#include <nat/nat.h>
#include <nat/nat_ipfix_logging.h>
#include <nat/nat_det.h>
+#include <nat/nat_inlines.h>
#include <vnet/fib/fib_table.h>
#define UNSUPPORTED_IN_DET_MODE_STR \
else if (unformat (input, "verbose"))
verbose = 2;
- vlib_cli_output (vm, "%U", format_bihash_16_8, &sm->in2out_ed, verbose);
- vlib_cli_output (vm, "%U", format_bihash_16_8, &sm->out2in_ed, verbose);
vlib_cli_output (vm, "%U", format_bihash_8_8, &sm->static_mapping_by_local,
verbose);
vlib_cli_output (vm, "%U",
vec_foreach_index (i, sm->per_thread_data)
{
tsm = vec_elt_at_index (sm->per_thread_data, i);
- vlib_cli_output (vm, "%U", format_bihash_8_8, &tsm->in2out, verbose);
- vlib_cli_output (vm, "%U", format_bihash_8_8, &tsm->out2in, verbose);
+ vlib_cli_output (vm, "-------- thread %d %s --------\n",
+ i, vlib_worker_threads[i].name);
+ if (sm->endpoint_dependent)
+ {
+ vlib_cli_output (vm, "%U", format_bihash_16_8, &tsm->in2out_ed,
+ verbose);
+ vlib_cli_output (vm, "%U", format_bihash_16_8, &tsm->out2in_ed,
+ verbose);
+ }
+ else
+ {
+ vlib_cli_output (vm, "%U", format_bihash_8_8, &tsm->in2out, verbose);
+ vlib_cli_output (vm, "%U", format_bihash_8_8, &tsm->out2in, verbose);
+ }
vlib_cli_output (vm, "%U", format_bihash_8_8, &tsm->user_hash, verbose);
}
count = (end_host_order - start_host_order) + 1;
if (count > 1024)
- clib_warning ("%U - %U, %d addresses...",
+ nat_log_info ("%U - %U, %d addresses...",
format_ip4_address, &start_addr,
format_ip4_address, &end_addr, count);
for (i = 0; i < count; i++)
{
if (is_add)
- snat_add_address (sm, &this_addr, vrf_id, twice_nat);
+ rv = snat_add_address (sm, &this_addr, vrf_id, twice_nat);
else
rv = snat_del_address (sm, this_addr, 0, twice_nat);
switch (rv)
{
+ case VNET_API_ERROR_VALUE_EXIST:
+ error = clib_error_return (0, "NAT address already in use.");
+ goto done;
case VNET_API_ERROR_NO_SUCH_ENTRY:
- error = clib_error_return (0, "S-NAT address not exist.");
+ error = clib_error_return (0, "NAT address not exist.");
goto done;
case VNET_API_ERROR_UNSPECIFIED:
error =
- clib_error_return (0, "S-NAT address used in static mapping.");
+ clib_error_return (0, "NAT address used in static mapping.");
+ goto done;
+ case VNET_API_ERROR_FEATURE_DISABLED:
+ error =
+ clib_error_return (0,
+ "twice NAT available only for endpoint-dependent mode.");
goto done;
default:
break;
case VNET_API_ERROR_VALUE_EXIST:
error = clib_error_return (0, "Mapping already exist.");
goto done;
+ case VNET_API_ERROR_FEATURE_DISABLED:
+ error =
+ clib_error_return (0,
+ "twice-nat/out2in-only available only for endpoint-dependent mode.");
+ goto done;
default:
break;
}
local.probability = (u8) probability;
vec_add1 (locals, local);
}
+ else if (unformat (line_input, "local %U:%u vrf %u probability %u",
+ unformat_ip4_address, &l_addr, &l_port, &vrf_id,
+ &probability))
+ {
+ memset (&local, 0, sizeof (local));
+ local.addr = l_addr;
+ local.port = (u16) l_port;
+ local.probability = (u8) probability;
+ local.vrf_id = vrf_id;
+ vec_add1 (locals, local);
+ }
else if (unformat (line_input, "external %U:%u", unformat_ip4_address,
&e_addr, &e_port))
;
- else if (unformat (line_input, "vrf %u", &vrf_id))
- ;
else if (unformat (line_input, "protocol %U", unformat_snat_protocol,
&proto))
proto_set = 1;
goto done;
}
- rv = nat44_add_del_lb_static_mapping (e_addr, (u16) e_port, proto, vrf_id,
- locals, is_add, twice_nat,
- out2in_only, 0);
+ rv = nat44_add_del_lb_static_mapping (e_addr, (u16) e_port, proto, locals,
+ is_add, twice_nat, out2in_only, 0);
switch (rv)
{
case VNET_API_ERROR_VALUE_EXIST:
error = clib_error_return (0, "Mapping already exist.");
goto done;
+ case VNET_API_ERROR_FEATURE_DISABLED:
+ error =
+ clib_error_return (0, "Available only for endpoint-dependent mode.");
+ goto done;
default:
break;
}
{
tsm = vec_elt_at_index (sm->per_thread_data, i);
+ vlib_cli_output (vm, "-------- thread %d %s --------\n",
+ i, vlib_worker_threads[i].name);
pool_foreach (u, tsm->users,
({
vlib_cli_output (vm, " %U", format_snat_user, tsm, u, verbose);
{
snat_main_t *sm = &snat_main;
unformat_input_t _line_input, *line_input = &_line_input;
- int is_in = 0;
+ int is_in = 0, is_ed = 0;
clib_error_t *error = 0;
- ip4_address_t addr;
- u32 port = 0, vrf_id = sm->outside_vrf_id;
+ ip4_address_t addr, eh_addr;
+ u32 port = 0, eh_port = 0, vrf_id = sm->outside_vrf_id;
snat_protocol_t proto;
int rv;
is_in = 1;
vrf_id = sm->inside_vrf_id;
}
+ else if (unformat (line_input, "out"))
+ {
+ is_in = 0;
+ vrf_id = sm->outside_vrf_id;
+ }
else if (unformat (line_input, "vrf %u", &vrf_id))
;
+ else
+ if (unformat
+ (line_input, "external-host %U:%u", unformat_ip4_address,
+ &eh_addr, &eh_port))
+ is_ed = 1;
else
{
error = clib_error_return (0, "unknown input '%U'",
}
}
- rv = nat44_del_session (sm, &addr, port, proto, vrf_id, is_in);
+ if (is_ed)
+ rv =
+ nat44_del_ed_session (sm, &addr, port, &eh_addr, eh_port,
+ snat_proto_to_ip_proto (proto), vrf_id, is_in);
+ else
+ rv = nat44_del_session (sm, &addr, port, proto, vrf_id, is_in);
switch (rv)
{
.function = add_lb_static_mapping_command_fn,
.short_help =
"nat44 add load-balancing static mapping protocol tcp|udp "
- "external <addr>:<port> local <addr>:<port> probability <n> "
- "[twice-nat|self-twice-nat] [vrf <table-id>] [out2in-only] [del]",
+ "external <addr>:<port> local <addr>:<port> [vrf <table-id>] "
+ "probability <n> [twice-nat|self-twice-nat] [out2in-only] [del]",
};
/*?
?*/
VLIB_CLI_COMMAND (nat44_del_session_command, static) = {
.path = "nat44 del session",
- .short_help = "nat44 del session in|out <addr>:<port> tcp|udp|icmp [vrf <id>]",
+ .short_help = "nat44 del session in|out <addr>:<port> tcp|udp|icmp [vrf <id>] [external-host <addr>:<port>]",
.function = nat44_del_session_command_fn,
};