_t * frm,
417 ip4_address_t * collector_address,
418 ip4_address_t * src_address,
420 ipfix_report_element_t *elts,
421 u32 n_elts, u32 *stream_index)
423 return snat_template_rewrite (frm, fr, collector_address, src_address,
424 collector_port, NAT44_SESSION_CREATE, 0);
428 snat_template_rewrite_max_entries_per_usr (flow_report_main_t * frm,
430 ip4_address_t * collector_address,
431 ip4_address_t * src_address,
433 ipfix_report_element_t *elts,
434 u32 n_elts, u32 *stream_index)
436 return snat_template_rewrite (frm, fr, collector_address, src_address,
437 collector_port, QUOTA_EXCEEDED,
438 MAX_ENTRIES_PER_USER);
442 nat_template_rewrite_max_sessions (flow_report_main_t * frm,
444 ip4_address_t * collector_address,
445 ip4_address_t * src_address,
447 ipfix_report_element_t *elts,
448 u32 n_elts, u32 *stream_index)
450 return snat_template_rewrite (frm, fr, collector_address, src_address,
451 collector_port, QUOTA_EXCEEDED,
452 MAX_SESSION_ENTRIES);
456 nat_template_rewrite_max_bibs (flow_report_main_t * frm,
458 ip4_address_t * collector_address,
459 ip4_address_t * src_address,
461 ipfix_report_element_t *elts,
462 u32 n_elts, u32 *stream_index)
464 return snat_template_rewrite (frm, fr, collector_address, src_address,
465 collector_port, QUOTA_EXCEEDED,
470 nat_template_rewrite_max_frags_ip4 (flow_report_main_t * frm,
472 ip4_address_t * collector_address,
473 ip4_address_t * src_address,
475 ipfix_report_element_t *elts,
476 u32 n_elts, u32 *stream_index)
478 return snat_template_rewrite (frm, fr, collector_address, src_address,
479 collector_port, QUOTA_EXCEEDED,
480 MAX_FRAGMENTS_PENDING_REASSEMBLY);
484 nat_template_rewrite_max_frags_ip6 (flow_report_main_t * frm,
486 ip4_address_t * collector_address,
487 ip4_address_t * src_address,
489 ipfix_report_element_t *elts,
490 u32 n_elts, u32 *stream_index)
492 return snat_template_rewrite (frm, fr, collector_address, src_address,
493 collector_port, QUOTA_EXCEEDED,
494 MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6);
498 nat_template_rewrite_nat64_bib (flow_report_main_t * frm,
500 ip4_address_t * collector_address,
501 ip4_address_t * src_address,
503 ipfix_report_element_t *elts,
504 u32 n_elts, u32 *stream_index)
506 return snat_template_rewrite (frm, fr, collector_address, src_address,
507 collector_port, NAT64_BIB_CREATE, 0);
511 nat_template_rewrite_nat64_session (flow_report_main_t * frm,
513 ip4_address_t * collector_address,
514 ip4_address_t * src_address,
516 ipfix_report_element_t *elts,
517 u32 n_elts, u32 *stream_index)
519 return snat_template_rewrite (frm, fr, collector_address, src_address,
520 collector_port, NAT64_SESSION_CREATE, 0);
524 snat_ipfix_header_create (flow_report_main_t * frm,
525 vlib_buffer_t * b0, u32 * offset)
527 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
528 flow_report_stream_t *stream;
529 ip4_ipfix_template_packet_t *tp;
530 ipfix_message_header_t *h = 0;
531 ipfix_set_header_t *s = 0;
535 stream = &frm->streams[silm->stream_index];
537 b0->current_data = 0;
538 b0->current_length = sizeof (*ip) + sizeof (*udp) + sizeof (*h) +
540 b0->flags |= (VLIB_BUFFER_TOTAL_LENGTH_VALID | VNET_BUFFER_F_FLOW_REPORT);
541 vnet_buffer (b0)->sw_if_index[VLIB_RX] = 0;
542 vnet_buffer (b0)->sw_if_index[VLIB_TX] = frm->fib_index;
543 tp = vlib_buffer_get_current (b0);
544 ip = (ip4_header_t *) & tp->ip4;
545 udp = (udp_header_t *) (ip + 1);
546 h = (ipfix_message_header_t *) (udp + 1);
547 s = (ipfix_set_header_t *) (h + 1);
549 ip->ip_version_and_header_length = 0x45;
551 ip->protocol = IP_PROTOCOL_UDP;
552 ip->flags_and_fragment_offset = 0;
553 ip->src_address.as_u32 = frm->src_address.as_u32;
554 ip->dst_address.as_u32 = frm->ipfix_collector.as_u32;
555 udp->src_port = clib_host_to_net_u16 (stream->src_port);
556 udp->dst_port = clib_host_to_net_u16 (frm->collector_port);
559 h->export_time = clib_host_to_net_u32 ((u32)
560 (((f64) frm->unix_time_0) +
561 (vlib_time_now (frm->vlib_main) -
563 h->sequence_number = clib_host_to_net_u32 (stream->sequence_number++);
564 h->domain_id = clib_host_to_net_u32 (stream->domain_id);
566 *offset = (u32) (((u8 *) (s + 1)) - (u8 *) tp);
570 snat_ipfix_send (flow_report_main_t * frm,
571 vlib_frame_t * f, vlib_buffer_t * b0, u16 template_id)
573 ip4_ipfix_template_packet_t *tp;
574 ipfix_message_header_t *h = 0;
575 ipfix_set_header_t *s = 0;
578 vlib_main_t *vm = frm->vlib_main;
580 tp = vlib_buffer_get_current (b0);
581 ip = (ip4_header_t *) & tp->ip4;
582 udp = (udp_header_t *) (ip + 1);
583 h = (ipfix_message_header_t *) (udp + 1);
584 s = (ipfix_set_header_t *) (h + 1);
586 s->set_id_length = ipfix_set_id_length (template_id,
588 (sizeof (*ip) + sizeof (*udp) +
590 h->version_length = version_length (b0->current_length -
591 (sizeof (*ip) + sizeof (*udp)));
593 ip->length = clib_host_to_net_u16 (b0->current_length);
594 ip->checksum = ip4_header_checksum (ip);
595 udp->length = clib_host_to_net_u16 (b0->current_length - sizeof (*ip));
597 if (frm->udp_checksum)
599 udp->checksum = ip4_tcp_udp_compute_checksum (vm, b0, ip);
600 if (udp->checksum == 0)
601 udp->checksum = 0xffff;
604 ASSERT (ip->checksum == ip4_header_checksum (ip));
606 vlib_put_frame_to_node (vm, ip4_lookup_node.index, f);
610 snat_ipfix_logging_nat44_ses (u8 nat_event, u32 src_ip, u32 nat_src_ip,
611 snat_protocol_t snat_proto, u16 src_port,
612 u16 nat_src_port, u32 vrf_id, int do_flush)
614 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
615 flow_report_main_t *frm = &flow_report_main;
617 vlib_buffer_t *b0 = 0;
620 vlib_main_t *vm = frm->vlib_main;
622 vlib_buffer_free_list_t *fl;
628 proto = snat_proto_to_ip_proto (snat_proto);
630 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
631 now += silm->milisecond_time_0;
633 b0 = silm->nat44_session_buffer;
635 if (PREDICT_FALSE (b0 == 0))
640 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
642 clib_warning ("can't allocate buffer for NAT IPFIX event");
646 b0 = silm->nat44_session_buffer = vlib_get_buffer (vm, bi0);
648 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
649 vlib_buffer_init_for_free_list (b0, fl);
650 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
655 bi0 = vlib_get_buffer_index (vm, b0);
656 offset = silm->nat44_session_next_record_offset;
659 f = silm->nat44_session_frame;
660 if (PREDICT_FALSE (f == 0))
663 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
664 silm->nat44_session_frame = f;
665 to_next = vlib_frame_vector_args (f);
670 if (PREDICT_FALSE (offset == 0))
671 snat_ipfix_header_create (frm, b0, &offset);
673 if (PREDICT_TRUE (do_flush == 0))
675 u64 time_stamp = clib_host_to_net_u64 (now);
676 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
677 offset += sizeof (time_stamp);
679 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
680 offset += sizeof (nat_event);
682 clib_memcpy (b0->data + offset, &src_ip, sizeof (src_ip));
683 offset += sizeof (src_ip);
685 clib_memcpy (b0->data + offset, &nat_src_ip, sizeof (nat_src_ip));
686 offset += sizeof (nat_src_ip);
688 clib_memcpy (b0->data + offset, &proto, sizeof (proto));
689 offset += sizeof (proto);
691 clib_memcpy (b0->data + offset, &src_port, sizeof (src_port));
692 offset += sizeof (src_port);
694 clib_memcpy (b0->data + offset, &nat_src_port, sizeof (nat_src_port));
695 offset += sizeof (nat_src_port);
697 clib_memcpy (b0->data + offset, &vrf_id, sizeof (vrf_id));
698 offset += sizeof (vrf_id);
700 b0->current_length += NAT44_SESSION_CREATE_LEN;
704 (do_flush || (offset + NAT44_SESSION_CREATE_LEN) > frm->path_mtu))
706 snat_ipfix_send (frm, f, b0, silm->nat44_session_template_id);
707 silm->nat44_session_frame = 0;
708 silm->nat44_session_buffer = 0;
711 silm->nat44_session_next_record_offset = offset;
715 snat_ipfix_logging_addr_exhausted (u32 pool_id, int do_flush)
717 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
718 flow_report_main_t *frm = &flow_report_main;
720 vlib_buffer_t *b0 = 0;
723 vlib_main_t *vm = frm->vlib_main;
725 vlib_buffer_free_list_t *fl;
726 u8 nat_event = NAT_ADDRESSES_EXHAUTED;
731 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
732 now += silm->milisecond_time_0;
734 b0 = silm->addr_exhausted_buffer;
736 if (PREDICT_FALSE (b0 == 0))
741 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
743 clib_warning ("can't allocate buffer for NAT IPFIX event");
747 b0 = silm->addr_exhausted_buffer = vlib_get_buffer (vm, bi0);
749 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
750 vlib_buffer_init_for_free_list (b0, fl);
751 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
756 bi0 = vlib_get_buffer_index (vm, b0);
757 offset = silm->addr_exhausted_next_record_offset;
760 f = silm->addr_exhausted_frame;
761 if (PREDICT_FALSE (f == 0))
764 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
765 silm->addr_exhausted_frame = f;
766 to_next = vlib_frame_vector_args (f);
771 if (PREDICT_FALSE (offset == 0))
772 snat_ipfix_header_create (frm, b0, &offset);
774 if (PREDICT_TRUE (do_flush == 0))
776 u64 time_stamp = clib_host_to_net_u64 (now);
777 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
778 offset += sizeof (time_stamp);
780 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
781 offset += sizeof (nat_event);
783 clib_memcpy (b0->data + offset, &pool_id, sizeof (pool_id));
784 offset += sizeof (pool_id);
786 b0->current_length += NAT_ADDRESSES_EXHAUTED_LEN;
790 (do_flush || (offset + NAT_ADDRESSES_EXHAUTED_LEN) > frm->path_mtu))
792 snat_ipfix_send (frm, f, b0, silm->addr_exhausted_template_id);
793 silm->addr_exhausted_frame = 0;
794 silm->addr_exhausted_buffer = 0;
797 silm->addr_exhausted_next_record_offset = offset;
801 snat_ipfix_logging_max_entries_per_usr (u32 limit, u32 src_ip, int do_flush)
803 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
804 flow_report_main_t *frm = &flow_report_main;
806 vlib_buffer_t *b0 = 0;
809 vlib_main_t *vm = frm->vlib_main;
811 vlib_buffer_free_list_t *fl;
812 u8 nat_event = QUOTA_EXCEEDED;
813 u32 quota_event = MAX_ENTRIES_PER_USER;
818 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
819 now += silm->milisecond_time_0;
821 b0 = silm->max_entries_per_user_buffer;
823 if (PREDICT_FALSE (b0 == 0))
828 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
830 clib_warning ("can't allocate buffer for NAT IPFIX event");
834 b0 = silm->max_entries_per_user_buffer = vlib_get_buffer (vm, bi0);
836 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
837 vlib_buffer_init_for_free_list (b0, fl);
838 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
843 bi0 = vlib_get_buffer_index (vm, b0);
844 offset = silm->max_entries_per_user_next_record_offset;
847 f = silm->max_entries_per_user_frame;
848 if (PREDICT_FALSE (f == 0))
851 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
852 silm->max_entries_per_user_frame = f;
853 to_next = vlib_frame_vector_args (f);
858 if (PREDICT_FALSE (offset == 0))
859 snat_ipfix_header_create (frm, b0, &offset);
861 if (PREDICT_TRUE (do_flush == 0))
863 u64 time_stamp = clib_host_to_net_u64 (now);
864 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
865 offset += sizeof (time_stamp);
867 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
868 offset += sizeof (nat_event);
870 clib_memcpy (b0->data + offset, "a_event, sizeof (quota_event));
871 offset += sizeof (quota_event);
873 clib_memcpy (b0->data + offset, &limit, sizeof (limit));
874 offset += sizeof (limit);
876 clib_memcpy (b0->data + offset, &src_ip, sizeof (src_ip));
877 offset += sizeof (src_ip);
879 b0->current_length += MAX_ENTRIES_PER_USER_LEN;
883 (do_flush || (offset + MAX_ENTRIES_PER_USER_LEN) > frm->path_mtu))
885 snat_ipfix_send (frm, f, b0, silm->max_entries_per_user_template_id);
886 silm->max_entries_per_user_frame = 0;
887 silm->max_entries_per_user_buffer = 0;
890 silm->max_entries_per_user_next_record_offset = offset;
894 nat_ipfix_logging_max_ses (u32 limit, int do_flush)
896 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
897 flow_report_main_t *frm = &flow_report_main;
899 vlib_buffer_t *b0 = 0;
902 vlib_main_t *vm = frm->vlib_main;
904 vlib_buffer_free_list_t *fl;
905 u8 nat_event = QUOTA_EXCEEDED;
906 u32 quota_event = MAX_SESSION_ENTRIES;
911 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
912 now += silm->milisecond_time_0;
914 b0 = silm->max_sessions_buffer;
916 if (PREDICT_FALSE (b0 == 0))
921 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
923 clib_warning ("can't allocate buffer for NAT IPFIX event");
927 b0 = silm->max_sessions_buffer = vlib_get_buffer (vm, bi0);
929 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
930 vlib_buffer_init_for_free_list (b0, fl);
931 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
936 bi0 = vlib_get_buffer_index (vm, b0);
937 offset = silm->max_sessions_next_record_offset;
940 f = silm->max_sessions_frame;
941 if (PREDICT_FALSE (f == 0))
944 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
945 silm->max_sessions_frame = f;
946 to_next = vlib_frame_vector_args (f);
951 if (PREDICT_FALSE (offset == 0))
952 snat_ipfix_header_create (frm, b0, &offset);
954 if (PREDICT_TRUE (do_flush == 0))
956 u64 time_stamp = clib_host_to_net_u64 (now);
957 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
958 offset += sizeof (time_stamp);
960 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
961 offset += sizeof (nat_event);
963 clib_memcpy (b0->data + offset, "a_event, sizeof (quota_event));
964 offset += sizeof (quota_event);
966 clib_memcpy (b0->data + offset, &limit, sizeof (limit));
967 offset += sizeof (limit);
969 b0->current_length += MAX_SESSIONS_LEN;
973 (do_flush || (offset + MAX_SESSIONS_LEN) > frm->path_mtu))
975 snat_ipfix_send (frm, f, b0, silm->max_sessions_template_id);
976 silm->max_sessions_frame = 0;
977 silm->max_sessions_buffer = 0;
980 silm->max_sessions_next_record_offset = offset;
984 nat_ipfix_logging_max_bib (u32 limit, int do_flush)
986 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
987 flow_report_main_t *frm = &flow_report_main;
989 vlib_buffer_t *b0 = 0;
992 vlib_main_t *vm = frm->vlib_main;
994 vlib_buffer_free_list_t *fl;
995 u8 nat_event = QUOTA_EXCEEDED;
996 u32 quota_event = MAX_BIB_ENTRIES;
1001 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1002 now += silm->milisecond_time_0;
1004 b0 = silm->max_bibs_buffer;
1006 if (PREDICT_FALSE (b0 == 0))
1011 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1013 clib_warning ("can't allocate buffer for NAT IPFIX event");
1017 b0 = silm->max_bibs_buffer = vlib_get_buffer (vm, bi0);
1019 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
1020 vlib_buffer_init_for_free_list (b0, fl);
1021 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1026 bi0 = vlib_get_buffer_index (vm, b0);
1027 offset = silm->max_bibs_next_record_offset;
1030 f = silm->max_bibs_frame;
1031 if (PREDICT_FALSE (f == 0))
1034 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1035 silm->max_bibs_frame = f;
1036 to_next = vlib_frame_vector_args (f);
1041 if (PREDICT_FALSE (offset == 0))
1042 snat_ipfix_header_create (frm, b0, &offset);
1044 if (PREDICT_TRUE (do_flush == 0))
1046 u64 time_stamp = clib_host_to_net_u64 (now);
1047 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
1048 offset += sizeof (time_stamp);
1050 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
1051 offset += sizeof (nat_event);
1053 clib_memcpy (b0->data + offset, "a_event, sizeof (quota_event));
1054 offset += sizeof (quota_event);
1056 clib_memcpy (b0->data + offset, &limit, sizeof (limit));
1057 offset += sizeof (limit);
1059 b0->current_length += MAX_BIBS_LEN;
1063 (do_flush || (offset + MAX_BIBS_LEN) > frm->path_mtu))
1065 snat_ipfix_send (frm, f, b0, silm->max_bibs_template_id);
1066 silm->max_bibs_frame = 0;
1067 silm->max_bibs_buffer = 0;
1070 silm->max_bibs_next_record_offset = offset;
1074 nat_ipfix_logging_max_frag_ip4 (u32 limit, u32 src, int do_flush)
1076 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1077 flow_report_main_t *frm = &flow_report_main;
1079 vlib_buffer_t *b0 = 0;
1082 vlib_main_t *vm = frm->vlib_main;
1084 vlib_buffer_free_list_t *fl;
1085 u8 nat_event = QUOTA_EXCEEDED;
1086 u32 quota_event = MAX_FRAGMENTS_PENDING_REASSEMBLY;
1091 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1092 now += silm->milisecond_time_0;
1094 b0 = silm->max_frags_ip4_buffer;
1096 if (PREDICT_FALSE (b0 == 0))
1101 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1103 clib_warning ("can't allocate buffer for NAT IPFIX event");
1107 b0 = silm->max_frags_ip4_buffer = vlib_get_buffer (vm, bi0);
1109 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
1110 vlib_buffer_init_for_free_list (b0, fl);
1111 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1116 bi0 = vlib_get_buffer_index (vm, b0);
1117 offset = silm->max_frags_ip4_next_record_offset;
1120 f = silm->max_frags_ip4_frame;
1121 if (PREDICT_FALSE (f == 0))
1124 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1125 silm->max_frags_ip4_frame = f;
1126 to_next = vlib_frame_vector_args (f);
1131 if (PREDICT_FALSE (offset == 0))
1132 snat_ipfix_header_create (frm, b0, &offset);
1134 if (PREDICT_TRUE (do_flush == 0))
1136 u64 time_stamp = clib_host_to_net_u64 (now);
1137 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
1138 offset += sizeof (time_stamp);
1140 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
1141 offset += sizeof (nat_event);
1143 clib_memcpy (b0->data + offset, "a_event, sizeof (quota_event));
1144 offset += sizeof (quota_event);
1146 clib_memcpy (b0->data + offset, &limit, sizeof (limit));
1147 offset += sizeof (limit);
1149 clib_memcpy (b0->data + offset, &src, sizeof (src));
1150 offset += sizeof (src);
1152 b0->current_length += MAX_FRAGMENTS_IP4_LEN;
1156 (do_flush || (offset + MAX_BIBS_LEN) > frm->path_mtu))
1158 snat_ipfix_send (frm, f, b0, silm->max_frags_ip4_template_id);
1159 silm->max_frags_ip4_frame = 0;
1160 silm->max_frags_ip4_buffer = 0;
1163 silm->max_frags_ip4_next_record_offset = offset;
1167 nat_ipfix_logging_max_frag_ip6 (u32 limit, ip6_address_t * src, int do_flush)
1169 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1170 flow_report_main_t *frm = &flow_report_main;
1172 vlib_buffer_t *b0 = 0;
1175 vlib_main_t *vm = frm->vlib_main;
1177 vlib_buffer_free_list_t *fl;
1178 u8 nat_event = QUOTA_EXCEEDED;
1179 u32 quota_event = MAX_FRAGMENTS_PENDING_REASSEMBLY;
1184 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1185 now += silm->milisecond_time_0;
1187 b0 = silm->max_frags_ip6_buffer;
1189 if (PREDICT_FALSE (b0 == 0))
1194 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1196 clib_warning ("can't allocate buffer for NAT IPFIX event");
1200 b0 = silm->max_frags_ip6_buffer = vlib_get_buffer (vm, bi0);
1202 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
1203 vlib_buffer_init_for_free_list (b0, fl);
1204 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1209 bi0 = vlib_get_buffer_index (vm, b0);
1210 offset = silm->max_frags_ip6_next_record_offset;
1213 f = silm->max_frags_ip6_frame;
1214 if (PREDICT_FALSE (f == 0))
1217 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1218 silm->max_frags_ip6_frame = f;
1219 to_next = vlib_frame_vector_args (f);
1224 if (PREDICT_FALSE (offset == 0))
1225 snat_ipfix_header_create (frm, b0, &offset);
1227 if (PREDICT_TRUE (do_flush == 0))
1229 u64 time_stamp = clib_host_to_net_u64 (now);
1230 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
1231 offset += sizeof (time_stamp);
1233 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
1234 offset += sizeof (nat_event);
1236 clib_memcpy (b0->data + offset, "a_event, sizeof (quota_event));
1237 offset += sizeof (quota_event);
1239 clib_memcpy (b0->data + offset, &limit, sizeof (limit));
1240 offset += sizeof (limit);
1242 clib_memcpy (b0->data + offset, src, sizeof (ip6_address_t));
1243 offset += sizeof (ip6_address_t);
1245 b0->current_length += MAX_FRAGMENTS_IP6_LEN;
1249 (do_flush || (offset + MAX_BIBS_LEN) > frm->path_mtu))
1251 snat_ipfix_send (frm, f, b0, silm->max_frags_ip6_template_id);
1252 silm->max_frags_ip6_frame = 0;
1253 silm->max_frags_ip6_buffer = 0;
1256 silm->max_frags_ip6_next_record_offset = offset;
1260 nat_ipfix_logging_nat64_bibe (u8 nat_event, ip6_address_t * src_ip,
1261 u32 nat_src_ip, u8 proto, u16 src_port,
1262 u16 nat_src_port, u32 vrf_id, int do_flush)
1264 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1265 flow_report_main_t *frm = &flow_report_main;
1267 vlib_buffer_t *b0 = 0;
1270 vlib_main_t *vm = frm->vlib_main;
1272 vlib_buffer_free_list_t *fl;
1277 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1278 now += silm->milisecond_time_0;
1280 b0 = silm->nat64_bib_buffer;
1282 if (PREDICT_FALSE (b0 == 0))
1287 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1289 clib_warning ("can't allocate buffer for NAT IPFIX event");
1293 b0 = silm->nat64_bib_buffer = vlib_get_buffer (vm, bi0);
1295 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
1296 vlib_buffer_init_for_free_list (b0, fl);
1297 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1302 bi0 = vlib_get_buffer_index (vm, b0);
1303 offset = silm->nat64_bib_next_record_offset;
1306 f = silm->nat64_bib_frame;
1307 if (PREDICT_FALSE (f == 0))
1310 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1311 silm->nat64_bib_frame = f;
1312 to_next = vlib_frame_vector_args (f);
1317 if (PREDICT_FALSE (offset == 0))
1318 snat_ipfix_header_create (frm, b0, &offset);
1320 if (PREDICT_TRUE (do_flush == 0))
1322 u64 time_stamp = clib_host_to_net_u64 (now);
1323 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
1324 offset += sizeof (time_stamp);
1326 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
1327 offset += sizeof (nat_event);
1329 clib_memcpy (b0->data + offset, src_ip, sizeof (ip6_address_t));
1330 offset += sizeof (ip6_address_t);
1332 clib_memcpy (b0->data + offset, &nat_src_ip, sizeof (nat_src_ip));
1333 offset += sizeof (nat_src_ip);
1335 clib_memcpy (b0->data + offset, &proto, sizeof (proto));
1336 offset += sizeof (proto);
1338 clib_memcpy (b0->data + offset, &src_port, sizeof (src_port));
1339 offset += sizeof (src_port);
1341 clib_memcpy (b0->data + offset, &nat_src_port, sizeof (nat_src_port));
1342 offset += sizeof (nat_src_port);
1344 clib_memcpy (b0->data + offset, &vrf_id, sizeof (vrf_id));
1345 offset += sizeof (vrf_id);
1347 b0->current_length += NAT64_BIB_LEN;
1351 (do_flush || (offset + NAT64_BIB_LEN) > frm->path_mtu))
1353 snat_ipfix_send (frm, f, b0, silm->nat64_bib_template_id);
1354 silm->nat64_bib_frame = 0;
1355 silm->nat64_bib_buffer = 0;
1358 silm->nat64_bib_next_record_offset = offset;
1362 nat_ipfix_logging_nat64_ses (u8 nat_event, ip6_address_t * src_ip,
1363 u32 nat_src_ip, u8 proto, u16 src_port,
1364 u16 nat_src_port, ip6_address_t * dst_ip,
1365 u32 nat_dst_ip, u16 dst_port, u16 nat_dst_port,
1366 u32 vrf_id, int do_flush)
1368 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1369 flow_report_main_t *frm = &flow_report_main;
1371 vlib_buffer_t *b0 = 0;
1374 vlib_main_t *vm = frm->vlib_main;
1376 vlib_buffer_free_list_t *fl;
1381 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1382 now += silm->milisecond_time_0;
1384 b0 = silm->nat64_ses_buffer;
1386 if (PREDICT_FALSE (b0 == 0))
1391 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1393 clib_warning ("can't allocate buffer for NAT IPFIX event");
1397 b0 = silm->nat64_ses_buffer = vlib_get_buffer (vm, bi0);
1399 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
1400 vlib_buffer_init_for_free_list (b0, fl);
1401 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1406 bi0 = vlib_get_buffer_index (vm, b0);
1407 offset = silm->nat64_ses_next_record_offset;
1410 f = silm->nat64_ses_frame;
1411 if (PREDICT_FALSE (f == 0))
1414 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1415 silm->nat64_ses_frame = f;
1416 to_next = vlib_frame_vector_args (f);
1421 if (PREDICT_FALSE (offset == 0))
1422 snat_ipfix_header_create (frm, b0, &offset);
1424 if (PREDICT_TRUE (do_flush == 0))
1426 u64 time_stamp = clib_host_to_net_u64 (now);
1427 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
1428 offset += sizeof (time_stamp);
1430 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
1431 offset += sizeof (nat_event);
1433 clib_memcpy (b0->data + offset, src_ip, sizeof (ip6_address_t));
1434 offset += sizeof (ip6_address_t);
1436 clib_memcpy (b0->data + offset, &nat_src_ip, sizeof (nat_src_ip));
1437 offset += sizeof (nat_src_ip);
1439 clib_memcpy (b0->data + offset, &proto, sizeof (proto));
1440 offset += sizeof (proto);
1442 clib_memcpy (b0->data + offset, &src_port, sizeof (src_port));
1443 offset += sizeof (src_port);
1445 clib_memcpy (b0->data + offset, &nat_src_port, sizeof (nat_src_port));
1446 offset += sizeof (nat_src_port);
1448 clib_memcpy (b0->data + offset, dst_ip, sizeof (ip6_address_t));
1449 offset += sizeof (ip6_address_t);
1451 clib_memcpy (b0->data + offset, &nat_dst_ip, sizeof (nat_dst_ip));
1452 offset += sizeof (nat_dst_ip);
1454 clib_memcpy (b0->data + offset, &dst_port, sizeof (dst_port));
1455 offset += sizeof (dst_port);
1457 clib_memcpy (b0->data + offset, &nat_dst_port, sizeof (nat_dst_port));
1458 offset += sizeof (nat_dst_port);
1460 clib_memcpy (b0->data + offset, &vrf_id, sizeof (vrf_id));
1461 offset += sizeof (vrf_id);
1463 b0->current_length += NAT64_SES_LEN;
1467 (do_flush || (offset + NAT64_SES_LEN) > frm->path_mtu))
1469 snat_ipfix_send (frm, f, b0, silm->nat64_ses_template_id);
1470 silm->nat64_ses_frame = 0;
1471 silm->nat64_ses_buffer = 0;
1474 silm->nat64_ses_next_record_offset = offset;
1478 snat_ipfix_logging_nat44_ses_rpc_cb (snat_ipfix_logging_nat44_ses_args_t * a)
1480 snat_ipfix_logging_nat44_ses (a->nat_event, a->src_ip, a->nat_src_ip,
1481 a->snat_proto, a->src_port, a->nat_src_port,
1486 * @brief Generate NAT44 session create event
1488 * @param src_ip source IPv4 address
1489 * @param nat_src_ip transaltes source IPv4 address
1490 * @param snat_proto NAT transport protocol
1491 * @param src_port source port
1492 * @param nat_src_port translated source port
1493 * @param vrf_id VRF ID
1496 snat_ipfix_logging_nat44_ses_create (u32 src_ip,
1498 snat_protocol_t snat_proto,
1500 u16 nat_src_port, u32 vrf_id)
1502 snat_ipfix_logging_nat44_ses_args_t a;
1504 skip_if_disabled ();
1506 a.nat_event = NAT44_SESSION_CREATE;
1508 a.nat_src_ip = nat_src_ip;
1509 a.snat_proto = snat_proto;
1510 a.src_port = src_port;
1511 a.nat_src_port = nat_src_port;
1514 vl_api_rpc_call_main_thread (snat_ipfix_logging_nat44_ses_rpc_cb,
1515 (u8 *) & a, sizeof (a));
1519 * @brief Generate NAT44 session delete event
1521 * @param src_ip source IPv4 address
1522 * @param nat_src_ip transaltes source IPv4 address
1523 * @param snat_proto NAT transport protocol
1524 * @param src_port source port
1525 * @param nat_src_port translated source port
1526 * @param vrf_id VRF ID
1529 snat_ipfix_logging_nat44_ses_delete (u32 src_ip,
1531 snat_protocol_t snat_proto,
1533 u16 nat_src_port, u32 vrf_id)
1535 snat_ipfix_logging_nat44_ses_args_t a;
1537 skip_if_disabled ();
1539 a.nat_event = NAT44_SESSION_DELETE;
1541 a.nat_src_ip = nat_src_ip;
1542 a.snat_proto = snat_proto;
1543 a.src_port = src_port;
1544 a.nat_src_port = nat_src_port;
1547 vl_api_rpc_call_main_thread (snat_ipfix_logging_nat44_ses_rpc_cb,
1548 (u8 *) & a, sizeof (a));
1552 snat_data_callback_nat44_session (flow_report_main_t * frm,
1555 u32 * to_next, u32 node_index)
1557 snat_ipfix_logging_nat44_ses (0, 0, 0, 0, 0, 0, 0, 1);
1562 snat_ipfix_logging_addr_exhausted_rpc_cb
1563 (snat_ipfix_logging_addr_exhausted_args_t * a)
1565 snat_ipfix_logging_addr_exhausted (a->pool_id, 0);
1569 * @brief Generate NAT addresses exhausted event
1571 * @param pool_id NAT pool ID
1574 snat_ipfix_logging_addresses_exhausted (u32 pool_id)
1576 //TODO: This event SHOULD be rate limited
1577 snat_ipfix_logging_addr_exhausted_args_t a;
1579 skip_if_disabled ();
1581 a.pool_id = pool_id;
1583 vl_api_rpc_call_main_thread (snat_ipfix_logging_addr_exhausted_rpc_cb,
1584 (u8 *) & a, sizeof (a));
1588 snat_data_callback_addr_exhausted (flow_report_main_t * frm,
1591 u32 * to_next, u32 node_index)
1593 snat_ipfix_logging_addr_exhausted (0, 1);
1598 snat_ipfix_logging_max_entries_per_usr_rpc_cb
1599 (snat_ipfix_logging_max_entries_per_user_args_t * a)
1601 snat_ipfix_logging_max_entries_per_usr (a->limit, a->src_ip, 0);
1605 * @brief Generate maximum entries per user exceeded event
1607 * @param limit maximum NAT entries that can be created per user
1608 * @param src_ip source IPv4 address
1611 snat_ipfix_logging_max_entries_per_user (u32 limit, u32 src_ip)
1613 //TODO: This event SHOULD be rate limited
1614 snat_ipfix_logging_max_entries_per_user_args_t a;
1616 skip_if_disabled ();
1621 vl_api_rpc_call_main_thread (snat_ipfix_logging_max_entries_per_usr_rpc_cb,
1622 (u8 *) & a, sizeof (a));
1626 snat_data_callback_max_entries_per_usr (flow_report_main_t * frm,
1629 u32 * to_next, u32 node_index)
1631 snat_ipfix_logging_max_entries_per_usr (0, 0, 1);
1636 nat_ipfix_logging_max_ses_rpc_cb (nat_ipfix_logging_max_sessions_args_t * a)
1638 nat_ipfix_logging_max_ses (a->limit, 0);
1642 * @brief Generate maximum session entries exceeded event
1644 * @param limit configured limit
1647 nat_ipfix_logging_max_sessions (u32 limit)
1649 //TODO: This event SHOULD be rate limited
1650 nat_ipfix_logging_max_sessions_args_t a;
1652 skip_if_disabled ();
1656 vl_api_rpc_call_main_thread (nat_ipfix_logging_max_ses_rpc_cb,
1657 (u8 *) & a, sizeof (a));
1661 nat_data_callback_max_sessions (flow_report_main_t * frm,
1664 u32 * to_next, u32 node_index)
1666 nat_ipfix_logging_max_ses (0, 1);
1671 nat_ipfix_logging_max_bib_rpc_cb (nat_ipfix_logging_max_bibs_args_t * a)
1673 nat_ipfix_logging_max_bib (a->limit, 0);
1677 * @brief Generate maximum BIB entries exceeded event
1679 * @param limit configured limit
1682 nat_ipfix_logging_max_bibs (u32 limit)
1684 //TODO: This event SHOULD be rate limited
1685 nat_ipfix_logging_max_bibs_args_t a;
1687 skip_if_disabled ();
1691 vl_api_rpc_call_main_thread (nat_ipfix_logging_max_bib_rpc_cb,
1692 (u8 *) & a, sizeof (a));
1696 nat_data_callback_max_bibs (flow_report_main_t * frm,
1699 u32 * to_next, u32 node_index)
1701 nat_ipfix_logging_max_bib (0, 1);
1706 nat_ipfix_logging_max_frag_ip4_rpc_cb (nat_ipfix_logging_max_frags_ip4_args_t * a)
1708 nat_ipfix_logging_max_frag_ip4 (a->limit, a->src, 0);
1712 * @brief Generate maximum IPv4 fragments pending reassembly exceeded event
1714 * @param limit configured limit
1715 * @param src source IPv4 address
1718 nat_ipfix_logging_max_fragments_ip4 (u32 limit, ip4_address_t * src)
1720 //TODO: This event SHOULD be rate limited
1721 nat_ipfix_logging_max_frags_ip4_args_t a;
1723 skip_if_disabled ();
1726 a.src = src->as_u32;
1728 vl_api_rpc_call_main_thread (nat_ipfix_logging_max_frag_ip4_rpc_cb,
1729 (u8 *) & a, sizeof (a));
1733 nat_data_callback_max_frags_ip4 (flow_report_main_t * frm,
1736 u32 * to_next, u32 node_index)
1738 nat_ipfix_logging_max_frag_ip4 (0, 0, 1);
1743 nat_ipfix_logging_max_frag_ip6_rpc_cb (nat_ipfix_logging_max_frags_ip6_args_t * a)
1746 src.as_u64[0] = a->src[0];
1747 src.as_u64[1] = a->src[1];
1748 nat_ipfix_logging_max_frag_ip6 (a->limit, &src, 0);
1752 * @brief Generate maximum IPv6 fragments pending reassembly exceeded event
1754 * @param limit configured limit
1755 * @param src source IPv6 address
1758 nat_ipfix_logging_max_fragments_ip6 (u32 limit, ip6_address_t * src)
1760 //TODO: This event SHOULD be rate limited
1761 nat_ipfix_logging_max_frags_ip6_args_t a;
1763 skip_if_disabled ();
1766 a.src[0] = src->as_u64[0];
1767 a.src[1] = src->as_u64[1];
1769 vl_api_rpc_call_main_thread (nat_ipfix_logging_max_frag_ip6_rpc_cb,
1770 (u8 *) & a, sizeof (a));
1774 nat_data_callback_max_frags_ip6 (flow_report_main_t * frm,
1777 u32 * to_next, u32 node_index)
1779 nat_ipfix_logging_max_frag_ip6 (0, 0, 1);
1784 nat_ipfix_logging_nat64_bib_rpc_cb (nat_ipfix_logging_nat64_bib_args_t * a)
1786 ip6_address_t src_ip;
1787 src_ip.as_u64[0] = a->src_ip[0];
1788 src_ip.as_u64[1] = a->src_ip[1];
1789 nat_ipfix_logging_nat64_bibe (a->nat_event, &src_ip, a->nat_src_ip,
1790 a->proto, a->src_port, a->nat_src_port,
1795 * @brief Generate NAT64 BIB create and delete events
1797 * @param src_ip source IPv6 address
1798 * @param nat_src_ip transaltes source IPv4 address
1799 * @param proto L4 protocol
1800 * @param src_port source port
1801 * @param nat_src_port translated source port
1802 * @param vrf_id VRF ID
1803 * @param is_create non-zero value if create event otherwise delete event
1806 nat_ipfix_logging_nat64_bib (ip6_address_t * src_ip,
1807 ip4_address_t * nat_src_ip, u8 proto,
1808 u16 src_port, u16 nat_src_port, u32 vrf_id,
1811 nat_ipfix_logging_nat64_bib_args_t a;
1813 skip_if_disabled ();
1815 a.src_ip[0] = src_ip->as_u64[0];
1816 a.src_ip[1] = src_ip->as_u64[1];
1817 a.nat_src_ip = nat_src_ip->as_u32;
1819 a.src_port = src_port;
1820 a.nat_src_port = nat_src_port;
1822 a.nat_event = is_create ? NAT64_BIB_CREATE : NAT64_BIB_DELETE;
1824 vl_api_rpc_call_main_thread (nat_ipfix_logging_nat64_bib_rpc_cb,
1825 (u8 *) & a, sizeof (a));
1829 nat_data_callback_nat64_bib (flow_report_main_t * frm,
1832 u32 * to_next, u32 node_index)
1834 nat_ipfix_logging_nat64_bibe (0, 0, 0, 0, 0, 0, 0, 1);
1839 nat_ipfix_logging_nat64_ses_rpc_cb (nat_ipfix_logging_nat64_ses_args_t * a)
1841 ip6_address_t src_ip, dst_ip;
1842 src_ip.as_u64[0] = a->src_ip[0];
1843 src_ip.as_u64[1] = a->src_ip[1];
1844 dst_ip.as_u64[0] = a->dst_ip[0];
1845 dst_ip.as_u64[1] = a->dst_ip[1];
1846 nat_ipfix_logging_nat64_ses (a->nat_event, &src_ip, a->nat_src_ip,
1847 a->proto, a->src_port, a->nat_src_port,
1848 &dst_ip, a->nat_dst_ip, a->dst_port,
1849 a->nat_dst_port, a->vrf_id, 0);
1853 * @brief Generate NAT64 session create and delete events
1855 * @param src_ip source IPv6 address
1856 * @param nat_src_ip transaltes source IPv4 address
1857 * @param proto L4 protocol
1858 * @param src_port source port
1859 * @param nat_src_port translated source port
1860 * @param dst_ip destination IPv6 address
1861 * @param nat_dst_ip destination IPv4 address
1862 * @param dst_port destination port
1863 * @param nat_dst_port translated destination port
1864 * @param vrf_id VRF ID
1865 * @param is_create non-zero value if create event otherwise delete event
1868 nat_ipfix_logging_nat64_session (ip6_address_t * src_ip,
1869 ip4_address_t * nat_src_ip, u8 proto,
1870 u16 src_port, u16 nat_src_port,
1871 ip6_address_t * dst_ip,
1872 ip4_address_t * nat_dst_ip, u16 dst_port,
1873 u16 nat_dst_port, u32 vrf_id, u8 is_create)
1875 nat_ipfix_logging_nat64_ses_args_t a;
1877 skip_if_disabled ();
1879 a.src_ip[0] = src_ip->as_u64[0];
1880 a.src_ip[1] = src_ip->as_u64[1];
1881 a.nat_src_ip = nat_src_ip->as_u32;
1883 a.src_port = src_port;
1884 a.nat_src_port = nat_src_port;
1885 a.dst_ip[0] = dst_ip->as_u64[0];
1886 a.dst_ip[1] = dst_ip->as_u64[1];
1887 a.nat_dst_ip = nat_dst_ip->as_u32;
1888 a.dst_port = dst_port;
1889 a.nat_dst_port = nat_dst_port;
1891 a.nat_event = is_create ? NAT64_SESSION_CREATE : NAT64_SESSION_DELETE;
1893 vl_api_rpc_call_main_thread (nat_ipfix_logging_nat64_ses_rpc_cb,
1894 (u8 *) & a, sizeof (a));
1898 nat_data_callback_nat64_session (flow_report_main_t * frm,
1901 u32 * to_next, u32 node_index)
1903 nat_ipfix_logging_nat64_ses (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1);
1908 * @brief Enable/disable NAT plugin IPFIX logging
1910 * @param enable 1 if enable, 0 if disable
1911 * @param domain_id observation domain ID
1912 * @param src_port source port number
1914 * @returns 0 if success
1917 snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
1919 snat_main_t *sm = &snat_main;
1920 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1921 flow_report_main_t *frm = &flow_report_main;
1922 vnet_flow_report_add_del_args_t a;
1924 u8 e = enable ? 1 : 0;
1926 if (silm->enabled == e)
1931 memset (&a, 0, sizeof (a));
1933 a.domain_id = domain_id ? domain_id : 1;
1934 a.src_port = src_port ? src_port : UDP_DST_PORT_ipfix;
1936 if (sm->deterministic)
1938 a.rewrite_callback = snat_template_rewrite_max_entries_per_usr;
1939 a.flow_data_callback = snat_data_callback_max_entries_per_usr;
1941 rv = vnet_flow_report_add_del (frm, &a, NULL);
1944 clib_warning ("vnet_flow_report_add_del returned %d", rv);
1950 a.rewrite_callback = snat_template_rewrite_nat44_session;
1951 a.flow_data_callback = snat_data_callback_nat44_session;
1953 rv = vnet_flow_report_add_del (frm, &a, NULL);
1956 clib_warning ("vnet_flow_report_add_del returned %d", rv);
1960 a.rewrite_callback = snat_template_rewrite_addr_exhausted;
1961 a.flow_data_callback = snat_data_callback_addr_exhausted;
1963 rv = vnet_flow_report_add_del (frm, &a, NULL);
1966 clib_warning ("vnet_flow_report_add_del returned %d", rv);
1970 a.rewrite_callback = nat_template_rewrite_max_sessions;
1971 a.flow_data_callback = nat_data_callback_max_sessions;
1973 rv = vnet_flow_report_add_del (frm, &a, NULL);
1976 clib_warning ("vnet_flow_report_add_del returned %d", rv);
1980 a.rewrite_callback = nat_template_rewrite_max_bibs;
1981 a.flow_data_callback = nat_data_callback_max_bibs;
1983 rv = vnet_flow_report_add_del (frm, &a, NULL);
1986 clib_warning ("vnet_flow_report_add_del returned %d", rv);
1990 a.rewrite_callback = nat_template_rewrite_max_frags_ip4;
1991 a.flow_data_callback = nat_data_callback_max_frags_ip4;
1993 rv = vnet_flow_report_add_del (frm, &a, NULL);
1996 clib_warning ("vnet_flow_report_add_del returned %d", rv);
2000 a.rewrite_callback = nat_template_rewrite_max_frags_ip6;
2001 a.flow_data_callback = nat_data_callback_max_frags_ip6;
2003 rv = vnet_flow_report_add_del (frm, &a, NULL);
2006 clib_warning ("vnet_flow_report_add_del returned %d", rv);
2010 a.rewrite_callback = nat_template_rewrite_nat64_bib;
2011 a.flow_data_callback = nat_data_callback_nat64_bib;
2013 rv = vnet_flow_report_add_del (frm, &a, NULL);
2016 clib_warning ("vnet_flow_report_add_del returned %d", rv);
2020 a.rewrite_callback = nat_template_rewrite_nat64_session;
2021 a.flow_data_callback = nat_data_callback_nat64_session;
2023 rv = vnet_flow_report_add_del (frm, &a, NULL);
2026 clib_warning ("vnet_flow_report_add_del returned %d", rv);
2035 * @brief Initialize NAT plugin IPFIX logging
2037 * @param vm vlib main
2040 snat_ipfix_logging_init (vlib_main_t * vm)
2042 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
2046 /* Set up time reference pair */
2047 silm->vlib_time_0 = vlib_time_now (vm);
2048 silm->milisecond_time_0 = unix_time_now_nsec () * 1e-6;