2 * Copyright (c) 2018 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
17 * @brief NAT syslog logging
20 #include <vnet/fib/fib_table.h>
21 #include <vnet/ip/ip.h>
22 #include <vnet/syslog/syslog.h>
24 #include <nat/nat_syslog.h>
25 #include <nat/nat_inlines.h>
28 #define NAT_FACILITY SYSLOG_FACILITY_LOCAL0
30 #define NAT_APPNAME "NAT"
32 #define SADD_SDEL_SEVERITY SYSLOG_SEVERITY_INFORMATIONAL
33 #define APMADD_APMDEL_SEVERITY SYSLOG_SEVERITY_INFORMATIONAL
35 #define SADD_MSGID "SADD"
36 #define SDEL_MSGID "SDEL"
37 #define APMADD_MSGID "APMADD"
38 #define APMDEL_MSGID "APMDEL"
40 #define NSESS_SDID "nsess"
41 #define NAPMAP_SDID "napmap"
43 #define SSUBIX_SDPARAM_NAME "SSUBIX"
44 #define SVLAN_SDPARAM_NAME "SVLAN"
45 #define IATYP_SDPARAM_NAME "IATYP"
46 #define ISADDR_SDPARAM_NAME "ISADDR"
47 #define ISPORT_SDPARAM_NAME "ISPORT"
48 #define IDADDR_SDPARAM_NAME "IDADDR"
49 #define IDPORT_SDPARAM_NAME "IDPORT"
50 #define XATYP_SDPARAM_NAME "XATYP"
51 #define XSADDR_SDPARAM_NAME "XSADDR"
52 #define XSPORT_SDPARAM_NAME "XSPORT"
53 #define XDADDR_SDPARAM_NAME "XDADDR"
54 #define XDPORT_SDPARAM_NAME "XDPORT"
55 #define PROTO_SDPARAM_NAME "PROTO"
56 #define SV6ENC_SDPARAM_NAME "SV6ENC"
58 #define IATYP_IPV4 "IPv4"
59 #define IATYP_IPV6 "IPv6"
62 nat_syslog_nat44_apmap (u32 ssubix, u32 sfibix, ip4_address_t * isaddr,
63 u16 isport, ip4_address_t * xsaddr, u16 xsport,
64 snat_protocol_t proto, u8 is_add,
65 ip6_address_t * sv6enc)
67 syslog_msg_t syslog_msg;
70 if (!syslog_is_enabled ())
73 if (syslog_severity_filter_block (APMADD_APMDEL_SEVERITY))
76 syslog_msg_init (&syslog_msg, NAT_FACILITY, APMADD_APMDEL_SEVERITY,
77 NAT_APPNAME, is_add ? APMADD_MSGID : APMDEL_MSGID);
79 syslog_msg_sd_init (&syslog_msg, NAPMAP_SDID);
80 syslog_msg_add_sd_param (&syslog_msg, SSUBIX_SDPARAM_NAME, "%d", ssubix);
83 syslog_msg_add_sd_param (&syslog_msg, SV6ENC_SDPARAM_NAME, "%U",
84 format_ip6_address, sv6enc);
88 fib = fib_table_get (sfibix, FIB_PROTOCOL_IP4);
89 syslog_msg_add_sd_param (&syslog_msg, SVLAN_SDPARAM_NAME, "%d",
92 syslog_msg_add_sd_param (&syslog_msg, IATYP_SDPARAM_NAME, IATYP_IPV4);
93 syslog_msg_add_sd_param (&syslog_msg, ISADDR_SDPARAM_NAME, "%U",
94 format_ip4_address, isaddr);
95 syslog_msg_add_sd_param (&syslog_msg, ISPORT_SDPARAM_NAME, "%d",
96 clib_net_to_host_u16 (isport));
97 syslog_msg_add_sd_param (&syslog_msg, XATYP_SDPARAM_NAME, IATYP_IPV4);
98 syslog_msg_add_sd_param (&syslog_msg, XSADDR_SDPARAM_NAME, "%U",
99 format_ip4_address, xsaddr);
100 syslog_msg_add_sd_param (&syslog_msg, XSPORT_SDPARAM_NAME, "%d",
101 clib_net_to_host_u16 (xsport));
102 syslog_msg_add_sd_param (&syslog_msg, PROTO_SDPARAM_NAME, "%d",
103 snat_proto_to_ip_proto (proto));
105 syslog_msg_send (&syslog_msg);
109 nat_syslog_nat44_apmadd (u32 ssubix, u32 sfibix, ip4_address_t * isaddr,
110 u16 isport, ip4_address_t * xsaddr, u16 xsport,
111 snat_protocol_t proto)
113 nat_syslog_nat44_apmap (ssubix, sfibix, isaddr, isport, xsaddr, xsport,
118 nat_syslog_nat44_apmdel (u32 ssubix, u32 sfibix, ip4_address_t * isaddr,
119 u16 isport, ip4_address_t * xsaddr, u16 xsport,
120 snat_protocol_t proto)
122 nat_syslog_nat44_apmap (ssubix, sfibix, isaddr, isport, xsaddr, xsport,
127 nat_syslog_dslite_apmadd (u32 ssubix, ip6_address_t * sv6enc,
128 ip4_address_t * isaddr, u16 isport,
129 ip4_address_t * xsaddr, u16 xsport,
130 snat_protocol_t proto)
132 nat_syslog_nat44_apmap (ssubix, 0, isaddr, isport, xsaddr, xsport,
137 nat_syslog_dslite_apmdel (u32 ssubix, ip6_address_t * sv6enc,
138 ip4_address_t * isaddr, u16 isport,
139 ip4_address_t * xsaddr, u16 xsport,
140 snat_protocol_t proto)
142 nat_syslog_nat44_apmap (ssubix, 0, isaddr, isport, xsaddr, xsport,
147 nat_syslog_nat44_sess (u32 ssubix, u32 sfibix, ip4_address_t * isaddr,
148 u16 isport, ip4_address_t * xsaddr, u16 xsport,
149 ip4_address_t * idaddr, u16 idport,
150 ip4_address_t * xdaddr, u16 xdport,
151 snat_protocol_t proto, u8 is_add, u8 is_twicenat)
153 syslog_msg_t syslog_msg;
156 if (!syslog_is_enabled ())
159 if (syslog_severity_filter_block (SADD_SDEL_SEVERITY))
162 fib = fib_table_get (sfibix, FIB_PROTOCOL_IP4);
164 syslog_msg_init (&syslog_msg, NAT_FACILITY, SADD_SDEL_SEVERITY, NAT_APPNAME,
165 is_add ? SADD_MSGID : SDEL_MSGID);
167 syslog_msg_sd_init (&syslog_msg, NSESS_SDID);
168 syslog_msg_add_sd_param (&syslog_msg, SSUBIX_SDPARAM_NAME, "%d", ssubix);
169 syslog_msg_add_sd_param (&syslog_msg, SVLAN_SDPARAM_NAME, "%d",
171 syslog_msg_add_sd_param (&syslog_msg, IATYP_SDPARAM_NAME, IATYP_IPV4);
172 syslog_msg_add_sd_param (&syslog_msg, ISADDR_SDPARAM_NAME, "%U",
173 format_ip4_address, isaddr);
174 syslog_msg_add_sd_param (&syslog_msg, ISPORT_SDPARAM_NAME, "%d",
175 clib_net_to_host_u16 (isport));
176 syslog_msg_add_sd_param (&syslog_msg, XATYP_SDPARAM_NAME, IATYP_IPV4);
177 syslog_msg_add_sd_param (&syslog_msg, XSADDR_SDPARAM_NAME, "%U",
178 format_ip4_address, xsaddr);
179 syslog_msg_add_sd_param (&syslog_msg, XSPORT_SDPARAM_NAME, "%d",
180 clib_net_to_host_u16 (xsport));
181 syslog_msg_add_sd_param (&syslog_msg, PROTO_SDPARAM_NAME, "%d",
182 snat_proto_to_ip_proto (proto));
183 syslog_msg_add_sd_param (&syslog_msg, XDADDR_SDPARAM_NAME, "%U",
184 format_ip4_address, xdaddr);
185 syslog_msg_add_sd_param (&syslog_msg, XDPORT_SDPARAM_NAME, "%d",
186 clib_net_to_host_u16 (xdport));
189 syslog_msg_add_sd_param (&syslog_msg, IDADDR_SDPARAM_NAME, "%U",
190 format_ip4_address, idaddr);
191 syslog_msg_add_sd_param (&syslog_msg, IDPORT_SDPARAM_NAME, "%d",
192 clib_net_to_host_u16 (idport));
195 syslog_msg_send (&syslog_msg);
199 nat_syslog_nat44_sadd (u32 ssubix, u32 sfibix, ip4_address_t * isaddr,
200 u16 isport, ip4_address_t * idaddr, u16 idport,
201 ip4_address_t * xsaddr, u16 xsport,
202 ip4_address_t * xdaddr, u16 xdport,
203 snat_protocol_t proto, u8 is_twicenat)
205 nat_syslog_nat44_sess (ssubix, sfibix, isaddr, isport, xsaddr, xsport,
206 idaddr, idport, xdaddr, xdport, proto, 1,
211 nat_syslog_nat44_sdel (u32 ssubix, u32 sfibix, ip4_address_t * isaddr,
212 u16 isport, ip4_address_t * idaddr, u16 idport,
213 ip4_address_t * xsaddr, u16 xsport,
214 ip4_address_t * xdaddr, u16 xdport,
215 snat_protocol_t proto, u8 is_twicenat)
217 nat_syslog_nat44_sess (ssubix, sfibix, isaddr, isport, xsaddr, xsport,
218 idaddr, idport, xdaddr, xdport, proto, 0,
223 nat_syslog_nat64_sess (u32 sfibix, ip6_address_t * isaddr, u16 isport,
224 ip4_address_t * xsaddr, u16 xsport,
225 ip4_address_t * xdaddr, u16 xdport,
226 snat_protocol_t proto, u8 is_add)
228 syslog_msg_t syslog_msg;
231 if (!syslog_is_enabled ())
234 if (syslog_severity_filter_block (SADD_SDEL_SEVERITY))
237 fib = fib_table_get (sfibix, FIB_PROTOCOL_IP6);
239 syslog_msg_init (&syslog_msg, NAT_FACILITY, SADD_SDEL_SEVERITY, NAT_APPNAME,
240 is_add ? SADD_MSGID : SDEL_MSGID);
242 syslog_msg_sd_init (&syslog_msg, NSESS_SDID);
243 syslog_msg_add_sd_param (&syslog_msg, SVLAN_SDPARAM_NAME, "%d",
245 syslog_msg_add_sd_param (&syslog_msg, IATYP_SDPARAM_NAME, IATYP_IPV6);
246 syslog_msg_add_sd_param (&syslog_msg, ISADDR_SDPARAM_NAME, "%U",
247 format_ip6_address, isaddr);
248 syslog_msg_add_sd_param (&syslog_msg, ISPORT_SDPARAM_NAME, "%d",
249 clib_net_to_host_u16 (isport));
250 syslog_msg_add_sd_param (&syslog_msg, XATYP_SDPARAM_NAME, IATYP_IPV4);
251 syslog_msg_add_sd_param (&syslog_msg, XSADDR_SDPARAM_NAME, "%U",
252 format_ip4_address, xsaddr);
253 syslog_msg_add_sd_param (&syslog_msg, XSPORT_SDPARAM_NAME, "%d",
254 clib_net_to_host_u16 (xsport));
255 syslog_msg_add_sd_param (&syslog_msg, PROTO_SDPARAM_NAME, "%d", proto);
256 syslog_msg_add_sd_param (&syslog_msg, XDADDR_SDPARAM_NAME, "%U",
257 format_ip4_address, xdaddr);
258 syslog_msg_add_sd_param (&syslog_msg, XDPORT_SDPARAM_NAME, "%d",
259 clib_net_to_host_u16 (xdport));
261 syslog_msg_send (&syslog_msg);
265 nat_syslog_nat64_sadd (u32 sfibix, ip6_address_t * isaddr, u16 isport,
266 ip4_address_t * xsaddr, u16 xsport,
267 ip4_address_t * xdaddr, u16 xdport,
268 snat_protocol_t proto)
270 nat_syslog_nat64_sess (sfibix, isaddr, isport, xsaddr, xsport, xdaddr,
275 nat_syslog_nat64_sdel (u32 sfibix, ip6_address_t * isaddr, u16 isport,
276 ip4_address_t * xsaddr, u16 xsport,
277 ip4_address_t * xdaddr, u16 xdport,
278 snat_protocol_t proto)
280 nat_syslog_nat64_sess (sfibix, isaddr, isport, xsaddr, xsport, xdaddr,
285 * fd.io coding-style-patch-verification: ON
288 * eval: (c-set-style "gnu")