static void vl_api_dns_resolve_name_reply_t_handler_json
(vl_api_dns_resolve_name_reply_t * mp)
{
- clib_warning ("no");
+ clib_warning ("not implemented");
}
+static void vl_api_dns_resolve_ip_reply_t_handler
+ (vl_api_dns_resolve_ip_reply_t * mp)
+{
+ vat_main_t *vam = &vat_main;
+ i32 retval = ntohl (mp->retval);
+ if (vam->async_mode)
+ {
+ vam->async_errors += (retval < 0);
+ }
+ else
+ {
+ vam->retval = retval;
+ vam->result_ready = 1;
+
+ if (retval == 0)
+ {
+ clib_warning ("canonical name %s", mp->name);
+ }
+ else
+ clib_warning ("retval %d", retval);
+ }
+}
+
+static void vl_api_dns_resolve_ip_reply_t_handler_json
+ (vl_api_dns_resolve_ip_reply_t * mp)
+{
+ clib_warning ("not implemented");
+}
+
+
static void vl_api_ip_address_details_t_handler
(vl_api_ip_address_details_t * mp)
{
_(ipsec_sa_set_key_reply) \
_(ipsec_tunnel_if_add_del_reply) \
_(ipsec_tunnel_if_set_key_reply) \
+_(ipsec_tunnel_if_set_sa_reply) \
_(ikev2_profile_add_del_reply) \
_(ikev2_profile_set_auth_reply) \
_(ikev2_profile_set_id_reply) \
_(tcp_configure_src_addresses_reply) \
_(app_namespace_add_del_reply) \
_(dns_enable_disable_reply) \
-_(dns_name_server_add_del_reply)
+_(dns_name_server_add_del_reply) \
+_(session_rule_add_del_reply)
#define _(n) \
static void vl_api_##n##_t_handler \
_(IPSEC_SA_SET_KEY_REPLY, ipsec_sa_set_key_reply) \
_(IPSEC_TUNNEL_IF_ADD_DEL_REPLY, ipsec_tunnel_if_add_del_reply) \
_(IPSEC_TUNNEL_IF_SET_KEY_REPLY, ipsec_tunnel_if_set_key_reply) \
+_(IPSEC_TUNNEL_IF_SET_SA_REPLY, ipsec_tunnel_if_set_sa_reply) \
_(IKEV2_PROFILE_ADD_DEL_REPLY, ikev2_profile_add_del_reply) \
_(IKEV2_PROFILE_SET_AUTH_REPLY, ikev2_profile_set_auth_reply) \
_(IKEV2_PROFILE_SET_ID_REPLY, ikev2_profile_set_id_reply) \
_(APP_NAMESPACE_ADD_DEL_REPLY, app_namespace_add_del_reply) \
_(DNS_ENABLE_DISABLE_REPLY, dns_enable_disable_reply) \
_(DNS_NAME_SERVER_ADD_DEL_REPLY, dns_name_server_add_del_reply) \
-_(DNS_RESOLVE_NAME_REPLY, dns_resolve_name_reply)
+_(DNS_RESOLVE_NAME_REPLY, dns_resolve_name_reply) \
+_(DNS_RESOLVE_IP_REPLY, dns_resolve_ip_reply) \
+_(SESSION_RULE_ADD_DEL_REPLY, session_rule_add_del_reply)
#define foreach_standalone_reply_msg \
_(SW_INTERFACE_EVENT, sw_interface_event) \
u8 create_vrf_if_needed = 0;
u8 is_add = 1;
u32 next_hop_weight = 1;
- u8 not_last = 0;
u8 is_multipath = 0;
u8 address_set = 0;
u8 address_length_set = 0;
is_add = 0;
else if (unformat (i, "add"))
is_add = 1;
- else if (unformat (i, "not-last"))
- not_last = 1;
else if (unformat (i, "resolve-via-host"))
resolve_host = 1;
else if (unformat (i, "resolve-via-attached"))
mp->is_multipath = is_multipath;
mp->is_resolve_host = resolve_host;
mp->is_resolve_attached = resolve_attached;
- mp->not_last = not_last;
mp->next_hop_weight = next_hop_weight;
mp->dst_address_length = dst_address_length;
mp->next_hop_table_id = ntohl (next_hop_table_id);
return ret;
}
+static int
+api_ipsec_tunnel_if_set_sa (vat_main_t * vam)
+{
+ unformat_input_t *i = vam->input;
+ vl_api_ipsec_tunnel_if_set_sa_t *mp;
+ u32 sw_if_index = ~0;
+ u32 sa_id = ~0;
+ u8 is_outbound = (u8) ~ 0;
+ int ret;
+
+ while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (i, "%U", api_unformat_sw_if_index, vam, &sw_if_index))
+ ;
+ else if (unformat (i, "sa_id %d", &sa_id))
+ ;
+ else if (unformat (i, "outbound"))
+ is_outbound = 1;
+ else if (unformat (i, "inbound"))
+ is_outbound = 0;
+ else
+ {
+ clib_warning ("parse error '%U'", format_unformat_error, i);
+ return -99;
+ }
+ }
+
+ if (sw_if_index == ~0)
+ {
+ errmsg ("interface must be specified");
+ return -99;
+ }
+
+ if (sa_id == ~0)
+ {
+ errmsg ("SA ID must be specified");
+ return -99;
+ }
+
+ M (IPSEC_TUNNEL_IF_SET_SA, mp);
+
+ mp->sw_if_index = htonl (sw_if_index);
+ mp->sa_id = htonl (sa_id);
+ mp->is_outbound = is_outbound;
+
+ S (mp);
+ W (ret);
+
+ return ret;
+}
+
static int
api_ikev2_profile_add_del (vat_main_t * vam)
{
clib_memcpy (mp->namespace_id, ns_id, vec_len (ns_id));
mp->namespace_id_len = vec_len (ns_id);
- mp->secret = secret;
+ mp->secret = clib_host_to_net_u64 (secret);
mp->sw_if_index = clib_host_to_net_u32 (sw_if_index);
mp->ip4_fib_id = clib_host_to_net_u32 (ip4_fib_id);
mp->ip6_fib_id = clib_host_to_net_u32 (ip6_fib_id);
return ret;
}
+static int
+api_dns_resolve_ip (vat_main_t * vam)
+{
+ unformat_input_t *line_input = vam->input;
+ vl_api_dns_resolve_ip_t *mp;
+ int is_ip6 = -1;
+ ip4_address_t addr4;
+ ip6_address_t addr6;
+ int ret;
+
+ while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (line_input, "%U", unformat_ip6_address, &addr6))
+ is_ip6 = 1;
+ else if (unformat (line_input, "%U", unformat_ip4_address, &addr4))
+ is_ip6 = 0;
+ else
+ break;
+ }
+
+ if (is_ip6 == -1)
+ {
+ errmsg ("missing address");
+ return -99;
+ }
+
+ /* Construct the API message */
+ M (DNS_RESOLVE_IP, mp);
+ mp->is_ip6 = is_ip6;
+ if (is_ip6)
+ memcpy (mp->address, &addr6, sizeof (addr6));
+ else
+ memcpy (mp->address, &addr4, sizeof (addr4));
+
+ /* send it... */
+ S (mp);
+ /* Wait for the reply */
+ W (ret);
+ return ret;
+}
+
static int
api_dns_name_server_add_del (vat_main_t * vam)
{
return ret;
}
+static int
+api_session_rule_add_del (vat_main_t * vam)
+{
+ vl_api_session_rule_add_del_t *mp;
+ unformat_input_t *i = vam->input;
+ u32 proto = ~0, lcl_port, rmt_port, action = 0, lcl_plen, rmt_plen;
+ u32 appns_index = 0, scope = 0;
+ ip4_address_t lcl_ip4, rmt_ip4;
+ ip6_address_t lcl_ip6, rmt_ip6;
+ u8 is_ip4 = 1, conn_set = 0;
+ u8 is_add = 1;
+ int ret;
+
+ while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (i, "del"))
+ is_add = 0;
+ else if (unformat (i, "add"))
+ ;
+ else if (unformat (i, "proto tcp"))
+ proto = 0;
+ else if (unformat (i, "proto udp"))
+ proto = 1;
+ else if (unformat (i, "appns %d", &appns_index))
+ ;
+ else if (unformat (i, "scope %d", &scope))
+ ;
+ else
+ if (unformat
+ (i, "%U/%d %d %U/%d %d", unformat_ip4_address, &lcl_ip4,
+ &lcl_plen, &lcl_port, unformat_ip4_address, &rmt_ip4, &rmt_plen,
+ &rmt_port))
+ {
+ is_ip4 = 1;
+ conn_set = 1;
+ }
+ else
+ if (unformat
+ (i, "%U/%d %d %U/%d %d", unformat_ip6_address, &lcl_ip6,
+ &lcl_plen, &lcl_port, unformat_ip6_address, &rmt_ip6, &rmt_plen,
+ &rmt_port))
+ {
+ is_ip4 = 0;
+ conn_set = 1;
+ }
+ else if (unformat (i, "action %d", &action))
+ ;
+ else
+ break;
+ }
+ if (proto == ~0 || !conn_set || action == ~0)
+ {
+ errmsg ("transport proto, connection and action must be set");
+ return -99;
+ }
+
+ if (scope > 3)
+ {
+ errmsg ("scope should be 0-3");
+ return -99;
+ }
+
+ M (SESSION_RULE_ADD_DEL, mp);
+
+ mp->is_ip4 = is_ip4;
+ mp->transport_proto = proto;
+ mp->lcl_plen = clib_host_to_net_u16 (lcl_plen);
+ mp->rmt_plen = clib_host_to_net_u16 (rmt_plen);
+ mp->action_index = clib_host_to_net_u32 (action);
+ mp->appns_index = clib_host_to_net_u32 (appns_index);
+ mp->scope = scope;
+ mp->is_add = is_add;
+ if (is_ip4)
+ {
+ clib_memcpy (mp->lcl_ip, &lcl_ip4, sizeof (lcl_ip4));
+ clib_memcpy (mp->rmt_ip, &rmt_ip4, sizeof (rmt_ip4));
+ }
+ else
+ {
+ clib_memcpy (mp->lcl_ip, &lcl_ip6, sizeof (lcl_ip6));
+ clib_memcpy (mp->rmt_ip, &rmt_ip6, sizeof (rmt_ip6));
+ }
+
+ S (mp);
+ W (ret);
+ return ret;
+}
static int
q_or_quit (vat_main_t * vam)
_(ipsec_sa_dump, "[sa_id <n>]") \
_(ipsec_tunnel_if_set_key, "<intfc> <local|remote> <crypto|integ>\n" \
" <alg> <hex>\n") \
+_(ipsec_tunnel_if_set_sa, "<intfc> sa_id <n> <inbound|outbound>\n") \
_(ikev2_profile_add_del, "name <profile_name> [del]") \
_(ikev2_profile_set_auth, "name <profile_name> auth_method <method>\n" \
"(auth_data 0x<data> | auth_data <data>)") \
_(app_namespace_add_del, "[add] id <ns-id> secret <nn> sw_if_index <nn>")\
_(dns_enable_disable, "[enable][disable]") \
_(dns_name_server_add_del, "<ip-address> [del]") \
-_(dns_resolve_name, "<hostname>")
+_(dns_resolve_name, "<hostname>") \
+_(dns_resolve_ip, "<ip4|ip6>") \
+_(dns_name_server_add_del, "<ip-address> [del]") \
+_(dns_resolve_name, "<hostname>") \
+_(session_rule_add_del, "[add|del] proto <tcp/udp> <lcl-ip>/<plen> " \
+ "<lcl-port> <rmt-ip>/<plen> <rmt-port> action <nn>") \
/* List of command functions, CLI names map directly to functions */
#define foreach_cli_function \