1 /* *------------------------------------------------------------------
2 * cnat_cli_handler.c - CLI handler definitions
4 * Copyright (c) 2007-2015 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *------------------------------------------------------------------
19 #include <vlib/vlib.h>
20 #include <vnet/vnet.h>
21 #include <vppinfra/vec.h>
22 #include <vppinfra/bitmap.h>
23 #include <vppinfra/hash.h>
24 #include <vppinfra/pool.h>
25 #include <vppinfra/clib.h>
26 #include <vppinfra/error.h>
29 #include "cnat_config.h"
30 #include "cnat_global.h"
32 #include "cnat_logging.h"
33 #include "cnat_syslog.h"
34 #include "cnat_config_api.h"
35 #include "cnat_show_api.h"
36 #include "cnat_show_response.h"
38 #include <arpa/inet.h>
41 #include <vnet/devices/dpdk/dpdk.h>
44 u32 show_debug_level = 0;
47 cnat_get_vrfmap_nfv9_logging_index (u32 i_vrf_id)
49 cnat_nfv9_logging_info_t *my_nfv9_logging_info = 0;
50 u32 logging_index = EMPTY;
53 * Start with global logging index if available
55 if (cnat_nfv9_global_info.cnat_nfv9_init_done) {
56 logging_index = cnat_nfv9_global_info.cnat_nfv9_global_collector_index;
58 pool_foreach (my_nfv9_logging_info, cnat_nfv9_logging_info_pool, ({
59 if (my_nfv9_logging_info->i_vrf_id == i_vrf_id) {
60 logging_index = my_nfv9_logging_info -
61 cnat_nfv9_logging_info_pool;
66 return (logging_index);
70 cnat_get_vrfmap_syslog_logging_index (u32 i_vrf_id)
72 cnat_syslog_logging_info_t *my_syslog_info = NULL;
73 u32 logging_index = EMPTY;
76 * Start with global logging index if available
78 if(PREDICT_TRUE(cnat_syslog_global_info.cnat_syslog_init_done)) {
80 pool_foreach (my_syslog_info, cnat_syslog_logging_info_pool, ({
81 if (my_syslog_info->i_vrf_id == i_vrf_id) {
82 logging_index = my_syslog_info -
83 cnat_syslog_logging_info_pool;
88 return (logging_index);
92 cnat_set_vrf_params_with_default(cnat_vrfmap_t *my_vrfmap, u32 i_vrf, u32 i_vrf_id)
95 my_vrfmap->status = S_WAO;
97 my_vrfmap->i_vrf = i_vrf;
98 my_vrfmap->i_vrf_id = i_vrf_id;
100 my_vrfmap->o_vrf = INVALID_UIDX;
101 my_vrfmap->o_vrf_id = INVALID_VRFID;
103 #ifndef NO_BULK_LOGGING
104 BULKSIZE_FROM_VRFMAP(my_vrfmap) = BULK_ALLOC_SIZE_NONE;
105 #endif /* #ifndef NO_BULK_LOGGING */
106 my_vrfmap->tcp_mss = V4_TCP_MSS_NOT_CONFIGURED_VALUE;
107 my_vrfmap->frag_tout = CNAT_IPV4_FRAG_TIMEOUT_DEF;
108 my_vrfmap->port_limit = V4_DEF_VRF_MAX_PORTS;
109 my_vrfmap->nfv9_logging_index =
110 cnat_get_vrfmap_nfv9_logging_index(i_vrf_id);
111 my_vrfmap->syslog_logging_index =
112 cnat_get_vrfmap_syslog_logging_index(i_vrf_id);
114 /* Copy logging policy from nfv9 info. */
115 if(my_vrfmap->nfv9_logging_index != EMPTY) {
116 cnat_nfv9_logging_info_t *nfv9_logging_info =
117 cnat_nfv9_logging_info_pool + my_vrfmap->nfv9_logging_index;
118 my_vrfmap->nf_logging_policy = nfv9_logging_info->logging_policy;
120 if(my_vrfmap->syslog_logging_index != EMPTY) {
121 cnat_syslog_logging_info_t *syslog_logging_info =
122 cnat_syslog_logging_info_pool + my_vrfmap->syslog_logging_index;
123 my_vrfmap->syslog_logging_policy = syslog_logging_info->logging_policy;
126 printf("Initializing params in cnat_set_vrf_params_with_default\n"
127 "my_vrfmap->status = %u\n"
128 "my_vrfmap->tcp_mss = %u\n"
129 "my_vrfmap->i_vrf = %u\n"
130 "my_vrfmap->i_vrf_id = %u\n"
131 "my_vrfmap->o_vrf = %u\n"
132 "my_vrfmap->o_vrf_id = %u\n"
133 "my_vrfmap->bulk_size = %u\n"
134 "my_vrfmap->nfv9_logging_index = %u\n"
135 "my_vrfmap->syslog_logging_index = %u\n"
136 "my_vrfmap->frag_tout = %u\n"
137 "my_vrfmap->port_limit = %u\n"
138 "my_vrfmap->nf_logging_policy = %u\n"
139 "my_vrfmap->syslog_logging_policy = %u\n",
146 my_vrfmap->bulk_size,
147 my_vrfmap->nfv9_logging_index,
148 my_vrfmap->syslog_logging_index,
149 my_vrfmap->frag_tout,
150 my_vrfmap->port_limit,
151 my_vrfmap->nf_logging_policy,
152 my_vrfmap->syslog_logging_policy);
156 /* config command handlers */
157 void cnat_nat44_add_vrf_map_t_handler(spp_api_cnat_v4_add_vrf_map_t *mp,
160 void cnat_table_entry_fill_map(u32 start_addr, u32 end_addr,
161 cnat_portmap_v2_t **port_map_holder);
162 u32 start_addr, end_addr;
163 u32 pm_len __attribute__((unused));
164 cnat_vrfmap_t *my_vrfmap = 0;
165 cnat_portmap_v2_t *pm = 0;
167 u32 ivrf_id, ovrf_id;
171 start_addr = mp->start_addr[0];
172 end_addr = mp->end_addr[0];
175 ovrf_id = mp->o_vrf_id;
176 ivrf_id = mp->i_vrf_id;
178 #if DEBUG_NOT_COMMENTED
179 vlib_cli_output(vm, "%s: saddr[0x%x], eaddr[0x%x], i_vrf[0x%x], o_vrf[0x%x], "
180 "ovrf_id[0x%x], ivrf_id[0x%x]\n", __func__, start_addr, end_addr,
181 i_vrf, o_vrf, ovrf_id, ivrf_id);
183 if (start_addr > end_addr) {
184 vlib_cli_output(vm, "Add VRF Map failed start addr 0x%x > end addr 0x%x\n",
185 start_addr, end_addr);
188 if ((end_addr - start_addr) > CNAT_MAX_ADDR_POOL_SIZE) {
189 vlib_cli_output(vm, "Add VRF Map failed start addr 0x%x - end addr "
190 "0x%x range > 65536\n", start_addr, end_addr);
193 my_vrfmap_index = vrf_map_array[i_vrf];
195 if (my_vrfmap_index != VRF_MAP_ENTRY_EMPTY) {
197 my_vrfmap = cnat_map_by_vrf + my_vrfmap_index;
199 my_vrfmap->o_vrf = o_vrf;
200 my_vrfmap->i_vrf_id = ivrf_id;
201 my_vrfmap->o_vrf_id = ovrf_id;
206 pool_get(cnat_map_by_vrf, my_vrfmap);
207 memset(my_vrfmap, 0, sizeof(*my_vrfmap));
208 /* waiting for outside vrf */
209 cnat_set_vrf_params_with_default(my_vrfmap, i_vrf, ivrf_id);
210 my_vrfmap->i_vrf = i_vrf;
211 my_vrfmap->o_vrf = o_vrf;
212 my_vrfmap->i_vrf_id = ivrf_id;
213 my_vrfmap->o_vrf_id = ovrf_id;
214 #ifndef NO_BULK_LOGGING
215 BULKSIZE_FROM_VRFMAP(my_vrfmap) = BULK_ALLOC_SIZE_NONE;
216 #endif /* #ifndef NO_BULK_LOGGING */
218 my_vrfmap->tcp_mss = V4_TCP_MSS_NOT_CONFIGURED_VALUE;
219 my_vrfmap->status = S_WA;
220 my_vrfmap->frag_tout = 0; /* currently setting it to 0 */
221 my_vrfmap->port_limit = V4_DEF_VRF_MAX_PORTS;
222 vrf_map_array[i_vrf] = (my_vrfmap - cnat_map_by_vrf);
224 pm = my_vrfmap->portmap_list;
225 pm_len = vec_len(pm);
226 for(i=0; i < 1 ; i++) {
227 start_addr = mp->start_addr[i];
228 end_addr = mp->end_addr[i];
229 if((start_addr == 0) || (end_addr == 0))
232 cnat_table_entry_fill_map(start_addr, end_addr,
233 &(my_vrfmap->portmap_list));
235 my_vrfmap->status = S_RUN;
236 vlib_cli_output(vm, "Address Pool Config Successful !!\n");
240 void cnat_nat44_set_protocol_timeout_value(u16 active,
241 u16 init, u8 *proto, u8 reset, vlib_main_t *vm)
243 if (!strncmp((char *) proto, "tcp", 3)) {
244 tcp_initial_setup_timeout = (reset) ? V4_DEF_TCP_IS_TO : init;
245 tcp_active_timeout = (reset) ? V4_DEF_TCP_AS_TO : active;
247 } else if (!strncmp((char *) proto, "udp", 3)) {
248 udp_init_session_timeout = (reset) ? V4_DEF_UDP_IS_TO : init;
249 udp_act_session_timeout = (reset) ? V4_DEF_UDP_AS_TO : active;
251 } else if (!strncmp((char *) proto, "icmp", 4)) {
252 icmp_session_timeout = (reset) ? V4_DEF_ICMP_S_TO : active;
255 vlib_cli_output(vm, "Error !! Unsupported protocol %s\n", proto);
263 /* Show command handlers */
264 void cnat_nat44_handle_show_stats(vlib_main_t *vm)
268 cnat_vrfmap_t *my_vrfmap =0;
269 cnat_portmap_v2_t *pm =0, *my_pm = 0;
272 void cnat_nfv9_show_collector
273 (vlib_main_t *vm, cnat_nfv9_logging_info_t *my_nfv9_logging_info);
275 /* active translations */
276 h = pool_header(cnat_main_db);
277 free = vec_len(h->free_indices);
278 used = vec_len(cnat_main_db) - free;
280 vlib_cli_output(vm, "vCGN NAT44 Statistics :\n");
281 vlib_cli_output(vm, "\tActive Translations : %u\n",
282 NAT44_COMMON_STATS.active_translations);
283 vlib_cli_output(vm, "\tTotal free translation entries : %u\n", free);
284 vlib_cli_output(vm, "\tTotal used translation entries : %u\n", used);
285 vlib_cli_output(vm, "\ti2o drops due to port limit exceeded : %lu\n",
286 in2out_drops_port_limit_exceeded);
287 vlib_cli_output(vm, "\ti2o drops due to system limit reached : %lu\n",
288 in2out_drops_system_limit_reached);
289 vlib_cli_output(vm, "\ti2o drops due to resource depletion : %lu\n",
290 in2out_drops_resource_depletion);
291 vlib_cli_output(vm, "\to2i drops due to no translations : %lu\n",
292 NAT44_COMMON_STATS.no_translation_entry_drops);
294 vlib_cli_output(vm, "\tPool address usage:\n");
295 vlib_cli_output(vm, "\t-------------------------------------------------\n");
296 vlib_cli_output(vm, "\tExternal Address \tPorts Used\n");
297 vlib_cli_output(vm, "\t-------------------------------------------------\n");
300 pool_foreach (my_vrfmap, cnat_map_by_vrf, ({
301 pm = my_vrfmap->portmap_list;
302 pm_len = vec_len(pm);
303 for (i = 0; i < pm_len; i++) {
307 /* maximum of 200 addresses to be returned */
309 ip.s_addr = ntohl(my_pm->ipv4_address);
310 vlib_cli_output(vm, "\t%s \t\t%u\n", inet_ntoa(ip), my_pm->inuse);
318 void cnat_nat44_handle_show_config(vlib_main_t *vm)
320 cnat_vrfmap_t * my_vrfmap;
321 cnat_portmap_v2_t *pm = 0;
322 cnat_portmap_v2_t *my_pm = 0;
324 struct in_addr ip_addr;
326 cnat_nfv9_logging_info_t *my_nfv9_logging_info,
327 *global_nfv9_logging_info = 0;
329 vnet_hw_interface_t * hw;
330 vnet_main_t * vnm = vnet_get_main();
332 void cnat_nfv9_show_collector
333 (vlib_main_t *vm, cnat_nfv9_logging_info_t *my_nfv9_logging_info);
335 vlib_cli_output(vm, "vCGN NAT44 Config:\n");
336 vlib_cli_output(vm, "\tPort Limit : %u\n", cnat_main_db_max_ports_per_user);
337 vlib_cli_output(vm, "\ttotal address pool : %u\n", total_address_pool_allocated);
338 vlib_cli_output(vm, "\tdynamic port start range : %u\n", cnat_static_port_range);
340 pool_foreach(my_vrfmap, cnat_map_by_vrf, ({
341 hw = vnet_get_hw_interface (vnm, my_vrfmap->i_vrf);
342 vlib_cli_output(vm, "\tInside Interface : %v\n", hw->name);
343 hw = vnet_get_hw_interface (vnm, my_vrfmap->o_vrf);
344 vlib_cli_output(vm, "\tOutside Interface : %v\n", hw->name);
346 memset(status_str, 0x00, sizeof(status_str));
347 switch(my_vrfmap->status) {
348 case S_WAO: clib_memcpy(status_str, "S_WAO", 5); break;
349 case S_WA: clib_memcpy(status_str, "S_WA", 4); break;
350 case S_WO: clib_memcpy(status_str, "S_WO", 4); break;
351 case S_RUN: clib_memcpy(status_str, "ONLINE", 6); break;
352 case S_DEL: clib_memcpy(status_str, "S_DEL", 5); break;
353 default: clib_memcpy(status_str, "Invalid state", 13);
357 "\tAddress pool map table status : %s\n", status_str);
359 pm = my_vrfmap->portmap_list;
360 pm_len = vec_len(pm);
362 ip_addr.s_addr = clib_net_to_host_u32(my_pm->ipv4_address);
364 "\tStart Address : %s\n", inet_ntoa(ip_addr));
365 my_pm = pm + (pm_len - 1);
366 ip_addr.s_addr = clib_net_to_host_u32(my_pm->ipv4_address);
368 "\tEnd Address : %s\n", inet_ntoa(ip_addr));
372 "\ttcp init timeout : %u sec\n", tcp_initial_setup_timeout);
374 "\ttcp active timeout : %u sec\n", tcp_active_timeout);
376 "\tudp init timeout : %u sec\n", udp_init_session_timeout);
378 "\tudp active timeout : %u sec\n", udp_act_session_timeout);
380 "\ticmp session timeout: %u sec\n", icmp_session_timeout);
383 if (cnat_nfv9_global_info.cnat_nfv9_global_collector_index != EMPTY) {
384 vlib_cli_output(vm,"\nGloabal NFV9 Collector :");
385 global_nfv9_logging_info = cnat_nfv9_logging_info_pool +
386 cnat_nfv9_global_info.cnat_nfv9_global_collector_index;
387 cnat_nfv9_show_collector(vm, global_nfv9_logging_info);
391 vlib_cli_output(vm, "\nNFV9 Collector :");
392 if (cnat_nfv9_logging_info_pool !=NULL) {
393 pool_foreach (my_nfv9_logging_info, cnat_nfv9_logging_info_pool, ({
394 if (my_nfv9_logging_info != global_nfv9_logging_info) {
395 cnat_nfv9_show_collector(vm, my_nfv9_logging_info);
396 vlib_cli_output(vm, "\n");
400 vlib_cli_output(vm, "\n");
407 * Check if the request flag matches the entry flags and
410 * entry_flag_ptr is an output parameter - it returns the flags
411 * corresponding to the translation entry
413 static u8 cnat_v4_show_verify_display_entry (
415 cnat_main_db_entry_t *db,
418 u8 display_entry = 0;
421 * This should never happen
423 if (!entry_flag_ptr) {
424 return (display_entry);
429 if ((db->flags & CNAT_DB_FLAG_STATIC_PORT)
430 &&(db->flags & CNAT_DB_FLAG_ALG_ENTRY)) {
431 *entry_flag_ptr |= CNAT_TRANSLATION_ENTRY_STATIC;
432 *entry_flag_ptr |= CNAT_TRANSLATION_ENTRY_ALG;
433 } else if (db->flags & CNAT_DB_FLAG_STATIC_PORT) {
434 *entry_flag_ptr |= CNAT_TRANSLATION_ENTRY_STATIC;
435 } else if ((db->flags & CNAT_DB_FLAG_ALG_ENTRY) ||
436 (db->flags & CNAT_DB_FLAG_PPTP_GRE_ENTRY)) {
437 *entry_flag_ptr |= CNAT_TRANSLATION_ENTRY_ALG;
438 } else if (db->flags & CNAT_DB_FLAG_PCPI) {
439 *entry_flag_ptr |= CNAT_TRANSLATION_ENTRY_PCPI_DYNAMIC;
440 } else if (db->flags & CNAT_DB_FLAG_PCPE) {
441 *entry_flag_ptr |= CNAT_TRANSLATION_ENTRY_PCPE_DYNAMIC;
443 *entry_flag_ptr |= CNAT_TRANSLATION_ENTRY_DYNAMIC;
446 if (request_flag == CNAT_TRANSLATION_ENTRY_ALL) {
450 * Check if the request_flag is STATIC or ALG
451 * and the entry is STATIC or ALG as well
453 if ((request_flag & CNAT_TRANSLATION_ENTRY_STATIC) &&
454 (*entry_flag_ptr & CNAT_TRANSLATION_ENTRY_STATIC)) {
458 if ((request_flag & CNAT_TRANSLATION_ENTRY_ALG) &&
459 (*entry_flag_ptr & CNAT_TRANSLATION_ENTRY_ALG)) {
463 if ((request_flag & CNAT_TRANSLATION_ENTRY_PCPI_DYNAMIC) &&
464 (*entry_flag_ptr & CNAT_TRANSLATION_ENTRY_PCPI_DYNAMIC)) {
468 if ((request_flag & CNAT_TRANSLATION_ENTRY_PCPE_DYNAMIC) &&
469 (*entry_flag_ptr & CNAT_TRANSLATION_ENTRY_PCPE_DYNAMIC)) {
474 * For dynamic entry case, check if flags field is 0
476 if ((request_flag & CNAT_TRANSLATION_ENTRY_DYNAMIC) &&
477 (*entry_flag_ptr & CNAT_TRANSLATION_ENTRY_DYNAMIC)) {
482 if (PREDICT_FALSE(show_debug_level > 2)) {
483 PLATFORM_DEBUG_PRINT("Entry (0x%x, %d) -> (0x%x, %d) request_flag 0x%x, entry_flag 0x%x, display_entry %d\n", db->in2out_key.k.ipv4, db->in2out_key.k.port, db->out2in_key.k.ipv4, db->out2in_key.k.port, request_flag, *entry_flag_ptr, display_entry);
486 return (display_entry);
488 void cnat_v4_show_inside_entry_req_t_handler
489 (spp_api_cnat_v4_show_inside_entry_req_t *mp, vlib_main_t * vm)
491 cnat_user_db_entry_t *udb = NULL;
492 cnat_main_db_entry_t *db = NULL;
493 cnat_db_key_bucket_t u_ki, ki;
496 u16 start_port, end_port, port;
497 u16 request_flag = 0;
502 cnat_v4_show_translation_entry *entry_list;
503 cnat_v4_show_translation_entry entry[PLATFORM_MAX_TRANSLATION_ENTRIES];
506 vnet_hw_interface_t * hw;
507 vnet_main_t * vnm = vnet_get_main();
509 ki.k.k.ipv4 = mp->ipv4_addr;
510 ki.k.k.vrf = mp->vrf_id;
511 start_port = mp->start_port;
512 end_port = mp->end_port;
514 vlib_cli_output(vm, "## proto %d, inside-addr 0x%x, start_port %u, "
515 "end_port %u, vrf 0x%x, flag 0x%x\n",
524 proto = mp->protocol;
525 ki.k.k.vrf |= ((u16)proto << CNAT_PRO_SHIFT);
527 all = mp->all_entries; /* for no port range case */
528 request_flag = mp->flags; /* for all, alg, static entries case */
532 * check if the address is belonging to this core
537 * first we check if the user exists in the udb, if he is not then
538 * it does not make sense to check the main db for translations
540 u_ki.k.k.vrf = ki.k.k.vrf & CNAT_VRF_MASK;
541 u_ki.k.k.ipv4 = ki.k.k.ipv4;
544 if (PREDICT_FALSE(show_debug_level > 0)) {
545 vlib_cli_output(vm, "\nI_TRANS_CORE %d: IPv4 0x%x, VRF 0x%x, "
546 "start_port %d, end_port %d",
547 my_instance_number, ki.k.k.ipv4,
548 ki.k.k.vrf, start_port, end_port);
551 udb = cnat_user_db_lookup_entry(&u_ki);
553 if (PREDICT_FALSE(show_debug_level > 0)) {
554 vlib_cli_output(vm, "\nReturning %d entries",
562 if (PREDICT_FALSE(show_debug_level > 0)) {
563 PLATFORM_DEBUG_PRINT("\nI_TRANS: Printing ALL\n");
567 * get the head of list of translation entries for that user
570 head = udb->translation_list_head_index;
571 db = cnat_main_db + head;
573 while (num_entries < PLATFORM_MAX_TRANSLATION_ENTRIES) {
575 if (((db->in2out_key.k.vrf & CNAT_PRO_MASK) >> CNAT_PRO_SHIFT)
581 spp_api_cnat_v4_show_verify_display_entry(request_flag, db,
585 entry_list->ipv4_addr =
586 spp_host_to_net_byte_order_32(db->out2in_key.k.ipv4);
587 entry_list->cnat_port =
588 spp_host_to_net_byte_order_16(db->out2in_key.k.port);
589 entry_list->src_port =
590 spp_host_to_net_byte_order_16(db->in2out_key.k.port);
592 entry_list->protocol = proto;
594 /* incase of gre - in2out is not accounted */
595 if(proto != CNAT_PPTP) {
597 entry_list->in2out_packets =
598 spp_host_to_net_byte_order_32(db->in2out_pkts);
600 entry_list->in2out_packets = 0;
602 entry_list->out2in_packets =
603 spp_host_to_net_byte_order_32(db->out2in_pkts);
606 spp_host_to_net_byte_order_16(entry_flag);
609 entry_list = entry_list + 1;
612 db = cnat_main_db + db->user_ports.next;
614 * its a circular list, so if we have reached the head again
615 * all the entries for that user have been read
617 if (db == (cnat_main_db + head)) {
621 resp->num_entries = num_entries;
624 if (PREDICT_FALSE(show_debug_level > 0)) {
625 vlib_cli_output(vm, "\nI_TRANS: Printing range %d .. %d\n",
626 start_port, end_port);
629 * port range is specified so for each port calculate the hash and
630 * check if the entry is present in main db
634 while ((!done) && (num_entries < PLATFORM_MAX_TRANSLATION_ENTRIES)) {
637 if (port >= end_port) {
642 CNAT_V4_GET_HASH(ki.k.key64,
644 CNAT_MAIN_HASH_MASK);
645 index = cnat_in2out_hash[ki.bucket].next;
646 if (PREDICT_TRUE(index == EMPTY)) {
651 db = cnat_main_db + index;
652 if (db->in2out_key.key64 == ki.k.key64) {
655 index = db->in2out_hash.next;
656 } while (index != EMPTY);
658 if (index == EMPTY) {
663 cnat_v4_show_verify_display_entry(request_flag, db,
667 entry_list->ipv4_addr =
668 clib_host_to_net_u32(db->out2in_key.k.ipv4);
669 entry_list->cnat_port =
670 clib_host_to_net_u16(db->out2in_key.k.port);
671 entry_list->src_port =
672 clib_host_to_net_u16(db->in2out_key.k.port);
674 entry_list->protocol = proto;
675 entry_list->nsessions = db->nsessions;
676 entry_list->flags = ((db->flags & CNAT_DB_FLAG_TCP_ACTIVE) ||
677 (db->flags & CNAT_DB_FLAG_UDP_ACTIVE)) ? 1:0;
678 /* incase of gre - in2out is not accounted */
679 if(proto != CNAT_PPTP) {
680 entry_list->in2out_packets =
681 clib_host_to_net_u32(db->in2out_pkts);
683 entry_list->in2out_packets = 0;
686 entry_list->out2in_packets =
687 clib_host_to_net_u32(db->out2in_pkts);
689 if (PREDICT_FALSE(show_debug_level > 3)) {
690 vlib_cli_output(vm, "\n1. Entry: Addr 0x%x, port %d, num_entries %d",
691 clib_net_to_host_u32(entry_list->ipv4_addr),
692 clib_net_to_host_u16(entry_list->cnat_port),
696 entry_list = entry_list + 1;
699 } /* if (index == EMPTY) */
703 if (PREDICT_FALSE(show_debug_level > 0)) {
705 vlib_cli_output(vm, "\nReturning %d entries\n",
715 memset(proto_str, 0x00, 10);
716 memset(transl_str, 0x00, 10);
718 if (proto == 1) strncpy((char *)proto_str, "udp", 3);
719 else if (proto == 2) strncpy((char *)proto_str, "tcp", 3);
720 else if (proto == 3) strncpy((char *)proto_str, "icmp", 4);
721 else strncpy((char *)proto_str, "unknown", 7);
723 if (request_flag == 0x04) strncpy((char *)transl_str, "Dynamic", 7);
724 else strncpy((char *)transl_str, "Unknown", 7); /* currently we are not supporting static/alg entries */
726 ip.s_addr = clib_net_to_host_u32(u_ki.k.k.ipv4);
727 hw = vnet_get_hw_interface (vnm, u_ki.k.k.vrf);
729 vlib_cli_output (vm, "Inside-translation details\n");
730 vlib_cli_output (vm, "--------------------------\n");
732 vlib_cli_output (vm, "Inside interface : %s\n", hw->name);
733 vlib_cli_output (vm, "Inside address : %s\n", inet_ntoa(ip));
734 vlib_cli_output (vm, "Start port : %u\n", start_port);
735 vlib_cli_output (vm, "End port : %u\n", end_port);
737 vlib_cli_output (vm, "--------------------------------------------------------------------------------------"
738 "-----------------------\n");
739 vlib_cli_output (vm, "Outside Protocol Inside Outside Translation"
740 " I2O O2I Flag Num\n");
741 vlib_cli_output (vm, "Address Src Port Src Port Type "
742 " Pkts Pkts Sessions\n");
743 vlib_cli_output (vm, "--------------------------------------------------------------------------------------"
744 "-----------------------\n");
746 while ((num_entries) && (entry_list) && (i < 50)) {
748 ip.s_addr = entry_list->ipv4_addr;
749 memset(flag_str,0x00,11);
750 if((proto == 1) || (proto == 2)) {
751 if(entry_list->flags == 1) {
752 strncpy((char *)flag_str,"Active",6);
755 strncpy((char *) flag_str,"Non Active",10);
758 strncpy((char *) flag_str, "NA", 2);
760 vlib_cli_output(vm, "%s %10s %11u %12u %13s %10u %10u %14s %6u\n",
761 inet_ntoa(ip), proto_str,
762 clib_net_to_host_u16(entry_list->src_port),
763 clib_net_to_host_u16(entry_list->cnat_port),
765 clib_net_to_host_u32(entry_list->in2out_packets),
766 clib_net_to_host_u32(entry_list->out2in_packets),
768 entry_list->nsessions);
776 void cnat_v4_show_outside_entry_req_t_handler
777 (spp_api_cnat_v4_show_outside_entry_req_t *mp, vlib_main_t *vm)
779 cnat_main_db_entry_t *db = NULL;
780 cnat_db_key_bucket_t ko;
783 u16 start_port, end_port, port;
784 u16 request_flag = 0;
788 cnat_v4_show_translation_entry *entry_list;
789 cnat_v4_show_translation_entry entry[PLATFORM_MAX_TRANSLATION_ENTRIES];
793 vnet_hw_interface_t * hw;
794 vnet_main_t * vnm = vnet_get_main();
796 ko.k.k.ipv4 = mp->ipv4_addr;
797 ko.k.k.vrf = mp->vrf_id;
798 start_port = mp->start_port;
799 end_port = mp->end_port;
801 proto = mp->protocol;
802 request_flag = mp->flags;
804 ko.k.k.vrf |= ((u16)proto << CNAT_PRO_SHIFT);
808 if (PREDICT_FALSE(show_debug_level > 0)) {
809 vlib_cli_output(vm, "\nO_TRANS_CORE %d: IPv4 0x%x, VRF 0x%x, "
810 "start_port %d, end_port %d", my_instance_number,
811 ko.k.k.ipv4, ko.k.k.vrf, start_port, end_port);
815 * for each ip and port combination we need to scan the main db
816 * and check if the entry is present in main db
820 while ((!done) && (num_entries < PLATFORM_MAX_TRANSLATION_ENTRIES)) {
824 * If we have reached the end_port, we are DONE
826 if (port >= end_port) {
832 CNAT_V4_GET_HASH(ko.k.key64,
834 CNAT_MAIN_HASH_MASK);
836 index = cnat_out2in_hash[ko.bucket].next;
837 if (PREDICT_TRUE(index == EMPTY)) {
842 db = cnat_main_db + index;
843 if (db->out2in_key.key64 == ko.k.key64) {
846 index = db->out2in_hash.next;
847 } while (index != EMPTY);
849 if (index == EMPTY) {
853 cnat_v4_show_verify_display_entry(request_flag, db,
857 entry_list->ipv4_addr =
858 clib_host_to_net_u32(db->in2out_key.k.ipv4);
859 entry_list->cnat_port =
860 clib_host_to_net_u16(db->out2in_key.k.port);
861 entry_list->src_port =
862 clib_host_to_net_u16(db->in2out_key.k.port);
863 entry_list->protocol = proto;
864 entry_list->nsessions = db->nsessions;
865 entry_list->flags = ((db->flags & CNAT_DB_FLAG_TCP_ACTIVE) ||
866 (db->flags & CNAT_DB_FLAG_UDP_ACTIVE)) ? 1:0;
867 /* incase of gre - in2out is not accounted */
868 if(proto != CNAT_PPTP) {
869 entry_list->in2out_packets =
870 clib_host_to_net_u32(db->in2out_pkts);
872 entry_list->in2out_packets = 0 ;
874 entry_list->out2in_packets =
875 clib_host_to_net_u32(db->out2in_pkts);
878 clib_host_to_net_u16(entry_flag);
880 entry_list = entry_list + 1;
886 if (num_entries == 0) {
887 /* No point proceeding further */
891 if (PREDICT_FALSE(show_debug_level > 0)) {
893 vlib_cli_output(vm, "\nO_TRANS: Core %d returning %d entries",
903 memset(proto_str, 0x00, 10);
904 memset(transl_str, 0x00, 10);
906 if (proto == 1) strncpy((char *) proto_str, "udp", 3);
907 else if (proto == 2) strncpy((char *) proto_str, "tcp", 3);
908 else if (proto == 3) strncpy((char *) proto_str, "icmp", 4);
909 else strncpy((char *) proto_str, "unknown", 7);
911 if (request_flag == 0x04) strncpy((char *) transl_str, "Dynamic", 7);
912 else strncpy((char *)transl_str, "Unknown", 7); /* currently we are not supporting static/alg entries */
914 ip.s_addr = clib_net_to_host_u32(ko.k.k.ipv4);
915 hw = vnet_get_hw_interface (vnm, (ko.k.k.vrf & CNAT_VRF_MASK));
917 vlib_cli_output (vm, "Outside-translation details\n");
918 vlib_cli_output (vm, "--------------------------\n");
920 vlib_cli_output (vm, "Outside interface : %s\n", hw->name);
921 vlib_cli_output (vm, "Outside address : %s\n", inet_ntoa(ip));
922 vlib_cli_output (vm, "Start port : %u\n", start_port);
923 vlib_cli_output (vm, "End port : %u\n", end_port);
925 vlib_cli_output (vm, "--------------------------------------------------------------------------------------"
926 "-----------------------\n");
927 vlib_cli_output (vm, "Inside Protocol Outside Inside Translation"
928 " I2O O2I Flag Num\n");
929 vlib_cli_output (vm, "Address Dst Port Dst Port Type "
930 " Pkts Pkts Sessions\n");
931 vlib_cli_output (vm, "--------------------------------------------------------------------------------------"
932 "-----------------------\n");
934 while ((num_entries) && (entry_list) && (i < 50)) {
935 ip.s_addr = entry_list->ipv4_addr;
936 memset(flag_str,0x00,11);
937 if((proto == 1) || (proto == 2)) {
938 if(entry_list->flags == 1) {
939 strncpy((char *) flag_str,"Active",6);
942 strncpy((char *) flag_str,"Non Active",10);
945 strncpy((char *) flag_str, "NA", 2);
947 vlib_cli_output(vm, "%s %10s %11u %12u %13s %10u %10u %14s %6u\n",
948 inet_ntoa(ip), proto_str,
949 clib_net_to_host_u16(entry_list->cnat_port),
950 clib_net_to_host_u16(entry_list->src_port),
952 clib_net_to_host_u32(entry_list->in2out_packets),
953 clib_net_to_host_u32(entry_list->out2in_packets),
955 entry_list->nsessions);
Code Review / vpp.git / blob