2 * nat_ipfix_logging.c - NAT Events IPFIX logging
4 * Copyright (c) 2016 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <vnet/flow/flow_report.h>
19 #include <vlibmemory/api.h>
20 #include <nat/nat_ipfix_logging.h>
22 snat_ipfix_logging_main_t snat_ipfix_logging_main;
24 #define NAT44_SESSION_CREATE_LEN 26
25 #define NAT_ADDRESSES_EXHAUTED_LEN 13
26 #define MAX_ENTRIES_PER_USER_LEN 21
27 #define MAX_SESSIONS_LEN 17
28 #define MAX_BIBS_LEN 17
29 #define MAX_FRAGMENTS_IP4_LEN 21
30 #define MAX_FRAGMENTS_IP6_LEN 33
31 #define NAT64_BIB_LEN 38
32 #define NAT64_SES_LEN 62
34 #define NAT44_SESSION_CREATE_FIELD_COUNT 8
35 #define NAT_ADDRESSES_EXHAUTED_FIELD_COUNT 3
36 #define MAX_ENTRIES_PER_USER_FIELD_COUNT 5
37 #define MAX_SESSIONS_FIELD_COUNT 4
38 #define MAX_BIBS_FIELD_COUNT 4
39 #define MAX_FRAGMENTS_FIELD_COUNT 5
40 #define NAT64_BIB_FIELD_COUNT 8
41 #define NAT64_SES_FIELD_COUNT 12
48 snat_protocol_t snat_proto;
52 } snat_ipfix_logging_nat44_ses_args_t;
57 } snat_ipfix_logging_addr_exhausted_args_t;
63 } snat_ipfix_logging_max_entries_per_user_args_t;
68 } nat_ipfix_logging_max_sessions_args_t;
73 } nat_ipfix_logging_max_bibs_args_t;
79 } nat_ipfix_logging_max_frags_ip4_args_t;
85 } nat_ipfix_logging_max_frags_ip6_args_t;
100 } nat_ipfix_logging_nat64_ses_args_t;
111 } nat_ipfix_logging_nat64_bib_args_t;
113 #define skip_if_disabled() \
115 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; \
116 if (PREDICT_TRUE (!silm->enabled)) \
121 * @brief Create an IPFIX template packet rewrite string
123 * @param frm flow report main
124 * @param fr flow report
125 * @param collector_address collector address
126 * @param src_address source address
127 * @param collector_port collector
128 * @param event NAT event ID
129 * @param quota_event NAT quota exceeded event ID
131 * @returns template packet
134 snat_template_rewrite (flow_report_main_t * frm,
136 ip4_address_t * collector_address,
137 ip4_address_t * src_address,
139 nat_event_t event, quota_exceed_event_t quota_event)
141 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
144 ipfix_message_header_t *h;
145 ipfix_set_header_t *s;
146 ipfix_template_header_t *t;
147 ipfix_field_specifier_t *f;
148 ipfix_field_specifier_t *first_field;
150 ip4_ipfix_template_packet_t *tp;
152 flow_report_stream_t *stream;
154 stream = &frm->streams[fr->stream_index];
155 silm->stream_index = fr->stream_index;
157 if (event == NAT_ADDRESSES_EXHAUTED)
159 field_count = NAT_ADDRESSES_EXHAUTED_FIELD_COUNT;
160 silm->addr_exhausted_template_id = fr->template_id;
162 else if (event == NAT44_SESSION_CREATE)
164 field_count = NAT44_SESSION_CREATE_FIELD_COUNT;
165 silm->nat44_session_template_id = fr->template_id;
167 else if (event == NAT64_BIB_CREATE)
169 field_count = NAT64_BIB_FIELD_COUNT;
170 silm->nat64_bib_template_id = fr->template_id;
172 else if (event == NAT64_SESSION_CREATE)
174 field_count = NAT64_SES_FIELD_COUNT;
175 silm->nat64_ses_template_id = fr->template_id;
177 else if (event == QUOTA_EXCEEDED)
179 if (quota_event == MAX_ENTRIES_PER_USER)
181 field_count = MAX_ENTRIES_PER_USER_FIELD_COUNT;
182 silm->max_entries_per_user_template_id = fr->template_id;
184 else if (quota_event == MAX_SESSION_ENTRIES)
186 field_count = MAX_SESSIONS_FIELD_COUNT;
187 silm->max_sessions_template_id = fr->template_id;
189 else if (quota_event == MAX_BIB_ENTRIES)
191 field_count = MAX_BIBS_FIELD_COUNT;
192 silm->max_bibs_template_id = fr->template_id;
194 else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY)
196 field_count = MAX_FRAGMENTS_FIELD_COUNT;
197 silm->max_frags_ip4_template_id = fr->template_id;
199 else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6)
201 field_count = MAX_FRAGMENTS_FIELD_COUNT;
202 silm->max_frags_ip6_template_id = fr->template_id;
206 /* allocate rewrite space */
207 vec_validate_aligned (rewrite,
208 sizeof (ip4_ipfix_template_packet_t)
209 + field_count * sizeof (ipfix_field_specifier_t) - 1,
210 CLIB_CACHE_LINE_BYTES);
212 tp = (ip4_ipfix_template_packet_t *) rewrite;
213 ip = (ip4_header_t *) & tp->ip4;
214 udp = (udp_header_t *) (ip + 1);
215 h = (ipfix_message_header_t *) (udp + 1);
216 s = (ipfix_set_header_t *) (h + 1);
217 t = (ipfix_template_header_t *) (s + 1);
218 first_field = f = (ipfix_field_specifier_t *) (t + 1);
220 ip->ip_version_and_header_length = 0x45;
222 ip->protocol = IP_PROTOCOL_UDP;
223 ip->src_address.as_u32 = src_address->as_u32;
224 ip->dst_address.as_u32 = collector_address->as_u32;
225 udp->src_port = clib_host_to_net_u16 (stream->src_port);
226 udp->dst_port = clib_host_to_net_u16 (collector_port);
227 udp->length = clib_host_to_net_u16 (vec_len (rewrite) - sizeof (*ip));
229 /* FIXUP: message header export_time */
230 h->domain_id = clib_host_to_net_u32 (stream->domain_id);
232 /* Add TLVs to the template */
233 if (event == NAT_ADDRESSES_EXHAUTED)
235 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds, 8);
237 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
239 f->e_id_length = ipfix_e_id_length (0, natPoolId, 4);
242 else if (event == NAT44_SESSION_CREATE)
244 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds, 8);
246 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
248 f->e_id_length = ipfix_e_id_length (0, sourceIPv4Address, 4);
250 f->e_id_length = ipfix_e_id_length (0, postNATSourceIPv4Address, 4);
252 f->e_id_length = ipfix_e_id_length (0, protocolIdentifier, 1);
254 f->e_id_length = ipfix_e_id_length (0, sourceTransportPort, 2);
256 f->e_id_length = ipfix_e_id_length (0, postNAPTSourceTransportPort, 2);
258 f->e_id_length = ipfix_e_id_length (0, ingressVRFID, 4);
261 else if (event == NAT64_BIB_CREATE)
263 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds, 8);
265 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
267 f->e_id_length = ipfix_e_id_length (0, sourceIPv6Address, 16);
269 f->e_id_length = ipfix_e_id_length (0, postNATSourceIPv4Address, 4);
271 f->e_id_length = ipfix_e_id_length (0, protocolIdentifier, 1);
273 f->e_id_length = ipfix_e_id_length (0, sourceTransportPort, 2);
275 f->e_id_length = ipfix_e_id_length (0, postNAPTSourceTransportPort, 2);
277 f->e_id_length = ipfix_e_id_length (0, ingressVRFID, 4);
280 else if (event == NAT64_SESSION_CREATE)
282 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds, 8);
284 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
286 f->e_id_length = ipfix_e_id_length (0, sourceIPv6Address, 16);
288 f->e_id_length = ipfix_e_id_length (0, postNATSourceIPv4Address, 4);
290 f->e_id_length = ipfix_e_id_length (0, protocolIdentifier, 1);
292 f->e_id_length = ipfix_e_id_length (0, sourceTransportPort, 2);
294 f->e_id_length = ipfix_e_id_length (0, postNAPTSourceTransportPort, 2);
296 f->e_id_length = ipfix_e_id_length (0, destinationIPv6Address, 16);
298 f->e_id_length = ipfix_e_id_length (0, postNATDestinationIPv4Address, 4);
300 f->e_id_length = ipfix_e_id_length (0, destinationTransportPort, 2);
302 f->e_id_length = ipfix_e_id_length (0, postNAPTDestinationTransportPort,
305 f->e_id_length = ipfix_e_id_length (0, ingressVRFID, 4);
308 else if (event == QUOTA_EXCEEDED)
310 if (quota_event == MAX_ENTRIES_PER_USER)
312 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
315 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
317 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
319 f->e_id_length = ipfix_e_id_length (0, maxEntriesPerUser, 4);
321 f->e_id_length = ipfix_e_id_length (0, sourceIPv4Address, 4);
324 else if (quota_event == MAX_SESSION_ENTRIES)
326 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
329 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
331 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
333 f->e_id_length = ipfix_e_id_length (0, maxSessionEntries, 4);
336 else if (quota_event == MAX_BIB_ENTRIES)
338 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
341 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
343 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
345 f->e_id_length = ipfix_e_id_length (0, maxBIBEntries, 4);
348 else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY)
350 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
353 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
355 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
357 f->e_id_length = ipfix_e_id_length (0, maxFragmentsPendingReassembly,
360 f->e_id_length = ipfix_e_id_length (0, sourceIPv4Address, 4);
363 else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6)
365 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
368 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
370 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
372 f->e_id_length = ipfix_e_id_length (0, maxFragmentsPendingReassembly,
375 f->e_id_length = ipfix_e_id_length (0, sourceIPv6Address, 16);
380 /* Back to the template packet... */
381 ip = (ip4_header_t *) & tp->ip4;
382 udp = (udp_header_t *) (ip + 1);
384 ASSERT (f - first_field);
385 /* Field count in this template */
386 t->id_count = ipfix_id_count (fr->template_id, f - first_field);
388 /* set length in octets */
390 ipfix_set_id_length (2 /* set_id */ , (u8 *) f - (u8 *) s);
392 /* message length in octets */
393 h->version_length = version_length ((u8 *) f - (u8 *) h);
395 ip->length = clib_host_to_net_u16 ((u8 *) f - (u8 *) ip);
396 ip->checksum = ip4_header_checksum (ip);
402 snat_template_rewrite_addr_exhausted (flow_report_main_t * frm,
404 ip4_address_t * collector_address,
405 ip4_address_t * src_address,
408 return snat_template_rewrite (frm, fr, collector_address, src_address,
409 collector_port, NAT_ADDRESSES_EXHAUTED, 0);
413 snat_template_rewrite_nat44_session (flow_report_main_t * frm,
415 ip4_address_t * collector_address,
416 ip4_address_t * src_address,
419 return snat_template_rewrite (frm, fr, collector_address, src_address,
420 collector_port, NAT44_SESSION_CREATE, 0);
424 snat_template_rewrite_max_entries_per_usr (flow_report_main_t * frm,
426 ip4_address_t * collector_address,
427 ip4_address_t * src_address,
430 return snat_template_rewrite (frm, fr, collector_address, src_address,
431 collector_port, QUOTA_EXCEEDED,
432 MAX_ENTRIES_PER_USER);
436 nat_template_rewrite_max_sessions (flow_report_main_t * frm,
438 ip4_address_t * collector_address,
439 ip4_address_t * src_address,
442 return snat_template_rewrite (frm, fr, collector_address, src_address,
443 collector_port, QUOTA_EXCEEDED,
444 MAX_SESSION_ENTRIES);
448 nat_template_rewrite_max_bibs (flow_report_main_t * frm,
450 ip4_address_t * collector_address,
451 ip4_address_t * src_address,
454 return snat_template_rewrite (frm, fr, collector_address, src_address,
455 collector_port, QUOTA_EXCEEDED,
460 nat_template_rewrite_max_frags_ip4 (flow_report_main_t * frm,
462 ip4_address_t * collector_address,
463 ip4_address_t * src_address,
466 return snat_template_rewrite (frm, fr, collector_address, src_address,
467 collector_port, QUOTA_EXCEEDED,
468 MAX_FRAGMENTS_PENDING_REASSEMBLY);
472 nat_template_rewrite_max_frags_ip6 (flow_report_main_t * frm,
474 ip4_address_t * collector_address,
475 ip4_address_t * src_address,
478 return snat_template_rewrite (frm, fr, collector_address, src_address,
479 collector_port, QUOTA_EXCEEDED,
480 MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6);
484 nat_template_rewrite_nat64_bib (flow_report_main_t * frm,
486 ip4_address_t * collector_address,
487 ip4_address_t * src_address,
490 return snat_template_rewrite (frm, fr, collector_address, src_address,
491 collector_port, NAT64_BIB_CREATE, 0);
495 nat_template_rewrite_nat64_session (flow_report_main_t * frm,
497 ip4_address_t * collector_address,
498 ip4_address_t * src_address,
501 return snat_template_rewrite (frm, fr, collector_address, src_address,
502 collector_port, NAT64_SESSION_CREATE, 0);
506 snat_ipfix_header_create (flow_report_main_t * frm,
507 vlib_buffer_t * b0, u32 * offset)
509 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
510 flow_report_stream_t *stream;
511 ip4_ipfix_template_packet_t *tp;
512 ipfix_message_header_t *h = 0;
513 ipfix_set_header_t *s = 0;
517 stream = &frm->streams[silm->stream_index];
519 b0->current_data = 0;
520 b0->current_length = sizeof (*ip) + sizeof (*udp) + sizeof (*h) +
522 b0->flags |= (VLIB_BUFFER_TOTAL_LENGTH_VALID | VLIB_BUFFER_FLOW_REPORT);
523 vnet_buffer (b0)->sw_if_index[VLIB_RX] = 0;
524 vnet_buffer (b0)->sw_if_index[VLIB_TX] = frm->fib_index;
525 tp = vlib_buffer_get_current (b0);
526 ip = (ip4_header_t *) & tp->ip4;
527 udp = (udp_header_t *) (ip + 1);
528 h = (ipfix_message_header_t *) (udp + 1);
529 s = (ipfix_set_header_t *) (h + 1);
531 ip->ip_version_and_header_length = 0x45;
533 ip->protocol = IP_PROTOCOL_UDP;
534 ip->flags_and_fragment_offset = 0;
535 ip->src_address.as_u32 = frm->src_address.as_u32;
536 ip->dst_address.as_u32 = frm->ipfix_collector.as_u32;
537 udp->src_port = clib_host_to_net_u16 (stream->src_port);
538 udp->dst_port = clib_host_to_net_u16 (frm->collector_port);
541 h->export_time = clib_host_to_net_u32 ((u32)
542 (((f64) frm->unix_time_0) +
543 (vlib_time_now (frm->vlib_main) -
545 h->sequence_number = clib_host_to_net_u32 (stream->sequence_number++);
546 h->domain_id = clib_host_to_net_u32 (stream->domain_id);
548 *offset = (u32) (((u8 *) (s + 1)) - (u8 *) tp);
552 snat_ipfix_send (flow_report_main_t * frm,
553 vlib_frame_t * f, vlib_buffer_t * b0, u16 template_id)
555 ip4_ipfix_template_packet_t *tp;
556 ipfix_message_header_t *h = 0;
557 ipfix_set_header_t *s = 0;
560 vlib_main_t *vm = frm->vlib_main;
562 tp = vlib_buffer_get_current (b0);
563 ip = (ip4_header_t *) & tp->ip4;
564 udp = (udp_header_t *) (ip + 1);
565 h = (ipfix_message_header_t *) (udp + 1);
566 s = (ipfix_set_header_t *) (h + 1);
568 s->set_id_length = ipfix_set_id_length (template_id,
570 (sizeof (*ip) + sizeof (*udp) +
572 h->version_length = version_length (b0->current_length -
573 (sizeof (*ip) + sizeof (*udp)));
575 ip->length = clib_host_to_net_u16 (b0->current_length);
576 ip->checksum = ip4_header_checksum (ip);
577 udp->length = clib_host_to_net_u16 (b0->current_length - sizeof (*ip));
579 if (frm->udp_checksum)
581 udp->checksum = ip4_tcp_udp_compute_checksum (vm, b0, ip);
582 if (udp->checksum == 0)
583 udp->checksum = 0xffff;
586 ASSERT (ip->checksum == ip4_header_checksum (ip));
588 vlib_put_frame_to_node (vm, ip4_lookup_node.index, f);
592 snat_ipfix_logging_nat44_ses (u8 nat_event, u32 src_ip, u32 nat_src_ip,
593 snat_protocol_t snat_proto, u16 src_port,
594 u16 nat_src_port, u32 vrf_id, int do_flush)
596 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
597 flow_report_main_t *frm = &flow_report_main;
599 vlib_buffer_t *b0 = 0;
602 vlib_main_t *vm = frm->vlib_main;
604 vlib_buffer_free_list_t *fl;
610 proto = snat_proto_to_ip_proto (snat_proto);
612 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
613 now += silm->milisecond_time_0;
615 b0 = silm->nat44_session_buffer;
617 if (PREDICT_FALSE (b0 == 0))
622 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
624 clib_warning ("can't allocate buffer for NAT IPFIX event");
628 b0 = silm->nat44_session_buffer = vlib_get_buffer (vm, bi0);
630 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
631 vlib_buffer_init_for_free_list (b0, fl);
632 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
637 bi0 = vlib_get_buffer_index (vm, b0);
638 offset = silm->nat44_session_next_record_offset;
641 f = silm->nat44_session_frame;
642 if (PREDICT_FALSE (f == 0))
645 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
646 silm->nat44_session_frame = f;
647 to_next = vlib_frame_vector_args (f);
652 if (PREDICT_FALSE (offset == 0))
653 snat_ipfix_header_create (frm, b0, &offset);
655 if (PREDICT_TRUE (do_flush == 0))
657 u64 time_stamp = clib_host_to_net_u64 (now);
658 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
659 offset += sizeof (time_stamp);
661 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
662 offset += sizeof (nat_event);
664 clib_memcpy (b0->data + offset, &src_ip, sizeof (src_ip));
665 offset += sizeof (src_ip);
667 clib_memcpy (b0->data + offset, &nat_src_ip, sizeof (nat_src_ip));
668 offset += sizeof (nat_src_ip);
670 clib_memcpy (b0->data + offset, &proto, sizeof (proto));
671 offset += sizeof (proto);
673 clib_memcpy (b0->data + offset, &src_port, sizeof (src_port));
674 offset += sizeof (src_port);
676 clib_memcpy (b0->data + offset, &nat_src_port, sizeof (nat_src_port));
677 offset += sizeof (nat_src_port);
679 clib_memcpy (b0->data + offset, &vrf_id, sizeof (vrf_id));
680 offset += sizeof (vrf_id);
682 b0->current_length += NAT44_SESSION_CREATE_LEN;
686 (do_flush || (offset + NAT44_SESSION_CREATE_LEN) > frm->path_mtu))
688 snat_ipfix_send (frm, f, b0, silm->nat44_session_template_id);
689 silm->nat44_session_frame = 0;
690 silm->nat44_session_buffer = 0;
693 silm->nat44_session_next_record_offset = offset;
697 snat_ipfix_logging_addr_exhausted (u32 pool_id, int do_flush)
699 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
700 flow_report_main_t *frm = &flow_report_main;
702 vlib_buffer_t *b0 = 0;
705 vlib_main_t *vm = frm->vlib_main;
707 vlib_buffer_free_list_t *fl;
708 u8 nat_event = NAT_ADDRESSES_EXHAUTED;
713 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
714 now += silm->milisecond_time_0;
716 b0 = silm->addr_exhausted_buffer;
718 if (PREDICT_FALSE (b0 == 0))
723 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
725 clib_warning ("can't allocate buffer for NAT IPFIX event");
729 b0 = silm->addr_exhausted_buffer = vlib_get_buffer (vm, bi0);
731 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
732 vlib_buffer_init_for_free_list (b0, fl);
733 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
738 bi0 = vlib_get_buffer_index (vm, b0);
739 offset = silm->addr_exhausted_next_record_offset;
742 f = silm->addr_exhausted_frame;
743 if (PREDICT_FALSE (f == 0))
746 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
747 silm->addr_exhausted_frame = f;
748 to_next = vlib_frame_vector_args (f);
753 if (PREDICT_FALSE (offset == 0))
754 snat_ipfix_header_create (frm, b0, &offset);
756 if (PREDICT_TRUE (do_flush == 0))
758 u64 time_stamp = clib_host_to_net_u64 (now);
759 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
760 offset += sizeof (time_stamp);
762 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
763 offset += sizeof (nat_event);
765 clib_memcpy (b0->data + offset, &pool_id, sizeof (pool_id));
766 offset += sizeof (pool_id);
768 b0->current_length += NAT_ADDRESSES_EXHAUTED_LEN;
772 (do_flush || (offset + NAT_ADDRESSES_EXHAUTED_LEN) > frm->path_mtu))
774 snat_ipfix_send (frm, f, b0, silm->addr_exhausted_template_id);
775 silm->addr_exhausted_frame = 0;
776 silm->addr_exhausted_buffer = 0;
779 silm->addr_exhausted_next_record_offset = offset;
783 snat_ipfix_logging_max_entries_per_usr (u32 limit, u32 src_ip, int do_flush)
785 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
786 flow_report_main_t *frm = &flow_report_main;
788 vlib_buffer_t *b0 = 0;
791 vlib_main_t *vm = frm->vlib_main;
793 vlib_buffer_free_list_t *fl;
794 u8 nat_event = QUOTA_EXCEEDED;
795 u32 quota_event = MAX_ENTRIES_PER_USER;
800 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
801 now += silm->milisecond_time_0;
803 b0 = silm->max_entries_per_user_buffer;
805 if (PREDICT_FALSE (b0 == 0))
810 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
812 clib_warning ("can't allocate buffer for NAT IPFIX event");
816 b0 = silm->max_entries_per_user_buffer = vlib_get_buffer (vm, bi0);
818 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
819 vlib_buffer_init_for_free_list (b0, fl);
820 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
825 bi0 = vlib_get_buffer_index (vm, b0);
826 offset = silm->max_entries_per_user_next_record_offset;
829 f = silm->max_entries_per_user_frame;
830 if (PREDICT_FALSE (f == 0))
833 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
834 silm->max_entries_per_user_frame = f;
835 to_next = vlib_frame_vector_args (f);
840 if (PREDICT_FALSE (offset == 0))
841 snat_ipfix_header_create (frm, b0, &offset);
843 if (PREDICT_TRUE (do_flush == 0))
845 u64 time_stamp = clib_host_to_net_u64 (now);
846 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
847 offset += sizeof (time_stamp);
849 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
850 offset += sizeof (nat_event);
852 clib_memcpy (b0->data + offset, "a_event, sizeof (quota_event));
853 offset += sizeof (quota_event);
855 clib_memcpy (b0->data + offset, &limit, sizeof (limit));
856 offset += sizeof (limit);
858 clib_memcpy (b0->data + offset, &src_ip, sizeof (src_ip));
859 offset += sizeof (src_ip);
861 b0->current_length += MAX_ENTRIES_PER_USER_LEN;
865 (do_flush || (offset + MAX_ENTRIES_PER_USER_LEN) > frm->path_mtu))
867 snat_ipfix_send (frm, f, b0, silm->max_entries_per_user_template_id);
868 silm->max_entries_per_user_frame = 0;
869 silm->max_entries_per_user_buffer = 0;
872 silm->max_entries_per_user_next_record_offset = offset;
876 nat_ipfix_logging_max_ses (u32 limit, int do_flush)
878 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
879 flow_report_main_t *frm = &flow_report_main;
881 vlib_buffer_t *b0 = 0;
884 vlib_main_t *vm = frm->vlib_main;
886 vlib_buffer_free_list_t *fl;
887 u8 nat_event = QUOTA_EXCEEDED;
888 u32 quota_event = MAX_SESSION_ENTRIES;
893 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
894 now += silm->milisecond_time_0;
896 b0 = silm->max_sessions_buffer;
898 if (PREDICT_FALSE (b0 == 0))
903 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
905 clib_warning ("can't allocate buffer for NAT IPFIX event");
909 b0 = silm->max_sessions_buffer = vlib_get_buffer (vm, bi0);
911 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
912 vlib_buffer_init_for_free_list (b0, fl);
913 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
918 bi0 = vlib_get_buffer_index (vm, b0);
919 offset = silm->max_sessions_next_record_offset;
922 f = silm->max_sessions_frame;
923 if (PREDICT_FALSE (f == 0))
926 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
927 silm->max_sessions_frame = f;
928 to_next = vlib_frame_vector_args (f);
933 if (PREDICT_FALSE (offset == 0))
934 snat_ipfix_header_create (frm, b0, &offset);
936 if (PREDICT_TRUE (do_flush == 0))
938 u64 time_stamp = clib_host_to_net_u64 (now);
939 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
940 offset += sizeof (time_stamp);
942 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
943 offset += sizeof (nat_event);
945 clib_memcpy (b0->data + offset, "a_event, sizeof (quota_event));
946 offset += sizeof (quota_event);
948 clib_memcpy (b0->data + offset, &limit, sizeof (limit));
949 offset += sizeof (limit);
951 b0->current_length += MAX_SESSIONS_LEN;
955 (do_flush || (offset + MAX_SESSIONS_LEN) > frm->path_mtu))
957 snat_ipfix_send (frm, f, b0, silm->max_sessions_template_id);
958 silm->max_sessions_frame = 0;
959 silm->max_sessions_buffer = 0;
962 silm->max_sessions_next_record_offset = offset;
966 nat_ipfix_logging_max_bib (u32 limit, int do_flush)
968 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
969 flow_report_main_t *frm = &flow_report_main;
971 vlib_buffer_t *b0 = 0;
974 vlib_main_t *vm = frm->vlib_main;
976 vlib_buffer_free_list_t *fl;
977 u8 nat_event = QUOTA_EXCEEDED;
978 u32 quota_event = MAX_BIB_ENTRIES;
983 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
984 now += silm->milisecond_time_0;
986 b0 = silm->max_bibs_buffer;
988 if (PREDICT_FALSE (b0 == 0))
993 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
995 clib_warning ("can't allocate buffer for NAT IPFIX event");
999 b0 = silm->max_bibs_buffer = vlib_get_buffer (vm, bi0);
1001 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
1002 vlib_buffer_init_for_free_list (b0, fl);
1003 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1008 bi0 = vlib_get_buffer_index (vm, b0);
1009 offset = silm->max_bibs_next_record_offset;
1012 f = silm->max_bibs_frame;
1013 if (PREDICT_FALSE (f == 0))
1016 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1017 silm->max_bibs_frame = f;
1018 to_next = vlib_frame_vector_args (f);
1023 if (PREDICT_FALSE (offset == 0))
1024 snat_ipfix_header_create (frm, b0, &offset);
1026 if (PREDICT_TRUE (do_flush == 0))
1028 u64 time_stamp = clib_host_to_net_u64 (now);
1029 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
1030 offset += sizeof (time_stamp);
1032 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
1033 offset += sizeof (nat_event);
1035 clib_memcpy (b0->data + offset, "a_event, sizeof (quota_event));
1036 offset += sizeof (quota_event);
1038 clib_memcpy (b0->data + offset, &limit, sizeof (limit));
1039 offset += sizeof (limit);
1041 b0->current_length += MAX_BIBS_LEN;
1045 (do_flush || (offset + MAX_BIBS_LEN) > frm->path_mtu))
1047 snat_ipfix_send (frm, f, b0, silm->max_bibs_template_id);
1048 silm->max_bibs_frame = 0;
1049 silm->max_bibs_buffer = 0;
1052 silm->max_bibs_next_record_offset = offset;
1056 nat_ipfix_logging_max_frag_ip4 (u32 limit, u32 src, int do_flush)
1058 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1059 flow_report_main_t *frm = &flow_report_main;
1061 vlib_buffer_t *b0 = 0;
1064 vlib_main_t *vm = frm->vlib_main;
1066 vlib_buffer_free_list_t *fl;
1067 u8 nat_event = QUOTA_EXCEEDED;
1068 u32 quota_event = MAX_FRAGMENTS_PENDING_REASSEMBLY;
1073 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1074 now += silm->milisecond_time_0;
1076 b0 = silm->max_frags_ip4_buffer;
1078 if (PREDICT_FALSE (b0 == 0))
1083 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1085 clib_warning ("can't allocate buffer for NAT IPFIX event");
1089 b0 = silm->max_frags_ip4_buffer = vlib_get_buffer (vm, bi0);
1091 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
1092 vlib_buffer_init_for_free_list (b0, fl);
1093 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1098 bi0 = vlib_get_buffer_index (vm, b0);
1099 offset = silm->max_frags_ip4_next_record_offset;
1102 f = silm->max_frags_ip4_frame;
1103 if (PREDICT_FALSE (f == 0))
1106 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1107 silm->max_frags_ip4_frame = f;
1108 to_next = vlib_frame_vector_args (f);
1113 if (PREDICT_FALSE (offset == 0))
1114 snat_ipfix_header_create (frm, b0, &offset);
1116 if (PREDICT_TRUE (do_flush == 0))
1118 u64 time_stamp = clib_host_to_net_u64 (now);
1119 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
1120 offset += sizeof (time_stamp);
1122 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
1123 offset += sizeof (nat_event);
1125 clib_memcpy (b0->data + offset, "a_event, sizeof (quota_event));
1126 offset += sizeof (quota_event);
1128 clib_memcpy (b0->data + offset, &limit, sizeof (limit));
1129 offset += sizeof (limit);
1131 clib_memcpy (b0->data + offset, &src, sizeof (src));
1132 offset += sizeof (src);
1134 b0->current_length += MAX_FRAGMENTS_IP4_LEN;
1138 (do_flush || (offset + MAX_BIBS_LEN) > frm->path_mtu))
1140 snat_ipfix_send (frm, f, b0, silm->max_frags_ip4_template_id);
1141 silm->max_frags_ip4_frame = 0;
1142 silm->max_frags_ip4_buffer = 0;
1145 silm->max_frags_ip4_next_record_offset = offset;
1149 nat_ipfix_logging_max_frag_ip6 (u32 limit, ip6_address_t * src, int do_flush)
1151 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1152 flow_report_main_t *frm = &flow_report_main;
1154 vlib_buffer_t *b0 = 0;
1157 vlib_main_t *vm = frm->vlib_main;
1159 vlib_buffer_free_list_t *fl;
1160 u8 nat_event = QUOTA_EXCEEDED;
1161 u32 quota_event = MAX_FRAGMENTS_PENDING_REASSEMBLY;
1166 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1167 now += silm->milisecond_time_0;
1169 b0 = silm->max_frags_ip6_buffer;
1171 if (PREDICT_FALSE (b0 == 0))
1176 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1178 clib_warning ("can't allocate buffer for NAT IPFIX event");
1182 b0 = silm->max_frags_ip6_buffer = vlib_get_buffer (vm, bi0);
1184 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
1185 vlib_buffer_init_for_free_list (b0, fl);
1186 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1191 bi0 = vlib_get_buffer_index (vm, b0);
1192 offset = silm->max_frags_ip6_next_record_offset;
1195 f = silm->max_frags_ip6_frame;
1196 if (PREDICT_FALSE (f == 0))
1199 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1200 silm->max_frags_ip6_frame = f;
1201 to_next = vlib_frame_vector_args (f);
1206 if (PREDICT_FALSE (offset == 0))
1207 snat_ipfix_header_create (frm, b0, &offset);
1209 if (PREDICT_TRUE (do_flush == 0))
1211 u64 time_stamp = clib_host_to_net_u64 (now);
1212 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
1213 offset += sizeof (time_stamp);
1215 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
1216 offset += sizeof (nat_event);
1218 clib_memcpy (b0->data + offset, "a_event, sizeof (quota_event));
1219 offset += sizeof (quota_event);
1221 clib_memcpy (b0->data + offset, &limit, sizeof (limit));
1222 offset += sizeof (limit);
1224 clib_memcpy (b0->data + offset, src, sizeof (ip6_address_t));
1225 offset += sizeof (ip6_address_t);
1227 b0->current_length += MAX_FRAGMENTS_IP6_LEN;
1231 (do_flush || (offset + MAX_BIBS_LEN) > frm->path_mtu))
1233 snat_ipfix_send (frm, f, b0, silm->max_frags_ip6_template_id);
1234 silm->max_frags_ip6_frame = 0;
1235 silm->max_frags_ip6_buffer = 0;
1238 silm->max_frags_ip6_next_record_offset = offset;
1242 nat_ipfix_logging_nat64_bibe (u8 nat_event, ip6_address_t * src_ip,
1243 u32 nat_src_ip, u8 proto, u16 src_port,
1244 u16 nat_src_port, u32 vrf_id, int do_flush)
1246 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1247 flow_report_main_t *frm = &flow_report_main;
1249 vlib_buffer_t *b0 = 0;
1252 vlib_main_t *vm = frm->vlib_main;
1254 vlib_buffer_free_list_t *fl;
1259 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1260 now += silm->milisecond_time_0;
1262 b0 = silm->nat64_bib_buffer;
1264 if (PREDICT_FALSE (b0 == 0))
1269 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1271 clib_warning ("can't allocate buffer for NAT IPFIX event");
1275 b0 = silm->nat64_bib_buffer = vlib_get_buffer (vm, bi0);
1277 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
1278 vlib_buffer_init_for_free_list (b0, fl);
1279 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1284 bi0 = vlib_get_buffer_index (vm, b0);
1285 offset = silm->nat64_bib_next_record_offset;
1288 f = silm->nat64_bib_frame;
1289 if (PREDICT_FALSE (f == 0))
1292 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1293 silm->nat64_bib_frame = f;
1294 to_next = vlib_frame_vector_args (f);
1299 if (PREDICT_FALSE (offset == 0))
1300 snat_ipfix_header_create (frm, b0, &offset);
1302 if (PREDICT_TRUE (do_flush == 0))
1304 u64 time_stamp = clib_host_to_net_u64 (now);
1305 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
1306 offset += sizeof (time_stamp);
1308 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
1309 offset += sizeof (nat_event);
1311 clib_memcpy (b0->data + offset, src_ip, sizeof (ip6_address_t));
1312 offset += sizeof (ip6_address_t);
1314 clib_memcpy (b0->data + offset, &nat_src_ip, sizeof (nat_src_ip));
1315 offset += sizeof (nat_src_ip);
1317 clib_memcpy (b0->data + offset, &proto, sizeof (proto));
1318 offset += sizeof (proto);
1320 clib_memcpy (b0->data + offset, &src_port, sizeof (src_port));
1321 offset += sizeof (src_port);
1323 clib_memcpy (b0->data + offset, &nat_src_port, sizeof (nat_src_port));
1324 offset += sizeof (nat_src_port);
1326 clib_memcpy (b0->data + offset, &vrf_id, sizeof (vrf_id));
1327 offset += sizeof (vrf_id);
1329 b0->current_length += NAT64_BIB_LEN;
1333 (do_flush || (offset + NAT64_BIB_LEN) > frm->path_mtu))
1335 snat_ipfix_send (frm, f, b0, silm->nat64_bib_template_id);
1336 silm->nat64_bib_frame = 0;
1337 silm->nat64_bib_buffer = 0;
1340 silm->nat64_bib_next_record_offset = offset;
1344 nat_ipfix_logging_nat64_ses (u8 nat_event, ip6_address_t * src_ip,
1345 u32 nat_src_ip, u8 proto, u16 src_port,
1346 u16 nat_src_port, ip6_address_t * dst_ip,
1347 u32 nat_dst_ip, u16 dst_port, u16 nat_dst_port,
1348 u32 vrf_id, int do_flush)
1350 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1351 flow_report_main_t *frm = &flow_report_main;
1353 vlib_buffer_t *b0 = 0;
1356 vlib_main_t *vm = frm->vlib_main;
1358 vlib_buffer_free_list_t *fl;
1363 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1364 now += silm->milisecond_time_0;
1366 b0 = silm->nat64_ses_buffer;
1368 if (PREDICT_FALSE (b0 == 0))
1373 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1375 clib_warning ("can't allocate buffer for NAT IPFIX event");
1379 b0 = silm->nat64_ses_buffer = vlib_get_buffer (vm, bi0);
1381 vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
1382 vlib_buffer_init_for_free_list (b0, fl);
1383 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1388 bi0 = vlib_get_buffer_index (vm, b0);
1389 offset = silm->nat64_ses_next_record_offset;
1392 f = silm->nat64_ses_frame;
1393 if (PREDICT_FALSE (f == 0))
1396 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1397 silm->nat64_ses_frame = f;
1398 to_next = vlib_frame_vector_args (f);
1403 if (PREDICT_FALSE (offset == 0))
1404 snat_ipfix_header_create (frm, b0, &offset);
1406 if (PREDICT_TRUE (do_flush == 0))
1408 u64 time_stamp = clib_host_to_net_u64 (now);
1409 clib_memcpy (b0->data + offset, &time_stamp, sizeof (time_stamp));
1410 offset += sizeof (time_stamp);
1412 clib_memcpy (b0->data + offset, &nat_event, sizeof (nat_event));
1413 offset += sizeof (nat_event);
1415 clib_memcpy (b0->data + offset, src_ip, sizeof (ip6_address_t));
1416 offset += sizeof (ip6_address_t);
1418 clib_memcpy (b0->data + offset, &nat_src_ip, sizeof (nat_src_ip));
1419 offset += sizeof (nat_src_ip);
1421 clib_memcpy (b0->data + offset, &proto, sizeof (proto));
1422 offset += sizeof (proto);
1424 clib_memcpy (b0->data + offset, &src_port, sizeof (src_port));
1425 offset += sizeof (src_port);
1427 clib_memcpy (b0->data + offset, &nat_src_port, sizeof (nat_src_port));
1428 offset += sizeof (nat_src_port);
1430 clib_memcpy (b0->data + offset, dst_ip, sizeof (ip6_address_t));
1431 offset += sizeof (ip6_address_t);
1433 clib_memcpy (b0->data + offset, &nat_dst_ip, sizeof (nat_dst_ip));
1434 offset += sizeof (nat_dst_ip);
1436 clib_memcpy (b0->data + offset, &dst_port, sizeof (dst_port));
1437 offset += sizeof (dst_port);
1439 clib_memcpy (b0->data + offset, &nat_dst_port, sizeof (nat_dst_port));
1440 offset += sizeof (nat_dst_port);
1442 clib_memcpy (b0->data + offset, &vrf_id, sizeof (vrf_id));
1443 offset += sizeof (vrf_id);
1445 b0->current_length += NAT64_SES_LEN;
1449 (do_flush || (offset + NAT64_SES_LEN) > frm->path_mtu))
1451 snat_ipfix_send (frm, f, b0, silm->nat64_ses_template_id);
1452 silm->nat64_ses_frame = 0;
1453 silm->nat64_ses_buffer = 0;
1456 silm->nat64_ses_next_record_offset = offset;
1460 snat_ipfix_logging_nat44_ses_rpc_cb (snat_ipfix_logging_nat44_ses_args_t * a)
1462 snat_ipfix_logging_nat44_ses (a->nat_event, a->src_ip, a->nat_src_ip,
1463 a->snat_proto, a->src_port, a->nat_src_port,
1468 * @brief Generate NAT44 session create event
1470 * @param src_ip source IPv4 address
1471 * @param nat_src_ip transaltes source IPv4 address
1472 * @param snat_proto NAT transport protocol
1473 * @param src_port source port
1474 * @param nat_src_port translated source port
1475 * @param vrf_id VRF ID
1478 snat_ipfix_logging_nat44_ses_create (u32 src_ip,
1480 snat_protocol_t snat_proto,
1482 u16 nat_src_port, u32 vrf_id)
1484 snat_ipfix_logging_nat44_ses_args_t a;
1486 skip_if_disabled ();
1488 a.nat_event = NAT44_SESSION_CREATE;
1490 a.nat_src_ip = nat_src_ip;
1491 a.snat_proto = snat_proto;
1492 a.src_port = src_port;
1493 a.nat_src_port = nat_src_port;
1496 vl_api_rpc_call_main_thread (snat_ipfix_logging_nat44_ses_rpc_cb,
1497 (u8 *) & a, sizeof (a));
1501 * @brief Generate NAT44 session delete event
1503 * @param src_ip source IPv4 address
1504 * @param nat_src_ip transaltes source IPv4 address
1505 * @param snat_proto NAT transport protocol
1506 * @param src_port source port
1507 * @param nat_src_port translated source port
1508 * @param vrf_id VRF ID
1511 snat_ipfix_logging_nat44_ses_delete (u32 src_ip,
1513 snat_protocol_t snat_proto,
1515 u16 nat_src_port, u32 vrf_id)
1517 snat_ipfix_logging_nat44_ses_args_t a;
1519 skip_if_disabled ();
1521 a.nat_event = NAT44_SESSION_DELETE;
1523 a.nat_src_ip = nat_src_ip;
1524 a.snat_proto = snat_proto;
1525 a.src_port = src_port;
1526 a.nat_src_port = nat_src_port;
1529 vl_api_rpc_call_main_thread (snat_ipfix_logging_nat44_ses_rpc_cb,
1530 (u8 *) & a, sizeof (a));
1534 snat_data_callback_nat44_session (flow_report_main_t * frm,
1537 u32 * to_next, u32 node_index)
1539 snat_ipfix_logging_nat44_ses (0, 0, 0, 0, 0, 0, 0, 1);
1544 snat_ipfix_logging_addr_exhausted_rpc_cb
1545 (snat_ipfix_logging_addr_exhausted_args_t * a)
1547 snat_ipfix_logging_addr_exhausted (a->pool_id, 0);
1551 * @brief Generate NAT addresses exhausted event
1553 * @param pool_id NAT pool ID
1556 snat_ipfix_logging_addresses_exhausted (u32 pool_id)
1558 //TODO: This event SHOULD be rate limited
1559 snat_ipfix_logging_addr_exhausted_args_t a;
1561 skip_if_disabled ();
1563 a.pool_id = pool_id;
1565 vl_api_rpc_call_main_thread (snat_ipfix_logging_addr_exhausted_rpc_cb,
1566 (u8 *) & a, sizeof (a));
1570 snat_data_callback_addr_exhausted (flow_report_main_t * frm,
1573 u32 * to_next, u32 node_index)
1575 snat_ipfix_logging_addr_exhausted (0, 1);
1580 snat_ipfix_logging_max_entries_per_usr_rpc_cb
1581 (snat_ipfix_logging_max_entries_per_user_args_t * a)
1583 snat_ipfix_logging_max_entries_per_usr (a->limit, a->src_ip, 0);
1587 * @brief Generate maximum entries per user exceeded event
1589 * @param limit maximum NAT entries that can be created per user
1590 * @param src_ip source IPv4 address
1593 snat_ipfix_logging_max_entries_per_user (u32 limit, u32 src_ip)
1595 //TODO: This event SHOULD be rate limited
1596 snat_ipfix_logging_max_entries_per_user_args_t a;
1598 skip_if_disabled ();
1603 vl_api_rpc_call_main_thread (snat_ipfix_logging_max_entries_per_usr_rpc_cb,
1604 (u8 *) & a, sizeof (a));
1608 snat_data_callback_max_entries_per_usr (flow_report_main_t * frm,
1611 u32 * to_next, u32 node_index)
1613 snat_ipfix_logging_max_entries_per_usr (0, 0, 1);
1618 nat_ipfix_logging_max_ses_rpc_cb (nat_ipfix_logging_max_sessions_args_t * a)
1620 nat_ipfix_logging_max_ses (a->limit, 0);
1624 * @brief Generate maximum session entries exceeded event
1626 * @param limit configured limit
1629 nat_ipfix_logging_max_sessions (u32 limit)
1631 //TODO: This event SHOULD be rate limited
1632 nat_ipfix_logging_max_sessions_args_t a;
1634 skip_if_disabled ();
1638 vl_api_rpc_call_main_thread (nat_ipfix_logging_max_ses_rpc_cb,
1639 (u8 *) & a, sizeof (a));
1643 nat_data_callback_max_sessions (flow_report_main_t * frm,
1646 u32 * to_next, u32 node_index)
1648 nat_ipfix_logging_max_ses (0, 1);
1653 nat_ipfix_logging_max_bib_rpc_cb (nat_ipfix_logging_max_bibs_args_t * a)
1655 nat_ipfix_logging_max_bib (a->limit, 0);
1659 * @brief Generate maximum BIB entries exceeded event
1661 * @param limit configured limit
1664 nat_ipfix_logging_max_bibs (u32 limit)
1666 //TODO: This event SHOULD be rate limited
1667 nat_ipfix_logging_max_bibs_args_t a;
1669 skip_if_disabled ();
1673 vl_api_rpc_call_main_thread (nat_ipfix_logging_max_bib_rpc_cb,
1674 (u8 *) & a, sizeof (a));
1678 nat_data_callback_max_bibs (flow_report_main_t * frm,
1681 u32 * to_next, u32 node_index)
1683 nat_ipfix_logging_max_bib (0, 1);
1688 nat_ipfix_logging_max_frag_ip4_rpc_cb (nat_ipfix_logging_max_frags_ip4_args_t * a)
1690 nat_ipfix_logging_max_frag_ip4 (a->limit, a->src, 0);
1694 * @brief Generate maximum IPv4 fragments pending reassembly exceeded event
1696 * @param limit configured limit
1697 * @param src source IPv4 address
1700 nat_ipfix_logging_max_fragments_ip4 (u32 limit, ip4_address_t * src)
1702 //TODO: This event SHOULD be rate limited
1703 nat_ipfix_logging_max_frags_ip4_args_t a;
1705 skip_if_disabled ();
1708 a.src = src->as_u32;
1710 vl_api_rpc_call_main_thread (nat_ipfix_logging_max_frag_ip4_rpc_cb,
1711 (u8 *) & a, sizeof (a));
1715 nat_data_callback_max_frags_ip4 (flow_report_main_t * frm,
1718 u32 * to_next, u32 node_index)
1720 nat_ipfix_logging_max_frag_ip4 (0, 0, 1);
1725 nat_ipfix_logging_max_frag_ip6_rpc_cb (nat_ipfix_logging_max_frags_ip6_args_t * a)
1728 src.as_u64[0] = a->src[0];
1729 src.as_u64[1] = a->src[1];
1730 nat_ipfix_logging_max_frag_ip6 (a->limit, &src, 0);
1734 * @brief Generate maximum IPv6 fragments pending reassembly exceeded event
1736 * @param limit configured limit
1737 * @param src source IPv6 address
1740 nat_ipfix_logging_max_fragments_ip6 (u32 limit, ip6_address_t * src)
1742 //TODO: This event SHOULD be rate limited
1743 nat_ipfix_logging_max_frags_ip6_args_t a;
1745 skip_if_disabled ();
1748 a.src[0] = src->as_u64[0];
1749 a.src[1] = src->as_u64[1];
1751 vl_api_rpc_call_main_thread (nat_ipfix_logging_max_frag_ip6_rpc_cb,
1752 (u8 *) & a, sizeof (a));
1756 nat_data_callback_max_frags_ip6 (flow_report_main_t * frm,
1759 u32 * to_next, u32 node_index)
1761 nat_ipfix_logging_max_frag_ip6 (0, 0, 1);
1766 nat_ipfix_logging_nat64_bib_rpc_cb (nat_ipfix_logging_nat64_bib_args_t * a)
1768 ip6_address_t src_ip;
1769 src_ip.as_u64[0] = a->src_ip[0];
1770 src_ip.as_u64[1] = a->src_ip[1];
1771 nat_ipfix_logging_nat64_bibe (a->nat_event, &src_ip, a->nat_src_ip,
1772 a->proto, a->src_port, a->nat_src_port,
1777 * @brief Generate NAT64 BIB create and delete events
1779 * @param src_ip source IPv6 address
1780 * @param nat_src_ip transaltes source IPv4 address
1781 * @param proto L4 protocol
1782 * @param src_port source port
1783 * @param nat_src_port translated source port
1784 * @param vrf_id VRF ID
1785 * @param is_create non-zero value if create event otherwise delete event
1788 nat_ipfix_logging_nat64_bib (ip6_address_t * src_ip,
1789 ip4_address_t * nat_src_ip, u8 proto,
1790 u16 src_port, u16 nat_src_port, u32 vrf_id,
1793 nat_ipfix_logging_nat64_bib_args_t a;
1795 skip_if_disabled ();
1797 a.src_ip[0] = src_ip->as_u64[0];
1798 a.src_ip[1] = src_ip->as_u64[1];
1799 a.nat_src_ip = nat_src_ip->as_u32;
1801 a.src_port = src_port;
1802 a.nat_src_port = nat_src_port;
1804 a.nat_event = is_create ? NAT64_BIB_CREATE : NAT64_BIB_DELETE;
1806 vl_api_rpc_call_main_thread (nat_ipfix_logging_nat64_bib_rpc_cb,
1807 (u8 *) & a, sizeof (a));
1811 nat_data_callback_nat64_bib (flow_report_main_t * frm,
1814 u32 * to_next, u32 node_index)
1816 nat_ipfix_logging_nat64_bibe (0, 0, 0, 0, 0, 0, 0, 1);
1821 nat_ipfix_logging_nat64_ses_rpc_cb (nat_ipfix_logging_nat64_ses_args_t * a)
1823 ip6_address_t src_ip, dst_ip;
1824 src_ip.as_u64[0] = a->src_ip[0];
1825 src_ip.as_u64[1] = a->src_ip[1];
1826 dst_ip.as_u64[0] = a->dst_ip[0];
1827 dst_ip.as_u64[1] = a->dst_ip[1];
1828 nat_ipfix_logging_nat64_ses (a->nat_event, &src_ip, a->nat_src_ip,
1829 a->proto, a->src_port, a->nat_src_port,
1830 &dst_ip, a->nat_dst_ip, a->dst_port,
1831 a->nat_dst_port, a->vrf_id, 0);
1835 * @brief Generate NAT64 session create and delete events
1837 * @param src_ip source IPv6 address
1838 * @param nat_src_ip transaltes source IPv4 address
1839 * @param proto L4 protocol
1840 * @param src_port source port
1841 * @param nat_src_port translated source port
1842 * @param dst_ip destination IPv6 address
1843 * @param nat_dst_ip destination IPv4 address
1844 * @param dst_port destination port
1845 * @param nat_dst_port translated destination port
1846 * @param vrf_id VRF ID
1847 * @param is_create non-zero value if create event otherwise delete event
1850 nat_ipfix_logging_nat64_session (ip6_address_t * src_ip,
1851 ip4_address_t * nat_src_ip, u8 proto,
1852 u16 src_port, u16 nat_src_port,
1853 ip6_address_t * dst_ip,
1854 ip4_address_t * nat_dst_ip, u16 dst_port,
1855 u16 nat_dst_port, u32 vrf_id, u8 is_create)
1857 nat_ipfix_logging_nat64_ses_args_t a;
1859 skip_if_disabled ();
1861 a.src_ip[0] = src_ip->as_u64[0];
1862 a.src_ip[1] = src_ip->as_u64[1];
1863 a.nat_src_ip = nat_src_ip->as_u32;
1865 a.src_port = src_port;
1866 a.nat_src_port = nat_src_port;
1867 a.dst_ip[0] = dst_ip->as_u64[0];
1868 a.dst_ip[1] = dst_ip->as_u64[1];
1869 a.nat_dst_ip = nat_dst_ip->as_u32;
1870 a.dst_port = dst_port;
1871 a.nat_dst_port = nat_dst_port;
1873 a.nat_event = is_create ? NAT64_SESSION_CREATE : NAT64_SESSION_DELETE;
1875 vl_api_rpc_call_main_thread (nat_ipfix_logging_nat64_ses_rpc_cb,
1876 (u8 *) & a, sizeof (a));
1880 nat_data_callback_nat64_session (flow_report_main_t * frm,
1883 u32 * to_next, u32 node_index)
1885 nat_ipfix_logging_nat64_ses (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1);
1890 * @brief Enable/disable NAT plugin IPFIX logging
1892 * @param enable 1 if enable, 0 if disable
1893 * @param domain_id observation domain ID
1894 * @param src_port source port number
1896 * @returns 0 if success
1899 snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
1901 snat_main_t *sm = &snat_main;
1902 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1903 flow_report_main_t *frm = &flow_report_main;
1904 vnet_flow_report_add_del_args_t a;
1906 u8 e = enable ? 1 : 0;
1908 if (silm->enabled == e)
1913 memset (&a, 0, sizeof (a));
1915 a.domain_id = domain_id ? domain_id : 1;
1916 a.src_port = src_port ? src_port : UDP_DST_PORT_ipfix;
1918 if (sm->deterministic)
1920 a.rewrite_callback = snat_template_rewrite_max_entries_per_usr;
1921 a.flow_data_callback = snat_data_callback_max_entries_per_usr;
1923 rv = vnet_flow_report_add_del (frm, &a, NULL);
1926 clib_warning ("vnet_flow_report_add_del returned %d", rv);
1932 a.rewrite_callback = snat_template_rewrite_nat44_session;
1933 a.flow_data_callback = snat_data_callback_nat44_session;
1935 rv = vnet_flow_report_add_del (frm, &a, NULL);
1938 clib_warning ("vnet_flow_report_add_del returned %d", rv);
1942 a.rewrite_callback = snat_template_rewrite_addr_exhausted;
1943 a.flow_data_callback = snat_data_callback_addr_exhausted;
1945 rv = vnet_flow_report_add_del (frm, &a, NULL);
1948 clib_warning ("vnet_flow_report_add_del returned %d", rv);
1952 a.rewrite_callback = nat_template_rewrite_max_sessions;
1953 a.flow_data_callback = nat_data_callback_max_sessions;
1955 rv = vnet_flow_report_add_del (frm, &a, NULL);
1958 clib_warning ("vnet_flow_report_add_del returned %d", rv);
1962 a.rewrite_callback = nat_template_rewrite_max_bibs;
1963 a.flow_data_callback = nat_data_callback_max_bibs;
1965 rv = vnet_flow_report_add_del (frm, &a, NULL);
1968 clib_warning ("vnet_flow_report_add_del returned %d", rv);
1972 a.rewrite_callback = nat_template_rewrite_max_frags_ip4;
1973 a.flow_data_callback = nat_data_callback_max_frags_ip4;
1975 rv = vnet_flow_report_add_del (frm, &a, NULL);
1978 clib_warning ("vnet_flow_report_add_del returned %d", rv);
1982 a.rewrite_callback = nat_template_rewrite_max_frags_ip6;
1983 a.flow_data_callback = nat_data_callback_max_frags_ip6;
1985 rv = vnet_flow_report_add_del (frm, &a, NULL);
1988 clib_warning ("vnet_flow_report_add_del returned %d", rv);
1992 a.rewrite_callback = nat_template_rewrite_nat64_bib;
1993 a.flow_data_callback = nat_data_callback_nat64_bib;
1995 rv = vnet_flow_report_add_del (frm, &a, NULL);
1998 clib_warning ("vnet_flow_report_add_del returned %d", rv);
2002 a.rewrite_callback = nat_template_rewrite_nat64_session;
2003 a.flow_data_callback = nat_data_callback_nat64_session;
2005 rv = vnet_flow_report_add_del (frm, &a, NULL);
2008 clib_warning ("vnet_flow_report_add_del returned %d", rv);
2017 * @brief Initialize NAT plugin IPFIX logging
2019 * @param vm vlib main
2022 snat_ipfix_logging_init (vlib_main_t * vm)
2024 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
2028 /* Set up time reference pair */
2029 silm->vlib_time_0 = vlib_time_now (vm);
2030 silm->milisecond_time_0 = unix_time_now_nsec () * 1e-6;