2 *------------------------------------------------------------------
3 * vcgn_db.h - translation database definitions
5 * Copyright (c) 2007-2014 Cisco and/or its affiliates.
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at:
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 *------------------------------------------------------------------
23 #include "index_list.h"
26 * The key structure. All fields are in NETWORK byte order!
31 u16 vrf; //bit0-12:vrf, bit13:unused, bit14-15:protocol
34 /* bit14-15:protocol in cnat_db_key_t */
35 #define CNAT_INVALID_PROTO 0x0000
36 #define CNAT_UDP 0x4000
37 #define CNAT_TCP 0x8000
38 #define CNAT_ICMP 0xc000
39 #define CNAT_VRF_MASK 0x3fff
40 #define CNAT_PRO_MASK 0xc000
41 #define CNAT_PRO_SHIFT 14
44 * Maximum number of VRF entries supported
46 #define CNAT_MAX_VRFMAP_ENTRIES (CNAT_VRF_MASK + 1)
48 * for hashing purposes, fetch the key in one instr.
56 * Main translation database entries. Currently 0x50 = 80 bytes in length.
57 * Given 20,000,000 entries, it saves nearly 1gb of SDRAM to pack the entries
58 * and pay the extra prefetch. So, that's what we do.
63 index_slist_t out2in_hash; /* hash-and-chain, x2 */
64 index_slist_t in2out_hash;
67 cnat_key_t out2in_key; /* network-to-user, outside-to-inside key */
70 cnat_key_t in2out_key; /* user-to-network, inside-to-outside key */
73 index_dlist_t user_ports; /* per-user translation list */
76 u32 user_index; /* index of user that owns this entry */
79 u16 vrfmap_index; /* index of vrfmap */
82 u16 flags; /* Always need flags... */
83 #define CNAT_DB_FLAG_PORT_PAIR (1<<0)
84 #define CNAT_DB_FLAG_TCP_ACTIVE (1<<1)
85 #define CNAT_DB_FLAG_ENTRY_FREE (1<<2)
86 #define CNAT_DB_FLAG_UDP_ACTIVE (1<<3)
87 #define CNAT_DB_FLAG_STATIC_PORT (1<<4)
88 #define CNAT_DB_FLAG_ALG_ENTRY (1<<5)
91 u32 dst_ipv4; /* pointer to ipv4 dst list, used in evil mode */
94 u32 out2in_pkts; /* pkt counters */
100 u32 entry_expires; /* timestamp used to expire translations */
103 union { /* used by FTP ALG, pkt len delta due to FTP PORT cmd */
105 i8 alg_dlt[2]; /* two delta values, 0 for previous, 1 for current */
106 u16 il; /* Used to indicate if interleaved mode is used
107 in case of RTSP ALG */
111 u32 tcp_seq_num; /* last tcp (FTP) seq # that has pkt len change due to PORT */
113 cnat_timeout_t destn_key;
115 /* 0x4C... last byte -- 72 total */
116 } cnat_main_db_entry_t;