2 * Copyright (c) 2020 Cisco and/or its affiliates.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @brief NAT44 plugin API implementation
21 #include <vnet/ip/ip_types_api.h>
22 #include <vlibmemory/api.h>
24 #include <vnet/fib/fib_table.h>
26 #include <nat/lib/nat_inlines.h>
27 #include <nat/lib/ipfix_logging.h>
29 #include <nat/nat44-ed/nat44_ed.h>
31 #include <nat/nat44-ed/nat44_ed.api_enum.h>
32 #include <nat/nat44-ed/nat44_ed.api_types.h>
34 #define REPLY_MSG_ID_BASE sm->msg_id_base
35 #include <vlibapi/api_helper_macros.h>
40 vl_api_nat44_ed_plugin_enable_disable_t_handler (
41 vl_api_nat44_ed_plugin_enable_disable_t *mp)
43 snat_main_t *sm = &snat_main;
44 nat44_config_t c = { 0 };
45 vl_api_nat44_ed_plugin_enable_disable_reply_t *rmp;
50 c.static_mapping_only = mp->flags & NAT44_API_IS_STATIC_MAPPING_ONLY;
51 c.connection_tracking = mp->flags & NAT44_API_IS_CONNECTION_TRACKING;
53 c.inside_vrf = ntohl (mp->inside_vrf);
54 c.outside_vrf = ntohl (mp->outside_vrf);
56 c.sessions = ntohl (mp->sessions);
58 rv = nat44_plugin_enable (c);
62 rv = nat44_plugin_disable ();
65 REPLY_MACRO (VL_API_NAT44_ED_PLUGIN_ENABLE_DISABLE_REPLY);
69 vl_api_nat44_ed_set_fq_options_t_handler (vl_api_nat44_ed_set_fq_options_t *mp)
71 snat_main_t *sm = &snat_main;
72 vl_api_nat44_ed_set_fq_options_reply_t *rmp;
74 u32 frame_queue_nelts = ntohl (mp->frame_queue_nelts);
75 rv = nat44_ed_set_frame_queue_nelts (frame_queue_nelts);
76 REPLY_MACRO (VL_API_NAT44_ED_SET_FQ_OPTIONS_REPLY);
80 vl_api_nat44_ed_show_fq_options_t_handler (
81 vl_api_nat44_ed_show_fq_options_t *mp)
83 snat_main_t *sm = &snat_main;
84 vl_api_nat44_ed_show_fq_options_reply_t *rmp;
86 /* clang-format off */
87 REPLY_MACRO2_ZERO (VL_API_NAT44_ED_SHOW_FQ_OPTIONS_REPLY,
89 rmp->frame_queue_nelts = htonl (sm->frame_queue_nelts);
94 /* Old API calls hold back because of deprecation
95 * nat44_ed replacement should be used */
98 vl_api_nat_set_workers_t_handler (vl_api_nat_set_workers_t * mp)
100 snat_main_t *sm = &snat_main;
101 vl_api_nat_set_workers_reply_t *rmp;
106 mask = clib_net_to_host_u64 (mp->worker_mask);
108 if (sm->num_workers < 2)
110 rv = VNET_API_ERROR_FEATURE_DISABLED;
114 bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask));
115 rv = snat_set_workers (bitmap);
116 clib_bitmap_free (bitmap);
119 REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY);
123 send_nat_worker_details (u32 worker_index, vl_api_registration_t * reg,
126 vl_api_nat_worker_details_t *rmp;
127 snat_main_t *sm = &snat_main;
128 vlib_worker_thread_t *w =
129 vlib_worker_threads + worker_index + sm->first_worker_index;
131 rmp = vl_msg_api_alloc (sizeof (*rmp));
132 clib_memset (rmp, 0, sizeof (*rmp));
133 rmp->_vl_msg_id = ntohs (VL_API_NAT_WORKER_DETAILS + sm->msg_id_base);
134 rmp->context = context;
135 rmp->worker_index = htonl (worker_index);
136 rmp->lcore_id = htonl (w->cpu_id);
137 strncpy ((char *) rmp->name, (char *) w->name, ARRAY_LEN (rmp->name) - 1);
139 vl_api_send_msg (reg, (u8 *) rmp);
143 vl_api_nat_worker_dump_t_handler (vl_api_nat_worker_dump_t * mp)
145 vl_api_registration_t *reg;
146 snat_main_t *sm = &snat_main;
149 reg = vl_api_client_index_to_registration (mp->client_index);
153 vec_foreach (worker_index, sm->workers)
155 send_nat_worker_details (*worker_index, reg, mp->context);
160 vl_api_nat44_set_session_limit_t_handler (vl_api_nat44_set_session_limit_t *
163 snat_main_t *sm = &snat_main;
164 vl_api_nat44_set_session_limit_reply_t *rmp;
167 rv = nat44_set_session_limit
168 (ntohl (mp->session_limit), ntohl (mp->vrf_id));
170 REPLY_MACRO (VL_API_NAT44_SET_SESSION_LIMIT_REPLY);
174 vl_api_nat_set_log_level_t_handler (vl_api_nat_set_log_level_t * mp)
176 snat_main_t *sm = &snat_main;
177 vl_api_nat_set_log_level_reply_t *rmp;
180 if (sm->log_level > NAT_LOG_DEBUG)
181 rv = VNET_API_ERROR_UNSUPPORTED;
183 sm->log_level = mp->log_level;
185 REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY);
189 vl_api_nat_ipfix_enable_disable_t_handler (vl_api_nat_ipfix_enable_disable_t *
192 snat_main_t *sm = &snat_main;
193 vl_api_nat_ipfix_enable_disable_reply_t *rmp;
196 rv = nat_ipfix_logging_enable_disable (mp->enable,
199 clib_host_to_net_u16 (mp->src_port));
201 REPLY_MACRO (VL_API_NAT_IPFIX_ENABLE_DISABLE_REPLY);
205 vl_api_nat_set_timeouts_t_handler (vl_api_nat_set_timeouts_t * mp)
207 snat_main_t *sm = &snat_main;
208 vl_api_nat_set_timeouts_reply_t *rmp;
211 sm->timeouts.udp = ntohl (mp->udp);
212 sm->timeouts.tcp.established = ntohl (mp->tcp_established);
213 sm->timeouts.tcp.transitory = ntohl (mp->tcp_transitory);
214 sm->timeouts.icmp = ntohl (mp->icmp);
216 REPLY_MACRO (VL_API_NAT_SET_TIMEOUTS_REPLY);
220 vl_api_nat_get_timeouts_t_handler (vl_api_nat_get_timeouts_t * mp)
222 snat_main_t *sm = &snat_main;
223 vl_api_nat_get_timeouts_reply_t *rmp;
226 REPLY_MACRO2 (VL_API_NAT_GET_TIMEOUTS_REPLY,
228 rmp->udp = htonl (sm->timeouts.udp);
229 rmp->tcp_established = htonl (sm->timeouts.tcp.established);
230 rmp->tcp_transitory = htonl (sm->timeouts.tcp.transitory);
231 rmp->icmp = htonl (sm->timeouts.icmp);
236 vl_api_nat_set_mss_clamping_t_handler (vl_api_nat_set_mss_clamping_t * mp)
238 snat_main_t *sm = &snat_main;
239 vl_api_nat_set_mss_clamping_reply_t *rmp;
243 sm->mss_clamping = ntohs (mp->mss_value);
245 sm->mss_clamping = 0;
247 REPLY_MACRO (VL_API_NAT_SET_MSS_CLAMPING_REPLY);
251 vl_api_nat_get_mss_clamping_t_handler (vl_api_nat_get_mss_clamping_t * mp)
253 snat_main_t *sm = &snat_main;
254 vl_api_nat_get_mss_clamping_reply_t *rmp;
257 REPLY_MACRO2 (VL_API_NAT_GET_MSS_CLAMPING_REPLY,
259 rmp->enable = sm->mss_clamping ? 1 : 0;
260 rmp->mss_value = htons (sm->mss_clamping);
265 vl_api_nat44_add_del_address_range_t_handler
266 (vl_api_nat44_add_del_address_range_t * mp)
268 snat_main_t *sm = &snat_main;
269 vl_api_nat44_add_del_address_range_reply_t *rmp;
270 ip4_address_t this_addr;
271 u8 is_add, twice_nat;
272 u32 start_host_order, end_host_order;
278 if (sm->static_mapping_only)
280 rv = VNET_API_ERROR_FEATURE_DISABLED;
285 twice_nat = mp->flags & NAT_API_IS_TWICE_NAT;
287 tmp = (u32 *) mp->first_ip_address;
288 start_host_order = clib_host_to_net_u32 (tmp[0]);
289 tmp = (u32 *) mp->last_ip_address;
290 end_host_order = clib_host_to_net_u32 (tmp[0]);
292 count = (end_host_order - start_host_order) + 1;
294 vrf_id = clib_host_to_net_u32 (mp->vrf_id);
297 nat_log_info ("%U - %U, %d addresses...",
298 format_ip4_address, mp->first_ip_address,
299 format_ip4_address, mp->last_ip_address, count);
301 memcpy (&this_addr.as_u8, mp->first_ip_address, 4);
303 for (i = 0; i < count; i++)
306 rv = snat_add_address (sm, &this_addr, vrf_id, twice_nat);
308 rv = snat_del_address (sm, this_addr, 0, twice_nat);
313 increment_v4_address (&this_addr);
317 REPLY_MACRO (VL_API_NAT44_ADD_DEL_ADDRESS_RANGE_REPLY);
321 send_nat44_address_details (snat_address_t * a,
322 vl_api_registration_t * reg, u32 context,
325 vl_api_nat44_address_details_t *rmp;
326 snat_main_t *sm = &snat_main;
328 rmp = vl_msg_api_alloc (sizeof (*rmp));
329 clib_memset (rmp, 0, sizeof (*rmp));
330 rmp->_vl_msg_id = ntohs (VL_API_NAT44_ADDRESS_DETAILS + sm->msg_id_base);
331 clib_memcpy (rmp->ip_address, &(a->addr), 4);
332 if (a->fib_index != ~0)
334 fib_table_t *fib = fib_table_get (a->fib_index, FIB_PROTOCOL_IP4);
335 rmp->vrf_id = ntohl (fib->ft_table_id);
340 rmp->flags |= NAT_API_IS_TWICE_NAT;
341 rmp->context = context;
343 vl_api_send_msg (reg, (u8 *) rmp);
347 vl_api_nat44_address_dump_t_handler (vl_api_nat44_address_dump_t * mp)
349 vl_api_registration_t *reg;
350 snat_main_t *sm = &snat_main;
353 reg = vl_api_client_index_to_registration (mp->client_index);
357 vec_foreach (a, sm->addresses)
358 send_nat44_address_details (a, reg, mp->context, 0);
359 vec_foreach (a, sm->twice_nat_addresses)
360 send_nat44_address_details (a, reg, mp->context, 1);
364 vl_api_nat44_interface_add_del_feature_t_handler
365 (vl_api_nat44_interface_add_del_feature_t * mp)
367 vl_api_nat44_interface_add_del_feature_reply_t *rmp;
368 snat_main_t *sm = &snat_main;
373 VALIDATE_SW_IF_INDEX (mp);
375 is_inside = mp->flags & NAT_API_IS_INSIDE;
376 sw_if_index = ntohl (mp->sw_if_index);
380 rv = nat44_ed_add_interface (sw_if_index, is_inside);
384 rv = nat44_ed_del_interface (sw_if_index, is_inside);
387 BAD_SW_IF_INDEX_LABEL;
388 REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_FEATURE_REPLY);
392 send_nat44_interface_details (snat_interface_t * i,
393 vl_api_registration_t * reg, u32 context)
395 vl_api_nat44_interface_details_t *rmp;
396 snat_main_t *sm = &snat_main;
398 rmp = vl_msg_api_alloc (sizeof (*rmp));
399 clib_memset (rmp, 0, sizeof (*rmp));
400 rmp->_vl_msg_id = ntohs (VL_API_NAT44_INTERFACE_DETAILS + sm->msg_id_base);
401 rmp->sw_if_index = ntohl (i->sw_if_index);
403 if (nat_interface_is_inside (i))
404 rmp->flags |= NAT_API_IS_INSIDE;
405 if (nat_interface_is_outside (i))
406 rmp->flags |= NAT_API_IS_OUTSIDE;
408 rmp->context = context;
410 vl_api_send_msg (reg, (u8 *) rmp);
414 vl_api_nat44_interface_dump_t_handler (vl_api_nat44_interface_dump_t * mp)
416 vl_api_registration_t *reg;
417 snat_main_t *sm = &snat_main;
420 reg = vl_api_client_index_to_registration (mp->client_index);
424 pool_foreach (i, sm->interfaces)
426 send_nat44_interface_details(i, reg, mp->context);
431 vl_api_nat44_interface_add_del_output_feature_t_handler
432 (vl_api_nat44_interface_add_del_output_feature_t * mp)
434 vl_api_nat44_interface_add_del_output_feature_reply_t *rmp;
435 snat_main_t *sm = &snat_main;
439 VALIDATE_SW_IF_INDEX (mp);
441 sw_if_index = ntohl (mp->sw_if_index);
445 rv = nat44_ed_add_output_interface (sw_if_index);
449 rv = nat44_ed_del_output_interface (sw_if_index);
452 BAD_SW_IF_INDEX_LABEL;
453 REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_OUTPUT_FEATURE_REPLY);
457 send_nat44_interface_output_feature_details (snat_interface_t * i,
458 vl_api_registration_t * reg,
461 vl_api_nat44_interface_output_feature_details_t *rmp;
462 snat_main_t *sm = &snat_main;
464 rmp = vl_msg_api_alloc (sizeof (*rmp));
465 clib_memset (rmp, 0, sizeof (*rmp));
467 ntohs (VL_API_NAT44_INTERFACE_OUTPUT_FEATURE_DETAILS + sm->msg_id_base);
468 rmp->sw_if_index = ntohl (i->sw_if_index);
469 rmp->context = context;
471 if (nat_interface_is_inside (i))
472 rmp->flags |= NAT_API_IS_INSIDE;
474 vl_api_send_msg (reg, (u8 *) rmp);
478 vl_api_nat44_interface_output_feature_dump_t_handler
479 (vl_api_nat44_interface_output_feature_dump_t * mp)
481 vl_api_registration_t *reg;
482 snat_main_t *sm = &snat_main;
485 reg = vl_api_client_index_to_registration (mp->client_index);
489 pool_foreach (i, sm->output_feature_interfaces)
491 send_nat44_interface_output_feature_details (i, reg, mp->context);
496 vl_api_nat44_add_del_static_mapping_t_handler
497 (vl_api_nat44_add_del_static_mapping_t * mp)
499 snat_main_t *sm = &snat_main;
500 vl_api_nat44_add_del_static_mapping_reply_t *rmp;
501 ip4_address_t local_addr, external_addr, pool_addr = { 0 };
502 u16 local_port = 0, external_port = 0;
503 u32 vrf_id, external_sw_if_index;
504 twice_nat_type_t twice_nat = TWICE_NAT_DISABLED;
506 nat_protocol_t proto;
509 memcpy (&local_addr.as_u8, mp->local_ip_address, 4);
510 memcpy (&external_addr.as_u8, mp->external_ip_address, 4);
512 if (!(mp->flags & NAT_API_IS_ADDR_ONLY))
514 local_port = mp->local_port;
515 external_port = mp->external_port;
518 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
519 external_sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
520 proto = ip_proto_to_nat_proto (mp->protocol);
522 if (mp->flags & NAT_API_IS_TWICE_NAT)
523 twice_nat = TWICE_NAT;
524 else if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
525 twice_nat = TWICE_NAT_SELF;
526 mp->tag[sizeof (mp->tag) - 1] = 0;
527 tag = format (0, "%s", mp->tag);
528 vec_terminate_c_string (tag);
530 rv = snat_add_static_mapping (
531 local_addr, external_addr, local_port, external_port, vrf_id,
532 mp->flags & NAT_API_IS_ADDR_ONLY, external_sw_if_index, proto, mp->is_add,
533 twice_nat, mp->flags & NAT_API_IS_OUT2IN_ONLY, tag, 0, pool_addr, 0);
536 REPLY_MACRO (VL_API_NAT44_ADD_DEL_STATIC_MAPPING_REPLY);
540 vl_api_nat44_add_del_static_mapping_v2_t_handler
541 (vl_api_nat44_add_del_static_mapping_v2_t * mp)
543 snat_main_t *sm = &snat_main;
544 vl_api_nat44_add_del_static_mapping_v2_reply_t *rmp;
545 ip4_address_t local_addr, external_addr, pool_addr;
546 u16 local_port = 0, external_port = 0;
547 u32 vrf_id, external_sw_if_index;
548 twice_nat_type_t twice_nat = TWICE_NAT_DISABLED;
550 nat_protocol_t proto;
553 memcpy (&pool_addr.as_u8, mp->pool_ip_address, 4);
554 memcpy (&local_addr.as_u8, mp->local_ip_address, 4);
555 memcpy (&external_addr.as_u8, mp->external_ip_address, 4);
557 if (!(mp->flags & NAT_API_IS_ADDR_ONLY))
559 local_port = mp->local_port;
560 external_port = mp->external_port;
563 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
564 external_sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
565 proto = ip_proto_to_nat_proto (mp->protocol);
567 if (mp->flags & NAT_API_IS_TWICE_NAT)
568 twice_nat = TWICE_NAT;
569 else if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
570 twice_nat = TWICE_NAT_SELF;
571 mp->tag[sizeof (mp->tag) - 1] = 0;
572 tag = format (0, "%s", mp->tag);
573 vec_terminate_c_string (tag);
575 rv = snat_add_static_mapping (local_addr, external_addr, local_port,
576 external_port, vrf_id,
577 mp->flags & NAT_API_IS_ADDR_ONLY,
578 external_sw_if_index, proto,
579 mp->is_add, twice_nat,
580 mp->flags & NAT_API_IS_OUT2IN_ONLY, tag, 0,
581 pool_addr, mp->match_pool);
584 REPLY_MACRO (VL_API_NAT44_ADD_DEL_STATIC_MAPPING_V2_REPLY);
588 send_nat44_static_mapping_details (snat_static_mapping_t * m,
589 vl_api_registration_t * reg, u32 context)
591 vl_api_nat44_static_mapping_details_t *rmp;
592 snat_main_t *sm = &snat_main;
593 u32 len = sizeof (*rmp);
595 rmp = vl_msg_api_alloc (len);
596 clib_memset (rmp, 0, len);
598 ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
600 clib_memcpy (rmp->local_ip_address, &(m->local_addr), 4);
601 clib_memcpy (rmp->external_ip_address, &(m->external_addr), 4);
602 rmp->external_sw_if_index = ~0;
603 rmp->vrf_id = htonl (m->vrf_id);
604 rmp->context = context;
606 if (m->twice_nat == TWICE_NAT)
607 rmp->flags |= NAT_API_IS_TWICE_NAT;
608 else if (m->twice_nat == TWICE_NAT_SELF)
609 rmp->flags |= NAT_API_IS_SELF_TWICE_NAT;
611 if (is_out2in_only_static_mapping (m))
612 rmp->flags |= NAT_API_IS_OUT2IN_ONLY;
614 if (is_addr_only_static_mapping (m))
616 rmp->flags |= NAT_API_IS_ADDR_ONLY;
620 rmp->protocol = nat_proto_to_ip_proto (m->proto);
621 rmp->external_port = m->external_port;
622 rmp->local_port = m->local_port;
626 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
628 vl_api_send_msg (reg, (u8 *) rmp);
632 send_nat44_static_map_resolve_details (snat_static_map_resolve_t * m,
633 vl_api_registration_t * reg,
636 vl_api_nat44_static_mapping_details_t *rmp;
637 snat_main_t *sm = &snat_main;
639 rmp = vl_msg_api_alloc (sizeof (*rmp));
640 clib_memset (rmp, 0, sizeof (*rmp));
642 ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
643 clib_memcpy (rmp->local_ip_address, &(m->l_addr), 4);
644 rmp->external_sw_if_index = htonl (m->sw_if_index);
645 rmp->vrf_id = htonl (m->vrf_id);
646 rmp->context = context;
649 rmp->flags |= NAT_API_IS_TWICE_NAT;
653 rmp->flags |= NAT_API_IS_ADDR_ONLY;
657 rmp->protocol = nat_proto_to_ip_proto (m->proto);
658 rmp->external_port = m->e_port;
659 rmp->local_port = m->l_port;
662 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
664 vl_api_send_msg (reg, (u8 *) rmp);
668 vl_api_nat44_static_mapping_dump_t_handler (vl_api_nat44_static_mapping_dump_t
671 vl_api_registration_t *reg;
672 snat_main_t *sm = &snat_main;
673 snat_static_mapping_t *m;
674 snat_static_map_resolve_t *rp;
677 reg = vl_api_client_index_to_registration (mp->client_index);
681 pool_foreach (m, sm->static_mappings)
683 if (!is_identity_static_mapping(m) && !is_lb_static_mapping (m))
684 send_nat44_static_mapping_details (m, reg, mp->context);
687 for (j = 0; j < vec_len (sm->to_resolve); j++)
689 rp = sm->to_resolve + j;
690 if (!rp->identity_nat)
691 send_nat44_static_map_resolve_details (rp, reg, mp->context);
696 vl_api_nat44_add_del_identity_mapping_t_handler
697 (vl_api_nat44_add_del_identity_mapping_t * mp)
699 snat_main_t *sm = &snat_main;
700 vl_api_nat44_add_del_identity_mapping_reply_t *rmp;
701 ip4_address_t addr, pool_addr = { 0 };
703 u32 vrf_id, sw_if_index;
705 nat_protocol_t proto = NAT_PROTOCOL_OTHER;
708 if (!(mp->flags & NAT_API_IS_ADDR_ONLY))
711 proto = ip_proto_to_nat_proto (mp->protocol);
713 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
714 sw_if_index = clib_net_to_host_u32 (mp->sw_if_index);
715 if (sw_if_index != ~0)
718 memcpy (&addr.as_u8, mp->ip_address, 4);
719 mp->tag[sizeof (mp->tag) - 1] = 0;
720 tag = format (0, "%s", mp->tag);
721 vec_terminate_c_string (tag);
724 snat_add_static_mapping (addr, addr, port, port, vrf_id,
725 mp->flags & NAT_API_IS_ADDR_ONLY, sw_if_index,
726 proto, mp->is_add, 0, 0, tag, 1, pool_addr, 0);
729 REPLY_MACRO (VL_API_NAT44_ADD_DEL_IDENTITY_MAPPING_REPLY);
733 send_nat44_identity_mapping_details (snat_static_mapping_t * m, int index,
734 vl_api_registration_t * reg, u32 context)
736 vl_api_nat44_identity_mapping_details_t *rmp;
737 snat_main_t *sm = &snat_main;
738 nat44_lb_addr_port_t *local = pool_elt_at_index (m->locals, index);
740 rmp = vl_msg_api_alloc (sizeof (*rmp));
741 clib_memset (rmp, 0, sizeof (*rmp));
743 ntohs (VL_API_NAT44_IDENTITY_MAPPING_DETAILS + sm->msg_id_base);
745 if (is_addr_only_static_mapping (m))
746 rmp->flags |= NAT_API_IS_ADDR_ONLY;
748 clib_memcpy (rmp->ip_address, &(m->local_addr), 4);
749 rmp->port = m->local_port;
750 rmp->sw_if_index = ~0;
751 rmp->vrf_id = htonl (local->vrf_id);
752 rmp->protocol = nat_proto_to_ip_proto (m->proto);
753 rmp->context = context;
755 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
757 vl_api_send_msg (reg, (u8 *) rmp);
761 send_nat44_identity_map_resolve_details (snat_static_map_resolve_t * m,
762 vl_api_registration_t * reg,
765 vl_api_nat44_identity_mapping_details_t *rmp;
766 snat_main_t *sm = &snat_main;
768 rmp = vl_msg_api_alloc (sizeof (*rmp));
769 clib_memset (rmp, 0, sizeof (*rmp));
771 ntohs (VL_API_NAT44_IDENTITY_MAPPING_DETAILS + sm->msg_id_base);
774 rmp->flags = (vl_api_nat_config_flags_t) NAT_API_IS_ADDR_ONLY;
776 rmp->port = m->l_port;
777 rmp->sw_if_index = htonl (m->sw_if_index);
778 rmp->vrf_id = htonl (m->vrf_id);
779 rmp->protocol = nat_proto_to_ip_proto (m->proto);
780 rmp->context = context;
782 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
784 vl_api_send_msg (reg, (u8 *) rmp);
788 vl_api_nat44_identity_mapping_dump_t_handler
789 (vl_api_nat44_identity_mapping_dump_t * mp)
791 vl_api_registration_t *reg;
792 snat_main_t *sm = &snat_main;
793 snat_static_mapping_t *m;
794 snat_static_map_resolve_t *rp;
797 reg = vl_api_client_index_to_registration (mp->client_index);
801 pool_foreach (m, sm->static_mappings)
803 if (is_identity_static_mapping(m) && !is_lb_static_mapping (m))
805 pool_foreach_index (j, m->locals)
807 send_nat44_identity_mapping_details (m, j, reg, mp->context);
812 for (j = 0; j < vec_len (sm->to_resolve); j++)
814 rp = sm->to_resolve + j;
815 if (rp->identity_nat)
816 send_nat44_identity_map_resolve_details (rp, reg, mp->context);
821 vl_api_nat44_add_del_interface_addr_t_handler
822 (vl_api_nat44_add_del_interface_addr_t * mp)
824 snat_main_t *sm = &snat_main;
825 vl_api_nat44_add_del_interface_addr_reply_t *rmp;
826 u32 sw_if_index = ntohl (mp->sw_if_index);
830 if (sm->static_mapping_only)
832 rv = VNET_API_ERROR_FEATURE_DISABLED;
836 is_del = !mp->is_add;
838 VALIDATE_SW_IF_INDEX (mp);
840 rv = snat_add_interface_address (sm, sw_if_index, is_del,
841 mp->flags & NAT_API_IS_TWICE_NAT);
843 BAD_SW_IF_INDEX_LABEL;
846 REPLY_MACRO (VL_API_NAT44_ADD_DEL_INTERFACE_ADDR_REPLY);
850 send_nat44_interface_addr_details (u32 sw_if_index,
851 vl_api_registration_t * reg, u32 context,
854 vl_api_nat44_interface_addr_details_t *rmp;
855 snat_main_t *sm = &snat_main;
857 rmp = vl_msg_api_alloc (sizeof (*rmp));
858 clib_memset (rmp, 0, sizeof (*rmp));
860 ntohs (VL_API_NAT44_INTERFACE_ADDR_DETAILS + sm->msg_id_base);
861 rmp->sw_if_index = ntohl (sw_if_index);
864 rmp->flags = (vl_api_nat_config_flags_t) NAT_API_IS_TWICE_NAT;
865 rmp->context = context;
867 vl_api_send_msg (reg, (u8 *) rmp);
871 vl_api_nat44_interface_addr_dump_t_handler (vl_api_nat44_interface_addr_dump_t
874 vl_api_registration_t *reg;
875 snat_main_t *sm = &snat_main;
878 reg = vl_api_client_index_to_registration (mp->client_index);
882 vec_foreach (i, sm->auto_add_sw_if_indices)
884 send_nat44_interface_addr_details (*i, reg, mp->context, 0);
886 vec_foreach (i, sm->auto_add_sw_if_indices_twice_nat)
888 send_nat44_interface_addr_details (*i, reg, mp->context, 1);
892 static nat44_lb_addr_port_t *
893 unformat_nat44_lb_addr_port (vl_api_nat44_lb_addr_port_t *addr_port_pairs,
894 u32 addr_port_pair_num)
897 nat44_lb_addr_port_t *lb_addr_port_pairs = 0, lb_addr_port;
898 vl_api_nat44_lb_addr_port_t *ap;
900 for (i = 0; i < addr_port_pair_num; i++)
902 ap = &addr_port_pairs[i];
903 clib_memset (&lb_addr_port, 0, sizeof (lb_addr_port));
904 clib_memcpy (&lb_addr_port.addr, ap->addr, 4);
905 lb_addr_port.port = ap->port;
906 lb_addr_port.probability = ap->probability;
907 lb_addr_port.vrf_id = clib_net_to_host_u32 (ap->vrf_id);
908 vec_add1 (lb_addr_port_pairs, lb_addr_port);
911 return lb_addr_port_pairs;
915 vl_api_nat44_add_del_lb_static_mapping_t_handler (
916 vl_api_nat44_add_del_lb_static_mapping_t *mp)
918 snat_main_t *sm = &snat_main;
919 vl_api_nat44_add_del_lb_static_mapping_reply_t *rmp;
920 twice_nat_type_t twice_nat = TWICE_NAT_DISABLED;
922 nat44_lb_addr_port_t *locals = 0;
923 ip4_address_t e_addr;
924 nat_protocol_t proto;
927 locals = unformat_nat44_lb_addr_port (mp->locals,
928 clib_net_to_host_u32 (mp->local_num));
929 clib_memcpy (&e_addr, mp->external_addr, 4);
930 proto = ip_proto_to_nat_proto (mp->protocol);
932 if (mp->flags & NAT_API_IS_TWICE_NAT)
933 twice_nat = TWICE_NAT;
934 else if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
935 twice_nat = TWICE_NAT_SELF;
936 mp->tag[sizeof (mp->tag) - 1] = 0;
937 tag = format (0, "%s", mp->tag);
938 vec_terminate_c_string (tag);
940 rv = nat44_add_del_lb_static_mapping (
941 e_addr, mp->external_port, proto, locals, mp->is_add, twice_nat,
942 mp->flags & NAT_API_IS_OUT2IN_ONLY, tag,
943 clib_net_to_host_u32 (mp->affinity));
947 REPLY_MACRO (VL_API_NAT44_ADD_DEL_LB_STATIC_MAPPING_REPLY);
951 vl_api_nat44_lb_static_mapping_add_del_local_t_handler (
952 vl_api_nat44_lb_static_mapping_add_del_local_t *mp)
954 snat_main_t *sm = &snat_main;
955 vl_api_nat44_lb_static_mapping_add_del_local_reply_t *rmp;
957 ip4_address_t e_addr, l_addr;
958 nat_protocol_t proto;
960 clib_memcpy (&e_addr, mp->external_addr, 4);
961 clib_memcpy (&l_addr, mp->local.addr, 4);
962 proto = ip_proto_to_nat_proto (mp->protocol);
964 rv = nat44_lb_static_mapping_add_del_local (
965 e_addr, mp->external_port, l_addr, mp->local.port, proto,
966 clib_net_to_host_u32 (mp->local.vrf_id), mp->local.probability,
969 REPLY_MACRO (VL_API_NAT44_LB_STATIC_MAPPING_ADD_DEL_LOCAL_REPLY);
973 send_nat44_lb_static_mapping_details (snat_static_mapping_t *m,
974 vl_api_registration_t *reg, u32 context)
976 vl_api_nat44_lb_static_mapping_details_t *rmp;
977 snat_main_t *sm = &snat_main;
978 nat44_lb_addr_port_t *ap;
979 vl_api_nat44_lb_addr_port_t *locals;
982 rmp = vl_msg_api_alloc (
983 sizeof (*rmp) + (pool_elts (m->locals) * sizeof (nat44_lb_addr_port_t)));
984 clib_memset (rmp, 0, sizeof (*rmp));
986 ntohs (VL_API_NAT44_LB_STATIC_MAPPING_DETAILS + sm->msg_id_base);
988 clib_memcpy (rmp->external_addr, &(m->external_addr), 4);
989 rmp->external_port = m->external_port;
990 rmp->protocol = nat_proto_to_ip_proto (m->proto);
991 rmp->context = context;
993 if (m->twice_nat == TWICE_NAT)
994 rmp->flags |= NAT_API_IS_TWICE_NAT;
995 else if (m->twice_nat == TWICE_NAT_SELF)
996 rmp->flags |= NAT_API_IS_SELF_TWICE_NAT;
997 if (is_out2in_only_static_mapping (m))
998 rmp->flags |= NAT_API_IS_OUT2IN_ONLY;
1000 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
1002 locals = (vl_api_nat44_lb_addr_port_t *) rmp->locals;
1003 pool_foreach (ap, m->locals)
1005 clib_memcpy (locals->addr, &(ap->addr), 4);
1006 locals->port = ap->port;
1007 locals->probability = ap->probability;
1008 locals->vrf_id = ntohl (ap->vrf_id);
1012 rmp->local_num = ntohl (local_num);
1014 vl_api_send_msg (reg, (u8 *) rmp);
1018 vl_api_nat44_lb_static_mapping_dump_t_handler (
1019 vl_api_nat44_lb_static_mapping_dump_t *mp)
1021 vl_api_registration_t *reg;
1022 snat_main_t *sm = &snat_main;
1023 snat_static_mapping_t *m;
1025 reg = vl_api_client_index_to_registration (mp->client_index);
1029 pool_foreach (m, sm->static_mappings)
1031 if (is_lb_static_mapping (m))
1032 send_nat44_lb_static_mapping_details (m, reg, mp->context);
1037 vl_api_nat44_del_session_t_handler (vl_api_nat44_del_session_t *mp)
1039 snat_main_t *sm = &snat_main;
1040 vl_api_nat44_del_session_reply_t *rmp;
1041 ip4_address_t addr, eh_addr;
1047 memcpy (&addr.as_u8, mp->address, 4);
1049 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
1050 memcpy (&eh_addr.as_u8, mp->ext_host_address, 4);
1051 eh_port = mp->ext_host_port;
1053 is_in = mp->flags & NAT_API_IS_INSIDE;
1055 rv = nat44_del_ed_session (sm, &addr, port, &eh_addr, eh_port, mp->protocol,
1058 REPLY_MACRO (VL_API_NAT44_DEL_SESSION_REPLY);
1062 vl_api_nat44_forwarding_enable_disable_t_handler (
1063 vl_api_nat44_forwarding_enable_disable_t *mp)
1065 vl_api_nat44_forwarding_enable_disable_reply_t *rmp;
1066 snat_main_t *sm = &snat_main;
1068 nat44_ed_forwarding_enable_disable (mp->enable);
1069 REPLY_MACRO (VL_API_NAT44_FORWARDING_ENABLE_DISABLE_REPLY);
1073 vl_api_nat44_forwarding_is_enabled_t_handler (
1074 vl_api_nat44_forwarding_is_enabled_t *mp)
1076 vl_api_registration_t *reg;
1077 snat_main_t *sm = &snat_main;
1078 vl_api_nat44_forwarding_is_enabled_reply_t *rmp;
1080 reg = vl_api_client_index_to_registration (mp->client_index);
1084 rmp = vl_msg_api_alloc (sizeof (*rmp));
1085 clib_memset (rmp, 0, sizeof (*rmp));
1087 ntohs (VL_API_NAT44_FORWARDING_IS_ENABLED_REPLY + sm->msg_id_base);
1088 rmp->context = mp->context;
1090 rmp->enabled = sm->forwarding_enabled;
1092 vl_api_send_msg (reg, (u8 *) rmp);
1095 /* Obsolete calls hold back because of deprecation
1096 * should not be used */
1099 vl_api_nat_set_addr_and_port_alloc_alg_t_handler (
1100 vl_api_nat_set_addr_and_port_alloc_alg_t *mp)
1102 snat_main_t *sm = &snat_main;
1103 vl_api_nat_set_addr_and_port_alloc_alg_reply_t *rmp;
1104 int rv = VNET_API_ERROR_UNSUPPORTED;
1105 REPLY_MACRO (VL_API_NAT_SET_ADDR_AND_PORT_ALLOC_ALG_REPLY);
1109 vl_api_nat_get_addr_and_port_alloc_alg_t_handler (
1110 vl_api_nat_get_addr_and_port_alloc_alg_t *mp)
1112 snat_main_t *sm = &snat_main;
1113 vl_api_nat_get_addr_and_port_alloc_alg_reply_t *rmp;
1114 int rv = VNET_API_ERROR_UNSUPPORTED;
1115 REPLY_MACRO (VL_API_NAT_GET_ADDR_AND_PORT_ALLOC_ALG_REPLY);
1119 vl_api_nat_ha_set_listener_t_handler (vl_api_nat_ha_set_listener_t *mp)
1121 snat_main_t *sm = &snat_main;
1122 vl_api_nat_ha_set_listener_reply_t *rmp;
1123 int rv = VNET_API_ERROR_UNSUPPORTED;
1124 REPLY_MACRO (VL_API_NAT_HA_SET_LISTENER_REPLY);
1128 vl_api_nat_ha_get_listener_t_handler (vl_api_nat_ha_get_listener_t *mp)
1130 snat_main_t *sm = &snat_main;
1131 vl_api_nat_ha_get_listener_reply_t *rmp;
1132 int rv = VNET_API_ERROR_UNSUPPORTED;
1133 REPLY_MACRO (VL_API_NAT_HA_GET_LISTENER_REPLY);
1137 vl_api_nat_ha_set_failover_t_handler (vl_api_nat_ha_set_failover_t *mp)
1139 snat_main_t *sm = &snat_main;
1140 vl_api_nat_ha_set_failover_reply_t *rmp;
1141 int rv = VNET_API_ERROR_UNSUPPORTED;
1142 REPLY_MACRO (VL_API_NAT_HA_SET_FAILOVER_REPLY);
1146 vl_api_nat_ha_get_failover_t_handler (vl_api_nat_ha_get_failover_t *mp)
1148 snat_main_t *sm = &snat_main;
1149 vl_api_nat_ha_get_failover_reply_t *rmp;
1150 int rv = VNET_API_ERROR_UNSUPPORTED;
1151 REPLY_MACRO (VL_API_NAT_HA_GET_FAILOVER_REPLY);
1155 vl_api_nat_ha_flush_t_handler (vl_api_nat_ha_flush_t *mp)
1157 snat_main_t *sm = &snat_main;
1158 vl_api_nat_ha_flush_reply_t *rmp;
1159 int rv = VNET_API_ERROR_UNSUPPORTED;
1160 REPLY_MACRO (VL_API_NAT_HA_FLUSH_REPLY);
1164 vl_api_nat_ha_resync_t_handler (vl_api_nat_ha_resync_t *mp)
1166 snat_main_t *sm = &snat_main;
1167 vl_api_nat_ha_resync_reply_t *rmp;
1168 int rv = VNET_API_ERROR_UNSUPPORTED;
1169 REPLY_MACRO (VL_API_NAT_HA_RESYNC_REPLY);
1173 vl_api_nat44_del_user_t_handler (vl_api_nat44_del_user_t *mp)
1175 snat_main_t *sm = &snat_main;
1176 vl_api_nat44_del_user_reply_t *rmp;
1177 int rv = VNET_API_ERROR_UNSUPPORTED;
1178 REPLY_MACRO (VL_API_NAT44_DEL_USER_REPLY);
1182 vl_api_nat44_session_cleanup_t_handler (vl_api_nat44_session_cleanup_t *mp)
1184 snat_main_t *sm = &snat_main;
1185 vl_api_nat44_session_cleanup_reply_t *rmp;
1186 int rv = VNET_API_ERROR_UNSUPPORTED;
1187 REPLY_MACRO (VL_API_NAT44_SESSION_CLEANUP_REPLY);
1191 vl_api_nat44_plugin_enable_disable_t_handler (
1192 vl_api_nat44_plugin_enable_disable_t *mp)
1194 snat_main_t *sm = &snat_main;
1195 nat44_config_t c = { 0 };
1196 vl_api_nat44_plugin_enable_disable_reply_t *rmp;
1201 if (!(mp->flags & NAT44_API_IS_ENDPOINT_DEPENDENT) ||
1202 (mp->flags & NAT44_API_IS_OUT2IN_DPO) || mp->users ||
1205 rv = VNET_API_ERROR_UNSUPPORTED;
1209 c.static_mapping_only = mp->flags & NAT44_API_IS_STATIC_MAPPING_ONLY;
1210 c.connection_tracking = mp->flags & NAT44_API_IS_CONNECTION_TRACKING;
1212 c.inside_vrf = ntohl (mp->inside_vrf);
1213 c.outside_vrf = ntohl (mp->outside_vrf);
1215 c.sessions = ntohl (mp->sessions);
1217 rv = nat44_plugin_enable (c);
1222 rv = nat44_plugin_disable ();
1225 REPLY_MACRO (VL_API_NAT44_PLUGIN_ENABLE_DISABLE_REPLY);
1229 vl_api_nat_control_ping_t_handler (vl_api_nat_control_ping_t *mp)
1231 vl_api_nat_control_ping_reply_t *rmp;
1232 snat_main_t *sm = &snat_main;
1235 REPLY_MACRO2 (VL_API_NAT_CONTROL_PING_REPLY,
1236 ({ rmp->vpe_pid = ntohl (getpid ()); }));
1240 vl_api_nat_show_config_t_handler (vl_api_nat_show_config_t *mp)
1242 vl_api_nat_show_config_reply_t *rmp;
1243 snat_main_t *sm = &snat_main;
1246 REPLY_MACRO2_ZERO (VL_API_NAT_SHOW_CONFIG_REPLY, ({
1247 rmp->translation_buckets =
1248 htonl (sm->translation_buckets);
1249 rmp->user_buckets = 0;
1250 rmp->max_translations_per_user = 0;
1251 rmp->outside_vrf_id = htonl (sm->outside_vrf_id);
1252 rmp->inside_vrf_id = htonl (sm->inside_vrf_id);
1253 rmp->static_mapping_only = sm->static_mapping_only;
1254 rmp->static_mapping_connection_tracking =
1255 sm->static_mapping_connection_tracking;
1256 rmp->endpoint_dependent = 1;
1257 rmp->out2in_dpo = 0;
1262 vl_api_nat_show_config_2_t_handler (vl_api_nat_show_config_2_t *mp)
1264 vl_api_nat_show_config_2_reply_t *rmp;
1265 snat_main_t *sm = &snat_main;
1269 VL_API_NAT_SHOW_CONFIG_2_REPLY, ({
1270 rmp->translation_buckets = htonl (sm->translation_buckets);
1271 rmp->user_buckets = 0;
1272 rmp->max_translations_per_user = 0;
1273 rmp->outside_vrf_id = htonl (sm->outside_vrf_id);
1274 rmp->inside_vrf_id = htonl (sm->inside_vrf_id);
1275 rmp->static_mapping_only = sm->static_mapping_only;
1276 rmp->static_mapping_connection_tracking =
1277 sm->static_mapping_connection_tracking;
1278 rmp->endpoint_dependent = 1;
1279 rmp->out2in_dpo = 0;
1280 rmp->max_translations_per_thread =
1281 clib_net_to_host_u32 (sm->max_translations_per_thread);
1282 rmp->max_users_per_thread = 0;
1287 vl_api_nat44_show_running_config_t_handler (
1288 vl_api_nat44_show_running_config_t *mp)
1290 vl_api_nat44_show_running_config_reply_t *rmp;
1291 snat_main_t *sm = &snat_main;
1292 nat44_config_t *rc = &sm->rconfig;
1296 VL_API_NAT44_SHOW_RUNNING_CONFIG_REPLY, ({
1297 rmp->inside_vrf = htonl (rc->inside_vrf);
1298 rmp->outside_vrf = htonl (rc->outside_vrf);
1300 rmp->sessions = htonl (rc->sessions);
1301 rmp->translation_buckets = htonl (sm->translation_buckets);
1305 rmp->user_buckets = 0;
1306 rmp->user_sessions = 0;
1308 rmp->timeouts.udp = htonl (sm->timeouts.udp);
1309 rmp->timeouts.tcp_established = htonl (sm->timeouts.tcp.established);
1310 rmp->timeouts.tcp_transitory = htonl (sm->timeouts.tcp.transitory);
1311 rmp->timeouts.icmp = htonl (sm->timeouts.icmp);
1313 rmp->forwarding_enabled = sm->forwarding_enabled == 1;
1314 // consider how to split functionality between subplugins
1315 rmp->ipfix_logging_enabled = nat_ipfix_logging_enabled ();
1316 rmp->flags |= NAT44_IS_ENDPOINT_DEPENDENT;
1317 if (rc->static_mapping_only)
1318 rmp->flags |= NAT44_IS_STATIC_MAPPING_ONLY;
1319 if (rc->connection_tracking)
1320 rmp->flags |= NAT44_IS_CONNECTION_TRACKING;
1324 /* user (internal host) key */
1343 u32 nstaticsessions;
1350 clib_bihash_8_8_t user_hash;
1351 } user_create_helper_t;
1354 send_nat44_user_details (snat_user_t *u, vl_api_registration_t *reg,
1357 vl_api_nat44_user_details_t *rmp;
1358 snat_main_t *sm = &snat_main;
1359 ip4_main_t *im = &ip4_main;
1361 rmp = vl_msg_api_alloc (sizeof (*rmp));
1362 clib_memset (rmp, 0, sizeof (*rmp));
1363 rmp->_vl_msg_id = ntohs (VL_API_NAT44_USER_DETAILS + sm->msg_id_base);
1365 if (!pool_is_free_index (im->fibs, u->fib_index))
1367 fib_table_t *fib = fib_table_get (u->fib_index, FIB_PROTOCOL_IP4);
1368 rmp->vrf_id = ntohl (fib->ft_table_id);
1371 clib_memcpy (rmp->ip_address, &(u->addr), 4);
1372 rmp->nsessions = ntohl (u->nsessions);
1373 rmp->nstaticsessions = ntohl (u->nstaticsessions);
1374 rmp->context = context;
1376 vl_api_send_msg (reg, (u8 *) rmp);
1380 nat_ed_user_create_helper (user_create_helper_t *uch, snat_session_t *s)
1383 k.addr = s->in2out.addr;
1384 k.fib_index = s->in2out.fib_index;
1385 clib_bihash_kv_8_8_t key, value;
1389 if (clib_bihash_search_8_8 (&uch->user_hash, &key, &value))
1391 pool_get (uch->users, u);
1393 u->fib_index = k.fib_index;
1395 u->nstaticsessions = 0;
1396 key.value = u - uch->users;
1397 clib_bihash_add_del_8_8 (&uch->user_hash, &key, 1);
1401 u = pool_elt_at_index (uch->users, value.value);
1403 if (snat_is_session_static (s))
1405 ++u->nstaticsessions;
1414 format_user_kvp (u8 *s, va_list *args)
1416 clib_bihash_kv_8_8_t *v = va_arg (*args, clib_bihash_kv_8_8_t *);
1419 s = format (s, "%U fib %d user-index %llu", format_ip4_address, &k.addr,
1420 k.fib_index, v->value);
1425 nat_ed_users_create (snat_main_per_thread_data_t *tsm,
1426 user_create_helper_t *uch)
1429 clib_bihash_init_8_8 (&uch->user_hash, "users", uch->user_buckets, 0);
1430 clib_bihash_set_kvp_format_fn_8_8 (&uch->user_hash, format_user_kvp);
1431 pool_foreach (s, tsm->sessions)
1433 nat_ed_user_create_helper (uch, s);
1438 nat_ed_users_destroy (user_create_helper_t *uch)
1440 pool_free (uch->users);
1441 clib_bihash_free_8_8 (&uch->user_hash);
1445 vl_api_nat44_user_dump_t_handler (vl_api_nat44_user_dump_t * mp)
1447 user_create_helper_t uch;
1448 vl_api_registration_t *reg;
1449 snat_main_t *sm = &snat_main;
1450 snat_main_per_thread_data_t *tsm;
1453 clib_memset (&uch, 0, sizeof (uch));
1455 uch.user_buckets = nat_calc_bihash_buckets (1024);
1457 reg = vl_api_client_index_to_registration (mp->client_index);
1461 vec_foreach (tsm, sm->per_thread_data)
1463 nat_ed_users_create (tsm, &uch);
1464 pool_foreach (u, uch.users)
1466 send_nat44_user_details (u, reg, mp->context);
1468 nat_ed_users_destroy (&uch);
1473 send_nat44_user_session_details (snat_session_t * s,
1474 vl_api_registration_t * reg, u32 context)
1476 vl_api_nat44_user_session_details_t *rmp;
1477 snat_main_t *sm = &snat_main;
1479 rmp = vl_msg_api_alloc (sizeof (*rmp));
1480 clib_memset (rmp, 0, sizeof (*rmp));
1482 ntohs (VL_API_NAT44_USER_SESSION_DETAILS + sm->msg_id_base);
1483 clib_memcpy (rmp->outside_ip_address, (&s->out2in.addr), 4);
1484 clib_memcpy (rmp->inside_ip_address, (&s->in2out.addr), 4);
1486 if (snat_is_session_static (s))
1487 rmp->flags |= NAT_API_IS_STATIC;
1489 if (is_twice_nat_session (s))
1490 rmp->flags |= NAT_API_IS_TWICE_NAT;
1492 if (is_ed_session (s) || is_fwd_bypass_session (s))
1493 rmp->flags |= NAT_API_IS_EXT_HOST_VALID;
1495 rmp->last_heard = clib_host_to_net_u64 ((u64) s->last_heard);
1496 rmp->total_bytes = clib_host_to_net_u64 (s->total_bytes);
1497 rmp->total_pkts = ntohl (s->total_pkts);
1498 rmp->context = context;
1499 if (snat_is_unk_proto_session (s))
1501 rmp->outside_port = 0;
1502 rmp->inside_port = 0;
1503 rmp->protocol = ntohs (s->in2out.port);
1507 rmp->outside_port = s->out2in.port;
1508 rmp->inside_port = s->in2out.port;
1509 rmp->protocol = ntohs (nat_proto_to_ip_proto (s->nat_proto));
1511 if (is_ed_session (s) || is_fwd_bypass_session (s))
1513 clib_memcpy (rmp->ext_host_address, &s->ext_host_addr, 4);
1514 rmp->ext_host_port = s->ext_host_port;
1515 if (is_twice_nat_session (s))
1517 clib_memcpy (rmp->ext_host_nat_address, &s->ext_host_nat_addr, 4);
1518 rmp->ext_host_nat_port = s->ext_host_nat_port;
1522 vl_api_send_msg (reg, (u8 *) rmp);
1526 vl_api_nat44_user_session_dump_t_handler (vl_api_nat44_user_session_dump_t *
1529 snat_main_per_thread_data_t *tsm;
1530 snat_main_t *sm = &snat_main;
1531 vl_api_registration_t *reg;
1532 snat_user_key_t ukey;
1536 reg = vl_api_client_index_to_registration (mp->client_index);
1540 clib_memcpy (&ukey.addr, mp->ip_address, 4);
1541 ip.src_address.as_u32 = ukey.addr.as_u32;
1542 ukey.fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->vrf_id));
1543 if (sm->num_workers > 1)
1544 tsm = vec_elt_at_index (
1545 sm->per_thread_data,
1546 nat44_ed_get_in2out_worker_index (0, &ip, ukey.fib_index, 0));
1548 tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
1550 pool_foreach (s, tsm->sessions) {
1551 if (s->in2out.addr.as_u32 == ukey.addr.as_u32)
1553 send_nat44_user_session_details (s, reg, mp->context);
1558 /* API definitions */
1559 #include <vnet/format_fns.h>
1560 #include <nat/nat44-ed/nat44_ed.api.c>
1562 /* Set up the API message handling tables */
1564 nat44_api_hookup (vlib_main_t * vm)
1566 snat_main_t *sm = &snat_main;
1567 sm->msg_id_base = setup_message_id_table ();
1572 * fd.io coding-style-patch-verification: ON
1575 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob