#include <nat/nat44/inlines.h>
#include <nat/nat_affinity.h>
#include <vnet/fib/fib_table.h>
-#include <nat/nat_ha.h>
+
+#include <nat/nat44-ei/nat44_ei_ha.h>
+#include <nat/nat44-ei/nat44_ei.h>
#define UNSUPPORTED_IN_ED_MODE_STR \
"This command is unsupported in endpoint dependent mode"
nat44_config_t c = { 0 };
u8 mode_set = 0;
- // TODO: check this also inside the function so it can be
- // safely called from anyplace, also sanity checking required
if (sm->enabled)
return clib_error_return (0, "nat44 already enabled");
vlib_cli_output (vm, "%U",
format_bihash_8_8, &sm->static_mapping_by_external,
verbose);
- vlib_cli_output (vm, "%U", format_bihash_16_8, &sm->out2in_ed, verbose);
+ vlib_cli_output (vm, "%U", format_bihash_16_8, &sm->flow_hash, verbose);
vec_foreach_index (i, sm->per_thread_data)
{
tsm = vec_elt_at_index (sm->per_thread_data, i);
i, vlib_worker_threads[i].name);
if (sm->endpoint_dependent)
{
- vlib_cli_output (vm, "%U", format_bihash_16_8, &tsm->in2out_ed,
+ vlib_cli_output (vm, "%U", format_bihash_16_8, &sm->flow_hash,
verbose);
}
else
unformat_input_t _line_input, *line_input = &_line_input;
clib_error_t *error = 0;
u32 psid, psid_offset, psid_length, port_start, port_end;
+ snat_main_t *sm = &snat_main;
+
+ if (sm->endpoint_dependent)
+ return clib_error_return (0, UNSUPPORTED_IN_ED_MODE_STR);
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (line_input, "default"))
- nat_set_alloc_addr_and_port_default ();
+ nat44_ei_set_alloc_default ();
else
if (unformat
(line_input, "map-e psid %d psid-offset %d psid-len %d", &psid,
&psid_offset, &psid_length))
- nat_set_alloc_addr_and_port_mape ((u16) psid, (u16) psid_offset,
- (u16) psid_length);
+ nat44_ei_set_alloc_mape ((u16) psid, (u16) psid_offset,
+ (u16) psid_length);
else
if (unformat
(line_input, "port-range %d - %d", &port_start, &port_end))
"The end-port must be greater than start-port");
goto done;
}
- nat_set_alloc_addr_and_port_range ((u16) port_start,
- (u16) port_end);
+ nat44_ei_set_alloc_range ((u16) port_start, (u16) port_end);
}
else
{
u32 count = 0;
u64 now = vlib_time_now (vm);
- u64 sess_timeout_time;
+ u64 sess_timeout_time = 0;
u32 udp_sessions = 0;
u32 tcp_sessions = 0;
/* *INDENT-OFF* */
vec_foreach (tsm, sm->per_thread_data)
{
- pool_foreach (s, tsm->sessions,
- ({
+ pool_foreach (s, tsm->sessions)
+ {
sess_timeout_time = s->last_heard +
(f64) nat44_session_get_timeout (sm, s);
if (now >= sess_timeout_time)
udp_sessions++;
break;
}
- }));
+ }
nat44_show_lru_summary (vm, tsm, now, sess_timeout_time);
count += pool_elts (tsm->sessions);
}
{
tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
/* *INDENT-OFF* */
- pool_foreach (s, tsm->sessions,
- ({
+ pool_foreach (s, tsm->sessions)
+ {
sess_timeout_time = s->last_heard +
(f64) nat44_session_get_timeout (sm, s);
if (now >= sess_timeout_time)
udp_sessions++;
break;
}
- }));
+ }
/* *INDENT-ON* */
nat44_show_lru_summary (vm, tsm, now, sess_timeout_time);
count = pool_elts (tsm->sessions);
vlib_cli_output (vm, "NAT44 interfaces:");
/* *INDENT-OFF* */
- pool_foreach (i, sm->interfaces,
- ({
+ pool_foreach (i, sm->interfaces)
+ {
vlib_cli_output (vm, " %U %s", format_vnet_sw_if_index_name, vnm,
i->sw_if_index,
(nat_interface_is_inside(i) &&
nat_interface_is_outside(i)) ? "in out" :
(nat_interface_is_inside(i) ? "in" : "out"));
- }));
+ }
- pool_foreach (i, sm->output_feature_interfaces,
- ({
+ pool_foreach (i, sm->output_feature_interfaces)
+ {
vlib_cli_output (vm, " %U output-feature %s",
format_vnet_sw_if_index_name, vnm,
i->sw_if_index,
(nat_interface_is_inside(i) &&
nat_interface_is_outside(i)) ? "in out" :
(nat_interface_is_inside(i) ? "in" : "out"));
- }));
+ }
/* *INDENT-ON* */
return 0;
goto done;
}
- rv = snat_add_static_mapping (l_addr, e_addr, clib_host_to_net_u16 (l_port),
- clib_host_to_net_u16 (e_port),
- vrf_id, addr_only, sw_if_index, proto, is_add,
- twice_nat, out2in_only, 0, 0, exact_addr,
- exact);
+ rv = snat_add_static_mapping (
+ l_addr, e_addr, clib_host_to_net_u16 (l_port),
+ clib_host_to_net_u16 (e_port), vrf_id, addr_only, sw_if_index, proto,
+ is_add, twice_nat, out2in_only, 0, 0, exact_addr, exact);
switch (rv)
{
}
}
- rv =
- snat_add_static_mapping (addr, addr, clib_host_to_net_u16 (port),
- clib_host_to_net_u16 (port), vrf_id, addr_only,
- sw_if_index, proto, is_add, 0, 0, 0, 1,
- pool_addr, 0);
+ rv = snat_add_static_mapping (
+ addr, addr, clib_host_to_net_u16 (port), clib_host_to_net_u16 (port),
+ vrf_id, addr_only, sw_if_index, proto, is_add, 0, 0, 0, 1, pool_addr, 0);
switch (rv)
{
vlib_cli_output (vm, "NAT44 static mappings:");
/* *INDENT-OFF* */
- pool_foreach (m, sm->static_mappings,
- ({
+ pool_foreach (m, sm->static_mappings)
+ {
vlib_cli_output (vm, " %U", format_snat_static_mapping, m);
- }));
+ }
vec_foreach (rp, sm->to_resolve)
vlib_cli_output (vm, " %U", format_snat_static_map_to_resolve, rp);
/* *INDENT-ON* */
if (!sm->endpoint_dependent)
{
snat_user_t *u;
- pool_foreach (u, tsm->users,
- ({
+ pool_foreach (u, tsm->users)
+ {
vlib_cli_output (vm, " %U", format_snat_user, tsm, u, detail);
- }));
+ }
}
else
{
snat_session_t *s;
- pool_foreach (s, tsm->sessions,
- ({
+ pool_foreach (s, tsm->sessions)
+ {
vlib_cli_output (vm, " %U\n", format_snat_session, tsm, s);
- }));
+ }
}
}
/* *INDENT-ON* */
}
}
- rv = nat44_user_del (&addr, fib_index);
+ rv = nat44_ei_user_del (&addr, fib_index);
if (!rv)
{
- error = clib_error_return (0, "nat44_user_del returned %d", rv);
+ error = clib_error_return (0, "nat44_ei_user_del returned %d", rv);
}
done:
clib_host_to_net_u16 (eh_port),
nat_proto_to_ip_proto (proto), vrf_id, is_in);
else
- rv =
- nat44_del_session (sm, &addr, clib_host_to_net_u16 (port), proto,
- vrf_id, is_in);
+ rv = nat44_ei_del_session (sm, &addr, clib_host_to_net_u16 (port), proto,
+ vrf_id, is_in);
switch (rv)
{
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
- if (unformat (line_input, "udp %u", &sm->udp_timeout));
+ if (unformat (line_input, "udp %u", &sm->timeouts.udp));
else if (unformat (line_input, "tcp-established %u",
- &sm->tcp_established_timeout));
+ &sm->timeouts.tcp.established));
else if (unformat (line_input, "tcp-transitory %u",
- &sm->tcp_transitory_timeout));
- else if (unformat (line_input, "icmp %u", &sm->icmp_timeout));
+ &sm->timeouts.tcp.transitory));
+ else if (unformat (line_input, "icmp %u", &sm->timeouts.icmp));
else if (unformat (line_input, "reset"))
- {
- sm->udp_timeout = SNAT_UDP_TIMEOUT;
- sm->tcp_established_timeout = SNAT_TCP_ESTABLISHED_TIMEOUT;
- sm->tcp_transitory_timeout = SNAT_TCP_TRANSITORY_TIMEOUT;
- sm->icmp_timeout = SNAT_ICMP_TIMEOUT;
- }
+ nat_reset_timeouts (&sm->timeouts);
else
{
error = clib_error_return (0, "unknown input '%U'",
{
snat_main_t *sm = &snat_main;
- vlib_cli_output (vm, "udp timeout: %dsec", sm->udp_timeout);
+ vlib_cli_output (vm, "udp timeout: %dsec", sm->timeouts.udp);
vlib_cli_output (vm, "tcp-established timeout: %dsec",
- sm->tcp_established_timeout);
+ sm->timeouts.tcp.established);
vlib_cli_output (vm, "tcp-transitory timeout: %dsec",
- sm->tcp_transitory_timeout);
- vlib_cli_output (vm, "icmp timeout: %dsec", sm->icmp_timeout);
+ sm->timeouts.tcp.transitory);
+ vlib_cli_output (vm, "icmp timeout: %dsec", sm->timeouts.icmp);
return 0;
}