for (i = 0; i < count; i++)
{
if (is_add)
- rv = snat_add_address (sm, &this_addr, vrf_id, twice_nat);
+ {
+ rv = nat44_ed_add_address (&this_addr, vrf_id, twice_nat);
+ }
else
- rv = snat_del_address (sm, this_addr, 0, twice_nat);
+ {
+ rv = nat44_ed_del_address (this_addr, 0, twice_nat);
+ }
switch (rv)
{
u32 *inside_sw_if_indices = 0;
u32 *outside_sw_if_indices = 0;
u8 is_output_feature = 0;
- int is_del = 0;
- int i;
+ int i, rv, is_del = 0;
sw_if_index = ~0;
sw_if_index = inside_sw_if_indices[i];
if (is_output_feature)
{
- if (snat_interface_add_del_output_feature
- (sw_if_index, 1, is_del))
+ if (is_del)
+ {
+ rv = nat44_ed_del_output_interface (sw_if_index);
+ }
+ else
+ {
+ rv = nat44_ed_add_output_interface (sw_if_index);
+ }
+ if (rv)
{
error = clib_error_return (0, "%s %U failed",
is_del ? "del" : "add",
}
else
{
- if (snat_interface_add_del (sw_if_index, 1, is_del))
+ if (is_del)
+ {
+ rv = nat44_ed_del_interface (sw_if_index, 1);
+ }
+ else
+ {
+ rv = nat44_ed_add_interface (sw_if_index, 1);
+ }
+ if (rv)
{
error = clib_error_return (0, "%s %U failed",
is_del ? "del" : "add",
sw_if_index = outside_sw_if_indices[i];
if (is_output_feature)
{
- if (snat_interface_add_del_output_feature
- (sw_if_index, 0, is_del))
+ if (is_del)
+ {
+ rv = nat44_ed_del_output_interface (sw_if_index);
+ }
+ else
+ {
+ rv = nat44_ed_add_output_interface (sw_if_index);
+ }
+ if (rv)
{
error = clib_error_return (0, "%s %U failed",
is_del ? "del" : "add",
}
else
{
- if (snat_interface_add_del (sw_if_index, 0, is_del))
+ if (is_del)
+ {
+ rv = nat44_ed_del_interface (sw_if_index, 0);
+ }
+ else
+ {
+ rv = nat44_ed_add_interface (sw_if_index, 0);
+ }
+ if (rv)
{
error = clib_error_return (0, "%s %U failed",
is_del ? "del" : "add",
vlib_cli_output (vm, "NAT44 interfaces:");
pool_foreach (i, sm->interfaces)
{
- vlib_cli_output (vm, " %U %s", format_vnet_sw_if_index_name, vnm,
- i->sw_if_index,
- (nat_interface_is_inside(i) &&
- nat_interface_is_outside(i)) ? "in out" :
- (nat_interface_is_inside(i) ? "in" : "out"));
+ vlib_cli_output (vm, " %U %s", format_vnet_sw_if_index_name, vnm,
+ i->sw_if_index,
+ (nat44_ed_is_interface_inside (i) &&
+ nat44_ed_is_interface_outside (i)) ?
+ "in out" :
+ (nat44_ed_is_interface_inside (i) ? "in" : "out"));
}
pool_foreach (i, sm->output_feature_interfaces)
{
- vlib_cli_output (vm, " %U output-feature %s",
- format_vnet_sw_if_index_name, vnm,
- i->sw_if_index,
- (nat_interface_is_inside(i) &&
- nat_interface_is_outside(i)) ? "in out" :
- (nat_interface_is_inside(i) ? "in" : "out"));
+ vlib_cli_output (vm, " %U output-feature %s",
+ format_vnet_sw_if_index_name, vnm, i->sw_if_index,
+ (nat44_ed_is_interface_inside (i) &&
+ nat44_ed_is_interface_outside (i)) ?
+ "in out" :
+ (nat44_ed_is_interface_inside (i) ? "in" : "out"));
}
return 0;
vlib_cli_command_t * cmd)
{
unformat_input_t _line_input, *line_input = &_line_input;
- clib_error_t *error = 0;
- ip4_address_t l_addr, e_addr, exact_addr;
- u32 l_port = 0, e_port = 0, vrf_id = ~0;
- int is_add = 1, addr_only = 1, rv, exact = 0;
- u32 sw_if_index = ~0;
vnet_main_t *vnm = vnet_get_main ();
+ clib_error_t *error = 0;
+ int rv;
+
nat_protocol_t proto = NAT_PROTOCOL_OTHER;
- u8 proto_set = 0;
- twice_nat_type_t twice_nat = TWICE_NAT_DISABLED;
- u8 out2in_only = 0;
+ ip4_address_t l_addr, e_addr, pool_addr;
+ u32 l_port = 0, e_port = 0, vrf_id = ~0;
+ u8 l_port_set = 0, e_port_set = 0;
+ u32 sw_if_index, flags = 0;
+ int is_add = 1;
- /* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
return clib_error_return (0, NAT44_ED_EXPECTED_ARGUMENT);
{
if (unformat (line_input, "local %U %u", unformat_ip4_address, &l_addr,
&l_port))
- addr_only = 0;
+ {
+ l_port_set = 1;
+ }
else
if (unformat (line_input, "local %U", unformat_ip4_address, &l_addr))
;
else if (unformat (line_input, "external %U %u", unformat_ip4_address,
&e_addr, &e_port))
- addr_only = 0;
+ {
+ e_port_set = 1;
+ }
else if (unformat (line_input, "external %U", unformat_ip4_address,
&e_addr))
;
else if (unformat (line_input, "external %U %u",
unformat_vnet_sw_interface, vnm, &sw_if_index,
&e_port))
- addr_only = 0;
+ {
+ flags |= NAT_SM_FLAG_SWITCH_ADDRESS;
+ e_port_set = 1;
+ }
else if (unformat (line_input, "external %U",
unformat_vnet_sw_interface, vnm, &sw_if_index))
- ;
+ {
+ flags |= NAT_SM_FLAG_SWITCH_ADDRESS;
+ }
else if (unformat (line_input, "exact %U", unformat_ip4_address,
- &exact_addr))
- exact = 1;
+ &pool_addr))
+ {
+ flags |= NAT_SM_FLAG_EXACT_ADDRESS;
+ }
else if (unformat (line_input, "vrf %u", &vrf_id))
;
else if (unformat (line_input, "%U", unformat_nat_protocol, &proto))
- proto_set = 1;
- else if (unformat (line_input, "twice-nat"))
- twice_nat = TWICE_NAT;
+ ;
else if (unformat (line_input, "self-twice-nat"))
- twice_nat = TWICE_NAT_SELF;
+ {
+ flags |= NAT_SM_FLAG_SELF_TWICE_NAT;
+ }
+ else if (unformat (line_input, "twice-nat"))
+ {
+ flags |= NAT_SM_FLAG_TWICE_NAT;
+ }
else if (unformat (line_input, "out2in-only"))
- out2in_only = 1;
+ {
+ flags |= NAT_SM_FLAG_OUT2IN_ONLY;
+ }
else if (unformat (line_input, "del"))
- is_add = 0;
+ {
+ is_add = 0;
+ }
else
{
error = clib_error_return (0, "unknown input: '%U'",
}
}
- if (twice_nat && addr_only)
+ if (l_port_set != e_port_set)
{
- error = clib_error_return (0, "twice NAT only for 1:1 NAPT");
+ error = clib_error_return (0, "Either both ports are set or none.");
goto done;
}
- if (addr_only)
+ if (!l_port_set)
{
- if (proto_set)
- {
- error =
- clib_error_return (0,
- "address only mapping doesn't support protocol");
- goto done;
- }
+ flags |= NAT_SM_FLAG_ADDR_ONLY;
}
- else if (!proto_set)
+ else
{
- error = clib_error_return (0, "protocol is required");
- goto done;
+ l_port = clib_host_to_net_u16 (l_port);
+ e_port = clib_host_to_net_u16 (e_port);
}
- rv = snat_add_static_mapping (
- l_addr, e_addr, clib_host_to_net_u16 (l_port),
- clib_host_to_net_u16 (e_port), vrf_id, addr_only, sw_if_index, proto,
- is_add, twice_nat, out2in_only, 0, 0, exact_addr, exact);
+ // TODO: specific pool_addr for both pool & twice nat pool ?
+
+ if (is_add)
+ {
+ rv =
+ nat44_ed_add_static_mapping (l_addr, e_addr, l_port, e_port, proto,
+ vrf_id, sw_if_index, flags, pool_addr, 0);
+ }
+ else
+ {
+ rv = nat44_ed_del_static_mapping (l_addr, e_addr, l_port, e_port, proto,
+ vrf_id, sw_if_index, flags);
+ }
+
+ // TODO: fix returns
switch (rv)
{
return error;
}
+// TODO: either delete this bullshit or update it
static clib_error_t *
add_identity_mapping_command_fn (vlib_main_t * vm,
unformat_input_t * input,
vlib_cli_command_t * cmd)
{
unformat_input_t _line_input, *line_input = &_line_input;
- clib_error_t *error = 0;
- ip4_address_t addr, pool_addr = { 0 };
- u32 port = 0, vrf_id = ~0;
- int is_add = 1;
- int addr_only = 1;
- u32 sw_if_index = ~0;
vnet_main_t *vnm = vnet_get_main ();
- int rv;
+ clib_error_t *error = 0;
+
+ int rv, is_add = 1, port_set = 0;
+ u32 sw_if_index, port, flags, vrf_id = ~0;
nat_protocol_t proto;
+ ip4_address_t addr;
- addr.as_u32 = 0;
+ flags = NAT_SM_FLAG_IDENTITY_NAT;
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
;
else if (unformat (line_input, "external %U",
unformat_vnet_sw_interface, vnm, &sw_if_index))
- ;
+ {
+ flags |= NAT_SM_FLAG_SWITCH_ADDRESS;
+ }
else if (unformat (line_input, "vrf %u", &vrf_id))
;
else if (unformat (line_input, "%U %u", unformat_nat_protocol, &proto,
&port))
- addr_only = 0;
+ {
+ port_set = 1;
+ }
else if (unformat (line_input, "del"))
- is_add = 0;
+ {
+ is_add = 0;
+ }
else
{
error = clib_error_return (0, "unknown input: '%U'",
}
}
- rv = snat_add_static_mapping (
- addr, addr, clib_host_to_net_u16 (port), clib_host_to_net_u16 (port),
- vrf_id, addr_only, sw_if_index, proto, is_add, 0, 0, 0, 1, pool_addr, 0);
+ if (!port_set)
+ {
+ flags |= NAT_SM_FLAG_ADDR_ONLY;
+ }
+ else
+ {
+ port = clib_host_to_net_u16 (port);
+ }
+
+ if (is_add)
+ {
+
+ rv = nat44_ed_add_static_mapping (addr, addr, port, port, proto, vrf_id,
+ sw_if_index, flags, addr, 0);
+ }
+ else
+ {
+ rv = nat44_ed_del_static_mapping (addr, addr, port, port, proto, vrf_id,
+ sw_if_index, flags);
+ }
+
+ // TODO: fix returns
switch (rv)
{
clib_error_t *error = 0;
ip4_address_t l_addr, e_addr;
u32 l_port = 0, e_port = 0, vrf_id = 0, probability = 0, affinity = 0;
- int is_add = 1;
- int rv;
- nat_protocol_t proto;
u8 proto_set = 0;
+ nat_protocol_t proto;
nat44_lb_addr_port_t *locals = 0, local;
- twice_nat_type_t twice_nat = TWICE_NAT_DISABLED;
- u8 out2in_only = 0;
+ int rv, is_add = 1;
+ u32 flags = 0;
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
;
else if (unformat (line_input, "protocol %U", unformat_nat_protocol,
&proto))
- proto_set = 1;
+ {
+ proto_set = 1;
+ }
else if (unformat (line_input, "twice-nat"))
- twice_nat = TWICE_NAT;
+ {
+ flags |= NAT_SM_FLAG_TWICE_NAT;
+ }
else if (unformat (line_input, "self-twice-nat"))
- twice_nat = TWICE_NAT_SELF;
+ {
+ flags |= NAT_SM_FLAG_SELF_TWICE_NAT;
+ }
else if (unformat (line_input, "out2in-only"))
- out2in_only = 1;
+ {
+ flags |= NAT_SM_FLAG_OUT2IN_ONLY;
+ }
else if (unformat (line_input, "del"))
- is_add = 0;
+ {
+ is_add = 0;
+ }
else if (unformat (line_input, "affinity %u", &affinity))
;
else
goto done;
}
- rv = nat44_add_del_lb_static_mapping (e_addr, (u16) e_port, proto, locals,
- is_add, twice_nat, out2in_only, 0,
- affinity);
+ if (is_add)
+ {
+ rv = nat44_ed_add_lb_static_mapping (e_addr, (u16) e_port, proto, locals,
+ flags, 0, affinity);
+ }
+ else
+ {
+ rv = nat44_ed_del_lb_static_mapping (e_addr, (u16) e_port, proto, flags);
+ }
switch (rv)
{
goto done;
}
- rv =
- nat44_lb_static_mapping_add_del_local (e_addr, (u16) e_port, l_addr,
- l_port, proto, vrf_id, probability,
- is_add);
+ rv = nat44_ed_add_del_lb_static_mapping_local (
+ e_addr, (u16) e_port, l_addr, l_port, proto, vrf_id, probability, is_add);
switch (rv)
{
unformat_input_t * input,
vlib_cli_command_t * cmd)
{
- snat_main_t *sm = &snat_main;
unformat_input_t _line_input, *line_input = &_line_input;
- u32 sw_if_index;
- int rv;
- int is_del = 0;
+ snat_main_t *sm = &snat_main;
clib_error_t *error = 0;
+ int rv, is_del = 0;
u8 twice_nat = 0;
+ u32 sw_if_index;
- /* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
return clib_error_return (0, NAT44_ED_EXPECTED_ARGUMENT);
sm->vnet_main, &sw_if_index))
;
else if (unformat (line_input, "twice-nat"))
- twice_nat = 1;
+ {
+ twice_nat = 1;
+ }
else if (unformat (line_input, "del"))
- is_del = 1;
+ {
+ is_del = 1;
+ }
else
{
error = clib_error_return (0, "unknown input '%U'",
}
}
- rv = snat_add_interface_address (sm, sw_if_index, is_del, twice_nat);
-
- switch (rv)
+ if (!is_del)
{
- case 0:
- break;
-
- default:
- error = clib_error_return (0, "snat_add_interface_address returned %d",
- rv);
- goto done;
+ rv = nat44_ed_add_interface_address (sw_if_index, twice_nat);
+ if (rv)
+ {
+ error = clib_error_return (0, "add address returned %d", rv);
+ }
+ }
+ else
+ {
+ rv = nat44_ed_del_interface_address (sw_if_index, twice_nat);
+ if (rv)
+ {
+ error = clib_error_return (0, "del address returned %d", rv);
+ }
}
done:
}
}
- rv =
- nat44_del_ed_session (sm, &addr, clib_host_to_net_u16 (port), &eh_addr,
- clib_host_to_net_u16 (eh_port),
- nat_proto_to_ip_proto (proto), vrf_id, is_in);
+ rv = nat44_ed_del_session (sm, &addr, clib_host_to_net_u16 (port), &eh_addr,
+ clib_host_to_net_u16 (eh_port),
+ nat_proto_to_ip_proto (proto), vrf_id, is_in);
switch (rv)
{
error = clib_error_return (0, "frame_queue_nelts cannot be zero");
goto done;
}
- if (snat_set_frame_queue_nelts (frame_queue_nelts) != 0)
+ if (nat44_ed_set_frame_queue_nelts (frame_queue_nelts) != 0)
{
error = clib_error_return (0, "snat_set_frame_queue_nelts failed");
goto done;