vlib_node_runtime_t * node,
vlib_frame_t * frame, u32 def_next)
{
- u32 n_left_from, *from, *to_next;
- u16 next_index;
+ u32 n_left_from, *from;
from = vlib_frame_vector_args (frame);
n_left_from = frame->n_vectors;
- next_index = node->cached_next_index;
- while (n_left_from > 0)
+ vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b = bufs;
+ u16 nexts[VLIB_FRAME_SIZE], *next = nexts;
+ vlib_get_buffers (vm, from, b, n_left_from);
+
+ while (n_left_from >= 2)
{
- u32 n_left_to_next;
+ u32 next0, next1;
+ u32 arc_next0, arc_next1;
+ vlib_buffer_t *b0, *b1;
- vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
+ b0 = *b;
+ b++;
+ b1 = *b;
+ b++;
- while (n_left_from >= 4 && n_left_to_next >= 2)
+ /* Prefetch next iteration. */
+ if (PREDICT_TRUE (n_left_from >= 4))
{
- u32 next0, next1;
- u32 arc_next0, arc_next1;
- u32 bi0, bi1;
- vlib_buffer_t *b0, *b1;
-
- /* Prefetch next iteration. */
- {
- vlib_buffer_t *p2, *p3;
-
- p2 = vlib_get_buffer (vm, from[2]);
- p3 = vlib_get_buffer (vm, from[3]);
-
- vlib_prefetch_buffer_header (p2, LOAD);
- vlib_prefetch_buffer_header (p3, LOAD);
-
- CLIB_PREFETCH (p2->data, CLIB_CACHE_LINE_BYTES, LOAD);
- CLIB_PREFETCH (p3->data, CLIB_CACHE_LINE_BYTES, LOAD);
- }
+ vlib_buffer_t *p2, *p3;
- /* speculatively enqueue b0 and b1 to the current next frame */
- to_next[0] = bi0 = from[0];
- to_next[1] = bi1 = from[1];
- from += 2;
- to_next += 2;
- n_left_from -= 2;
- n_left_to_next -= 2;
+ p2 = *b;
+ p3 = *(b + 1);
- b0 = vlib_get_buffer (vm, bi0);
- b1 = vlib_get_buffer (vm, bi1);
+ vlib_prefetch_buffer_header (p2, LOAD);
+ vlib_prefetch_buffer_header (p3, LOAD);
- next0 = def_next;
- next1 = def_next;
+ CLIB_PREFETCH (p2->data, CLIB_CACHE_LINE_BYTES, LOAD);
+ CLIB_PREFETCH (p3->data, CLIB_CACHE_LINE_BYTES, LOAD);
+ }
- vnet_feature_next (&arc_next0, b0);
- vnet_feature_next (&arc_next1, b1);
+ next0 = def_next;
+ next1 = def_next;
- vnet_buffer2 (b0)->nat.arc_next = arc_next0;
- vnet_buffer2 (b1)->nat.arc_next = arc_next1;
+ vnet_feature_next (&arc_next0, b0);
+ vnet_feature_next (&arc_next1, b1);
- if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)))
- {
- if (b0->flags & VLIB_BUFFER_IS_TRACED)
- {
- nat_pre_trace_t *t =
- vlib_add_trace (vm, node, b0, sizeof (*t));
- t->next_index = next0;
- t->arc_next_index = arc_next0;
- }
- if (b1->flags & VLIB_BUFFER_IS_TRACED)
- {
- nat_pre_trace_t *t =
- vlib_add_trace (vm, node, b0, sizeof (*t));
- t->next_index = next1;
- t->arc_next_index = arc_next1;
- }
- }
-
- /* verify speculative enqueues, maybe switch current next frame */
- vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
- to_next, n_left_to_next,
- bi0, bi1, next0, next1);
- }
+ vnet_buffer2 (b0)->nat.arc_next = arc_next0;
+ vnet_buffer2 (b1)->nat.arc_next = arc_next1;
- while (n_left_from > 0 && n_left_to_next > 0)
+ if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)))
{
- u32 next0;
- u32 arc_next0;
- u32 bi0;
- vlib_buffer_t *b0;
-
- /* speculatively enqueue b0 to the current next frame */
- bi0 = from[0];
- to_next[0] = bi0;
- from += 1;
- to_next += 1;
- n_left_from -= 1;
- n_left_to_next -= 1;
-
- b0 = vlib_get_buffer (vm, bi0);
- next0 = def_next;
- vnet_feature_next (&arc_next0, b0);
- vnet_buffer2 (b0)->nat.arc_next = arc_next0;
-
- if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b0->flags & VLIB_BUFFER_IS_TRACED)))
+ if (b0->flags & VLIB_BUFFER_IS_TRACED)
{
nat_pre_trace_t *t = vlib_add_trace (vm, node, b0, sizeof (*t));
t->next_index = next0;
t->arc_next_index = arc_next0;
}
+ if (b1->flags & VLIB_BUFFER_IS_TRACED)
+ {
+ nat_pre_trace_t *t = vlib_add_trace (vm, node, b0, sizeof (*t));
+ t->next_index = next1;
+ t->arc_next_index = arc_next1;
+ }
+ }
+
+ n_left_from -= 2;
+ next[0] = next0;
+ next[1] = next1;
+ next += 2;
+ }
+
+ while (n_left_from > 0)
+ {
+ u32 next0;
+ u32 arc_next0;
+ vlib_buffer_t *b0;
+
+ b0 = *b;
+ b++;
+
+ next0 = def_next;
+ vnet_feature_next (&arc_next0, b0);
+ vnet_buffer2 (b0)->nat.arc_next = arc_next0;
- /* verify speculative enqueue, maybe switch current next frame */
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
- to_next, n_left_to_next,
- bi0, next0);
+ if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b0->flags & VLIB_BUFFER_IS_TRACED)))
+ {
+ nat_pre_trace_t *t = vlib_add_trace (vm, node, b0, sizeof (*t));
+ t->next_index = next0;
+ t->arc_next_index = arc_next0;
}
- vlib_put_next_frame (vm, node, next_index, n_left_to_next);
+ n_left_from--;
+ next[0] = next0;
+ next++;
}
+ vlib_buffer_enqueue_to_next (vm, node, from, (u16 *) nexts,
+ frame->n_vectors);
return frame->n_vectors;
}
return 0;
}
-always_inline u8
-maximum_sessions_exceeded (snat_main_t * sm, u32 thread_index)
-{
- if (pool_elts (sm->per_thread_data[thread_index].sessions) >=
- sm->max_translations_per_thread)
- return 1;
-
- return 0;
-}
-
-always_inline void
-nat_send_all_to_node (vlib_main_t * vm, u32 * bi_vector,
- vlib_node_runtime_t * node, vlib_error_t * error,
- u32 next)
-{
- u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
-
- from = bi_vector;
- n_left_from = vec_len (bi_vector);
- next_index = node->cached_next_index;
- while (n_left_from > 0)
- {
- vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
- while (n_left_from > 0 && n_left_to_next > 0)
- {
- u32 bi0 = to_next[0] = from[0];
- from += 1;
- n_left_from -= 1;
- to_next += 1;
- n_left_to_next -= 1;
- vlib_buffer_t *p0 = vlib_get_buffer (vm, bi0);
- if (error)
- p0->error = *error;
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
- n_left_to_next, bi0, next);
- }
- vlib_put_next_frame (vm, node, next_index, n_left_to_next);
- }
-}
-
always_inline void
user_session_increment (snat_main_t * sm, snat_user_t * u, u8 is_static)
{
}
}
-/** \brief Set TCP session state.
- @return 1 if session was closed, otherwise 0
-*/
-always_inline int
+always_inline void
nat44_set_tcp_session_state_i2o (snat_main_t * sm, f64 now,
snat_session_t * ses, vlib_buffer_t * b,
u32 thread_index)
ses->state |= NAT44_SES_O2I_FIN_ACK;
if (nat44_is_ses_closed (ses))
{ // if session is now closed, save the timestamp
- ses->tcp_closed_timestamp = now + sm->tcp_transitory_timeout;
+ ses->tcp_closed_timestamp = now + sm->timeouts.tcp.transitory;
ses->last_lru_update = now;
}
}
}
clib_dlist_remove (tsm->lru_pool, ses->lru_index);
clib_dlist_addtail (tsm->lru_pool, ses->lru_head_index, ses->lru_index);
- return 0;
}
-always_inline int
+always_inline void
nat44_set_tcp_session_state_o2i (snat_main_t * sm, f64 now,
snat_session_t * ses, u8 tcp_flags,
u32 tcp_ack_number, u32 tcp_seq_number,
ses->state |= NAT44_SES_I2O_FIN_ACK;
if (nat44_is_ses_closed (ses))
{ // if session is now closed, save the timestamp
- ses->tcp_closed_timestamp = now + sm->tcp_transitory_timeout;
+ ses->tcp_closed_timestamp = now + sm->timeouts.tcp.transitory;
ses->last_lru_update = now;
}
}
}
clib_dlist_remove (tsm->lru_pool, ses->lru_index);
clib_dlist_addtail (tsm->lru_pool, ses->lru_head_index, ses->lru_index);
- return 0;
}
always_inline u32
switch (s->nat_proto)
{
case NAT_PROTOCOL_ICMP:
- return sm->icmp_timeout;
+ return sm->timeouts.icmp;
case NAT_PROTOCOL_UDP:
- return sm->udp_timeout;
+ return sm->timeouts.udp;
case NAT_PROTOCOL_TCP:
{
if (s->state)
- return sm->tcp_transitory_timeout;
+ return sm->timeouts.tcp.transitory;
else
- return sm->tcp_established_timeout;
+ return sm->timeouts.tcp.established;
}
default:
- return sm->udp_timeout;
+ return sm->timeouts.udp;
}
return 0;
return value->value & ~(u32) 0;
}
-always_inline void
-split_ed_value (clib_bihash_kv_16_8_t * value, u32 * thread_index,
- u32 * session_index)
-{
- if (thread_index)
- {
- *thread_index = ed_value_get_thread_index (value);
- }
- if (session_index)
- {
- *session_index = ed_value_get_session_index (value);
- }
-}
-
always_inline void
split_ed_kv (clib_bihash_kv_16_8_t * kv,
ip4_address_t * l_addr, ip4_address_t * r_addr, u8 * proto,
snat_interface_t *i;
/* *INDENT-OFF* */
- pool_foreach (i, sm->interfaces, ({
+ pool_foreach (i, sm->interfaces) {
/* NAT packet aimed at outside interface */
if ((nat_interface_is_outside (i)) && (sw_if_index == i->sw_if_index))
return 0;
- }));
+ }
/* *INDENT-ON* */
}
return 1;
}
-static inline void
-increment_v4_address (ip4_address_t * a)
+static_always_inline u16
+snat_random_port (u16 min, u16 max)
{
- u32 v;
+ snat_main_t *sm = &snat_main;
+ u32 rwide;
+ u16 r;
+
+ rwide = random_u32 (&sm->random_seed);
+ r = rwide & 0xFFFF;
+ if (r >= min && r <= max)
+ return r;
- v = clib_net_to_host_u32 (a->as_u32) + 1;
- a->as_u32 = clib_host_to_net_u32 (v);
+ return min + (rwide % (max - min + 1));
}
#endif /* __included_nat_inlines_h__ */