#include <nat/nat44/inlines.h>
#include <nat/nat_syslog.h>
#include <nat/nat_ha.h>
+#include <nat/nat44/ed_inlines.h>
static char *nat_in2out_ed_error_strings[] = {
#define _(sym,string) string,
}
else
{
- proto = snat_proto_to_ip_proto (s->in2out.protocol);
+ proto = nat_proto_to_ip_proto (s->in2out.protocol);
l_port = s->out2in.port;
r_port = s->ext_host_port;
}
snat_free_outside_address_and_port (sm->addresses, ctx->thread_index,
&s->out2in);
delete:
- nat44_ed_delete_session (sm, s, ctx->thread_index, 1);
+ nat_ed_session_delete (sm, s, ctx->thread_index, 1);
return 1;
}
vlib_node_runtime_t * node, u32 next0, f64 now,
u32 thread_index, snat_session_t ** p_s0)
{
+ vlib_main_t *vm = vlib_get_main ();
+
next0 = icmp_in2out (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
next0, thread_index, p_s0, 0);
snat_session_t *s0 = *p_s0;
/* Accounting */
nat44_session_update_counters (s0, now,
vlib_buffer_length_in_chain
- (sm->vlib_main, b0), thread_index);
+ (vm, b0), thread_index);
/* Per-user LRU list maintenance */
nat44_session_update_lru (sm, s0, thread_index);
}
static int
nat_ed_alloc_addr_and_port (snat_main_t * sm, u32 rx_fib_index,
- u32 snat_proto, u32 thread_index,
+ u32 nat_proto, u32 thread_index,
ip4_address_t r_addr, u16 r_port, u8 proto,
u16 port_per_thread, u32 snat_thread_index,
snat_session_t * s,
for (i = 0; i < vec_len (sm->addresses); i++)
{
a = sm->addresses + i;
- switch (snat_proto)
+ switch (nat_proto)
{
#define _(N, j, n, unused) \
- case SNAT_PROTOCOL_##N: \
+ case NAT_PROTOCOL_##N: \
if (a->fib_index == rx_fib_index) \
{ \
u16 port = snat_random_port (1, port_per_thread); \
} \
break;
- foreach_snat_protocol;
+ foreach_nat_protocol;
default:
nat_elog_info ("unknown protocol");
return 1;
/* fake fib_index to reuse macro */
rx_fib_index = ~0;
a = ga;
- switch (snat_proto)
+ switch (nat_proto)
{
- foreach_snat_protocol;
+ foreach_nat_protocol;
default:
nat_elog_info ("unknown protocol");
return 1;
snat_session_key_t key0, key1;
lb_nat_type_t lb = 0;
snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
- u32 snat_proto = ip_proto_to_snat_proto (proto);
+ u32 nat_proto = ip_proto_to_nat_proto (proto);
nat_outside_fib_t *outside_fib;
fib_node_index_t fei = FIB_NODE_INDEX_INVALID;
clib_bihash_kv_16_8_t out2in_ed_kv;
- bool out2in_ed_inserted = false;
ip4_address_t allocated_addr;
u16 allocated_port;
u8 identity_nat;
};
nat44_is_idle_session_ctx_t ctx;
- if (PREDICT_TRUE (snat_proto == SNAT_PROTOCOL_TCP))
+ if (PREDICT_TRUE (nat_proto == NAT_PROTOCOL_TCP))
{
if (PREDICT_FALSE
(!tcp_flags_is_init
if (PREDICT_FALSE
(nat44_ed_maximum_sessions_exceeded (sm, rx_fib_index, thread_index)))
{
- if (!nat_global_lru_free_one (sm, thread_index, now))
+ if (!nat_lru_free_one (sm, thread_index, now))
{
b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_SESSIONS_EXCEEDED];
nat_ipfix_logging_max_sessions (thread_index, sm->max_translations);
key0.addr = l_addr;
key0.port = l_port;
- key1.protocol = key0.protocol = snat_proto;
+ key1.protocol = key0.protocol = nat_proto;
key0.fib_index = rx_fib_index;
key1.fib_index = sm->outside_fib_index;
if (snat_static_mapping_match
(sm, key0, &key1, 0, 0, 0, &lb, 0, &identity_nat))
{
- s = nat_ed_session_alloc (sm, thread_index, now);
+ s = nat_ed_session_alloc (sm, thread_index, now, proto);
if (!s)
{
nat_elog_warn ("create NAT session failed");
b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_USER_SESS_EXCEEDED];
- goto drop;
+ return NAT_NEXT_DROP;
}
switch (vec_len (sm->outside_fibs))
{
}
/* Try to create dynamic translation */
- if (nat_ed_alloc_addr_and_port (sm, rx_fib_index, snat_proto,
+ if (nat_ed_alloc_addr_and_port (sm, rx_fib_index, nat_proto,
thread_index, r_addr, r_port, proto,
sm->port_per_thread,
tsm->snat_thread_index, s,
{
nat_elog_notice ("addresses exhausted");
b->error = node->errors[NAT_IN2OUT_ED_ERROR_OUT_OF_PORTS];
- goto drop;
+ nat_ed_session_delete (sm, s, thread_index, 1);
+ return NAT_NEXT_DROP;
}
-
- out2in_ed_inserted = true;
key1.addr = allocated_addr;
key1.port = allocated_port;
}
*sessionp = s;
return next;
}
- s = nat_ed_session_alloc (sm, thread_index, now);
+ s = nat_ed_session_alloc (sm, thread_index, now, proto);
if (!s)
{
nat_elog_warn ("create NAT session failed");
b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_USER_SESS_EXCEEDED];
- goto drop;
+ return NAT_NEXT_DROP;
}
switch (vec_len (sm->outside_fibs))
{
(&tsm->out2in_ed, &out2in_ed_kv, nat44_o2i_ed_is_idle_session_cb,
&ctx))
nat_elog_notice ("out2in-ed key add failed");
- out2in_ed_inserted = true;
}
if (lb)
thread_index, 0);
return next;
-drop:
- if (out2in_ed_inserted)
- {
- if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &out2in_ed_kv, 0))
- nat_elog_notice ("out2in-ed key del failed");
- }
- if (s)
- {
- nat_free_session_data (sm, s, thread_index, 0);
- nat44_ed_delete_session (sm, s, thread_index, 1);
- }
- return NAT_NEXT_DROP;
}
static_always_inline int
if (nat44_is_ses_closed (s))
{
nat_free_session_data (sm, s, thread_index, 0);
- nat44_ed_delete_session (sm, s, thread_index, 1);
+ nat_ed_session_delete (sm, s, thread_index, 1);
}
else
s->flags |= SNAT_SESSION_FLAG_OUTPUT_FEATURE;
u32 next = ~0;
int err;
u16 l_port = 0, r_port = 0; // initialize to workaround gcc warning
+ vlib_main_t *vm = vlib_get_main ();
snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
sw_if_index = vnet_buffer (b)->sw_if_index[VLIB_RX];
else
{
if (PREDICT_FALSE (nat44_ed_not_translate (sm, node, sw_if_index,
- ip, SNAT_PROTOCOL_ICMP,
+ ip, NAT_PROTOCOL_ICMP,
rx_fib_index,
thread_index)))
{
next =
slow_path_ed (sm, b, ip->src_address, ip->dst_address, l_port, r_port,
ip->protocol, rx_fib_index, &s, node, next,
- thread_index, vlib_time_now (sm->vlib_main));
+ thread_index, vlib_time_now (vm));
if (PREDICT_FALSE (next == NAT_NEXT_DROP))
goto out;
}
create_ses:
- s = nat_ed_session_alloc (sm, thread_index, now);
+ s = nat_ed_session_alloc (sm, thread_index, now, ip->protocol);
if (!s)
{
b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_USER_SESS_EXCEEDED];
udp0 = ip4_next_header (ip0);
tcp0 = (tcp_header_t *) udp0;
- proto0 = ip_proto_to_snat_proto (ip0->protocol);
+ proto0 = ip_proto_to_nat_proto (ip0->protocol);
- if (PREDICT_FALSE (proto0 == ~0))
+ if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER))
{
next0 = def_slow;
goto trace0;
goto trace0;
}
- if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP))
+ if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP))
{
next0 = def_slow;
goto trace0;
}
s0 = pool_elt_at_index (tsm->sessions, value0.value);
- if (s0->tcp_close_timestamp)
+ if (s0->tcp_closed_timestamp)
{
- if (now >= s0->tcp_close_timestamp)
+ if (now >= s0->tcp_closed_timestamp)
{
// session is closed, go slow path
next0 = def_slow;
if (now >= sess_timeout_time)
{
nat_free_session_data (sm, s0, thread_index, 0);
- nat44_ed_delete_session (sm, s0, thread_index, 1);
+ nat_ed_session_delete (sm, s0, thread_index, 1);
// session is closed, go slow path
next0 = def_slow;
goto trace0;
old_port0 = vnet_buffer (b0)->ip.reass.l4_src_port;
- if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP))
+ if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP))
{
if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment)
{
udp0 = ip4_next_header (ip0);
tcp0 = (tcp_header_t *) udp0;
icmp0 = (icmp46_header_t *) udp0;
- proto0 = ip_proto_to_snat_proto (ip0->protocol);
+ proto0 = ip_proto_to_nat_proto (ip0->protocol);
- if (PREDICT_FALSE (proto0 == ~0))
+ if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER))
{
s0 = nat44_ed_in2out_unknown_proto (sm, b0, ip0,
rx_fib_index0,
goto trace0;
}
- if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP))
+ if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP))
{
next0 = icmp_in2out_ed_slow_path
(sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0,
{
s0 = pool_elt_at_index (tsm->sessions, value0.value);
- if (s0->tcp_close_timestamp && now >= s0->tcp_close_timestamp)
+ if (s0->tcp_closed_timestamp && now >= s0->tcp_closed_timestamp)
{
nat_free_session_data (sm, s0, thread_index, 0);
- nat44_ed_delete_session (sm, s0, thread_index, 1);
+ nat_ed_session_delete (sm, s0, thread_index, 1);
s0 = NULL;
}
}
* be able to use dhcp client on the outside interface
*/
if (PREDICT_FALSE
- (proto0 == SNAT_PROTOCOL_UDP
+ (proto0 == NAT_PROTOCOL_UDP
&& (vnet_buffer (b0)->ip.reass.l4_dst_port ==
clib_host_to_net_u16 (UDP_DST_PORT_dhcp_to_server))
&& ip0->dst_address.as_u32 == 0xffffffff))
old_port0 = vnet_buffer (b0)->ip.reass.l4_src_port;
- if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP))
+ if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP))
{
if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment)
{
CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
nat_pre_trace_t *t = va_arg (*args, nat_pre_trace_t *);
- return format (s, "in2out next_index %d", t->next_index);
+ return format (s, "in2out next_index %d arc_next_index %d", t->next_index,
+ t->arc_next_index);
}
VLIB_NODE_FN (nat_pre_in2out_node)
Code Review / vpp.git / blobdiff