#include <vnet/fib/ip4_fib.h>
#include <nat/nat.h>
+#include <nat/nat_ha.h>
always_inline u32
ip_proto_to_snat_proto (u8 ip_proto)
pool_put_index (tsm->list_pool, u->sessions_per_user_list_head_index);
pool_put (tsm->users, u);
clib_bihash_add_del_8_8 (&tsm->user_hash, &kv, 0);
+ vlib_set_simple_counter (&sm->total_users, thread_index, 0,
+ pool_elts (tsm->users));
}
}
snat_user_key_t u_key;
snat_user_t *u;
- nat_log_debug ("session deleted %U", format_snat_session, tsm, ses);
-
clib_dlist_remove (tsm->list_pool, ses->per_user_index);
pool_put_index (tsm->list_pool, ses->per_user_index);
pool_put (tsm->sessions, ses);
+ vlib_set_simple_counter (&sm->total_sessions, thread_index, 0,
+ pool_elts (tsm->sessions));
u_key.addr = ses->in2out.addr;
u_key.fib_index = ses->in2out.fib_index;
if (nat44_is_ses_closed (ses)
&& !(ses->flags & SNAT_SESSION_FLAG_OUTPUT_FEATURE))
{
- nat_log_debug ("TCP close connection %U", format_snat_session,
- &sm->per_thread_data[thread_index], ses);
- nat_free_session_data (sm, ses, thread_index);
+ nat_free_session_data (sm, ses, thread_index, 0);
nat44_delete_session (sm, ses, thread_index);
return 1;
}
}
if (nat44_is_ses_closed (ses))
{
- nat_log_debug ("TCP close connection %U", format_snat_session,
- &sm->per_thread_data[thread_index], ses);
- nat_free_session_data (sm, ses, thread_index);
+ nat_free_session_data (sm, ses, thread_index, 0);
nat44_delete_session (sm, ses, thread_index);
return 1;
}
}
always_inline void
-nat44_session_update_counters (snat_session_t * s, f64 now, uword bytes)
+nat44_session_update_counters (snat_session_t * s, f64 now, uword bytes,
+ u32 thread_index)
{
s->last_heard = now;
s->total_pkts++;
s->total_bytes += bytes;
+ nat_ha_sref (&s->out2in.addr, s->out2in.port, &s->ext_host_addr,
+ s->ext_host_port, s->out2in.protocol, s->out2in.fib_index,
+ s->total_pkts, s->total_bytes, thread_index,
+ &s->ha_last_refreshed, now);
}
/** \brief Per-user LRU list maintenance */
kv->value = ~0ULL;
}
+static_always_inline int
+get_icmp_i2o_ed_key (ip4_header_t * ip0, nat_ed_ses_key_t * p_key0)
+{
+ icmp46_header_t *icmp0;
+ nat_ed_ses_key_t key0;
+ icmp_echo_header_t *echo0, *inner_echo0 = 0;
+ ip4_header_t *inner_ip0 = 0;
+ void *l4_header = 0;
+ icmp46_header_t *inner_icmp0;
+
+ icmp0 = (icmp46_header_t *) ip4_next_header (ip0);
+ echo0 = (icmp_echo_header_t *) (icmp0 + 1);
+
+ if (!icmp_is_error_message (icmp0))
+ {
+ key0.proto = IP_PROTOCOL_ICMP;
+ key0.l_addr = ip0->src_address;
+ key0.r_addr = ip0->dst_address;
+ key0.l_port = echo0->identifier;
+ key0.r_port = 0;
+ }
+ else
+ {
+ inner_ip0 = (ip4_header_t *) (echo0 + 1);
+ l4_header = ip4_next_header (inner_ip0);
+ key0.proto = inner_ip0->protocol;
+ key0.r_addr = inner_ip0->src_address;
+ key0.l_addr = inner_ip0->dst_address;
+ switch (ip_proto_to_snat_proto (inner_ip0->protocol))
+ {
+ case SNAT_PROTOCOL_ICMP:
+ inner_icmp0 = (icmp46_header_t *) l4_header;
+ inner_echo0 = (icmp_echo_header_t *) (inner_icmp0 + 1);
+ key0.r_port = 0;
+ key0.l_port = inner_echo0->identifier;
+ break;
+ case SNAT_PROTOCOL_UDP:
+ case SNAT_PROTOCOL_TCP:
+ key0.l_port = ((tcp_udp_header_t *) l4_header)->dst_port;
+ key0.r_port = ((tcp_udp_header_t *) l4_header)->src_port;
+ break;
+ default:
+ return NAT_IN2OUT_ED_ERROR_UNSUPPORTED_PROTOCOL;
+ }
+ }
+ *p_key0 = key0;
+ return 0;
+}
+
+
+static_always_inline int
+get_icmp_o2i_ed_key (ip4_header_t * ip0, nat_ed_ses_key_t * p_key0)
+{
+ icmp46_header_t *icmp0;
+ nat_ed_ses_key_t key0;
+ icmp_echo_header_t *echo0, *inner_echo0 = 0;
+ ip4_header_t *inner_ip0;
+ void *l4_header = 0;
+ icmp46_header_t *inner_icmp0;
+
+ icmp0 = (icmp46_header_t *) ip4_next_header (ip0);
+ echo0 = (icmp_echo_header_t *) (icmp0 + 1);
+
+ if (!icmp_is_error_message (icmp0))
+ {
+ key0.proto = IP_PROTOCOL_ICMP;
+ key0.l_addr = ip0->dst_address;
+ key0.r_addr = ip0->src_address;
+ key0.l_port = echo0->identifier;
+ key0.r_port = 0;
+ }
+ else
+ {
+ inner_ip0 = (ip4_header_t *) (echo0 + 1);
+ l4_header = ip4_next_header (inner_ip0);
+ key0.proto = inner_ip0->protocol;
+ key0.l_addr = inner_ip0->src_address;
+ key0.r_addr = inner_ip0->dst_address;
+ switch (ip_proto_to_snat_proto (inner_ip0->protocol))
+ {
+ case SNAT_PROTOCOL_ICMP:
+ inner_icmp0 = (icmp46_header_t *) l4_header;
+ inner_echo0 = (icmp_echo_header_t *) (inner_icmp0 + 1);
+ key0.l_port = inner_echo0->identifier;
+ key0.r_port = 0;
+ break;
+ case SNAT_PROTOCOL_UDP:
+ case SNAT_PROTOCOL_TCP:
+ key0.l_port = ((tcp_udp_header_t *) l4_header)->src_port;
+ key0.r_port = ((tcp_udp_header_t *) l4_header)->dst_port;
+ break;
+ default:
+ return -1;
+ }
+ }
+ *p_key0 = key0;
+ return 0;
+}
+
always_inline void
mss_clamping (snat_main_t * sm, tcp_header_t * tcp, ip_csum_t * sum)
{
Code Review / vpp.git / blobdiff