2 * Copyright (c) 2020 Cisco and/or its affiliates.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @brief NAT44 plugin API implementation
21 #include <vnet/ip/ip_types_api.h>
22 #include <vlibmemory/api.h>
24 #include <vnet/fib/fib_table.h>
26 #include <nat/lib/nat_inlines.h>
27 #include <nat/lib/ipfix_logging.h>
29 #include <nat/nat44-ed/nat44_ed.h>
31 #include <nat/nat44-ed/nat44_ed.api_enum.h>
32 #include <nat/nat44-ed/nat44_ed.api_types.h>
34 #define REPLY_MSG_ID_BASE sm->msg_id_base
35 #include <vlibapi/api_helper_macros.h>
40 vl_api_nat44_ed_plugin_enable_disable_t_handler (
41 vl_api_nat44_ed_plugin_enable_disable_t *mp)
43 snat_main_t *sm = &snat_main;
44 nat44_config_t c = { 0 };
45 vl_api_nat44_ed_plugin_enable_disable_reply_t *rmp;
50 c.static_mapping_only = mp->flags & NAT44_API_IS_STATIC_MAPPING_ONLY;
51 c.connection_tracking = mp->flags & NAT44_API_IS_CONNECTION_TRACKING;
53 c.inside_vrf = ntohl (mp->inside_vrf);
54 c.outside_vrf = ntohl (mp->outside_vrf);
56 c.sessions = ntohl (mp->sessions);
58 rv = nat44_plugin_enable (c);
62 rv = nat44_plugin_disable ();
65 REPLY_MACRO (VL_API_NAT44_ED_PLUGIN_ENABLE_DISABLE_REPLY);
69 vl_api_nat44_ed_set_fq_options_t_handler (vl_api_nat44_ed_set_fq_options_t *mp)
71 snat_main_t *sm = &snat_main;
72 vl_api_nat44_ed_set_fq_options_reply_t *rmp;
74 u32 frame_queue_nelts = ntohl (mp->frame_queue_nelts);
75 rv = nat44_ed_set_frame_queue_nelts (frame_queue_nelts);
76 REPLY_MACRO (VL_API_NAT44_ED_SET_FQ_OPTIONS_REPLY);
80 vl_api_nat44_ed_show_fq_options_t_handler (
81 vl_api_nat44_ed_show_fq_options_t *mp)
83 snat_main_t *sm = &snat_main;
84 vl_api_nat44_ed_show_fq_options_reply_t *rmp;
86 /* clang-format off */
87 REPLY_MACRO2_ZERO (VL_API_NAT44_ED_SHOW_FQ_OPTIONS_REPLY,
89 rmp->frame_queue_nelts = htonl (sm->frame_queue_nelts);
94 /* Old API calls hold back because of deprecation
95 * nat44_ed replacement should be used */
98 vl_api_nat_set_workers_t_handler (vl_api_nat_set_workers_t * mp)
100 snat_main_t *sm = &snat_main;
101 vl_api_nat_set_workers_reply_t *rmp;
106 mask = clib_net_to_host_u64 (mp->worker_mask);
108 if (sm->num_workers < 2)
110 rv = VNET_API_ERROR_FEATURE_DISABLED;
114 bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask));
115 rv = snat_set_workers (bitmap);
116 clib_bitmap_free (bitmap);
119 REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY);
123 send_nat_worker_details (u32 worker_index, vl_api_registration_t * reg,
126 vl_api_nat_worker_details_t *rmp;
127 snat_main_t *sm = &snat_main;
128 vlib_worker_thread_t *w =
129 vlib_worker_threads + worker_index + sm->first_worker_index;
131 rmp = vl_msg_api_alloc (sizeof (*rmp));
132 clib_memset (rmp, 0, sizeof (*rmp));
133 rmp->_vl_msg_id = ntohs (VL_API_NAT_WORKER_DETAILS + sm->msg_id_base);
134 rmp->context = context;
135 rmp->worker_index = htonl (worker_index);
136 rmp->lcore_id = htonl (w->cpu_id);
137 strncpy ((char *) rmp->name, (char *) w->name, ARRAY_LEN (rmp->name) - 1);
139 vl_api_send_msg (reg, (u8 *) rmp);
143 vl_api_nat_worker_dump_t_handler (vl_api_nat_worker_dump_t * mp)
145 vl_api_registration_t *reg;
146 snat_main_t *sm = &snat_main;
149 reg = vl_api_client_index_to_registration (mp->client_index);
153 vec_foreach (worker_index, sm->workers)
155 send_nat_worker_details (*worker_index, reg, mp->context);
160 vl_api_nat44_set_session_limit_t_handler (vl_api_nat44_set_session_limit_t *
163 snat_main_t *sm = &snat_main;
164 vl_api_nat44_set_session_limit_reply_t *rmp;
167 rv = nat44_set_session_limit
168 (ntohl (mp->session_limit), ntohl (mp->vrf_id));
170 REPLY_MACRO (VL_API_NAT44_SET_SESSION_LIMIT_REPLY);
174 vl_api_nat_set_log_level_t_handler (vl_api_nat_set_log_level_t * mp)
176 snat_main_t *sm = &snat_main;
177 vl_api_nat_set_log_level_reply_t *rmp;
180 if (sm->log_level > NAT_LOG_DEBUG)
181 rv = VNET_API_ERROR_UNSUPPORTED;
183 sm->log_level = mp->log_level;
185 REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY);
189 vl_api_nat_ipfix_enable_disable_t_handler (vl_api_nat_ipfix_enable_disable_t *
192 snat_main_t *sm = &snat_main;
193 vl_api_nat_ipfix_enable_disable_reply_t *rmp;
196 rv = nat_ipfix_logging_enable_disable (mp->enable,
199 clib_host_to_net_u16 (mp->src_port));
201 REPLY_MACRO (VL_API_NAT_IPFIX_ENABLE_DISABLE_REPLY);
205 vl_api_nat_set_timeouts_t_handler (vl_api_nat_set_timeouts_t * mp)
207 snat_main_t *sm = &snat_main;
208 vl_api_nat_set_timeouts_reply_t *rmp;
211 sm->timeouts.udp = ntohl (mp->udp);
212 sm->timeouts.tcp.established = ntohl (mp->tcp_established);
213 sm->timeouts.tcp.transitory = ntohl (mp->tcp_transitory);
214 sm->timeouts.icmp = ntohl (mp->icmp);
216 REPLY_MACRO (VL_API_NAT_SET_TIMEOUTS_REPLY);
220 vl_api_nat_get_timeouts_t_handler (vl_api_nat_get_timeouts_t * mp)
222 snat_main_t *sm = &snat_main;
223 vl_api_nat_get_timeouts_reply_t *rmp;
226 REPLY_MACRO2 (VL_API_NAT_GET_TIMEOUTS_REPLY,
228 rmp->udp = htonl (sm->timeouts.udp);
229 rmp->tcp_established = htonl (sm->timeouts.tcp.established);
230 rmp->tcp_transitory = htonl (sm->timeouts.tcp.transitory);
231 rmp->icmp = htonl (sm->timeouts.icmp);
236 vl_api_nat_set_mss_clamping_t_handler (vl_api_nat_set_mss_clamping_t * mp)
238 snat_main_t *sm = &snat_main;
239 vl_api_nat_set_mss_clamping_reply_t *rmp;
243 sm->mss_clamping = ntohs (mp->mss_value);
245 sm->mss_clamping = 0;
247 REPLY_MACRO (VL_API_NAT_SET_MSS_CLAMPING_REPLY);
251 vl_api_nat_get_mss_clamping_t_handler (vl_api_nat_get_mss_clamping_t * mp)
253 snat_main_t *sm = &snat_main;
254 vl_api_nat_get_mss_clamping_reply_t *rmp;
257 REPLY_MACRO2 (VL_API_NAT_GET_MSS_CLAMPING_REPLY,
259 rmp->enable = sm->mss_clamping ? 1 : 0;
260 rmp->mss_value = htons (sm->mss_clamping);
265 vl_api_nat44_add_del_address_range_t_handler
266 (vl_api_nat44_add_del_address_range_t * mp)
268 snat_main_t *sm = &snat_main;
269 vl_api_nat44_add_del_address_range_reply_t *rmp;
270 ip4_address_t this_addr;
271 u8 is_add, twice_nat;
272 u32 start_host_order, end_host_order;
278 if (sm->static_mapping_only)
280 rv = VNET_API_ERROR_FEATURE_DISABLED;
285 twice_nat = mp->flags & NAT_API_IS_TWICE_NAT;
287 tmp = (u32 *) mp->first_ip_address;
288 start_host_order = clib_host_to_net_u32 (tmp[0]);
289 tmp = (u32 *) mp->last_ip_address;
290 end_host_order = clib_host_to_net_u32 (tmp[0]);
292 count = (end_host_order - start_host_order) + 1;
294 vrf_id = clib_host_to_net_u32 (mp->vrf_id);
297 nat_log_info ("%U - %U, %d addresses...",
298 format_ip4_address, mp->first_ip_address,
299 format_ip4_address, mp->last_ip_address, count);
301 memcpy (&this_addr.as_u8, mp->first_ip_address, 4);
303 for (i = 0; i < count; i++)
306 rv = snat_add_address (sm, &this_addr, vrf_id, twice_nat);
308 rv = snat_del_address (sm, this_addr, 0, twice_nat);
313 increment_v4_address (&this_addr);
317 REPLY_MACRO (VL_API_NAT44_ADD_DEL_ADDRESS_RANGE_REPLY);
321 send_nat44_address_details (snat_address_t * a,
322 vl_api_registration_t * reg, u32 context,
325 vl_api_nat44_address_details_t *rmp;
326 snat_main_t *sm = &snat_main;
328 rmp = vl_msg_api_alloc (sizeof (*rmp));
329 clib_memset (rmp, 0, sizeof (*rmp));
330 rmp->_vl_msg_id = ntohs (VL_API_NAT44_ADDRESS_DETAILS + sm->msg_id_base);
331 clib_memcpy (rmp->ip_address, &(a->addr), 4);
332 if (a->fib_index != ~0)
334 fib_table_t *fib = fib_table_get (a->fib_index, FIB_PROTOCOL_IP4);
335 rmp->vrf_id = ntohl (fib->ft_table_id);
340 rmp->flags |= NAT_API_IS_TWICE_NAT;
341 rmp->context = context;
343 vl_api_send_msg (reg, (u8 *) rmp);
347 vl_api_nat44_address_dump_t_handler (vl_api_nat44_address_dump_t * mp)
349 vl_api_registration_t *reg;
350 snat_main_t *sm = &snat_main;
353 reg = vl_api_client_index_to_registration (mp->client_index);
357 vec_foreach (a, sm->addresses)
358 send_nat44_address_details (a, reg, mp->context, 0);
359 vec_foreach (a, sm->twice_nat_addresses)
360 send_nat44_address_details (a, reg, mp->context, 1);
364 vl_api_nat44_interface_add_del_feature_t_handler
365 (vl_api_nat44_interface_add_del_feature_t * mp)
367 vl_api_nat44_interface_add_del_feature_reply_t *rmp;
368 snat_main_t *sm = &snat_main;
373 VALIDATE_SW_IF_INDEX (mp);
375 is_inside = mp->flags & NAT_API_IS_INSIDE;
376 sw_if_index = ntohl (mp->sw_if_index);
380 rv = nat44_ed_add_interface (sw_if_index, is_inside);
384 rv = nat44_ed_del_interface (sw_if_index, is_inside);
387 BAD_SW_IF_INDEX_LABEL;
388 REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_FEATURE_REPLY);
392 send_nat44_interface_details (snat_interface_t * i,
393 vl_api_registration_t * reg, u32 context)
395 vl_api_nat44_interface_details_t *rmp;
396 snat_main_t *sm = &snat_main;
398 rmp = vl_msg_api_alloc (sizeof (*rmp));
399 clib_memset (rmp, 0, sizeof (*rmp));
400 rmp->_vl_msg_id = ntohs (VL_API_NAT44_INTERFACE_DETAILS + sm->msg_id_base);
401 rmp->sw_if_index = ntohl (i->sw_if_index);
403 if (nat_interface_is_inside (i))
404 rmp->flags |= NAT_API_IS_INSIDE;
405 if (nat_interface_is_outside (i))
406 rmp->flags |= NAT_API_IS_OUTSIDE;
408 rmp->context = context;
410 vl_api_send_msg (reg, (u8 *) rmp);
414 vl_api_nat44_interface_dump_t_handler (vl_api_nat44_interface_dump_t * mp)
416 vl_api_registration_t *reg;
417 snat_main_t *sm = &snat_main;
420 reg = vl_api_client_index_to_registration (mp->client_index);
424 pool_foreach (i, sm->interfaces)
426 send_nat44_interface_details(i, reg, mp->context);
431 vl_api_nat44_interface_add_del_output_feature_t_handler
432 (vl_api_nat44_interface_add_del_output_feature_t * mp)
434 vl_api_nat44_interface_add_del_output_feature_reply_t *rmp;
435 snat_main_t *sm = &snat_main;
439 VALIDATE_SW_IF_INDEX (mp);
441 sw_if_index = ntohl (mp->sw_if_index);
445 rv = nat44_ed_add_output_interface (sw_if_index);
449 rv = nat44_ed_del_output_interface (sw_if_index);
452 BAD_SW_IF_INDEX_LABEL;
453 REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_OUTPUT_FEATURE_REPLY);
457 send_nat44_interface_output_feature_details (snat_interface_t * i,
458 vl_api_registration_t * reg,
461 vl_api_nat44_interface_output_feature_details_t *rmp;
462 snat_main_t *sm = &snat_main;
464 rmp = vl_msg_api_alloc (sizeof (*rmp));
465 clib_memset (rmp, 0, sizeof (*rmp));
467 ntohs (VL_API_NAT44_INTERFACE_OUTPUT_FEATURE_DETAILS + sm->msg_id_base);
468 rmp->sw_if_index = ntohl (i->sw_if_index);
469 rmp->context = context;
471 if (nat_interface_is_inside (i))
472 rmp->flags |= NAT_API_IS_INSIDE;
474 vl_api_send_msg (reg, (u8 *) rmp);
478 vl_api_nat44_interface_output_feature_dump_t_handler
479 (vl_api_nat44_interface_output_feature_dump_t * mp)
481 vl_api_registration_t *reg;
482 snat_main_t *sm = &snat_main;
485 reg = vl_api_client_index_to_registration (mp->client_index);
489 pool_foreach (i, sm->output_feature_interfaces)
491 send_nat44_interface_output_feature_details (i, reg, mp->context);
496 vl_api_nat44_add_del_static_mapping_t_handler
497 (vl_api_nat44_add_del_static_mapping_t * mp)
499 vl_api_nat44_add_del_static_mapping_reply_t *rmp;
501 snat_main_t *sm = &snat_main;
504 ip4_address_t l_addr, e_addr, pool_addr = { 0 };
505 u32 sw_if_index, flags = 0, vrf_id;
506 u16 l_port = 0, e_port = 0;
507 nat_protocol_t proto = 0;
510 memcpy (&l_addr.as_u8, mp->local_ip_address, 4);
512 if (mp->flags & NAT_API_IS_ADDR_ONLY)
514 flags |= NAT_SM_FLAG_ADDR_ONLY;
518 l_port = mp->local_port;
519 e_port = mp->external_port;
520 proto = ip_proto_to_nat_proto (mp->protocol);
523 if (mp->flags & NAT_API_IS_TWICE_NAT)
525 flags |= NAT_SM_FLAG_TWICE_NAT;
528 if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
530 flags |= NAT_SM_FLAG_SELF_TWICE_NAT;
533 if (mp->flags & NAT_API_IS_OUT2IN_ONLY)
535 flags |= NAT_SM_FLAG_OUT2IN_ONLY;
538 sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
539 if (sw_if_index != ~0)
541 flags |= NAT_SM_FLAG_SWITCH_ADDRESS;
545 memcpy (&e_addr.as_u8, mp->external_ip_address, 4);
548 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
552 mp->tag[sizeof (mp->tag) - 1] = 0;
553 tag = format (0, "%s", mp->tag);
554 vec_terminate_c_string (tag);
556 rv = nat44_ed_add_static_mapping (l_addr, e_addr, l_port, e_port, proto,
557 vrf_id, sw_if_index, flags, pool_addr,
563 rv = nat44_ed_del_static_mapping (l_addr, e_addr, l_port, e_port, proto,
564 vrf_id, sw_if_index, flags);
566 REPLY_MACRO (VL_API_NAT44_ADD_DEL_STATIC_MAPPING_REPLY);
570 vl_api_nat44_add_del_static_mapping_v2_t_handler
571 (vl_api_nat44_add_del_static_mapping_v2_t * mp)
573 vl_api_nat44_add_del_static_mapping_v2_reply_t *rmp;
575 snat_main_t *sm = &snat_main;
578 ip4_address_t l_addr, e_addr, pool_addr;
579 u32 sw_if_index, flags = 0, vrf_id;
580 u16 l_port = 0, e_port = 0;
581 nat_protocol_t proto;
584 memcpy (&l_addr.as_u8, mp->local_ip_address, 4);
585 memcpy (&pool_addr.as_u8, mp->pool_ip_address, 4);
587 if (pool_addr.as_u32 != 0)
589 flags |= NAT_SM_FLAG_EXACT_ADDRESS;
592 if (mp->flags & NAT_API_IS_ADDR_ONLY)
594 flags |= NAT_SM_FLAG_ADDR_ONLY;
598 l_port = mp->local_port;
599 e_port = mp->external_port;
602 if (mp->flags & NAT_API_IS_TWICE_NAT)
604 flags |= NAT_SM_FLAG_TWICE_NAT;
607 if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
609 flags |= NAT_SM_FLAG_SELF_TWICE_NAT;
612 if (mp->flags & NAT_API_IS_OUT2IN_ONLY)
614 flags |= NAT_SM_FLAG_OUT2IN_ONLY;
617 sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
620 flags |= NAT_SM_FLAG_SWITCH_ADDRESS;
624 memcpy (&e_addr.as_u8, mp->external_ip_address, 4);
627 proto = ip_proto_to_nat_proto (mp->protocol);
628 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
632 mp->tag[sizeof (mp->tag) - 1] = 0;
633 tag = format (0, "%s", mp->tag);
634 vec_terminate_c_string (tag);
636 rv = nat44_ed_add_static_mapping (l_addr, e_addr, l_port, e_port, proto,
637 vrf_id, sw_if_index, flags, pool_addr,
643 rv = nat44_ed_del_static_mapping (l_addr, e_addr, l_port, e_port, proto,
644 vrf_id, sw_if_index, flags);
646 REPLY_MACRO (VL_API_NAT44_ADD_DEL_STATIC_MAPPING_V2_REPLY);
650 send_nat44_static_mapping_details (snat_static_mapping_t * m,
651 vl_api_registration_t * reg, u32 context)
653 vl_api_nat44_static_mapping_details_t *rmp;
654 snat_main_t *sm = &snat_main;
655 u32 len = sizeof (*rmp);
657 rmp = vl_msg_api_alloc (len);
658 clib_memset (rmp, 0, len);
660 ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
662 clib_memcpy (rmp->local_ip_address, &(m->local_addr), 4);
663 clib_memcpy (rmp->external_ip_address, &(m->external_addr), 4);
664 rmp->external_sw_if_index = ~0;
665 rmp->vrf_id = htonl (m->vrf_id);
666 rmp->context = context;
668 // convert these in new api
670 if (is_sm_self_twice_nat (m->flags))
672 rmp->flags |= NAT_API_IS_SELF_TWICE_NAT;
675 if (is_sm_out2in_only (m->flags))
677 rmp->flags |= NAT_API_IS_OUT2IN_ONLY;
680 if (is_sm_twice_nat (m->flags))
682 rmp->flags |= NAT_API_IS_TWICE_NAT;
685 if (is_sm_addr_only (m->flags))
687 rmp->flags |= NAT_API_IS_ADDR_ONLY;
691 rmp->protocol = nat_proto_to_ip_proto (m->proto);
692 rmp->external_port = m->external_port;
693 rmp->local_port = m->local_port;
697 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
699 vl_api_send_msg (reg, (u8 *) rmp);
703 send_nat44_static_map_resolve_details (snat_static_map_resolve_t * m,
704 vl_api_registration_t * reg,
707 vl_api_nat44_static_mapping_details_t *rmp;
708 snat_main_t *sm = &snat_main;
710 rmp = vl_msg_api_alloc (sizeof (*rmp));
711 clib_memset (rmp, 0, sizeof (*rmp));
713 ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
714 clib_memcpy (rmp->local_ip_address, &(m->l_addr), 4);
715 rmp->external_sw_if_index = htonl (m->sw_if_index);
716 rmp->vrf_id = htonl (m->vrf_id);
717 rmp->context = context;
720 rmp->flags |= NAT_API_IS_TWICE_NAT;
724 rmp->flags |= NAT_API_IS_ADDR_ONLY;
728 rmp->protocol = nat_proto_to_ip_proto (m->proto);
729 rmp->external_port = m->e_port;
730 rmp->local_port = m->l_port;
733 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
735 vl_api_send_msg (reg, (u8 *) rmp);
739 vl_api_nat44_static_mapping_dump_t_handler (vl_api_nat44_static_mapping_dump_t
742 vl_api_registration_t *reg;
743 snat_main_t *sm = &snat_main;
744 snat_static_mapping_t *m;
745 snat_static_map_resolve_t *rp;
748 reg = vl_api_client_index_to_registration (mp->client_index);
752 pool_foreach (m, sm->static_mappings)
754 if (!is_sm_identity_nat (m->flags) && !is_sm_lb (m->flags))
755 send_nat44_static_mapping_details (m, reg, mp->context);
758 for (j = 0; j < vec_len (sm->to_resolve); j++)
760 rp = sm->to_resolve + j;
761 if (!rp->identity_nat)
762 send_nat44_static_map_resolve_details (rp, reg, mp->context);
767 vl_api_nat44_add_del_identity_mapping_t_handler
768 (vl_api_nat44_add_del_identity_mapping_t * mp)
770 vl_api_nat44_add_del_identity_mapping_reply_t *rmp;
772 snat_main_t *sm = &snat_main;
775 ip4_address_t addr, pool_addr = { 0 };
776 u32 sw_if_index, flags, vrf_id;
777 nat_protocol_t proto = 0;
781 flags = NAT_SM_FLAG_IDENTITY_NAT;
783 if (mp->flags & NAT_API_IS_ADDR_ONLY)
785 flags |= NAT_SM_FLAG_ADDR_ONLY;
790 proto = ip_proto_to_nat_proto (mp->protocol);
793 sw_if_index = clib_net_to_host_u32 (mp->sw_if_index);
794 if (sw_if_index != ~0)
796 flags |= NAT_SM_FLAG_SWITCH_ADDRESS;
800 memcpy (&addr.as_u8, mp->ip_address, 4);
803 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
807 mp->tag[sizeof (mp->tag) - 1] = 0;
808 tag = format (0, "%s", mp->tag);
809 vec_terminate_c_string (tag);
811 rv = nat44_ed_add_static_mapping (addr, addr, port, port, proto, vrf_id,
812 sw_if_index, flags, pool_addr, tag);
817 rv = nat44_ed_del_static_mapping (addr, addr, port, port, proto, vrf_id,
820 REPLY_MACRO (VL_API_NAT44_ADD_DEL_IDENTITY_MAPPING_REPLY);
824 send_nat44_identity_mapping_details (snat_static_mapping_t * m, int index,
825 vl_api_registration_t * reg, u32 context)
827 vl_api_nat44_identity_mapping_details_t *rmp;
828 snat_main_t *sm = &snat_main;
829 nat44_lb_addr_port_t *local = pool_elt_at_index (m->locals, index);
831 rmp = vl_msg_api_alloc (sizeof (*rmp));
832 clib_memset (rmp, 0, sizeof (*rmp));
834 ntohs (VL_API_NAT44_IDENTITY_MAPPING_DETAILS + sm->msg_id_base);
836 if (is_sm_addr_only (m->flags))
837 rmp->flags |= NAT_API_IS_ADDR_ONLY;
839 clib_memcpy (rmp->ip_address, &(m->local_addr), 4);
840 rmp->port = m->local_port;
841 rmp->sw_if_index = ~0;
842 rmp->vrf_id = htonl (local->vrf_id);
843 rmp->protocol = nat_proto_to_ip_proto (m->proto);
844 rmp->context = context;
846 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
848 vl_api_send_msg (reg, (u8 *) rmp);
852 send_nat44_identity_map_resolve_details (snat_static_map_resolve_t * m,
853 vl_api_registration_t * reg,
856 vl_api_nat44_identity_mapping_details_t *rmp;
857 snat_main_t *sm = &snat_main;
859 rmp = vl_msg_api_alloc (sizeof (*rmp));
860 clib_memset (rmp, 0, sizeof (*rmp));
862 ntohs (VL_API_NAT44_IDENTITY_MAPPING_DETAILS + sm->msg_id_base);
865 rmp->flags = (vl_api_nat_config_flags_t) NAT_API_IS_ADDR_ONLY;
867 rmp->port = m->l_port;
868 rmp->sw_if_index = htonl (m->sw_if_index);
869 rmp->vrf_id = htonl (m->vrf_id);
870 rmp->protocol = nat_proto_to_ip_proto (m->proto);
871 rmp->context = context;
873 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
875 vl_api_send_msg (reg, (u8 *) rmp);
879 vl_api_nat44_identity_mapping_dump_t_handler
880 (vl_api_nat44_identity_mapping_dump_t * mp)
882 vl_api_registration_t *reg;
883 snat_main_t *sm = &snat_main;
884 snat_static_mapping_t *m;
885 snat_static_map_resolve_t *rp;
888 reg = vl_api_client_index_to_registration (mp->client_index);
892 pool_foreach (m, sm->static_mappings)
894 if (is_sm_identity_nat (m->flags) && !is_sm_lb (m->flags))
896 pool_foreach_index (j, m->locals)
898 send_nat44_identity_mapping_details (m, j, reg, mp->context);
903 for (j = 0; j < vec_len (sm->to_resolve); j++)
905 rp = sm->to_resolve + j;
906 if (rp->identity_nat)
907 send_nat44_identity_map_resolve_details (rp, reg, mp->context);
912 vl_api_nat44_add_del_interface_addr_t_handler
913 (vl_api_nat44_add_del_interface_addr_t * mp)
915 snat_main_t *sm = &snat_main;
916 vl_api_nat44_add_del_interface_addr_reply_t *rmp;
917 u32 sw_if_index = ntohl (mp->sw_if_index);
921 if (sm->static_mapping_only)
923 rv = VNET_API_ERROR_FEATURE_DISABLED;
927 is_del = !mp->is_add;
929 VALIDATE_SW_IF_INDEX (mp);
931 rv = snat_add_interface_address (sm, sw_if_index, is_del,
932 mp->flags & NAT_API_IS_TWICE_NAT);
934 BAD_SW_IF_INDEX_LABEL;
937 REPLY_MACRO (VL_API_NAT44_ADD_DEL_INTERFACE_ADDR_REPLY);
941 send_nat44_interface_addr_details (u32 sw_if_index,
942 vl_api_registration_t * reg, u32 context,
945 vl_api_nat44_interface_addr_details_t *rmp;
946 snat_main_t *sm = &snat_main;
948 rmp = vl_msg_api_alloc (sizeof (*rmp));
949 clib_memset (rmp, 0, sizeof (*rmp));
951 ntohs (VL_API_NAT44_INTERFACE_ADDR_DETAILS + sm->msg_id_base);
952 rmp->sw_if_index = ntohl (sw_if_index);
955 rmp->flags = (vl_api_nat_config_flags_t) NAT_API_IS_TWICE_NAT;
956 rmp->context = context;
958 vl_api_send_msg (reg, (u8 *) rmp);
962 vl_api_nat44_interface_addr_dump_t_handler (vl_api_nat44_interface_addr_dump_t
965 vl_api_registration_t *reg;
966 snat_main_t *sm = &snat_main;
969 reg = vl_api_client_index_to_registration (mp->client_index);
973 vec_foreach (i, sm->auto_add_sw_if_indices)
975 send_nat44_interface_addr_details (*i, reg, mp->context, 0);
977 vec_foreach (i, sm->auto_add_sw_if_indices_twice_nat)
979 send_nat44_interface_addr_details (*i, reg, mp->context, 1);
983 static nat44_lb_addr_port_t *
984 unformat_nat44_lb_addr_port (vl_api_nat44_lb_addr_port_t *addr_port_pairs,
985 u32 addr_port_pair_num)
988 nat44_lb_addr_port_t *lb_addr_port_pairs = 0, lb_addr_port;
989 vl_api_nat44_lb_addr_port_t *ap;
991 for (i = 0; i < addr_port_pair_num; i++)
993 ap = &addr_port_pairs[i];
994 clib_memset (&lb_addr_port, 0, sizeof (lb_addr_port));
995 clib_memcpy (&lb_addr_port.addr, ap->addr, 4);
996 lb_addr_port.port = ap->port;
997 lb_addr_port.probability = ap->probability;
998 lb_addr_port.vrf_id = clib_net_to_host_u32 (ap->vrf_id);
999 vec_add1 (lb_addr_port_pairs, lb_addr_port);
1002 return lb_addr_port_pairs;
1006 vl_api_nat44_add_del_lb_static_mapping_t_handler (
1007 vl_api_nat44_add_del_lb_static_mapping_t *mp)
1009 snat_main_t *sm = &snat_main;
1010 vl_api_nat44_add_del_lb_static_mapping_reply_t *rmp;
1011 nat44_lb_addr_port_t *locals = 0;
1012 ip4_address_t e_addr;
1013 nat_protocol_t proto;
1018 locals = unformat_nat44_lb_addr_port (mp->locals,
1019 clib_net_to_host_u32 (mp->local_num));
1020 clib_memcpy (&e_addr, mp->external_addr, 4);
1021 proto = ip_proto_to_nat_proto (mp->protocol);
1023 if (mp->flags & NAT_API_IS_TWICE_NAT)
1025 flags |= NAT_SM_FLAG_TWICE_NAT;
1027 else if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
1029 flags |= NAT_SM_FLAG_SELF_TWICE_NAT;
1032 if (mp->flags & NAT_API_IS_OUT2IN_ONLY)
1034 flags |= NAT_SM_FLAG_OUT2IN_ONLY;
1039 mp->tag[sizeof (mp->tag) - 1] = 0;
1040 tag = format (0, "%s", mp->tag);
1041 vec_terminate_c_string (tag);
1043 rv = nat44_ed_add_lb_static_mapping (
1044 e_addr, mp->external_port, proto, locals, flags, tag,
1045 clib_net_to_host_u32 (mp->affinity));
1049 rv = nat44_ed_del_lb_static_mapping (e_addr, mp->external_port, proto,
1055 REPLY_MACRO (VL_API_NAT44_ADD_DEL_LB_STATIC_MAPPING_REPLY);
1059 vl_api_nat44_lb_static_mapping_add_del_local_t_handler (
1060 vl_api_nat44_lb_static_mapping_add_del_local_t *mp)
1062 snat_main_t *sm = &snat_main;
1063 vl_api_nat44_lb_static_mapping_add_del_local_reply_t *rmp;
1065 ip4_address_t e_addr, l_addr;
1066 nat_protocol_t proto;
1068 clib_memcpy (&e_addr, mp->external_addr, 4);
1069 clib_memcpy (&l_addr, mp->local.addr, 4);
1070 proto = ip_proto_to_nat_proto (mp->protocol);
1072 rv = nat44_ed_add_del_lb_static_mapping_local (
1073 e_addr, mp->external_port, l_addr, mp->local.port, proto,
1074 clib_net_to_host_u32 (mp->local.vrf_id), mp->local.probability,
1077 REPLY_MACRO (VL_API_NAT44_LB_STATIC_MAPPING_ADD_DEL_LOCAL_REPLY);
1081 send_nat44_lb_static_mapping_details (snat_static_mapping_t *m,
1082 vl_api_registration_t *reg, u32 context)
1084 vl_api_nat44_lb_static_mapping_details_t *rmp;
1085 snat_main_t *sm = &snat_main;
1086 nat44_lb_addr_port_t *ap;
1087 vl_api_nat44_lb_addr_port_t *locals;
1090 rmp = vl_msg_api_alloc (
1091 sizeof (*rmp) + (pool_elts (m->locals) * sizeof (nat44_lb_addr_port_t)));
1092 clib_memset (rmp, 0, sizeof (*rmp));
1094 ntohs (VL_API_NAT44_LB_STATIC_MAPPING_DETAILS + sm->msg_id_base);
1096 clib_memcpy (rmp->external_addr, &(m->external_addr), 4);
1097 rmp->external_port = m->external_port;
1098 rmp->protocol = nat_proto_to_ip_proto (m->proto);
1099 rmp->context = context;
1101 if (is_sm_self_twice_nat (m->flags))
1103 rmp->flags |= NAT_API_IS_SELF_TWICE_NAT;
1106 if (is_sm_out2in_only (m->flags))
1108 rmp->flags |= NAT_API_IS_OUT2IN_ONLY;
1111 if (is_sm_twice_nat (m->flags))
1113 rmp->flags |= NAT_API_IS_TWICE_NAT;
1117 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
1119 locals = (vl_api_nat44_lb_addr_port_t *) rmp->locals;
1120 pool_foreach (ap, m->locals)
1122 clib_memcpy (locals->addr, &(ap->addr), 4);
1123 locals->port = ap->port;
1124 locals->probability = ap->probability;
1125 locals->vrf_id = ntohl (ap->vrf_id);
1129 rmp->local_num = ntohl (local_num);
1131 vl_api_send_msg (reg, (u8 *) rmp);
1135 vl_api_nat44_lb_static_mapping_dump_t_handler (
1136 vl_api_nat44_lb_static_mapping_dump_t *mp)
1138 vl_api_registration_t *reg;
1139 snat_main_t *sm = &snat_main;
1140 snat_static_mapping_t *m;
1142 reg = vl_api_client_index_to_registration (mp->client_index);
1146 pool_foreach (m, sm->static_mappings)
1148 if (is_sm_lb (m->flags))
1149 send_nat44_lb_static_mapping_details (m, reg, mp->context);
1154 vl_api_nat44_del_session_t_handler (vl_api_nat44_del_session_t *mp)
1156 snat_main_t *sm = &snat_main;
1157 vl_api_nat44_del_session_reply_t *rmp;
1158 ip4_address_t addr, eh_addr;
1164 memcpy (&addr.as_u8, mp->address, 4);
1166 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
1167 memcpy (&eh_addr.as_u8, mp->ext_host_address, 4);
1168 eh_port = mp->ext_host_port;
1170 is_in = mp->flags & NAT_API_IS_INSIDE;
1172 rv = nat44_ed_del_session (sm, &addr, port, &eh_addr, eh_port, mp->protocol,
1175 REPLY_MACRO (VL_API_NAT44_DEL_SESSION_REPLY);
1179 vl_api_nat44_forwarding_enable_disable_t_handler (
1180 vl_api_nat44_forwarding_enable_disable_t *mp)
1182 vl_api_nat44_forwarding_enable_disable_reply_t *rmp;
1183 snat_main_t *sm = &snat_main;
1185 nat44_ed_forwarding_enable_disable (mp->enable);
1186 REPLY_MACRO (VL_API_NAT44_FORWARDING_ENABLE_DISABLE_REPLY);
1190 vl_api_nat44_forwarding_is_enabled_t_handler (
1191 vl_api_nat44_forwarding_is_enabled_t *mp)
1193 vl_api_registration_t *reg;
1194 snat_main_t *sm = &snat_main;
1195 vl_api_nat44_forwarding_is_enabled_reply_t *rmp;
1197 reg = vl_api_client_index_to_registration (mp->client_index);
1201 rmp = vl_msg_api_alloc (sizeof (*rmp));
1202 clib_memset (rmp, 0, sizeof (*rmp));
1204 ntohs (VL_API_NAT44_FORWARDING_IS_ENABLED_REPLY + sm->msg_id_base);
1205 rmp->context = mp->context;
1207 rmp->enabled = sm->forwarding_enabled;
1209 vl_api_send_msg (reg, (u8 *) rmp);
1212 /* Obsolete calls hold back because of deprecation
1213 * should not be used */
1216 vl_api_nat_set_addr_and_port_alloc_alg_t_handler (
1217 vl_api_nat_set_addr_and_port_alloc_alg_t *mp)
1219 snat_main_t *sm = &snat_main;
1220 vl_api_nat_set_addr_and_port_alloc_alg_reply_t *rmp;
1221 int rv = VNET_API_ERROR_UNSUPPORTED;
1222 REPLY_MACRO (VL_API_NAT_SET_ADDR_AND_PORT_ALLOC_ALG_REPLY);
1226 vl_api_nat_get_addr_and_port_alloc_alg_t_handler (
1227 vl_api_nat_get_addr_and_port_alloc_alg_t *mp)
1229 snat_main_t *sm = &snat_main;
1230 vl_api_nat_get_addr_and_port_alloc_alg_reply_t *rmp;
1231 int rv = VNET_API_ERROR_UNSUPPORTED;
1232 REPLY_MACRO (VL_API_NAT_GET_ADDR_AND_PORT_ALLOC_ALG_REPLY);
1236 vl_api_nat_ha_set_listener_t_handler (vl_api_nat_ha_set_listener_t *mp)
1238 snat_main_t *sm = &snat_main;
1239 vl_api_nat_ha_set_listener_reply_t *rmp;
1240 int rv = VNET_API_ERROR_UNSUPPORTED;
1241 REPLY_MACRO (VL_API_NAT_HA_SET_LISTENER_REPLY);
1245 vl_api_nat_ha_get_listener_t_handler (vl_api_nat_ha_get_listener_t *mp)
1247 snat_main_t *sm = &snat_main;
1248 vl_api_nat_ha_get_listener_reply_t *rmp;
1249 int rv = VNET_API_ERROR_UNSUPPORTED;
1250 REPLY_MACRO (VL_API_NAT_HA_GET_LISTENER_REPLY);
1254 vl_api_nat_ha_set_failover_t_handler (vl_api_nat_ha_set_failover_t *mp)
1256 snat_main_t *sm = &snat_main;
1257 vl_api_nat_ha_set_failover_reply_t *rmp;
1258 int rv = VNET_API_ERROR_UNSUPPORTED;
1259 REPLY_MACRO (VL_API_NAT_HA_SET_FAILOVER_REPLY);
1263 vl_api_nat_ha_get_failover_t_handler (vl_api_nat_ha_get_failover_t *mp)
1265 snat_main_t *sm = &snat_main;
1266 vl_api_nat_ha_get_failover_reply_t *rmp;
1267 int rv = VNET_API_ERROR_UNSUPPORTED;
1268 REPLY_MACRO (VL_API_NAT_HA_GET_FAILOVER_REPLY);
1272 vl_api_nat_ha_flush_t_handler (vl_api_nat_ha_flush_t *mp)
1274 snat_main_t *sm = &snat_main;
1275 vl_api_nat_ha_flush_reply_t *rmp;
1276 int rv = VNET_API_ERROR_UNSUPPORTED;
1277 REPLY_MACRO (VL_API_NAT_HA_FLUSH_REPLY);
1281 vl_api_nat_ha_resync_t_handler (vl_api_nat_ha_resync_t *mp)
1283 snat_main_t *sm = &snat_main;
1284 vl_api_nat_ha_resync_reply_t *rmp;
1285 int rv = VNET_API_ERROR_UNSUPPORTED;
1286 REPLY_MACRO (VL_API_NAT_HA_RESYNC_REPLY);
1290 vl_api_nat44_del_user_t_handler (vl_api_nat44_del_user_t *mp)
1292 snat_main_t *sm = &snat_main;
1293 vl_api_nat44_del_user_reply_t *rmp;
1294 int rv = VNET_API_ERROR_UNSUPPORTED;
1295 REPLY_MACRO (VL_API_NAT44_DEL_USER_REPLY);
1299 vl_api_nat44_session_cleanup_t_handler (vl_api_nat44_session_cleanup_t *mp)
1301 snat_main_t *sm = &snat_main;
1302 vl_api_nat44_session_cleanup_reply_t *rmp;
1303 int rv = VNET_API_ERROR_UNSUPPORTED;
1304 REPLY_MACRO (VL_API_NAT44_SESSION_CLEANUP_REPLY);
1308 vl_api_nat44_plugin_enable_disable_t_handler (
1309 vl_api_nat44_plugin_enable_disable_t *mp)
1311 snat_main_t *sm = &snat_main;
1312 nat44_config_t c = { 0 };
1313 vl_api_nat44_plugin_enable_disable_reply_t *rmp;
1318 if (mp->users || mp->user_sessions)
1320 rv = VNET_API_ERROR_UNSUPPORTED;
1324 c.static_mapping_only = mp->flags & NAT44_API_IS_STATIC_MAPPING_ONLY;
1325 c.connection_tracking = mp->flags & NAT44_API_IS_CONNECTION_TRACKING;
1327 c.inside_vrf = ntohl (mp->inside_vrf);
1328 c.outside_vrf = ntohl (mp->outside_vrf);
1330 c.sessions = ntohl (mp->sessions);
1332 rv = nat44_plugin_enable (c);
1337 rv = nat44_plugin_disable ();
1340 REPLY_MACRO (VL_API_NAT44_PLUGIN_ENABLE_DISABLE_REPLY);
1344 vl_api_nat_control_ping_t_handler (vl_api_nat_control_ping_t *mp)
1346 vl_api_nat_control_ping_reply_t *rmp;
1347 snat_main_t *sm = &snat_main;
1350 REPLY_MACRO2 (VL_API_NAT_CONTROL_PING_REPLY,
1351 ({ rmp->vpe_pid = ntohl (getpid ()); }));
1355 vl_api_nat_show_config_t_handler (vl_api_nat_show_config_t *mp)
1357 vl_api_nat_show_config_reply_t *rmp;
1358 snat_main_t *sm = &snat_main;
1361 REPLY_MACRO2_ZERO (VL_API_NAT_SHOW_CONFIG_REPLY, ({
1362 rmp->translation_buckets =
1363 htonl (sm->translation_buckets);
1364 rmp->user_buckets = 0;
1365 rmp->max_translations_per_user = 0;
1366 rmp->outside_vrf_id = htonl (sm->outside_vrf_id);
1367 rmp->inside_vrf_id = htonl (sm->inside_vrf_id);
1368 rmp->static_mapping_only = sm->static_mapping_only;
1369 rmp->static_mapping_connection_tracking =
1370 sm->static_mapping_connection_tracking;
1371 rmp->endpoint_dependent = 1;
1372 rmp->out2in_dpo = 0;
1377 vl_api_nat_show_config_2_t_handler (vl_api_nat_show_config_2_t *mp)
1379 vl_api_nat_show_config_2_reply_t *rmp;
1380 snat_main_t *sm = &snat_main;
1384 VL_API_NAT_SHOW_CONFIG_2_REPLY, ({
1385 rmp->translation_buckets = htonl (sm->translation_buckets);
1386 rmp->user_buckets = 0;
1387 rmp->max_translations_per_user = 0;
1388 rmp->outside_vrf_id = htonl (sm->outside_vrf_id);
1389 rmp->inside_vrf_id = htonl (sm->inside_vrf_id);
1390 rmp->static_mapping_only = sm->static_mapping_only;
1391 rmp->static_mapping_connection_tracking =
1392 sm->static_mapping_connection_tracking;
1393 rmp->endpoint_dependent = 1;
1394 rmp->out2in_dpo = 0;
1395 rmp->max_translations_per_thread =
1396 clib_net_to_host_u32 (sm->max_translations_per_thread);
1397 rmp->max_users_per_thread = 0;
1402 vl_api_nat44_show_running_config_t_handler (
1403 vl_api_nat44_show_running_config_t *mp)
1405 vl_api_nat44_show_running_config_reply_t *rmp;
1406 snat_main_t *sm = &snat_main;
1407 nat44_config_t *rc = &sm->rconfig;
1411 VL_API_NAT44_SHOW_RUNNING_CONFIG_REPLY, ({
1412 rmp->inside_vrf = htonl (rc->inside_vrf);
1413 rmp->outside_vrf = htonl (rc->outside_vrf);
1415 rmp->sessions = htonl (rc->sessions);
1416 rmp->translation_buckets = htonl (sm->translation_buckets);
1420 rmp->user_buckets = 0;
1421 rmp->user_sessions = 0;
1423 rmp->timeouts.udp = htonl (sm->timeouts.udp);
1424 rmp->timeouts.tcp_established = htonl (sm->timeouts.tcp.established);
1425 rmp->timeouts.tcp_transitory = htonl (sm->timeouts.tcp.transitory);
1426 rmp->timeouts.icmp = htonl (sm->timeouts.icmp);
1428 rmp->forwarding_enabled = sm->forwarding_enabled == 1;
1429 // consider how to split functionality between subplugins
1430 rmp->ipfix_logging_enabled = nat_ipfix_logging_enabled ();
1431 rmp->flags |= NAT44_IS_ENDPOINT_DEPENDENT;
1432 if (rc->static_mapping_only)
1433 rmp->flags |= NAT44_IS_STATIC_MAPPING_ONLY;
1434 if (rc->connection_tracking)
1435 rmp->flags |= NAT44_IS_CONNECTION_TRACKING;
1439 /* user (internal host) key */
1458 u32 nstaticsessions;
1465 clib_bihash_8_8_t user_hash;
1466 } user_create_helper_t;
1469 send_nat44_user_details (snat_user_t *u, vl_api_registration_t *reg,
1472 vl_api_nat44_user_details_t *rmp;
1473 snat_main_t *sm = &snat_main;
1474 ip4_main_t *im = &ip4_main;
1476 rmp = vl_msg_api_alloc (sizeof (*rmp));
1477 clib_memset (rmp, 0, sizeof (*rmp));
1478 rmp->_vl_msg_id = ntohs (VL_API_NAT44_USER_DETAILS + sm->msg_id_base);
1480 if (!pool_is_free_index (im->fibs, u->fib_index))
1482 fib_table_t *fib = fib_table_get (u->fib_index, FIB_PROTOCOL_IP4);
1483 rmp->vrf_id = ntohl (fib->ft_table_id);
1486 clib_memcpy (rmp->ip_address, &(u->addr), 4);
1487 rmp->nsessions = ntohl (u->nsessions);
1488 rmp->nstaticsessions = ntohl (u->nstaticsessions);
1489 rmp->context = context;
1491 vl_api_send_msg (reg, (u8 *) rmp);
1495 nat_ed_user_create_helper (user_create_helper_t *uch, snat_session_t *s)
1498 k.addr = s->in2out.addr;
1499 k.fib_index = s->in2out.fib_index;
1500 clib_bihash_kv_8_8_t key, value;
1504 if (clib_bihash_search_8_8 (&uch->user_hash, &key, &value))
1506 pool_get (uch->users, u);
1508 u->fib_index = k.fib_index;
1510 u->nstaticsessions = 0;
1511 key.value = u - uch->users;
1512 clib_bihash_add_del_8_8 (&uch->user_hash, &key, 1);
1516 u = pool_elt_at_index (uch->users, value.value);
1518 if (snat_is_session_static (s))
1520 ++u->nstaticsessions;
1529 format_user_kvp (u8 *s, va_list *args)
1531 clib_bihash_kv_8_8_t *v = va_arg (*args, clib_bihash_kv_8_8_t *);
1534 s = format (s, "%U fib %d user-index %llu", format_ip4_address, &k.addr,
1535 k.fib_index, v->value);
1540 nat_ed_users_create (snat_main_per_thread_data_t *tsm,
1541 user_create_helper_t *uch)
1544 clib_bihash_init_8_8 (&uch->user_hash, "users", uch->user_buckets, 0);
1545 clib_bihash_set_kvp_format_fn_8_8 (&uch->user_hash, format_user_kvp);
1546 pool_foreach (s, tsm->sessions)
1548 nat_ed_user_create_helper (uch, s);
1553 nat_ed_users_destroy (user_create_helper_t *uch)
1555 pool_free (uch->users);
1556 clib_bihash_free_8_8 (&uch->user_hash);
1560 vl_api_nat44_user_dump_t_handler (vl_api_nat44_user_dump_t * mp)
1562 user_create_helper_t uch;
1563 vl_api_registration_t *reg;
1564 snat_main_t *sm = &snat_main;
1565 snat_main_per_thread_data_t *tsm;
1568 clib_memset (&uch, 0, sizeof (uch));
1570 uch.user_buckets = nat_calc_bihash_buckets (1024);
1572 reg = vl_api_client_index_to_registration (mp->client_index);
1576 vec_foreach (tsm, sm->per_thread_data)
1578 nat_ed_users_create (tsm, &uch);
1579 pool_foreach (u, uch.users)
1581 send_nat44_user_details (u, reg, mp->context);
1583 nat_ed_users_destroy (&uch);
1588 send_nat44_user_session_details (snat_session_t * s,
1589 vl_api_registration_t * reg, u32 context)
1591 vl_api_nat44_user_session_details_t *rmp;
1592 snat_main_t *sm = &snat_main;
1594 rmp = vl_msg_api_alloc (sizeof (*rmp));
1595 clib_memset (rmp, 0, sizeof (*rmp));
1597 ntohs (VL_API_NAT44_USER_SESSION_DETAILS + sm->msg_id_base);
1598 clib_memcpy (rmp->outside_ip_address, (&s->out2in.addr), 4);
1599 clib_memcpy (rmp->inside_ip_address, (&s->in2out.addr), 4);
1601 if (snat_is_session_static (s))
1602 rmp->flags |= NAT_API_IS_STATIC;
1604 if (is_twice_nat_session (s))
1605 rmp->flags |= NAT_API_IS_TWICE_NAT;
1607 if (is_ed_session (s) || is_fwd_bypass_session (s))
1608 rmp->flags |= NAT_API_IS_EXT_HOST_VALID;
1610 rmp->last_heard = clib_host_to_net_u64 ((u64) s->last_heard);
1611 rmp->total_bytes = clib_host_to_net_u64 (s->total_bytes);
1612 rmp->total_pkts = ntohl (s->total_pkts);
1613 rmp->context = context;
1614 if (snat_is_unk_proto_session (s))
1616 rmp->outside_port = 0;
1617 rmp->inside_port = 0;
1618 rmp->protocol = ntohs (s->in2out.port);
1622 rmp->outside_port = s->out2in.port;
1623 rmp->inside_port = s->in2out.port;
1624 rmp->protocol = ntohs (nat_proto_to_ip_proto (s->nat_proto));
1626 if (is_ed_session (s) || is_fwd_bypass_session (s))
1628 clib_memcpy (rmp->ext_host_address, &s->ext_host_addr, 4);
1629 rmp->ext_host_port = s->ext_host_port;
1630 if (is_twice_nat_session (s))
1632 clib_memcpy (rmp->ext_host_nat_address, &s->ext_host_nat_addr, 4);
1633 rmp->ext_host_nat_port = s->ext_host_nat_port;
1637 vl_api_send_msg (reg, (u8 *) rmp);
1641 vl_api_nat44_user_session_dump_t_handler (vl_api_nat44_user_session_dump_t *
1644 snat_main_per_thread_data_t *tsm;
1645 snat_main_t *sm = &snat_main;
1646 vl_api_registration_t *reg;
1647 snat_user_key_t ukey;
1651 reg = vl_api_client_index_to_registration (mp->client_index);
1655 clib_memcpy (&ukey.addr, mp->ip_address, 4);
1656 ip.src_address.as_u32 = ukey.addr.as_u32;
1657 ukey.fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->vrf_id));
1658 if (sm->num_workers > 1)
1659 tsm = vec_elt_at_index (
1660 sm->per_thread_data,
1661 nat44_ed_get_in2out_worker_index (0, &ip, ukey.fib_index, 0));
1663 tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
1665 pool_foreach (s, tsm->sessions) {
1666 if (s->in2out.addr.as_u32 == ukey.addr.as_u32)
1668 send_nat44_user_session_details (s, reg, mp->context);
1673 /* API definitions */
1674 #include <vnet/format_fns.h>
1675 #include <nat/nat44-ed/nat44_ed.api.c>
1677 /* Set up the API message handling tables */
1679 nat44_api_hookup (vlib_main_t * vm)
1681 snat_main_t *sm = &snat_main;
1682 sm->msg_id_base = setup_message_id_table ();
1687 * fd.io coding-style-patch-verification: ON
1690 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob