2 * Copyright (c) 2020 Cisco and/or its affiliates.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @brief NAT44 plugin API implementation
21 #include <vnet/ip/ip_types_api.h>
22 #include <vlibmemory/api.h>
24 #include <vnet/fib/fib_table.h>
26 #include <nat/lib/nat_inlines.h>
27 #include <nat/lib/ipfix_logging.h>
31 #include <nat/nat44.api_enum.h>
32 #include <nat/nat44.api_types.h>
34 #include <nat/nat_ha.h>
35 #include <nat/nat_inlines.h>
37 #include <nat/nat44/inlines.h>
38 #include <nat/nat44/ed_inlines.h>
40 #define REPLY_MSG_ID_BASE sm->msg_id_base
41 #include <vlibapi/api_helper_macros.h>
44 vl_api_nat_control_ping_t_handler (vl_api_nat_control_ping_t * mp)
46 vl_api_nat_control_ping_reply_t *rmp;
47 snat_main_t *sm = &snat_main;
51 REPLY_MACRO2 (VL_API_NAT_CONTROL_PING_REPLY,
53 rmp->vpe_pid = ntohl (getpid ());
59 vl_api_nat_show_config_t_handler (vl_api_nat_show_config_t * mp)
61 vl_api_nat_show_config_reply_t *rmp;
62 snat_main_t *sm = &snat_main;
66 REPLY_MACRO2_ZERO (VL_API_NAT_SHOW_CONFIG_REPLY,
68 rmp->translation_buckets = htonl (sm->translation_buckets);
69 rmp->user_buckets = htonl (sm->user_buckets);
70 rmp->max_translations_per_user = htonl (sm->max_translations_per_user);
71 rmp->outside_vrf_id = htonl (sm->outside_vrf_id);
72 rmp->inside_vrf_id = htonl (sm->inside_vrf_id);
73 rmp->static_mapping_only = sm->static_mapping_only;
74 rmp->static_mapping_connection_tracking =
75 sm->static_mapping_connection_tracking;
76 rmp->endpoint_dependent = sm->endpoint_dependent;
77 rmp->out2in_dpo = sm->out2in_dpo;
83 vl_api_nat_show_config_2_t_handler (vl_api_nat_show_config_2_t * mp)
85 vl_api_nat_show_config_2_reply_t *rmp;
86 snat_main_t *sm = &snat_main;
90 REPLY_MACRO2_ZERO (VL_API_NAT_SHOW_CONFIG_2_REPLY,
92 rmp->translation_buckets = htonl (sm->translation_buckets);
93 rmp->user_buckets = htonl (sm->user_buckets);
94 rmp->max_translations_per_user = htonl (sm->max_translations_per_user);
95 rmp->outside_vrf_id = htonl (sm->outside_vrf_id);
96 rmp->inside_vrf_id = htonl (sm->inside_vrf_id);
97 rmp->static_mapping_only = sm->static_mapping_only;
98 rmp->static_mapping_connection_tracking =
99 sm->static_mapping_connection_tracking;
100 rmp->endpoint_dependent = sm->endpoint_dependent;
101 rmp->out2in_dpo = sm->out2in_dpo;
102 rmp->max_translations_per_thread = clib_net_to_host_u32(sm->max_translations_per_thread);
103 rmp->max_users_per_thread = clib_net_to_host_u32(sm->max_users_per_thread);
109 vl_api_nat44_show_running_config_t_handler (vl_api_nat44_show_running_config_t
112 vl_api_nat44_show_running_config_reply_t *rmp;
113 snat_main_t *sm = &snat_main;
114 nat44_config_t *rc = &sm->rconfig;
118 REPLY_MACRO2_ZERO (VL_API_NAT44_SHOW_RUNNING_CONFIG_REPLY,
120 rmp->inside_vrf = htonl (rc->inside_vrf);
121 rmp->outside_vrf = htonl (rc->outside_vrf);
122 rmp->users = htonl (rc->users);
123 rmp->sessions = htonl (rc->sessions);
124 rmp->user_sessions = htonl (rc->user_sessions);
126 rmp->user_buckets = htonl (sm->user_buckets);
127 rmp->translation_buckets = htonl (sm->translation_buckets);
129 rmp->timeouts.udp = htonl (sm->timeouts.udp);
130 rmp->timeouts.tcp_established = htonl (sm->timeouts.tcp.established);
131 rmp->timeouts.tcp_transitory = htonl (sm->timeouts.tcp.transitory);
132 rmp->timeouts.icmp = htonl (sm->timeouts.icmp);
134 rmp->forwarding_enabled = sm->forwarding_enabled == 1;
135 // consider how to split functionality between subplugins
136 rmp->ipfix_logging_enabled = nat_ipfix_logging_enabled ();
138 if (rc->endpoint_dependent)
139 rmp->flags |= NAT44_IS_ENDPOINT_DEPENDENT;
141 rmp->flags |= NAT44_IS_ENDPOINT_INDEPENDENT;
143 if (rc->static_mapping_only)
144 rmp->flags |= NAT44_IS_STATIC_MAPPING_ONLY;
145 if (rc->connection_tracking)
146 rmp->flags |= NAT44_IS_CONNECTION_TRACKING;
148 rmp->flags |= NAT44_IS_OUT2IN_DPO;
154 vl_api_nat_set_workers_t_handler (vl_api_nat_set_workers_t * mp)
156 snat_main_t *sm = &snat_main;
157 vl_api_nat_set_workers_reply_t *rmp;
162 mask = clib_net_to_host_u64 (mp->worker_mask);
164 if (sm->num_workers < 2)
166 rv = VNET_API_ERROR_FEATURE_DISABLED;
170 bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask));
171 rv = snat_set_workers (bitmap);
172 clib_bitmap_free (bitmap);
175 REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY);
179 send_nat_worker_details (u32 worker_index, vl_api_registration_t * reg,
182 vl_api_nat_worker_details_t *rmp;
183 snat_main_t *sm = &snat_main;
184 vlib_worker_thread_t *w =
185 vlib_worker_threads + worker_index + sm->first_worker_index;
187 rmp = vl_msg_api_alloc (sizeof (*rmp));
188 clib_memset (rmp, 0, sizeof (*rmp));
189 rmp->_vl_msg_id = ntohs (VL_API_NAT_WORKER_DETAILS + sm->msg_id_base);
190 rmp->context = context;
191 rmp->worker_index = htonl (worker_index);
192 rmp->lcore_id = htonl (w->cpu_id);
193 strncpy ((char *) rmp->name, (char *) w->name, ARRAY_LEN (rmp->name) - 1);
195 vl_api_send_msg (reg, (u8 *) rmp);
199 vl_api_nat_worker_dump_t_handler (vl_api_nat_worker_dump_t * mp)
201 vl_api_registration_t *reg;
202 snat_main_t *sm = &snat_main;
205 reg = vl_api_client_index_to_registration (mp->client_index);
210 vec_foreach (worker_index, sm->workers)
211 send_nat_worker_details(*worker_index, reg, mp->context);
216 vl_api_nat44_session_cleanup_t_handler (vl_api_nat44_session_cleanup_t * mp)
218 snat_main_t *sm = &snat_main;
219 vl_api_nat44_session_cleanup_reply_t *rmp;
221 REPLY_MACRO (VL_API_NAT44_SESSION_CLEANUP_REPLY);
225 vl_api_nat44_set_session_limit_t_handler (vl_api_nat44_set_session_limit_t *
228 snat_main_t *sm = &snat_main;
229 vl_api_nat44_set_session_limit_reply_t *rmp;
232 rv = nat44_set_session_limit
233 (ntohl (mp->session_limit), ntohl (mp->vrf_id));
235 REPLY_MACRO (VL_API_NAT44_SET_SESSION_LIMIT_REPLY);
239 vl_api_nat_set_log_level_t_handler (vl_api_nat_set_log_level_t * mp)
241 snat_main_t *sm = &snat_main;
242 vl_api_nat_set_log_level_reply_t *rmp;
245 if (sm->log_level > NAT_LOG_DEBUG)
246 rv = VNET_API_ERROR_UNSUPPORTED;
248 sm->log_level = mp->log_level;
250 REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY);
254 vl_api_nat44_plugin_enable_disable_t_handler
255 (vl_api_nat44_plugin_enable_disable_t * mp)
257 snat_main_t *sm = &snat_main;
258 nat44_config_t c = { 0 };
259 vl_api_nat44_plugin_enable_disable_reply_t *rmp;
264 c.endpoint_dependent = mp->flags & NAT44_API_IS_ENDPOINT_DEPENDENT;
265 c.static_mapping_only = mp->flags & NAT44_API_IS_STATIC_MAPPING_ONLY;
266 c.connection_tracking = mp->flags & NAT44_API_IS_CONNECTION_TRACKING;
267 c.out2in_dpo = mp->flags & NAT44_API_IS_OUT2IN_DPO;
269 c.inside_vrf = ntohl (mp->inside_vrf);
270 c.outside_vrf = ntohl (mp->outside_vrf);
272 c.users = ntohl (mp->users);
274 c.sessions = ntohl (mp->sessions);
276 c.user_sessions = ntohl (mp->user_sessions);
278 rv = nat44_plugin_enable (c);
281 rv = nat44_plugin_disable ();
283 REPLY_MACRO (VL_API_NAT44_PLUGIN_ENABLE_DISABLE_REPLY);
287 vl_api_nat_ipfix_enable_disable_t_handler (vl_api_nat_ipfix_enable_disable_t *
290 snat_main_t *sm = &snat_main;
291 vl_api_nat_ipfix_enable_disable_reply_t *rmp;
294 rv = nat_ipfix_logging_enable_disable (mp->enable,
297 clib_host_to_net_u16 (mp->src_port));
299 REPLY_MACRO (VL_API_NAT_IPFIX_ENABLE_DISABLE_REPLY);
303 vl_api_nat_set_timeouts_t_handler (vl_api_nat_set_timeouts_t * mp)
305 snat_main_t *sm = &snat_main;
306 vl_api_nat_set_timeouts_reply_t *rmp;
309 sm->timeouts.udp = ntohl (mp->udp);
310 sm->timeouts.tcp.established = ntohl (mp->tcp_established);
311 sm->timeouts.tcp.transitory = ntohl (mp->tcp_transitory);
312 sm->timeouts.icmp = ntohl (mp->icmp);
314 REPLY_MACRO (VL_API_NAT_SET_TIMEOUTS_REPLY);
318 vl_api_nat_get_timeouts_t_handler (vl_api_nat_get_timeouts_t * mp)
320 snat_main_t *sm = &snat_main;
321 vl_api_nat_get_timeouts_reply_t *rmp;
325 REPLY_MACRO2 (VL_API_NAT_GET_TIMEOUTS_REPLY,
327 rmp->udp = htonl (sm->timeouts.udp);
328 rmp->tcp_established = htonl (sm->timeouts.tcp.established);
329 rmp->tcp_transitory = htonl (sm->timeouts.tcp.transitory);
330 rmp->icmp = htonl (sm->timeouts.icmp);
336 vl_api_nat_set_addr_and_port_alloc_alg_t_handler
337 (vl_api_nat_set_addr_and_port_alloc_alg_t * mp)
339 snat_main_t *sm = &snat_main;
340 vl_api_nat_set_addr_and_port_alloc_alg_reply_t *rmp;
342 u16 port_start, port_end;
344 if (sm->endpoint_dependent)
346 rv = VNET_API_ERROR_UNSUPPORTED;
352 case NAT_ADDR_AND_PORT_ALLOC_ALG_DEFAULT:
353 nat_set_alloc_addr_and_port_default ();
355 case NAT_ADDR_AND_PORT_ALLOC_ALG_MAPE:
356 nat_set_alloc_addr_and_port_mape (ntohs (mp->psid), mp->psid_offset,
359 case NAT_ADDR_AND_PORT_ALLOC_ALG_RANGE:
360 port_start = ntohs (mp->start_port);
361 port_end = ntohs (mp->end_port);
362 if (port_end <= port_start)
364 rv = VNET_API_ERROR_INVALID_VALUE;
367 nat_set_alloc_addr_and_port_range (port_start, port_end);
370 rv = VNET_API_ERROR_INVALID_VALUE;
375 REPLY_MACRO (VL_API_NAT_SET_ADDR_AND_PORT_ALLOC_ALG_REPLY);
379 vl_api_nat_get_addr_and_port_alloc_alg_t_handler
380 (vl_api_nat_get_addr_and_port_alloc_alg_t * mp)
382 snat_main_t *sm = &snat_main;
383 vl_api_nat_get_addr_and_port_alloc_alg_reply_t *rmp;
387 REPLY_MACRO2 (VL_API_NAT_GET_ADDR_AND_PORT_ALLOC_ALG_REPLY,
389 rmp->alg = sm->addr_and_port_alloc_alg;
390 rmp->psid_offset = sm->psid_offset;
391 rmp->psid_length = sm->psid_length;
392 rmp->psid = htons (sm->psid);
393 rmp->start_port = htons (sm->start_port);
394 rmp->end_port = htons (sm->end_port);
400 vl_api_nat_set_mss_clamping_t_handler (vl_api_nat_set_mss_clamping_t * mp)
402 snat_main_t *sm = &snat_main;
403 vl_api_nat_set_mss_clamping_reply_t *rmp;
407 sm->mss_clamping = ntohs (mp->mss_value);
409 sm->mss_clamping = 0;
411 REPLY_MACRO (VL_API_NAT_SET_MSS_CLAMPING_REPLY);
415 vl_api_nat_get_mss_clamping_t_handler (vl_api_nat_get_mss_clamping_t * mp)
417 snat_main_t *sm = &snat_main;
418 vl_api_nat_get_mss_clamping_reply_t *rmp;
422 REPLY_MACRO2 (VL_API_NAT_GET_MSS_CLAMPING_REPLY,
424 rmp->enable = sm->mss_clamping ? 1 : 0;
425 rmp->mss_value = htons (sm->mss_clamping);
431 vl_api_nat_ha_set_listener_t_handler (vl_api_nat_ha_set_listener_t * mp)
433 snat_main_t *sm = &snat_main;
434 vl_api_nat_ha_set_listener_reply_t *rmp;
438 memcpy (&addr, &mp->ip_address, sizeof (addr));
440 nat_ha_set_listener (&addr, clib_net_to_host_u16 (mp->port),
441 clib_net_to_host_u32 (mp->path_mtu));
443 REPLY_MACRO (VL_API_NAT_HA_SET_LISTENER_REPLY);
447 vl_api_nat_ha_get_listener_t_handler (vl_api_nat_ha_get_listener_t * mp)
449 snat_main_t *sm = &snat_main;
450 vl_api_nat_ha_get_listener_reply_t *rmp;
456 nat_ha_get_listener (&addr, &port, &path_mtu);
459 REPLY_MACRO2 (VL_API_NAT_HA_GET_LISTENER_REPLY,
461 clib_memcpy (rmp->ip_address, &addr, sizeof (ip4_address_t));
462 rmp->port = clib_host_to_net_u16 (port);
463 rmp->path_mtu = clib_host_to_net_u32 (path_mtu);
469 vl_api_nat_ha_set_failover_t_handler (vl_api_nat_ha_set_failover_t * mp)
471 snat_main_t *sm = &snat_main;
472 vl_api_nat_ha_set_failover_reply_t *rmp;
476 memcpy (&addr, &mp->ip_address, sizeof (addr));
478 nat_ha_set_failover (&addr, clib_net_to_host_u16 (mp->port),
479 clib_net_to_host_u32 (mp->session_refresh_interval));
481 REPLY_MACRO (VL_API_NAT_HA_SET_FAILOVER_REPLY);
485 vl_api_nat_ha_get_failover_t_handler (vl_api_nat_ha_get_failover_t * mp)
487 snat_main_t *sm = &snat_main;
488 vl_api_nat_ha_get_failover_reply_t *rmp;
492 u32 session_refresh_interval;
494 nat_ha_get_failover (&addr, &port, &session_refresh_interval);
497 REPLY_MACRO2 (VL_API_NAT_HA_GET_FAILOVER_REPLY,
499 clib_memcpy (rmp->ip_address, &addr, sizeof (ip4_address_t));
500 rmp->port = clib_host_to_net_u16 (port);
501 rmp->session_refresh_interval = clib_host_to_net_u32 (session_refresh_interval);
507 vl_api_nat_ha_flush_t_handler (vl_api_nat_ha_flush_t * mp)
509 snat_main_t *sm = &snat_main;
510 vl_api_nat_ha_flush_reply_t *rmp;
515 REPLY_MACRO (VL_API_NAT_HA_FLUSH_REPLY);
519 nat_ha_resync_completed_event_cb (u32 client_index, u32 pid, u32 missed_count)
521 snat_main_t *sm = &snat_main;
522 vl_api_registration_t *reg;
523 vl_api_nat_ha_resync_completed_event_t *mp;
525 reg = vl_api_client_index_to_registration (client_index);
529 mp = vl_msg_api_alloc (sizeof (*mp));
530 clib_memset (mp, 0, sizeof (*mp));
531 mp->client_index = client_index;
533 mp->missed_count = clib_host_to_net_u32 (missed_count);
535 ntohs (VL_API_NAT_HA_RESYNC_COMPLETED_EVENT + sm->msg_id_base);
537 vl_api_send_msg (reg, (u8 *) mp);
541 vl_api_nat_ha_resync_t_handler (vl_api_nat_ha_resync_t * mp)
543 snat_main_t *sm = &snat_main;
544 vl_api_nat_ha_resync_reply_t *rmp;
548 nat_ha_resync (mp->client_index, mp->pid,
549 mp->want_resync_event ? nat_ha_resync_completed_event_cb :
552 REPLY_MACRO (VL_API_NAT_HA_RESYNC_REPLY);
556 vl_api_nat44_del_user_t_handler (vl_api_nat44_del_user_t * mp)
558 snat_main_t *sm = &snat_main;
559 vl_api_nat44_del_user_reply_t *rmp;
562 memcpy (&addr.as_u8, mp->ip_address, 4);
563 rv = nat44_ei_user_del (&addr, ntohl (mp->fib_index));
564 REPLY_MACRO (VL_API_NAT44_DEL_USER_REPLY);
568 vl_api_nat44_add_del_address_range_t_handler
569 (vl_api_nat44_add_del_address_range_t * mp)
571 snat_main_t *sm = &snat_main;
572 vl_api_nat44_add_del_address_range_reply_t *rmp;
573 ip4_address_t this_addr;
574 u8 is_add, twice_nat;
575 u32 start_host_order, end_host_order;
581 if (sm->static_mapping_only)
583 rv = VNET_API_ERROR_FEATURE_DISABLED;
588 twice_nat = mp->flags & NAT_API_IS_TWICE_NAT;
590 tmp = (u32 *) mp->first_ip_address;
591 start_host_order = clib_host_to_net_u32 (tmp[0]);
592 tmp = (u32 *) mp->last_ip_address;
593 end_host_order = clib_host_to_net_u32 (tmp[0]);
595 count = (end_host_order - start_host_order) + 1;
597 vrf_id = clib_host_to_net_u32 (mp->vrf_id);
600 nat_log_info ("%U - %U, %d addresses...",
601 format_ip4_address, mp->first_ip_address,
602 format_ip4_address, mp->last_ip_address, count);
604 memcpy (&this_addr.as_u8, mp->first_ip_address, 4);
606 for (i = 0; i < count; i++)
609 rv = snat_add_address (sm, &this_addr, vrf_id, twice_nat);
611 rv = snat_del_address (sm, this_addr, 0, twice_nat);
617 nat44_add_del_address_dpo (this_addr, is_add);
619 increment_v4_address (&this_addr);
623 REPLY_MACRO (VL_API_NAT44_ADD_DEL_ADDRESS_RANGE_REPLY);
627 send_nat44_address_details (snat_address_t * a,
628 vl_api_registration_t * reg, u32 context,
631 vl_api_nat44_address_details_t *rmp;
632 snat_main_t *sm = &snat_main;
634 rmp = vl_msg_api_alloc (sizeof (*rmp));
635 clib_memset (rmp, 0, sizeof (*rmp));
636 rmp->_vl_msg_id = ntohs (VL_API_NAT44_ADDRESS_DETAILS + sm->msg_id_base);
637 clib_memcpy (rmp->ip_address, &(a->addr), 4);
638 if (a->fib_index != ~0)
640 fib_table_t *fib = fib_table_get (a->fib_index, FIB_PROTOCOL_IP4);
641 rmp->vrf_id = ntohl (fib->ft_table_id);
646 rmp->flags |= NAT_API_IS_TWICE_NAT;
647 rmp->context = context;
649 vl_api_send_msg (reg, (u8 *) rmp);
653 vl_api_nat44_address_dump_t_handler (vl_api_nat44_address_dump_t * mp)
655 vl_api_registration_t *reg;
656 snat_main_t *sm = &snat_main;
659 reg = vl_api_client_index_to_registration (mp->client_index);
664 vec_foreach (a, sm->addresses)
665 send_nat44_address_details (a, reg, mp->context, 0);
666 vec_foreach (a, sm->twice_nat_addresses)
667 send_nat44_address_details (a, reg, mp->context, 1);
672 vl_api_nat44_interface_add_del_feature_t_handler
673 (vl_api_nat44_interface_add_del_feature_t * mp)
675 snat_main_t *sm = &snat_main;
676 vl_api_nat44_interface_add_del_feature_reply_t *rmp;
677 u32 sw_if_index = ntohl (mp->sw_if_index);
681 is_del = !mp->is_add;
683 VALIDATE_SW_IF_INDEX (mp);
686 snat_interface_add_del (sw_if_index, mp->flags & NAT_API_IS_INSIDE,
689 BAD_SW_IF_INDEX_LABEL;
691 REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_FEATURE_REPLY);
695 send_nat44_interface_details (snat_interface_t * i,
696 vl_api_registration_t * reg, u32 context)
698 vl_api_nat44_interface_details_t *rmp;
699 snat_main_t *sm = &snat_main;
701 rmp = vl_msg_api_alloc (sizeof (*rmp));
702 clib_memset (rmp, 0, sizeof (*rmp));
703 rmp->_vl_msg_id = ntohs (VL_API_NAT44_INTERFACE_DETAILS + sm->msg_id_base);
704 rmp->sw_if_index = ntohl (i->sw_if_index);
706 if (nat_interface_is_inside (i))
707 rmp->flags |= NAT_API_IS_INSIDE;
708 if (nat_interface_is_outside (i))
709 rmp->flags |= NAT_API_IS_OUTSIDE;
711 rmp->context = context;
713 vl_api_send_msg (reg, (u8 *) rmp);
717 vl_api_nat44_interface_dump_t_handler (vl_api_nat44_interface_dump_t * mp)
719 vl_api_registration_t *reg;
720 snat_main_t *sm = &snat_main;
723 reg = vl_api_client_index_to_registration (mp->client_index);
728 pool_foreach (i, sm->interfaces,
730 send_nat44_interface_details(i, reg, mp->context);
736 vl_api_nat44_interface_add_del_output_feature_t_handler
737 (vl_api_nat44_interface_add_del_output_feature_t * mp)
739 snat_main_t *sm = &snat_main;
740 vl_api_nat44_interface_add_del_output_feature_reply_t *rmp;
741 u32 sw_if_index = ntohl (mp->sw_if_index);
744 VALIDATE_SW_IF_INDEX (mp);
746 rv = snat_interface_add_del_output_feature (sw_if_index,
747 mp->flags & NAT_API_IS_INSIDE,
750 BAD_SW_IF_INDEX_LABEL;
751 REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_OUTPUT_FEATURE_REPLY);
755 send_nat44_interface_output_feature_details (snat_interface_t * i,
756 vl_api_registration_t * reg,
759 vl_api_nat44_interface_output_feature_details_t *rmp;
760 snat_main_t *sm = &snat_main;
762 rmp = vl_msg_api_alloc (sizeof (*rmp));
763 clib_memset (rmp, 0, sizeof (*rmp));
765 ntohs (VL_API_NAT44_INTERFACE_OUTPUT_FEATURE_DETAILS + sm->msg_id_base);
766 rmp->sw_if_index = ntohl (i->sw_if_index);
767 rmp->context = context;
769 if (nat_interface_is_inside (i))
770 rmp->flags |= NAT_API_IS_INSIDE;
772 vl_api_send_msg (reg, (u8 *) rmp);
776 vl_api_nat44_interface_output_feature_dump_t_handler
777 (vl_api_nat44_interface_output_feature_dump_t * mp)
779 vl_api_registration_t *reg;
780 snat_main_t *sm = &snat_main;
783 reg = vl_api_client_index_to_registration (mp->client_index);
788 pool_foreach (i, sm->output_feature_interfaces,
790 send_nat44_interface_output_feature_details(i, reg, mp->context);
796 vl_api_nat44_add_del_static_mapping_t_handler
797 (vl_api_nat44_add_del_static_mapping_t * mp)
799 snat_main_t *sm = &snat_main;
800 vl_api_nat44_add_del_static_mapping_reply_t *rmp;
801 ip4_address_t local_addr, external_addr, pool_addr = { 0 };
802 u16 local_port = 0, external_port = 0;
803 u32 vrf_id, external_sw_if_index;
804 twice_nat_type_t twice_nat = TWICE_NAT_DISABLED;
806 nat_protocol_t proto;
809 memcpy (&local_addr.as_u8, mp->local_ip_address, 4);
810 memcpy (&external_addr.as_u8, mp->external_ip_address, 4);
812 if (!(mp->flags & NAT_API_IS_ADDR_ONLY))
814 local_port = mp->local_port;
815 external_port = mp->external_port;
818 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
819 external_sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
820 proto = ip_proto_to_nat_proto (mp->protocol);
822 if (mp->flags & NAT_API_IS_TWICE_NAT)
823 twice_nat = TWICE_NAT;
824 else if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
825 twice_nat = TWICE_NAT_SELF;
826 mp->tag[sizeof (mp->tag) - 1] = 0;
827 tag = format (0, "%s", mp->tag);
828 vec_terminate_c_string (tag);
830 rv = snat_add_static_mapping (local_addr, external_addr, local_port,
831 external_port, vrf_id,
832 mp->flags & NAT_API_IS_ADDR_ONLY,
833 external_sw_if_index, proto,
834 mp->is_add, twice_nat,
835 mp->flags & NAT_API_IS_OUT2IN_ONLY, tag, 0,
839 REPLY_MACRO (VL_API_NAT44_ADD_DEL_STATIC_MAPPING_REPLY);
843 vl_api_nat44_add_del_static_mapping_v2_t_handler
844 (vl_api_nat44_add_del_static_mapping_v2_t * mp)
846 snat_main_t *sm = &snat_main;
847 vl_api_nat44_add_del_static_mapping_v2_reply_t *rmp;
848 ip4_address_t local_addr, external_addr, pool_addr;
849 u16 local_port = 0, external_port = 0;
850 u32 vrf_id, external_sw_if_index;
851 twice_nat_type_t twice_nat = TWICE_NAT_DISABLED;
853 nat_protocol_t proto;
856 memcpy (&pool_addr.as_u8, mp->pool_ip_address, 4);
857 memcpy (&local_addr.as_u8, mp->local_ip_address, 4);
858 memcpy (&external_addr.as_u8, mp->external_ip_address, 4);
860 if (!(mp->flags & NAT_API_IS_ADDR_ONLY))
862 local_port = mp->local_port;
863 external_port = mp->external_port;
866 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
867 external_sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
868 proto = ip_proto_to_nat_proto (mp->protocol);
870 if (mp->flags & NAT_API_IS_TWICE_NAT)
871 twice_nat = TWICE_NAT;
872 else if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
873 twice_nat = TWICE_NAT_SELF;
874 mp->tag[sizeof (mp->tag) - 1] = 0;
875 tag = format (0, "%s", mp->tag);
876 vec_terminate_c_string (tag);
878 rv = snat_add_static_mapping (local_addr, external_addr, local_port,
879 external_port, vrf_id,
880 mp->flags & NAT_API_IS_ADDR_ONLY,
881 external_sw_if_index, proto,
882 mp->is_add, twice_nat,
883 mp->flags & NAT_API_IS_OUT2IN_ONLY, tag, 0,
884 pool_addr, mp->match_pool);
887 REPLY_MACRO (VL_API_NAT44_ADD_DEL_STATIC_MAPPING_V2_REPLY);
891 send_nat44_static_mapping_details (snat_static_mapping_t * m,
892 vl_api_registration_t * reg, u32 context)
894 vl_api_nat44_static_mapping_details_t *rmp;
895 snat_main_t *sm = &snat_main;
896 u32 len = sizeof (*rmp);
898 rmp = vl_msg_api_alloc (len);
899 clib_memset (rmp, 0, len);
901 ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
903 clib_memcpy (rmp->local_ip_address, &(m->local_addr), 4);
904 clib_memcpy (rmp->external_ip_address, &(m->external_addr), 4);
905 rmp->external_sw_if_index = ~0;
906 rmp->vrf_id = htonl (m->vrf_id);
907 rmp->context = context;
909 if (m->twice_nat == TWICE_NAT)
910 rmp->flags |= NAT_API_IS_TWICE_NAT;
911 else if (m->twice_nat == TWICE_NAT_SELF)
912 rmp->flags |= NAT_API_IS_SELF_TWICE_NAT;
914 if (is_out2in_only_static_mapping (m))
915 rmp->flags |= NAT_API_IS_OUT2IN_ONLY;
917 if (is_addr_only_static_mapping (m))
919 rmp->flags |= NAT_API_IS_ADDR_ONLY;
923 rmp->protocol = nat_proto_to_ip_proto (m->proto);
924 rmp->external_port = m->external_port;
925 rmp->local_port = m->local_port;
929 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
931 vl_api_send_msg (reg, (u8 *) rmp);
935 send_nat44_static_map_resolve_details (snat_static_map_resolve_t * m,
936 vl_api_registration_t * reg,
939 vl_api_nat44_static_mapping_details_t *rmp;
940 snat_main_t *sm = &snat_main;
942 rmp = vl_msg_api_alloc (sizeof (*rmp));
943 clib_memset (rmp, 0, sizeof (*rmp));
945 ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
946 clib_memcpy (rmp->local_ip_address, &(m->l_addr), 4);
947 rmp->external_sw_if_index = htonl (m->sw_if_index);
948 rmp->vrf_id = htonl (m->vrf_id);
949 rmp->context = context;
952 rmp->flags |= NAT_API_IS_TWICE_NAT;
956 rmp->flags |= NAT_API_IS_ADDR_ONLY;
960 rmp->protocol = nat_proto_to_ip_proto (m->proto);
961 rmp->external_port = m->e_port;
962 rmp->local_port = m->l_port;
965 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
967 vl_api_send_msg (reg, (u8 *) rmp);
971 vl_api_nat44_static_mapping_dump_t_handler (vl_api_nat44_static_mapping_dump_t
974 vl_api_registration_t *reg;
975 snat_main_t *sm = &snat_main;
976 snat_static_mapping_t *m;
977 snat_static_map_resolve_t *rp;
980 reg = vl_api_client_index_to_registration (mp->client_index);
985 pool_foreach (m, sm->static_mappings,
987 if (!is_identity_static_mapping(m) && !is_lb_static_mapping (m))
988 send_nat44_static_mapping_details (m, reg, mp->context);
992 for (j = 0; j < vec_len (sm->to_resolve); j++)
994 rp = sm->to_resolve + j;
995 if (!rp->identity_nat)
996 send_nat44_static_map_resolve_details (rp, reg, mp->context);
1001 vl_api_nat44_add_del_identity_mapping_t_handler
1002 (vl_api_nat44_add_del_identity_mapping_t * mp)
1004 snat_main_t *sm = &snat_main;
1005 vl_api_nat44_add_del_identity_mapping_reply_t *rmp;
1006 ip4_address_t addr, pool_addr = { 0 };
1008 u32 vrf_id, sw_if_index;
1010 nat_protocol_t proto = NAT_PROTOCOL_OTHER;
1013 if (!(mp->flags & NAT_API_IS_ADDR_ONLY))
1016 proto = ip_proto_to_nat_proto (mp->protocol);
1018 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
1019 sw_if_index = clib_net_to_host_u32 (mp->sw_if_index);
1020 if (sw_if_index != ~0)
1023 memcpy (&addr.as_u8, mp->ip_address, 4);
1024 mp->tag[sizeof (mp->tag) - 1] = 0;
1025 tag = format (0, "%s", mp->tag);
1026 vec_terminate_c_string (tag);
1029 snat_add_static_mapping (addr, addr, port, port, vrf_id,
1030 mp->flags & NAT_API_IS_ADDR_ONLY, sw_if_index,
1031 proto, mp->is_add, 0, 0, tag, 1, pool_addr, 0);
1034 REPLY_MACRO (VL_API_NAT44_ADD_DEL_IDENTITY_MAPPING_REPLY);
1038 send_nat44_identity_mapping_details (snat_static_mapping_t * m, int index,
1039 vl_api_registration_t * reg, u32 context)
1041 vl_api_nat44_identity_mapping_details_t *rmp;
1042 snat_main_t *sm = &snat_main;
1043 nat44_lb_addr_port_t *local = pool_elt_at_index (m->locals, index);
1045 rmp = vl_msg_api_alloc (sizeof (*rmp));
1046 clib_memset (rmp, 0, sizeof (*rmp));
1048 ntohs (VL_API_NAT44_IDENTITY_MAPPING_DETAILS + sm->msg_id_base);
1050 if (is_addr_only_static_mapping (m))
1051 rmp->flags |= NAT_API_IS_ADDR_ONLY;
1053 clib_memcpy (rmp->ip_address, &(m->local_addr), 4);
1054 rmp->port = m->local_port;
1055 rmp->sw_if_index = ~0;
1056 rmp->vrf_id = htonl (local->vrf_id);
1057 rmp->protocol = nat_proto_to_ip_proto (m->proto);
1058 rmp->context = context;
1060 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
1062 vl_api_send_msg (reg, (u8 *) rmp);
1066 send_nat44_identity_map_resolve_details (snat_static_map_resolve_t * m,
1067 vl_api_registration_t * reg,
1070 vl_api_nat44_identity_mapping_details_t *rmp;
1071 snat_main_t *sm = &snat_main;
1073 rmp = vl_msg_api_alloc (sizeof (*rmp));
1074 clib_memset (rmp, 0, sizeof (*rmp));
1076 ntohs (VL_API_NAT44_IDENTITY_MAPPING_DETAILS + sm->msg_id_base);
1079 rmp->flags = (vl_api_nat_config_flags_t) NAT_API_IS_ADDR_ONLY;
1081 rmp->port = m->l_port;
1082 rmp->sw_if_index = htonl (m->sw_if_index);
1083 rmp->vrf_id = htonl (m->vrf_id);
1084 rmp->protocol = nat_proto_to_ip_proto (m->proto);
1085 rmp->context = context;
1087 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
1089 vl_api_send_msg (reg, (u8 *) rmp);
1093 vl_api_nat44_identity_mapping_dump_t_handler
1094 (vl_api_nat44_identity_mapping_dump_t * mp)
1096 vl_api_registration_t *reg;
1097 snat_main_t *sm = &snat_main;
1098 snat_static_mapping_t *m;
1099 snat_static_map_resolve_t *rp;
1102 reg = vl_api_client_index_to_registration (mp->client_index);
1107 pool_foreach (m, sm->static_mappings,
1109 if (is_identity_static_mapping(m) && !is_lb_static_mapping (m))
1111 pool_foreach_index (j, m->locals,
1113 send_nat44_identity_mapping_details (m, j, reg, mp->context);
1119 for (j = 0; j < vec_len (sm->to_resolve); j++)
1121 rp = sm->to_resolve + j;
1122 if (rp->identity_nat)
1123 send_nat44_identity_map_resolve_details (rp, reg, mp->context);
1128 vl_api_nat44_add_del_interface_addr_t_handler
1129 (vl_api_nat44_add_del_interface_addr_t * mp)
1131 snat_main_t *sm = &snat_main;
1132 vl_api_nat44_add_del_interface_addr_reply_t *rmp;
1133 u32 sw_if_index = ntohl (mp->sw_if_index);
1137 is_del = !mp->is_add;
1139 VALIDATE_SW_IF_INDEX (mp);
1141 rv = snat_add_interface_address (sm, sw_if_index, is_del,
1142 mp->flags & NAT_API_IS_TWICE_NAT);
1144 BAD_SW_IF_INDEX_LABEL;
1145 REPLY_MACRO (VL_API_NAT44_ADD_DEL_INTERFACE_ADDR_REPLY);
1149 send_nat44_interface_addr_details (u32 sw_if_index,
1150 vl_api_registration_t * reg, u32 context,
1153 vl_api_nat44_interface_addr_details_t *rmp;
1154 snat_main_t *sm = &snat_main;
1156 rmp = vl_msg_api_alloc (sizeof (*rmp));
1157 clib_memset (rmp, 0, sizeof (*rmp));
1159 ntohs (VL_API_NAT44_INTERFACE_ADDR_DETAILS + sm->msg_id_base);
1160 rmp->sw_if_index = ntohl (sw_if_index);
1163 rmp->flags = (vl_api_nat_config_flags_t) NAT_API_IS_TWICE_NAT;
1164 rmp->context = context;
1166 vl_api_send_msg (reg, (u8 *) rmp);
1170 vl_api_nat44_interface_addr_dump_t_handler (vl_api_nat44_interface_addr_dump_t
1173 vl_api_registration_t *reg;
1174 snat_main_t *sm = &snat_main;
1177 reg = vl_api_client_index_to_registration (mp->client_index);
1182 vec_foreach (i, sm->auto_add_sw_if_indices)
1183 send_nat44_interface_addr_details(*i, reg, mp->context, 0);
1184 vec_foreach (i, sm->auto_add_sw_if_indices_twice_nat)
1185 send_nat44_interface_addr_details(*i, reg, mp->context, 1);
1190 send_nat44_user_details (snat_user_t * u, vl_api_registration_t * reg,
1193 vl_api_nat44_user_details_t *rmp;
1194 snat_main_t *sm = &snat_main;
1195 ip4_main_t *im = &ip4_main;
1197 rmp = vl_msg_api_alloc (sizeof (*rmp));
1198 clib_memset (rmp, 0, sizeof (*rmp));
1199 rmp->_vl_msg_id = ntohs (VL_API_NAT44_USER_DETAILS + sm->msg_id_base);
1201 if (!pool_is_free_index (im->fibs, u->fib_index))
1203 fib_table_t *fib = fib_table_get (u->fib_index, FIB_PROTOCOL_IP4);
1204 rmp->vrf_id = ntohl (fib->ft_table_id);
1207 clib_memcpy (rmp->ip_address, &(u->addr), 4);
1208 rmp->nsessions = ntohl (u->nsessions);
1209 rmp->nstaticsessions = ntohl (u->nstaticsessions);
1210 rmp->context = context;
1212 vl_api_send_msg (reg, (u8 *) rmp);
1216 nat_ed_user_create_helper (snat_main_per_thread_data_t * tsm,
1220 k.addr = s->in2out.addr;
1221 k.fib_index = s->in2out.fib_index;
1222 clib_bihash_kv_8_8_t key, value;
1225 if (clib_bihash_search_8_8 (&tsm->user_hash, &key, &value))
1227 pool_get (tsm->users, u);
1229 u->fib_index = k.fib_index;
1231 u->nstaticsessions = 0;
1232 key.value = u - tsm->users;
1233 clib_bihash_add_del_8_8 (&tsm->user_hash, &key, 1);
1237 u = pool_elt_at_index (tsm->users, value.value);
1239 if (snat_is_session_static (s))
1241 ++u->nstaticsessions;
1250 nat_ed_users_create (snat_main_per_thread_data_t * tsm)
1254 pool_foreach (s, tsm->sessions, { nat_ed_user_create_helper (tsm, s); });
1259 nat_ed_users_destroy (snat_main_per_thread_data_t * tsm)
1263 pool_flush (u, tsm->users, { });
1265 clib_bihash_free_8_8 (&tsm->user_hash);
1266 clib_bihash_init_8_8 (&tsm->user_hash, "users", snat_main.user_buckets, 0);
1267 clib_bihash_set_kvp_format_fn_8_8 (&tsm->user_hash, format_user_kvp);
1271 vl_api_nat44_user_dump_t_handler (vl_api_nat44_user_dump_t * mp)
1273 vl_api_registration_t *reg;
1274 snat_main_t *sm = &snat_main;
1275 snat_main_per_thread_data_t *tsm;
1278 reg = vl_api_client_index_to_registration (mp->client_index);
1283 vec_foreach (tsm, sm->per_thread_data)
1285 if (sm->endpoint_dependent)
1287 nat_ed_users_create (tsm);
1289 pool_foreach (u, tsm->users,
1291 send_nat44_user_details (u, reg, mp->context);
1293 if (sm->endpoint_dependent)
1295 nat_ed_users_destroy (tsm);
1302 send_nat44_user_session_details (snat_session_t * s,
1303 vl_api_registration_t * reg, u32 context)
1305 vl_api_nat44_user_session_details_t *rmp;
1306 snat_main_t *sm = &snat_main;
1308 rmp = vl_msg_api_alloc (sizeof (*rmp));
1309 clib_memset (rmp, 0, sizeof (*rmp));
1311 ntohs (VL_API_NAT44_USER_SESSION_DETAILS + sm->msg_id_base);
1312 clib_memcpy (rmp->outside_ip_address, (&s->out2in.addr), 4);
1313 clib_memcpy (rmp->inside_ip_address, (&s->in2out.addr), 4);
1315 if (snat_is_session_static (s))
1316 rmp->flags |= NAT_API_IS_STATIC;
1318 if (is_twice_nat_session (s))
1319 rmp->flags |= NAT_API_IS_TWICE_NAT;
1321 if (is_ed_session (s) || is_fwd_bypass_session (s))
1322 rmp->flags |= NAT_API_IS_EXT_HOST_VALID;
1324 rmp->last_heard = clib_host_to_net_u64 ((u64) s->last_heard);
1325 rmp->total_bytes = clib_host_to_net_u64 (s->total_bytes);
1326 rmp->total_pkts = ntohl (s->total_pkts);
1327 rmp->context = context;
1328 if (snat_is_unk_proto_session (s))
1330 rmp->outside_port = 0;
1331 rmp->inside_port = 0;
1332 rmp->protocol = ntohs (s->in2out.port);
1336 rmp->outside_port = s->out2in.port;
1337 rmp->inside_port = s->in2out.port;
1338 rmp->protocol = ntohs (nat_proto_to_ip_proto (s->nat_proto));
1340 if (is_ed_session (s) || is_fwd_bypass_session (s))
1342 clib_memcpy (rmp->ext_host_address, &s->ext_host_addr, 4);
1343 rmp->ext_host_port = s->ext_host_port;
1344 if (is_twice_nat_session (s))
1346 clib_memcpy (rmp->ext_host_nat_address, &s->ext_host_nat_addr, 4);
1347 rmp->ext_host_nat_port = s->ext_host_nat_port;
1351 vl_api_send_msg (reg, (u8 *) rmp);
1355 vl_api_nat44_user_session_dump_t_handler (vl_api_nat44_user_session_dump_t *
1358 vl_api_registration_t *reg;
1359 snat_main_t *sm = &snat_main;
1360 snat_main_per_thread_data_t *tsm;
1362 clib_bihash_kv_8_8_t key, value;
1363 snat_user_key_t ukey;
1365 u32 session_index, head_index, elt_index;
1366 dlist_elt_t *head, *elt;
1369 reg = vl_api_client_index_to_registration (mp->client_index);
1373 clib_memcpy (&ukey.addr, mp->ip_address, 4);
1374 ip.src_address.as_u32 = ukey.addr.as_u32;
1375 ukey.fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->vrf_id));
1376 key.key = ukey.as_u64;
1377 if (sm->num_workers > 1)
1379 vec_elt_at_index (sm->per_thread_data,
1380 sm->worker_in2out_cb (&ip, ukey.fib_index, 0));
1382 tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
1383 if (!sm->endpoint_dependent)
1385 if (clib_bihash_search_8_8 (&tsm->user_hash, &key, &value))
1387 u = pool_elt_at_index (tsm->users, value.value);
1388 if (!u->nsessions && !u->nstaticsessions)
1391 head_index = u->sessions_per_user_list_head_index;
1392 head = pool_elt_at_index (tsm->list_pool, head_index);
1393 elt_index = head->next;
1394 elt = pool_elt_at_index (tsm->list_pool, elt_index);
1395 session_index = elt->value;
1396 while (session_index != ~0)
1398 s = pool_elt_at_index (tsm->sessions, session_index);
1400 send_nat44_user_session_details (s, reg, mp->context);
1402 elt_index = elt->next;
1403 elt = pool_elt_at_index (tsm->list_pool, elt_index);
1404 session_index = elt->value;
1410 pool_foreach (s, tsm->sessions, {
1411 if (s->in2out.addr.as_u32 == ukey.addr.as_u32)
1413 send_nat44_user_session_details (s, reg, mp->context);
1420 static nat44_lb_addr_port_t *
1421 unformat_nat44_lb_addr_port (vl_api_nat44_lb_addr_port_t * addr_port_pairs,
1422 u32 addr_port_pair_num)
1425 nat44_lb_addr_port_t *lb_addr_port_pairs = 0, lb_addr_port;
1426 vl_api_nat44_lb_addr_port_t *ap;
1428 for (i = 0; i < addr_port_pair_num; i++)
1430 ap = &addr_port_pairs[i];
1431 clib_memset (&lb_addr_port, 0, sizeof (lb_addr_port));
1432 clib_memcpy (&lb_addr_port.addr, ap->addr, 4);
1433 lb_addr_port.port = ap->port;
1434 lb_addr_port.probability = ap->probability;
1435 lb_addr_port.vrf_id = clib_net_to_host_u32 (ap->vrf_id);
1436 vec_add1 (lb_addr_port_pairs, lb_addr_port);
1439 return lb_addr_port_pairs;
1443 vl_api_nat44_add_del_lb_static_mapping_t_handler
1444 (vl_api_nat44_add_del_lb_static_mapping_t * mp)
1446 snat_main_t *sm = &snat_main;
1447 vl_api_nat44_add_del_lb_static_mapping_reply_t *rmp;
1448 twice_nat_type_t twice_nat = TWICE_NAT_DISABLED;
1450 nat44_lb_addr_port_t *locals = 0;
1451 ip4_address_t e_addr;
1452 nat_protocol_t proto;
1455 if (!sm->endpoint_dependent)
1457 rv = VNET_API_ERROR_UNSUPPORTED;
1462 unformat_nat44_lb_addr_port (mp->locals,
1463 clib_net_to_host_u32 (mp->local_num));
1464 clib_memcpy (&e_addr, mp->external_addr, 4);
1465 proto = ip_proto_to_nat_proto (mp->protocol);
1467 if (mp->flags & NAT_API_IS_TWICE_NAT)
1468 twice_nat = TWICE_NAT;
1469 else if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
1470 twice_nat = TWICE_NAT_SELF;
1471 mp->tag[sizeof (mp->tag) - 1] = 0;
1472 tag = format (0, "%s", mp->tag);
1473 vec_terminate_c_string (tag);
1476 nat44_add_del_lb_static_mapping (e_addr,
1478 proto, locals, mp->is_add,
1480 mp->flags & NAT_API_IS_OUT2IN_ONLY, tag,
1481 clib_net_to_host_u32 (mp->affinity));
1487 REPLY_MACRO (VL_API_NAT44_ADD_DEL_LB_STATIC_MAPPING_REPLY);
1491 vl_api_nat44_lb_static_mapping_add_del_local_t_handler
1492 (vl_api_nat44_lb_static_mapping_add_del_local_t * mp)
1494 snat_main_t *sm = &snat_main;
1495 vl_api_nat44_lb_static_mapping_add_del_local_reply_t *rmp;
1497 ip4_address_t e_addr, l_addr;
1498 nat_protocol_t proto;
1500 if (!sm->endpoint_dependent)
1502 rv = VNET_API_ERROR_UNSUPPORTED;
1506 clib_memcpy (&e_addr, mp->external_addr, 4);
1507 clib_memcpy (&l_addr, mp->local.addr, 4);
1508 proto = ip_proto_to_nat_proto (mp->protocol);
1511 nat44_lb_static_mapping_add_del_local (e_addr,
1512 clib_net_to_host_u16
1513 (mp->external_port), l_addr,
1514 clib_net_to_host_u16 (mp->
1517 clib_net_to_host_u32 (mp->
1519 mp->local.probability, mp->is_add);
1522 REPLY_MACRO (VL_API_NAT44_LB_STATIC_MAPPING_ADD_DEL_LOCAL_REPLY);
1526 send_nat44_lb_static_mapping_details (snat_static_mapping_t * m,
1527 vl_api_registration_t * reg,
1530 vl_api_nat44_lb_static_mapping_details_t *rmp;
1531 snat_main_t *sm = &snat_main;
1532 nat44_lb_addr_port_t *ap;
1533 vl_api_nat44_lb_addr_port_t *locals;
1537 vl_msg_api_alloc (sizeof (*rmp) +
1538 (pool_elts (m->locals) *
1539 sizeof (nat44_lb_addr_port_t)));
1540 clib_memset (rmp, 0, sizeof (*rmp));
1542 ntohs (VL_API_NAT44_LB_STATIC_MAPPING_DETAILS + sm->msg_id_base);
1544 clib_memcpy (rmp->external_addr, &(m->external_addr), 4);
1545 rmp->external_port = m->external_port;
1546 rmp->protocol = nat_proto_to_ip_proto (m->proto);
1547 rmp->context = context;
1549 if (m->twice_nat == TWICE_NAT)
1550 rmp->flags |= NAT_API_IS_TWICE_NAT;
1551 else if (m->twice_nat == TWICE_NAT_SELF)
1552 rmp->flags |= NAT_API_IS_SELF_TWICE_NAT;
1553 if (is_out2in_only_static_mapping (m))
1554 rmp->flags |= NAT_API_IS_OUT2IN_ONLY;
1556 strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
1558 locals = (vl_api_nat44_lb_addr_port_t *) rmp->locals;
1560 pool_foreach (ap, m->locals,
1562 clib_memcpy (locals->addr, &(ap->addr), 4);
1563 locals->port = ap->port;
1564 locals->probability = ap->probability;
1565 locals->vrf_id = ntohl (ap->vrf_id);
1570 rmp->local_num = ntohl (local_num);
1572 vl_api_send_msg (reg, (u8 *) rmp);
1576 vl_api_nat44_lb_static_mapping_dump_t_handler
1577 (vl_api_nat44_lb_static_mapping_dump_t * mp)
1579 vl_api_registration_t *reg;
1580 snat_main_t *sm = &snat_main;
1581 snat_static_mapping_t *m;
1583 if (!sm->endpoint_dependent)
1586 reg = vl_api_client_index_to_registration (mp->client_index);
1591 pool_foreach (m, sm->static_mappings,
1593 if (is_lb_static_mapping(m))
1594 send_nat44_lb_static_mapping_details (m, reg, mp->context);
1600 vl_api_nat44_del_session_t_handler (vl_api_nat44_del_session_t * mp)
1602 snat_main_t *sm = &snat_main;
1603 vl_api_nat44_del_session_reply_t *rmp;
1604 ip4_address_t addr, eh_addr;
1609 nat_protocol_t proto;
1611 memcpy (&addr.as_u8, mp->address, 4);
1613 vrf_id = clib_net_to_host_u32 (mp->vrf_id);
1614 proto = ip_proto_to_nat_proto (mp->protocol);
1615 memcpy (&eh_addr.as_u8, mp->ext_host_address, 4);
1616 eh_port = mp->ext_host_port;
1618 is_in = mp->flags & NAT_API_IS_INSIDE;
1620 if (mp->flags & NAT_API_IS_EXT_HOST_VALID)
1622 nat44_del_ed_session (sm, &addr, port, &eh_addr, eh_port, mp->protocol,
1625 rv = nat44_del_session (sm, &addr, port, proto, vrf_id, is_in);
1627 REPLY_MACRO (VL_API_NAT44_DEL_SESSION_REPLY);
1631 vl_api_nat44_forwarding_enable_disable_t_handler
1632 (vl_api_nat44_forwarding_enable_disable_t * mp)
1634 snat_main_t *sm = &snat_main;
1635 vl_api_nat44_forwarding_enable_disable_reply_t *rmp;
1637 u32 *ses_to_be_removed = 0, *ses_index;
1638 snat_main_per_thread_data_t *tsm;
1641 sm->forwarding_enabled = mp->enable != 0;
1643 if (mp->enable == 0)
1646 vec_foreach (tsm, sm->per_thread_data)
1648 pool_foreach (s, tsm->sessions,
1650 if (is_fwd_bypass_session(s))
1652 vec_add1 (ses_to_be_removed, s - tsm->sessions);
1655 if(sm->endpoint_dependent){
1656 vec_foreach (ses_index, ses_to_be_removed)
1658 s = pool_elt_at_index(tsm->sessions, ses_index[0]);
1659 nat_free_session_data (sm, s, tsm - sm->per_thread_data, 0);
1660 nat_ed_session_delete (sm, s, tsm - sm->per_thread_data, 1);
1663 vec_foreach (ses_index, ses_to_be_removed)
1665 s = pool_elt_at_index(tsm->sessions, ses_index[0]);
1666 nat_free_session_data (sm, s, tsm - sm->per_thread_data, 0);
1667 nat44_delete_session (sm, s, tsm - sm->per_thread_data);
1670 vec_free (ses_to_be_removed);
1675 REPLY_MACRO (VL_API_NAT44_FORWARDING_ENABLE_DISABLE_REPLY);
1679 vl_api_nat44_forwarding_is_enabled_t_handler
1680 (vl_api_nat44_forwarding_is_enabled_t * mp)
1682 vl_api_registration_t *reg;
1683 snat_main_t *sm = &snat_main;
1684 vl_api_nat44_forwarding_is_enabled_reply_t *rmp;
1686 reg = vl_api_client_index_to_registration (mp->client_index);
1690 rmp = vl_msg_api_alloc (sizeof (*rmp));
1691 clib_memset (rmp, 0, sizeof (*rmp));
1693 ntohs (VL_API_NAT44_FORWARDING_IS_ENABLED_REPLY + sm->msg_id_base);
1694 rmp->context = mp->context;
1696 rmp->enabled = sm->forwarding_enabled;
1698 vl_api_send_msg (reg, (u8 *) rmp);
1701 /* API definitions */
1702 #include <vnet/format_fns.h>
1703 #include <nat/nat44.api.c>
1705 /* Set up the API message handling tables */
1707 nat44_api_hookup (vlib_main_t * vm)
1709 snat_main_t *sm = &snat_main;
1710 sm->msg_id_base = setup_message_id_table ();
1715 * fd.io coding-style-patch-verification: ON
1718 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob