X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fplugins%2Fnat%2Fnat_api.c;h=548a9e03bc499cb80587ab7578d95f5edbc983ea;hb=efcd1e9e1d7dda4e4ea3db5750925cd8f6894f4d;hp=50b4a9ae8e1b2a738392091d83ea897c1a35d500;hpb=092b3cd59f17d5c3ebe167d8729273838afbe2cb;p=vpp.git diff --git a/src/plugins/nat/nat_api.c b/src/plugins/nat/nat_api.c index 50b4a9ae8e1..548a9e03bc4 100644 --- a/src/plugins/nat/nat_api.c +++ b/src/plugins/nat/nat_api.c @@ -21,9 +21,11 @@ #include #include #include +#include +#include #include #include -#include + #include #include @@ -224,7 +226,7 @@ static void memset (rmp, 0, sizeof (*rmp)); rmp->_vl_msg_id = ntohs (VL_API_SNAT_INTERFACE_DETAILS + sm->msg_id_base); rmp->sw_if_index = ntohl (i->sw_if_index); - rmp->is_inside = i->is_inside; + rmp->is_inside = nat_interface_is_inside (i); rmp->context = context; vl_msg_api_send_shmem (q, (u8 *) & rmp); @@ -306,7 +308,7 @@ send_snat_interface_output_feature_details (snat_interface_t * i, ntohs (VL_API_SNAT_INTERFACE_OUTPUT_FEATURE_DETAILS + sm->msg_id_base); rmp->sw_if_index = ntohl (i->sw_if_index); rmp->context = context; - rmp->is_inside = i->is_inside; + rmp->is_inside = nat_interface_is_inside (i); vl_msg_api_send_shmem (q, (u8 *) & rmp); } @@ -856,6 +858,7 @@ static void snat_user_t *u; u32 session_index, head_index, elt_index; dlist_elt_t *head, *elt; + ip4_header_t ip; q = vl_api_client_index_to_input_queue (mp->client_index); if (q == 0) @@ -864,10 +867,13 @@ static void return; clib_memcpy (&ukey.addr, mp->ip_address, 4); + ip.src_address.as_u32 = ukey.addr.as_u32; ukey.fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->vrf_id)); key.key = ukey.as_u64; - if (!clib_bihash_search_8_8 (&sm->worker_by_in, &key, &value)) - tsm = vec_elt_at_index (sm->per_thread_data, value.value); + if (sm->num_workers) + tsm = + vec_elt_at_index (sm->per_thread_data, + sm->worker_in2out_cb (&ip, ukey.fib_index)); else tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers); if (clib_bihash_search_8_8 (&tsm->user_hash, &key, &value)) @@ -1491,6 +1497,146 @@ vl_api_nat_ipfix_enable_disable_t_print (vl_api_nat_ipfix_enable_disable_t * FINISH; } +static void +vl_api_nat_set_reass_t_handler (vl_api_nat_set_reass_t * mp) +{ + snat_main_t *sm = &snat_main; + vl_api_nat_set_reass_reply_t *rmp; + int rv = 0; + + rv = + nat_reass_set (ntohl (mp->timeout), ntohs (mp->max_reass), mp->max_frag, + mp->drop_frag, mp->is_ip6); + + REPLY_MACRO (VL_API_NAT_SET_REASS_REPLY); +} + +static void * +vl_api_nat_set_reass_t_print (vl_api_nat_set_reass_t * mp, void *handle) +{ + u8 *s; + + s = format (0, "SCRIPT: nat_set_reass "); + s = format (s, "timeout %d max_reass %d max_frag %d drop_frag %d is_ip6 %d", + clib_host_to_net_u32 (mp->timeout), + clib_host_to_net_u16 (mp->max_reass), + mp->max_frag, mp->drop_frag, mp->is_ip6); + + FINISH; +} + +static void +vl_api_nat_get_reass_t_handler (vl_api_nat_get_reass_t * mp) +{ + snat_main_t *sm = &snat_main; + vl_api_nat_get_reass_reply_t *rmp; + int rv = 0; + + /* *INDENT-OFF* */ + REPLY_MACRO2 (VL_API_NAT_GET_REASS_REPLY, + ({ + rmp->ip4_timeout = htonl (nat_reass_get_timeout(0)); + rmp->ip4_max_reass = htons (nat_reass_get_max_reass(0)); + rmp->ip4_max_frag = nat_reass_get_max_frag(0); + rmp->ip4_drop_frag = nat_reass_is_drop_frag(0); + rmp->ip6_timeout = htonl (nat_reass_get_timeout(1)); + rmp->ip6_max_reass = htons (nat_reass_get_max_reass(1)); + rmp->ip6_max_frag = nat_reass_get_max_frag(1); + rmp->ip6_drop_frag = nat_reass_is_drop_frag(1); + })) + /* *INDENT-ON* */ +} + +static void * +vl_api_nat_get_reass_t_print (vl_api_nat_get_reass_t * mp, void *handle) +{ + u8 *s; + + s = format (0, "SCRIPT: nat_get_reass"); + + FINISH; +} + +typedef struct nat_api_walk_ctx_t_ +{ + unix_shared_memory_queue_t *q; + u32 context; +} nat_api_walk_ctx_t; + +static int +nat_ip4_reass_walk_api (nat_reass_ip4_t * reass, void *arg) +{ + vl_api_nat_reass_details_t *rmp; + snat_main_t *sm = &snat_main; + nat_api_walk_ctx_t *ctx = arg; + + rmp = vl_msg_api_alloc (sizeof (*rmp)); + memset (rmp, 0, sizeof (*rmp)); + rmp->_vl_msg_id = ntohs (VL_API_NAT_REASS_DETAILS + sm->msg_id_base); + rmp->context = ctx->context; + clib_memcpy (rmp->src_addr, &(reass->key.src), 4); + clib_memcpy (rmp->dst_addr, &(reass->key.dst), 4); + rmp->proto = reass->key.proto; + rmp->frag_id = ntohl (reass->key.frag_id); + rmp->frag_n = reass->frag_n; + rmp->is_ip4 = 1; + + vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp); + + return 0; +} + +static int +nat_ip6_reass_walk_api (nat_reass_ip6_t * reass, void *arg) +{ + vl_api_nat_reass_details_t *rmp; + snat_main_t *sm = &snat_main; + nat_api_walk_ctx_t *ctx = arg; + + rmp = vl_msg_api_alloc (sizeof (*rmp)); + memset (rmp, 0, sizeof (*rmp)); + rmp->_vl_msg_id = ntohs (VL_API_NAT_REASS_DETAILS + sm->msg_id_base); + rmp->context = ctx->context; + clib_memcpy (rmp->src_addr, &(reass->key.src), 16); + clib_memcpy (rmp->dst_addr, &(reass->key.dst), 16); + rmp->proto = reass->key.proto; + rmp->frag_id = ntohl (reass->key.frag_id); + rmp->frag_n = reass->frag_n; + rmp->is_ip4 = 0; + + vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp); + + return 0; +} + +static void +vl_api_nat_reass_dump_t_handler (vl_api_nat_reass_dump_t * mp) +{ + unix_shared_memory_queue_t *q; + + q = vl_api_client_index_to_input_queue (mp->client_index); + if (q == 0) + return; + + nat_api_walk_ctx_t ctx = { + .q = q, + .context = mp->context, + }; + + nat_ip4_reass_walk (nat_ip4_reass_walk_api, &ctx); + nat_ip6_reass_walk (nat_ip6_reass_walk_api, &ctx); +} + +static void * +vl_api_nat_reass_dump_t_print (vl_api_nat_reass_dump_t * mp, void *handle) +{ + u8 *s; + + s = format (0, "SCRIPT: nat_reass_dump"); + + FINISH; +} + /*************/ /*** NAT44 ***/ /*************/ @@ -1654,7 +1800,9 @@ send_nat44_interface_details (snat_interface_t * i, memset (rmp, 0, sizeof (*rmp)); rmp->_vl_msg_id = ntohs (VL_API_NAT44_INTERFACE_DETAILS + sm->msg_id_base); rmp->sw_if_index = ntohl (i->sw_if_index); - rmp->is_inside = i->is_inside; + rmp->is_inside = (nat_interface_is_inside (i) + && nat_interface_is_outside (i)) ? 2 : + nat_interface_is_inside (i); rmp->context = context; vl_msg_api_send_shmem (q, (u8 *) & rmp); @@ -1737,7 +1885,7 @@ send_nat44_interface_output_feature_details (snat_interface_t * i, ntohs (VL_API_NAT44_INTERFACE_OUTPUT_FEATURE_DETAILS + sm->msg_id_base); rmp->sw_if_index = ntohl (i->sw_if_index); rmp->context = context; - rmp->is_inside = i->is_inside; + rmp->is_inside = nat_interface_is_inside (i); vl_msg_api_send_shmem (q, (u8 *) & rmp); } @@ -2093,16 +2241,20 @@ vl_api_nat44_user_session_dump_t_handler (vl_api_nat44_user_session_dump_t * snat_user_t *u; u32 session_index, head_index, elt_index; dlist_elt_t *head, *elt; + ip4_header_t ip; q = vl_api_client_index_to_input_queue (mp->client_index); if (q == 0) return; clib_memcpy (&ukey.addr, mp->ip_address, 4); + ip.src_address.as_u32 = ukey.addr.as_u32; ukey.fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->vrf_id)); key.key = ukey.as_u64; - if (!clib_bihash_search_8_8 (&sm->worker_by_in, &key, &value)) - tsm = vec_elt_at_index (sm->per_thread_data, value.value); + if (sm->num_workers) + tsm = + vec_elt_at_index (sm->per_thread_data, + sm->worker_in2out_cb (&ip, ukey.fib_index)); else tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers); if (clib_bihash_search_8_8 (&tsm->user_hash, &key, &value)) @@ -2267,6 +2419,42 @@ static void *vl_api_nat44_lb_static_mapping_dump_t_print FINISH; } +static void +vl_api_nat44_del_session_t_handler (vl_api_nat44_del_session_t * mp) +{ + snat_main_t *sm = &snat_main; + vl_api_nat44_del_session_reply_t *rmp; + ip4_address_t addr; + u16 port; + u32 vrf_id; + int rv = 0; + snat_protocol_t proto; + + memcpy (&addr.as_u8, mp->address, 4); + port = clib_net_to_host_u16 (mp->port); + vrf_id = clib_net_to_host_u32 (mp->vrf_id); + proto = ip_proto_to_snat_proto (mp->protocol); + + rv = nat44_del_session (sm, &addr, port, proto, vrf_id, mp->is_in); + + REPLY_MACRO (VL_API_NAT44_DEL_SESSION_REPLY); +} + +static void * +vl_api_nat44_del_session_t_print (vl_api_nat44_del_session_t * mp, + void *handle) +{ + u8 *s; + + s = format (0, "SCRIPT: nat44_add_del_static_mapping "); + s = format (s, "addr %U port %d protocol %d vrf_id %d is_in %d", + format_ip4_address, mp->address, + clib_net_to_host_u16 (mp->port), + mp->protocol, clib_net_to_host_u32 (mp->vrf_id), mp->is_in); + + FINISH; +} + /*******************************/ /*** Deterministic NAT (CGN) ***/ /*******************************/ @@ -2859,7 +3047,9 @@ nat64_api_interface_walk (snat_interface_t * i, void *arg) memset (rmp, 0, sizeof (*rmp)); rmp->_vl_msg_id = ntohs (VL_API_NAT64_INTERFACE_DETAILS + sm->msg_id_base); rmp->sw_if_index = ntohl (i->sw_if_index); - rmp->is_inside = i->is_inside; + rmp->is_inside = (nat_interface_is_inside (i) + && nat_interface_is_outside (i)) ? 2 : + nat_interface_is_inside (i); rmp->context = ctx->context; vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp); @@ -3241,6 +3431,87 @@ vl_api_nat64_prefix_dump_t_print (vl_api_nat64_prefix_dump_t * mp, FINISH; } +/***************/ +/*** DS-Lite ***/ +/***************/ + +static void +vl_api_dslite_set_aftr_addr_t_handler (vl_api_dslite_set_aftr_addr_t * mp) +{ + vl_api_dslite_set_aftr_addr_reply_t *rmp; + snat_main_t *sm = &snat_main; + dslite_main_t *dm = &dslite_main; + int rv = 0; + ip6_address_t ip6_addr; + + memcpy (&ip6_addr.as_u8, mp->ip6_addr, 16); + + rv = dslite_set_aftr_ip6_addr (dm, &ip6_addr); + + REPLY_MACRO (VL_API_DSLITE_SET_AFTR_ADDR_REPLY); +} + +static void * +vl_api_dslite_set_aftr_addr_t_print (vl_api_dslite_set_aftr_addr_t * mp, + void *handle) +{ + u8 *s; + + s = format (0, "SCRIPT: dslite_set_aftr_addr "); + s = format (s, "ip6_addr %U ip4_addr %U\n", + format_ip6_address, mp->ip6_addr, + format_ip4_address, mp->ip4_addr); + + FINISH; +} + +static void + vl_api_dslite_add_del_pool_addr_range_t_handler + (vl_api_dslite_add_del_pool_addr_range_t * mp) +{ + vl_api_dslite_add_del_pool_addr_range_reply_t *rmp; + snat_main_t *sm = &snat_main; + dslite_main_t *dm = &dslite_main; + int rv = 0; + ip4_address_t this_addr; + u32 start_host_order, end_host_order; + int i, count; + u32 *tmp; + + tmp = (u32 *) mp->start_addr; + start_host_order = clib_host_to_net_u32 (tmp[0]); + tmp = (u32 *) mp->end_addr; + end_host_order = clib_host_to_net_u32 (tmp[0]); + + count = (end_host_order - start_host_order) + 1; + memcpy (&this_addr.as_u8, mp->start_addr, 4); + + for (i = 0; i < count; i++) + { + if ((rv = dslite_add_del_pool_addr (dm, &this_addr, mp->is_add))) + goto send_reply; + + increment_v4_address (&this_addr); + } + +send_reply: + REPLY_MACRO (VL_API_DSLITE_ADD_DEL_POOL_ADDR_RANGE_REPLY); +} + +static void *vl_api_dslite_add_del_pool_addr_range_t_print + (vl_api_dslite_add_del_pool_addr_range_t * mp, void *handle) +{ + u8 *s; + + s = format (0, "SCRIPT: dslite_add_del_pool_addr_range "); + s = format (s, "%U - %U\n", + format_ip4_address, mp->start_addr, + format_ip4_address, mp->end_addr); + + FINISH; +} + + /* List of message types that this plugin understands */ #define foreach_snat_plugin_api_msg \ _(SNAT_ADD_ADDRESS_RANGE, snat_add_address_range) \ @@ -3276,6 +3547,9 @@ _(NAT_SHOW_CONFIG, nat_show_config) \ _(NAT_SET_WORKERS, nat_set_workers) \ _(NAT_WORKER_DUMP, nat_worker_dump) \ _(NAT_IPFIX_ENABLE_DISABLE, nat_ipfix_enable_disable) \ +_(NAT_SET_REASS, nat_set_reass) \ +_(NAT_GET_REASS, nat_get_reass) \ +_(NAT_REASS_DUMP, nat_reass_dump) \ _(NAT44_ADD_DEL_ADDRESS_RANGE, nat44_add_del_address_range) \ _(NAT44_INTERFACE_ADD_DEL_FEATURE, nat44_interface_add_del_feature) \ _(NAT44_ADD_DEL_STATIC_MAPPING, nat44_add_del_static_mapping) \ @@ -3292,6 +3566,7 @@ _(NAT44_INTERFACE_OUTPUT_FEATURE_DUMP, \ nat44_interface_output_feature_dump) \ _(NAT44_ADD_DEL_LB_STATIC_MAPPING, nat44_add_del_lb_static_mapping) \ _(NAT44_LB_STATIC_MAPPING_DUMP, nat44_lb_static_mapping_dump) \ +_(NAT44_DEL_SESSION, nat44_del_session) \ _(NAT_DET_ADD_DEL_MAP, nat_det_add_del_map) \ _(NAT_DET_FORWARD, nat_det_forward) \ _(NAT_DET_REVERSE, nat_det_reverse) \ @@ -3311,7 +3586,9 @@ _(NAT64_SET_TIMEOUTS, nat64_set_timeouts) \ _(NAT64_GET_TIMEOUTS, nat64_get_timeouts) \ _(NAT64_ST_DUMP, nat64_st_dump) \ _(NAT64_ADD_DEL_PREFIX, nat64_add_del_prefix) \ -_(NAT64_PREFIX_DUMP, nat64_prefix_dump) +_(NAT64_PREFIX_DUMP, nat64_prefix_dump) \ +_(DSLITE_ADD_DEL_POOL_ADDR_RANGE, dslite_add_del_pool_addr_range) \ +_(DSLITE_SET_AFTR_ADDR, dslite_set_aftr_addr) /* Set up the API message handling tables */ static clib_error_t *