2 * nat_ipfix_logging.c - NAT Events IPFIX logging
4 * Copyright (c) 2016 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <vnet/ipfix-export/flow_report.h>
19 #include <vlibmemory/api.h>
20 #include <nat/nat_inlines.h>
21 #include <nat/nat_ipfix_logging.h>
23 snat_ipfix_logging_main_t snat_ipfix_logging_main;
25 #define NAT44_SESSION_CREATE_LEN 26
26 #define NAT_ADDRESSES_EXHAUTED_LEN 13
27 #define MAX_ENTRIES_PER_USER_LEN 21
28 #define MAX_SESSIONS_LEN 17
29 #define MAX_BIBS_LEN 17
30 #define MAX_FRAGMENTS_IP4_LEN 21
31 #define MAX_FRAGMENTS_IP6_LEN 33
32 #define NAT64_BIB_LEN 38
33 #define NAT64_SES_LEN 62
35 #define NAT44_SESSION_CREATE_FIELD_COUNT 8
36 #define NAT_ADDRESSES_EXHAUTED_FIELD_COUNT 3
37 #define MAX_ENTRIES_PER_USER_FIELD_COUNT 5
38 #define MAX_SESSIONS_FIELD_COUNT 4
39 #define MAX_BIBS_FIELD_COUNT 4
40 #define MAX_FRAGMENTS_FIELD_COUNT 5
41 #define NAT64_BIB_FIELD_COUNT 8
42 #define NAT64_SES_FIELD_COUNT 12
49 snat_protocol_t snat_proto;
53 } snat_ipfix_logging_nat44_ses_args_t;
58 } snat_ipfix_logging_addr_exhausted_args_t;
64 } snat_ipfix_logging_max_entries_per_user_args_t;
69 } nat_ipfix_logging_max_sessions_args_t;
74 } nat_ipfix_logging_max_bibs_args_t;
80 } nat_ipfix_logging_max_frags_ip4_args_t;
86 } nat_ipfix_logging_max_frags_ip6_args_t;
101 } nat_ipfix_logging_nat64_ses_args_t;
112 } nat_ipfix_logging_nat64_bib_args_t;
114 #define skip_if_disabled() \
116 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; \
117 if (PREDICT_TRUE (!silm->enabled)) \
122 * @brief Create an IPFIX template packet rewrite string
124 * @param frm flow report main
125 * @param fr flow report
126 * @param collector_address collector address
127 * @param src_address source address
128 * @param collector_port collector
129 * @param event NAT event ID
130 * @param quota_event NAT quota exceeded event ID
132 * @returns template packet
135 snat_template_rewrite (flow_report_main_t * frm,
137 ip4_address_t * collector_address,
138 ip4_address_t * src_address,
140 nat_event_t event, quota_exceed_event_t quota_event)
142 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
145 ipfix_message_header_t *h;
146 ipfix_set_header_t *s;
147 ipfix_template_header_t *t;
148 ipfix_field_specifier_t *f;
149 ipfix_field_specifier_t *first_field;
151 ip4_ipfix_template_packet_t *tp;
153 flow_report_stream_t *stream;
155 stream = &frm->streams[fr->stream_index];
156 silm->stream_index = fr->stream_index;
158 if (event == NAT_ADDRESSES_EXHAUTED)
160 field_count = NAT_ADDRESSES_EXHAUTED_FIELD_COUNT;
161 silm->addr_exhausted_template_id = fr->template_id;
163 else if (event == NAT44_SESSION_CREATE)
165 field_count = NAT44_SESSION_CREATE_FIELD_COUNT;
166 silm->nat44_session_template_id = fr->template_id;
168 else if (event == NAT64_BIB_CREATE)
170 field_count = NAT64_BIB_FIELD_COUNT;
171 silm->nat64_bib_template_id = fr->template_id;
173 else if (event == NAT64_SESSION_CREATE)
175 field_count = NAT64_SES_FIELD_COUNT;
176 silm->nat64_ses_template_id = fr->template_id;
178 else if (event == QUOTA_EXCEEDED)
180 if (quota_event == MAX_ENTRIES_PER_USER)
182 field_count = MAX_ENTRIES_PER_USER_FIELD_COUNT;
183 silm->max_entries_per_user_template_id = fr->template_id;
185 else if (quota_event == MAX_SESSION_ENTRIES)
187 field_count = MAX_SESSIONS_FIELD_COUNT;
188 silm->max_sessions_template_id = fr->template_id;
190 else if (quota_event == MAX_BIB_ENTRIES)
192 field_count = MAX_BIBS_FIELD_COUNT;
193 silm->max_bibs_template_id = fr->template_id;
195 else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY)
197 field_count = MAX_FRAGMENTS_FIELD_COUNT;
198 silm->max_frags_ip4_template_id = fr->template_id;
200 else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6)
202 field_count = MAX_FRAGMENTS_FIELD_COUNT;
203 silm->max_frags_ip6_template_id = fr->template_id;
207 /* allocate rewrite space */
208 vec_validate_aligned (rewrite,
209 sizeof (ip4_ipfix_template_packet_t)
210 + field_count * sizeof (ipfix_field_specifier_t) - 1,
211 CLIB_CACHE_LINE_BYTES);
213 tp = (ip4_ipfix_template_packet_t *) rewrite;
214 ip = (ip4_header_t *) & tp->ip4;
215 udp = (udp_header_t *) (ip + 1);
216 h = (ipfix_message_header_t *) (udp + 1);
217 s = (ipfix_set_header_t *) (h + 1);
218 t = (ipfix_template_header_t *) (s + 1);
219 first_field = f = (ipfix_field_specifier_t *) (t + 1);
221 ip->ip_version_and_header_length = 0x45;
223 ip->protocol = IP_PROTOCOL_UDP;
224 ip->src_address.as_u32 = src_address->as_u32;
225 ip->dst_address.as_u32 = collector_address->as_u32;
226 udp->src_port = clib_host_to_net_u16 (stream->src_port);
227 udp->dst_port = clib_host_to_net_u16 (collector_port);
228 udp->length = clib_host_to_net_u16 (vec_len (rewrite) - sizeof (*ip));
230 /* FIXUP: message header export_time */
231 h->domain_id = clib_host_to_net_u32 (stream->domain_id);
233 /* Add TLVs to the template */
234 if (event == NAT_ADDRESSES_EXHAUTED)
236 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds, 8);
238 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
240 f->e_id_length = ipfix_e_id_length (0, natPoolId, 4);
243 else if (event == NAT44_SESSION_CREATE)
245 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds, 8);
247 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
249 f->e_id_length = ipfix_e_id_length (0, sourceIPv4Address, 4);
251 f->e_id_length = ipfix_e_id_length (0, postNATSourceIPv4Address, 4);
253 f->e_id_length = ipfix_e_id_length (0, protocolIdentifier, 1);
255 f->e_id_length = ipfix_e_id_length (0, sourceTransportPort, 2);
257 f->e_id_length = ipfix_e_id_length (0, postNAPTSourceTransportPort, 2);
259 f->e_id_length = ipfix_e_id_length (0, ingressVRFID, 4);
262 else if (event == NAT64_BIB_CREATE)
264 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds, 8);
266 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
268 f->e_id_length = ipfix_e_id_length (0, sourceIPv6Address, 16);
270 f->e_id_length = ipfix_e_id_length (0, postNATSourceIPv4Address, 4);
272 f->e_id_length = ipfix_e_id_length (0, protocolIdentifier, 1);
274 f->e_id_length = ipfix_e_id_length (0, sourceTransportPort, 2);
276 f->e_id_length = ipfix_e_id_length (0, postNAPTSourceTransportPort, 2);
278 f->e_id_length = ipfix_e_id_length (0, ingressVRFID, 4);
281 else if (event == NAT64_SESSION_CREATE)
283 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds, 8);
285 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
287 f->e_id_length = ipfix_e_id_length (0, sourceIPv6Address, 16);
289 f->e_id_length = ipfix_e_id_length (0, postNATSourceIPv4Address, 4);
291 f->e_id_length = ipfix_e_id_length (0, protocolIdentifier, 1);
293 f->e_id_length = ipfix_e_id_length (0, sourceTransportPort, 2);
295 f->e_id_length = ipfix_e_id_length (0, postNAPTSourceTransportPort, 2);
297 f->e_id_length = ipfix_e_id_length (0, destinationIPv6Address, 16);
299 f->e_id_length = ipfix_e_id_length (0, postNATDestinationIPv4Address, 4);
301 f->e_id_length = ipfix_e_id_length (0, destinationTransportPort, 2);
303 f->e_id_length = ipfix_e_id_length (0, postNAPTDestinationTransportPort,
306 f->e_id_length = ipfix_e_id_length (0, ingressVRFID, 4);
309 else if (event == QUOTA_EXCEEDED)
311 if (quota_event == MAX_ENTRIES_PER_USER)
313 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
316 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
318 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
320 f->e_id_length = ipfix_e_id_length (0, maxEntriesPerUser, 4);
322 f->e_id_length = ipfix_e_id_length (0, sourceIPv4Address, 4);
325 else if (quota_event == MAX_SESSION_ENTRIES)
327 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
330 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
332 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
334 f->e_id_length = ipfix_e_id_length (0, maxSessionEntries, 4);
337 else if (quota_event == MAX_BIB_ENTRIES)
339 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
342 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
344 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
346 f->e_id_length = ipfix_e_id_length (0, maxBIBEntries, 4);
349 else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY)
351 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
354 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
356 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
358 f->e_id_length = ipfix_e_id_length (0, maxFragmentsPendingReassembly,
361 f->e_id_length = ipfix_e_id_length (0, sourceIPv4Address, 4);
364 else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6)
366 f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
369 f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
371 f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
373 f->e_id_length = ipfix_e_id_length (0, maxFragmentsPendingReassembly,
376 f->e_id_length = ipfix_e_id_length (0, sourceIPv6Address, 16);
381 /* Back to the template packet... */
382 ip = (ip4_header_t *) & tp->ip4;
383 udp = (udp_header_t *) (ip + 1);
385 ASSERT (f - first_field);
386 /* Field count in this template */
387 t->id_count = ipfix_id_count (fr->template_id, f - first_field);
389 /* set length in octets */
391 ipfix_set_id_length (2 /* set_id */ , (u8 *) f - (u8 *) s);
393 /* message length in octets */
394 h->version_length = version_length ((u8 *) f - (u8 *) h);
396 ip->length = clib_host_to_net_u16 ((u8 *) f - (u8 *) ip);
397 ip->checksum = ip4_header_checksum (ip);
403 snat_template_rewrite_addr_exhausted (flow_report_main_t * frm,
405 ip4_address_t * collector_address,
406 ip4_address_t * src_address,
408 ipfix_report_element_t *elts,
409 u32 n_elts, u32 *stream_index)
411 return snat_template_rewrite (frm, fr, collector_address, src_address,
412 collector_port, NAT_ADDRESSES_EXHAUTED, 0);
416 snat_template_rewrite_nat44_session (flow_report_main_t * frm,
418 ip4_address_t * collector_address,
419 ip4_address_t * src_address,
421 ipfix_report_element_t *elts,
422 u32 n_elts, u32 *stream_index)
424 return snat_template_rewrite (frm, fr, collector_address, src_address,
425 collector_port, NAT44_SESSION_CREATE, 0);
429 snat_template_rewrite_max_entries_per_usr (flow_report_main_t * frm,
431 ip4_address_t * collector_address,
432 ip4_address_t * src_address,
434 ipfix_report_element_t *elts,
435 u32 n_elts, u32 *stream_index)
437 return snat_template_rewrite (frm, fr, collector_address, src_address,
438 collector_port, QUOTA_EXCEEDED,
439 MAX_ENTRIES_PER_USER);
443 nat_template_rewrite_max_sessions (flow_report_main_t * frm,
445 ip4_address_t * collector_address,
446 ip4_address_t * src_address,
448 ipfix_report_element_t *elts,
449 u32 n_elts, u32 *stream_index)
451 return snat_template_rewrite (frm, fr, collector_address, src_address,
452 collector_port, QUOTA_EXCEEDED,
453 MAX_SESSION_ENTRIES);
457 nat_template_rewrite_max_bibs (flow_report_main_t * frm,
459 ip4_address_t * collector_address,
460 ip4_address_t * src_address,
462 ipfix_report_element_t *elts,
463 u32 n_elts, u32 *stream_index)
465 return snat_template_rewrite (frm, fr, collector_address, src_address,
466 collector_port, QUOTA_EXCEEDED,
471 nat_template_rewrite_max_frags_ip4 (flow_report_main_t * frm,
473 ip4_address_t * collector_address,
474 ip4_address_t * src_address,
476 ipfix_report_element_t *elts,
477 u32 n_elts, u32 *stream_index)
479 return snat_template_rewrite (frm, fr, collector_address, src_address,
480 collector_port, QUOTA_EXCEEDED,
481 MAX_FRAGMENTS_PENDING_REASSEMBLY);
485 nat_template_rewrite_max_frags_ip6 (flow_report_main_t * frm,
487 ip4_address_t * collector_address,
488 ip4_address_t * src_address,
490 ipfix_report_element_t *elts,
491 u32 n_elts, u32 *stream_index)
493 return snat_template_rewrite (frm, fr, collector_address, src_address,
494 collector_port, QUOTA_EXCEEDED,
495 MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6);
499 nat_template_rewrite_nat64_bib (flow_report_main_t * frm,
501 ip4_address_t * collector_address,
502 ip4_address_t * src_address,
504 ipfix_report_element_t *elts,
505 u32 n_elts, u32 *stream_index)
507 return snat_template_rewrite (frm, fr, collector_address, src_address,
508 collector_port, NAT64_BIB_CREATE, 0);
512 nat_template_rewrite_nat64_session (flow_report_main_t * frm,
514 ip4_address_t * collector_address,
515 ip4_address_t * src_address,
517 ipfix_report_element_t *elts,
518 u32 n_elts, u32 *stream_index)
520 return snat_template_rewrite (frm, fr, collector_address, src_address,
521 collector_port, NAT64_SESSION_CREATE, 0);
525 snat_ipfix_header_create (flow_report_main_t * frm,
526 vlib_buffer_t * b0, u32 * offset)
528 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
529 flow_report_stream_t *stream;
530 ip4_ipfix_template_packet_t *tp;
531 ipfix_message_header_t *h = 0;
532 ipfix_set_header_t *s = 0;
536 stream = &frm->streams[silm->stream_index];
538 b0->current_data = 0;
539 b0->current_length = sizeof (*ip) + sizeof (*udp) + sizeof (*h) +
541 b0->flags |= (VLIB_BUFFER_TOTAL_LENGTH_VALID | VNET_BUFFER_F_FLOW_REPORT);
542 vnet_buffer (b0)->sw_if_index[VLIB_RX] = 0;
543 vnet_buffer (b0)->sw_if_index[VLIB_TX] = frm->fib_index;
544 tp = vlib_buffer_get_current (b0);
545 ip = (ip4_header_t *) & tp->ip4;
546 udp = (udp_header_t *) (ip + 1);
547 h = (ipfix_message_header_t *) (udp + 1);
548 s = (ipfix_set_header_t *) (h + 1);
550 ip->ip_version_and_header_length = 0x45;
552 ip->protocol = IP_PROTOCOL_UDP;
553 ip->flags_and_fragment_offset = 0;
554 ip->src_address.as_u32 = frm->src_address.as_u32;
555 ip->dst_address.as_u32 = frm->ipfix_collector.as_u32;
556 udp->src_port = clib_host_to_net_u16 (stream->src_port);
557 udp->dst_port = clib_host_to_net_u16 (frm->collector_port);
560 h->export_time = clib_host_to_net_u32 ((u32)
561 (((f64) frm->unix_time_0) +
562 (vlib_time_now (frm->vlib_main) -
564 h->sequence_number = clib_host_to_net_u32 (stream->sequence_number++);
565 h->domain_id = clib_host_to_net_u32 (stream->domain_id);
567 *offset = (u32) (((u8 *) (s + 1)) - (u8 *) tp);
571 snat_ipfix_send (flow_report_main_t * frm,
572 vlib_frame_t * f, vlib_buffer_t * b0, u16 template_id)
574 ip4_ipfix_template_packet_t *tp;
575 ipfix_message_header_t *h = 0;
576 ipfix_set_header_t *s = 0;
579 vlib_main_t *vm = frm->vlib_main;
581 tp = vlib_buffer_get_current (b0);
582 ip = (ip4_header_t *) & tp->ip4;
583 udp = (udp_header_t *) (ip + 1);
584 h = (ipfix_message_header_t *) (udp + 1);
585 s = (ipfix_set_header_t *) (h + 1);
587 s->set_id_length = ipfix_set_id_length (template_id,
589 (sizeof (*ip) + sizeof (*udp) +
591 h->version_length = version_length (b0->current_length -
592 (sizeof (*ip) + sizeof (*udp)));
594 ip->length = clib_host_to_net_u16 (b0->current_length);
595 ip->checksum = ip4_header_checksum (ip);
596 udp->length = clib_host_to_net_u16 (b0->current_length - sizeof (*ip));
598 if (frm->udp_checksum)
600 udp->checksum = ip4_tcp_udp_compute_checksum (vm, b0, ip);
601 if (udp->checksum == 0)
602 udp->checksum = 0xffff;
605 ASSERT (ip->checksum == ip4_header_checksum (ip));
607 vlib_put_frame_to_node (vm, ip4_lookup_node.index, f);
611 snat_ipfix_logging_nat44_ses (u8 nat_event, u32 src_ip, u32 nat_src_ip,
612 snat_protocol_t snat_proto, u16 src_port,
613 u16 nat_src_port, u32 vrf_id, int do_flush)
615 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
616 flow_report_main_t *frm = &flow_report_main;
618 vlib_buffer_t *b0 = 0;
621 vlib_main_t *vm = frm->vlib_main;
628 proto = snat_proto_to_ip_proto (snat_proto);
630 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
631 now += silm->milisecond_time_0;
633 b0 = silm->nat44_session_buffer;
635 if (PREDICT_FALSE (b0 == 0))
640 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
642 nat_log_err ("can't allocate buffer for NAT IPFIX event");
646 b0 = silm->nat44_session_buffer = vlib_get_buffer (vm, bi0);
647 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
652 bi0 = vlib_get_buffer_index (vm, b0);
653 offset = silm->nat44_session_next_record_offset;
656 f = silm->nat44_session_frame;
657 if (PREDICT_FALSE (f == 0))
660 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
661 silm->nat44_session_frame = f;
662 to_next = vlib_frame_vector_args (f);
667 if (PREDICT_FALSE (offset == 0))
668 snat_ipfix_header_create (frm, b0, &offset);
670 if (PREDICT_TRUE (do_flush == 0))
672 u64 time_stamp = clib_host_to_net_u64 (now);
673 clib_memcpy_fast (b0->data + offset, &time_stamp, sizeof (time_stamp));
674 offset += sizeof (time_stamp);
676 clib_memcpy_fast (b0->data + offset, &nat_event, sizeof (nat_event));
677 offset += sizeof (nat_event);
679 clib_memcpy_fast (b0->data + offset, &src_ip, sizeof (src_ip));
680 offset += sizeof (src_ip);
682 clib_memcpy_fast (b0->data + offset, &nat_src_ip, sizeof (nat_src_ip));
683 offset += sizeof (nat_src_ip);
685 clib_memcpy_fast (b0->data + offset, &proto, sizeof (proto));
686 offset += sizeof (proto);
688 clib_memcpy_fast (b0->data + offset, &src_port, sizeof (src_port));
689 offset += sizeof (src_port);
691 clib_memcpy_fast (b0->data + offset, &nat_src_port, sizeof (nat_src_port));
692 offset += sizeof (nat_src_port);
694 clib_memcpy_fast (b0->data + offset, &vrf_id, sizeof (vrf_id));
695 offset += sizeof (vrf_id);
697 b0->current_length += NAT44_SESSION_CREATE_LEN;
701 (do_flush || (offset + NAT44_SESSION_CREATE_LEN) > frm->path_mtu))
703 snat_ipfix_send (frm, f, b0, silm->nat44_session_template_id);
704 silm->nat44_session_frame = 0;
705 silm->nat44_session_buffer = 0;
708 silm->nat44_session_next_record_offset = offset;
712 snat_ipfix_logging_addr_exhausted (u32 pool_id, int do_flush)
714 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
715 flow_report_main_t *frm = &flow_report_main;
717 vlib_buffer_t *b0 = 0;
720 vlib_main_t *vm = frm->vlib_main;
722 u8 nat_event = NAT_ADDRESSES_EXHAUTED;
727 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
728 now += silm->milisecond_time_0;
730 b0 = silm->addr_exhausted_buffer;
732 if (PREDICT_FALSE (b0 == 0))
737 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
739 nat_log_err ("can't allocate buffer for NAT IPFIX event");
743 b0 = silm->addr_exhausted_buffer = vlib_get_buffer (vm, bi0);
744 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
749 bi0 = vlib_get_buffer_index (vm, b0);
750 offset = silm->addr_exhausted_next_record_offset;
753 f = silm->addr_exhausted_frame;
754 if (PREDICT_FALSE (f == 0))
757 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
758 silm->addr_exhausted_frame = f;
759 to_next = vlib_frame_vector_args (f);
764 if (PREDICT_FALSE (offset == 0))
765 snat_ipfix_header_create (frm, b0, &offset);
767 if (PREDICT_TRUE (do_flush == 0))
769 u64 time_stamp = clib_host_to_net_u64 (now);
770 clib_memcpy_fast (b0->data + offset, &time_stamp, sizeof (time_stamp));
771 offset += sizeof (time_stamp);
773 clib_memcpy_fast (b0->data + offset, &nat_event, sizeof (nat_event));
774 offset += sizeof (nat_event);
776 clib_memcpy_fast (b0->data + offset, &pool_id, sizeof (pool_id));
777 offset += sizeof (pool_id);
779 b0->current_length += NAT_ADDRESSES_EXHAUTED_LEN;
783 (do_flush || (offset + NAT_ADDRESSES_EXHAUTED_LEN) > frm->path_mtu))
785 snat_ipfix_send (frm, f, b0, silm->addr_exhausted_template_id);
786 silm->addr_exhausted_frame = 0;
787 silm->addr_exhausted_buffer = 0;
790 silm->addr_exhausted_next_record_offset = offset;
794 snat_ipfix_logging_max_entries_per_usr (u32 limit, u32 src_ip, int do_flush)
796 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
797 flow_report_main_t *frm = &flow_report_main;
799 vlib_buffer_t *b0 = 0;
802 vlib_main_t *vm = frm->vlib_main;
804 u8 nat_event = QUOTA_EXCEEDED;
805 u32 quota_event = MAX_ENTRIES_PER_USER;
810 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
811 now += silm->milisecond_time_0;
813 b0 = silm->max_entries_per_user_buffer;
815 if (PREDICT_FALSE (b0 == 0))
820 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
822 nat_log_err ("can't allocate buffer for NAT IPFIX event");
826 b0 = silm->max_entries_per_user_buffer = vlib_get_buffer (vm, bi0);
827 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
832 bi0 = vlib_get_buffer_index (vm, b0);
833 offset = silm->max_entries_per_user_next_record_offset;
836 f = silm->max_entries_per_user_frame;
837 if (PREDICT_FALSE (f == 0))
840 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
841 silm->max_entries_per_user_frame = f;
842 to_next = vlib_frame_vector_args (f);
847 if (PREDICT_FALSE (offset == 0))
848 snat_ipfix_header_create (frm, b0, &offset);
850 if (PREDICT_TRUE (do_flush == 0))
852 u64 time_stamp = clib_host_to_net_u64 (now);
853 clib_memcpy_fast (b0->data + offset, &time_stamp, sizeof (time_stamp));
854 offset += sizeof (time_stamp);
856 clib_memcpy_fast (b0->data + offset, &nat_event, sizeof (nat_event));
857 offset += sizeof (nat_event);
859 clib_memcpy_fast (b0->data + offset, "a_event, sizeof (quota_event));
860 offset += sizeof (quota_event);
862 clib_memcpy_fast (b0->data + offset, &limit, sizeof (limit));
863 offset += sizeof (limit);
865 clib_memcpy_fast (b0->data + offset, &src_ip, sizeof (src_ip));
866 offset += sizeof (src_ip);
868 b0->current_length += MAX_ENTRIES_PER_USER_LEN;
872 (do_flush || (offset + MAX_ENTRIES_PER_USER_LEN) > frm->path_mtu))
874 snat_ipfix_send (frm, f, b0, silm->max_entries_per_user_template_id);
875 silm->max_entries_per_user_frame = 0;
876 silm->max_entries_per_user_buffer = 0;
879 silm->max_entries_per_user_next_record_offset = offset;
883 nat_ipfix_logging_max_ses (u32 limit, int do_flush)
885 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
886 flow_report_main_t *frm = &flow_report_main;
888 vlib_buffer_t *b0 = 0;
891 vlib_main_t *vm = frm->vlib_main;
893 u8 nat_event = QUOTA_EXCEEDED;
894 u32 quota_event = MAX_SESSION_ENTRIES;
899 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
900 now += silm->milisecond_time_0;
902 b0 = silm->max_sessions_buffer;
904 if (PREDICT_FALSE (b0 == 0))
909 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
911 nat_log_err ("can't allocate buffer for NAT IPFIX event");
915 b0 = silm->max_sessions_buffer = vlib_get_buffer (vm, bi0);
916 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
921 bi0 = vlib_get_buffer_index (vm, b0);
922 offset = silm->max_sessions_next_record_offset;
925 f = silm->max_sessions_frame;
926 if (PREDICT_FALSE (f == 0))
929 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
930 silm->max_sessions_frame = f;
931 to_next = vlib_frame_vector_args (f);
936 if (PREDICT_FALSE (offset == 0))
937 snat_ipfix_header_create (frm, b0, &offset);
939 if (PREDICT_TRUE (do_flush == 0))
941 u64 time_stamp = clib_host_to_net_u64 (now);
942 clib_memcpy_fast (b0->data + offset, &time_stamp, sizeof (time_stamp));
943 offset += sizeof (time_stamp);
945 clib_memcpy_fast (b0->data + offset, &nat_event, sizeof (nat_event));
946 offset += sizeof (nat_event);
948 clib_memcpy_fast (b0->data + offset, "a_event, sizeof (quota_event));
949 offset += sizeof (quota_event);
951 clib_memcpy_fast (b0->data + offset, &limit, sizeof (limit));
952 offset += sizeof (limit);
954 b0->current_length += MAX_SESSIONS_LEN;
958 (do_flush || (offset + MAX_SESSIONS_LEN) > frm->path_mtu))
960 snat_ipfix_send (frm, f, b0, silm->max_sessions_template_id);
961 silm->max_sessions_frame = 0;
962 silm->max_sessions_buffer = 0;
965 silm->max_sessions_next_record_offset = offset;
969 nat_ipfix_logging_max_bib (u32 limit, int do_flush)
971 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
972 flow_report_main_t *frm = &flow_report_main;
974 vlib_buffer_t *b0 = 0;
977 vlib_main_t *vm = frm->vlib_main;
979 u8 nat_event = QUOTA_EXCEEDED;
980 u32 quota_event = MAX_BIB_ENTRIES;
985 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
986 now += silm->milisecond_time_0;
988 b0 = silm->max_bibs_buffer;
990 if (PREDICT_FALSE (b0 == 0))
995 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
997 nat_log_err ("can't allocate buffer for NAT IPFIX event");
1001 b0 = silm->max_bibs_buffer = vlib_get_buffer (vm, bi0);
1002 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1007 bi0 = vlib_get_buffer_index (vm, b0);
1008 offset = silm->max_bibs_next_record_offset;
1011 f = silm->max_bibs_frame;
1012 if (PREDICT_FALSE (f == 0))
1015 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1016 silm->max_bibs_frame = f;
1017 to_next = vlib_frame_vector_args (f);
1022 if (PREDICT_FALSE (offset == 0))
1023 snat_ipfix_header_create (frm, b0, &offset);
1025 if (PREDICT_TRUE (do_flush == 0))
1027 u64 time_stamp = clib_host_to_net_u64 (now);
1028 clib_memcpy_fast (b0->data + offset, &time_stamp, sizeof (time_stamp));
1029 offset += sizeof (time_stamp);
1031 clib_memcpy_fast (b0->data + offset, &nat_event, sizeof (nat_event));
1032 offset += sizeof (nat_event);
1034 clib_memcpy_fast (b0->data + offset, "a_event, sizeof (quota_event));
1035 offset += sizeof (quota_event);
1037 clib_memcpy_fast (b0->data + offset, &limit, sizeof (limit));
1038 offset += sizeof (limit);
1040 b0->current_length += MAX_BIBS_LEN;
1044 (do_flush || (offset + MAX_BIBS_LEN) > frm->path_mtu))
1046 snat_ipfix_send (frm, f, b0, silm->max_bibs_template_id);
1047 silm->max_bibs_frame = 0;
1048 silm->max_bibs_buffer = 0;
1051 silm->max_bibs_next_record_offset = offset;
1055 nat_ipfix_logging_max_frag_ip4 (u32 limit, u32 src, int do_flush)
1057 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1058 flow_report_main_t *frm = &flow_report_main;
1060 vlib_buffer_t *b0 = 0;
1063 vlib_main_t *vm = frm->vlib_main;
1065 u8 nat_event = QUOTA_EXCEEDED;
1066 u32 quota_event = MAX_FRAGMENTS_PENDING_REASSEMBLY;
1071 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1072 now += silm->milisecond_time_0;
1074 b0 = silm->max_frags_ip4_buffer;
1076 if (PREDICT_FALSE (b0 == 0))
1081 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1083 nat_log_err ("can't allocate buffer for NAT IPFIX event");
1087 b0 = silm->max_frags_ip4_buffer = vlib_get_buffer (vm, bi0);
1088 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1093 bi0 = vlib_get_buffer_index (vm, b0);
1094 offset = silm->max_frags_ip4_next_record_offset;
1097 f = silm->max_frags_ip4_frame;
1098 if (PREDICT_FALSE (f == 0))
1101 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1102 silm->max_frags_ip4_frame = f;
1103 to_next = vlib_frame_vector_args (f);
1108 if (PREDICT_FALSE (offset == 0))
1109 snat_ipfix_header_create (frm, b0, &offset);
1111 if (PREDICT_TRUE (do_flush == 0))
1113 u64 time_stamp = clib_host_to_net_u64 (now);
1114 clib_memcpy_fast (b0->data + offset, &time_stamp, sizeof (time_stamp));
1115 offset += sizeof (time_stamp);
1117 clib_memcpy_fast (b0->data + offset, &nat_event, sizeof (nat_event));
1118 offset += sizeof (nat_event);
1120 clib_memcpy_fast (b0->data + offset, "a_event, sizeof (quota_event));
1121 offset += sizeof (quota_event);
1123 clib_memcpy_fast (b0->data + offset, &limit, sizeof (limit));
1124 offset += sizeof (limit);
1126 clib_memcpy_fast (b0->data + offset, &src, sizeof (src));
1127 offset += sizeof (src);
1129 b0->current_length += MAX_FRAGMENTS_IP4_LEN;
1133 (do_flush || (offset + MAX_BIBS_LEN) > frm->path_mtu))
1135 snat_ipfix_send (frm, f, b0, silm->max_frags_ip4_template_id);
1136 silm->max_frags_ip4_frame = 0;
1137 silm->max_frags_ip4_buffer = 0;
1140 silm->max_frags_ip4_next_record_offset = offset;
1144 nat_ipfix_logging_max_frag_ip6 (u32 limit, ip6_address_t * src, int do_flush)
1146 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1147 flow_report_main_t *frm = &flow_report_main;
1149 vlib_buffer_t *b0 = 0;
1152 vlib_main_t *vm = frm->vlib_main;
1154 u8 nat_event = QUOTA_EXCEEDED;
1155 u32 quota_event = MAX_FRAGMENTS_PENDING_REASSEMBLY;
1160 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1161 now += silm->milisecond_time_0;
1163 b0 = silm->max_frags_ip6_buffer;
1165 if (PREDICT_FALSE (b0 == 0))
1170 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1172 nat_log_err ("can't allocate buffer for NAT IPFIX event");
1176 b0 = silm->max_frags_ip6_buffer = vlib_get_buffer (vm, bi0);
1177 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1182 bi0 = vlib_get_buffer_index (vm, b0);
1183 offset = silm->max_frags_ip6_next_record_offset;
1186 f = silm->max_frags_ip6_frame;
1187 if (PREDICT_FALSE (f == 0))
1190 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1191 silm->max_frags_ip6_frame = f;
1192 to_next = vlib_frame_vector_args (f);
1197 if (PREDICT_FALSE (offset == 0))
1198 snat_ipfix_header_create (frm, b0, &offset);
1200 if (PREDICT_TRUE (do_flush == 0))
1202 u64 time_stamp = clib_host_to_net_u64 (now);
1203 clib_memcpy_fast (b0->data + offset, &time_stamp, sizeof (time_stamp));
1204 offset += sizeof (time_stamp);
1206 clib_memcpy_fast (b0->data + offset, &nat_event, sizeof (nat_event));
1207 offset += sizeof (nat_event);
1209 clib_memcpy_fast (b0->data + offset, "a_event, sizeof (quota_event));
1210 offset += sizeof (quota_event);
1212 clib_memcpy_fast (b0->data + offset, &limit, sizeof (limit));
1213 offset += sizeof (limit);
1215 clib_memcpy_fast (b0->data + offset, src, sizeof (ip6_address_t));
1216 offset += sizeof (ip6_address_t);
1218 b0->current_length += MAX_FRAGMENTS_IP6_LEN;
1222 (do_flush || (offset + MAX_BIBS_LEN) > frm->path_mtu))
1224 snat_ipfix_send (frm, f, b0, silm->max_frags_ip6_template_id);
1225 silm->max_frags_ip6_frame = 0;
1226 silm->max_frags_ip6_buffer = 0;
1229 silm->max_frags_ip6_next_record_offset = offset;
1233 nat_ipfix_logging_nat64_bibe (u8 nat_event, ip6_address_t * src_ip,
1234 u32 nat_src_ip, u8 proto, u16 src_port,
1235 u16 nat_src_port, u32 vrf_id, int do_flush)
1237 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1238 flow_report_main_t *frm = &flow_report_main;
1240 vlib_buffer_t *b0 = 0;
1243 vlib_main_t *vm = frm->vlib_main;
1249 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1250 now += silm->milisecond_time_0;
1252 b0 = silm->nat64_bib_buffer;
1254 if (PREDICT_FALSE (b0 == 0))
1259 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1261 nat_log_err ("can't allocate buffer for NAT IPFIX event");
1265 b0 = silm->nat64_bib_buffer = vlib_get_buffer (vm, bi0);
1266 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1271 bi0 = vlib_get_buffer_index (vm, b0);
1272 offset = silm->nat64_bib_next_record_offset;
1275 f = silm->nat64_bib_frame;
1276 if (PREDICT_FALSE (f == 0))
1279 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1280 silm->nat64_bib_frame = f;
1281 to_next = vlib_frame_vector_args (f);
1286 if (PREDICT_FALSE (offset == 0))
1287 snat_ipfix_header_create (frm, b0, &offset);
1289 if (PREDICT_TRUE (do_flush == 0))
1291 u64 time_stamp = clib_host_to_net_u64 (now);
1292 clib_memcpy_fast (b0->data + offset, &time_stamp, sizeof (time_stamp));
1293 offset += sizeof (time_stamp);
1295 clib_memcpy_fast (b0->data + offset, &nat_event, sizeof (nat_event));
1296 offset += sizeof (nat_event);
1298 clib_memcpy_fast (b0->data + offset, src_ip, sizeof (ip6_address_t));
1299 offset += sizeof (ip6_address_t);
1301 clib_memcpy_fast (b0->data + offset, &nat_src_ip, sizeof (nat_src_ip));
1302 offset += sizeof (nat_src_ip);
1304 clib_memcpy_fast (b0->data + offset, &proto, sizeof (proto));
1305 offset += sizeof (proto);
1307 clib_memcpy_fast (b0->data + offset, &src_port, sizeof (src_port));
1308 offset += sizeof (src_port);
1310 clib_memcpy_fast (b0->data + offset, &nat_src_port, sizeof (nat_src_port));
1311 offset += sizeof (nat_src_port);
1313 clib_memcpy_fast (b0->data + offset, &vrf_id, sizeof (vrf_id));
1314 offset += sizeof (vrf_id);
1316 b0->current_length += NAT64_BIB_LEN;
1320 (do_flush || (offset + NAT64_BIB_LEN) > frm->path_mtu))
1322 snat_ipfix_send (frm, f, b0, silm->nat64_bib_template_id);
1323 silm->nat64_bib_frame = 0;
1324 silm->nat64_bib_buffer = 0;
1327 silm->nat64_bib_next_record_offset = offset;
1331 nat_ipfix_logging_nat64_ses (u8 nat_event, ip6_address_t * src_ip,
1332 u32 nat_src_ip, u8 proto, u16 src_port,
1333 u16 nat_src_port, ip6_address_t * dst_ip,
1334 u32 nat_dst_ip, u16 dst_port, u16 nat_dst_port,
1335 u32 vrf_id, int do_flush)
1337 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1338 flow_report_main_t *frm = &flow_report_main;
1340 vlib_buffer_t *b0 = 0;
1343 vlib_main_t *vm = frm->vlib_main;
1349 now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
1350 now += silm->milisecond_time_0;
1352 b0 = silm->nat64_ses_buffer;
1354 if (PREDICT_FALSE (b0 == 0))
1359 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
1361 nat_log_err ("can't allocate buffer for NAT IPFIX event");
1365 b0 = silm->nat64_ses_buffer = vlib_get_buffer (vm, bi0);
1366 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
1371 bi0 = vlib_get_buffer_index (vm, b0);
1372 offset = silm->nat64_ses_next_record_offset;
1375 f = silm->nat64_ses_frame;
1376 if (PREDICT_FALSE (f == 0))
1379 f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
1380 silm->nat64_ses_frame = f;
1381 to_next = vlib_frame_vector_args (f);
1386 if (PREDICT_FALSE (offset == 0))
1387 snat_ipfix_header_create (frm, b0, &offset);
1389 if (PREDICT_TRUE (do_flush == 0))
1391 u64 time_stamp = clib_host_to_net_u64 (now);
1392 clib_memcpy_fast (b0->data + offset, &time_stamp, sizeof (time_stamp));
1393 offset += sizeof (time_stamp);
1395 clib_memcpy_fast (b0->data + offset, &nat_event, sizeof (nat_event));
1396 offset += sizeof (nat_event);
1398 clib_memcpy_fast (b0->data + offset, src_ip, sizeof (ip6_address_t));
1399 offset += sizeof (ip6_address_t);
1401 clib_memcpy_fast (b0->data + offset, &nat_src_ip, sizeof (nat_src_ip));
1402 offset += sizeof (nat_src_ip);
1404 clib_memcpy_fast (b0->data + offset, &proto, sizeof (proto));
1405 offset += sizeof (proto);
1407 clib_memcpy_fast (b0->data + offset, &src_port, sizeof (src_port));
1408 offset += sizeof (src_port);
1410 clib_memcpy_fast (b0->data + offset, &nat_src_port, sizeof (nat_src_port));
1411 offset += sizeof (nat_src_port);
1413 clib_memcpy_fast (b0->data + offset, dst_ip, sizeof (ip6_address_t));
1414 offset += sizeof (ip6_address_t);
1416 clib_memcpy_fast (b0->data + offset, &nat_dst_ip, sizeof (nat_dst_ip));
1417 offset += sizeof (nat_dst_ip);
1419 clib_memcpy_fast (b0->data + offset, &dst_port, sizeof (dst_port));
1420 offset += sizeof (dst_port);
1422 clib_memcpy_fast (b0->data + offset, &nat_dst_port, sizeof (nat_dst_port));
1423 offset += sizeof (nat_dst_port);
1425 clib_memcpy_fast (b0->data + offset, &vrf_id, sizeof (vrf_id));
1426 offset += sizeof (vrf_id);
1428 b0->current_length += NAT64_SES_LEN;
1432 (do_flush || (offset + NAT64_SES_LEN) > frm->path_mtu))
1434 snat_ipfix_send (frm, f, b0, silm->nat64_ses_template_id);
1435 silm->nat64_ses_frame = 0;
1436 silm->nat64_ses_buffer = 0;
1439 silm->nat64_ses_next_record_offset = offset;
1443 snat_ipfix_logging_nat44_ses_rpc_cb (snat_ipfix_logging_nat44_ses_args_t * a)
1445 snat_ipfix_logging_nat44_ses (a->nat_event, a->src_ip, a->nat_src_ip,
1446 a->snat_proto, a->src_port, a->nat_src_port,
1451 * @brief Generate NAT44 session create event
1453 * @param src_ip source IPv4 address
1454 * @param nat_src_ip transaltes source IPv4 address
1455 * @param snat_proto NAT transport protocol
1456 * @param src_port source port
1457 * @param nat_src_port translated source port
1458 * @param vrf_id VRF ID
1461 snat_ipfix_logging_nat44_ses_create (u32 src_ip,
1463 snat_protocol_t snat_proto,
1465 u16 nat_src_port, u32 vrf_id)
1467 snat_ipfix_logging_nat44_ses_args_t a;
1469 skip_if_disabled ();
1471 a.nat_event = NAT44_SESSION_CREATE;
1473 a.nat_src_ip = nat_src_ip;
1474 a.snat_proto = snat_proto;
1475 a.src_port = src_port;
1476 a.nat_src_port = nat_src_port;
1479 vl_api_rpc_call_main_thread (snat_ipfix_logging_nat44_ses_rpc_cb,
1480 (u8 *) & a, sizeof (a));
1484 * @brief Generate NAT44 session delete event
1486 * @param src_ip source IPv4 address
1487 * @param nat_src_ip transaltes source IPv4 address
1488 * @param snat_proto NAT transport protocol
1489 * @param src_port source port
1490 * @param nat_src_port translated source port
1491 * @param vrf_id VRF ID
1494 snat_ipfix_logging_nat44_ses_delete (u32 src_ip,
1496 snat_protocol_t snat_proto,
1498 u16 nat_src_port, u32 vrf_id)
1500 snat_ipfix_logging_nat44_ses_args_t a;
1502 skip_if_disabled ();
1504 a.nat_event = NAT44_SESSION_DELETE;
1506 a.nat_src_ip = nat_src_ip;
1507 a.snat_proto = snat_proto;
1508 a.src_port = src_port;
1509 a.nat_src_port = nat_src_port;
1512 vl_api_rpc_call_main_thread (snat_ipfix_logging_nat44_ses_rpc_cb,
1513 (u8 *) & a, sizeof (a));
1517 snat_data_callback_nat44_session (flow_report_main_t * frm,
1520 u32 * to_next, u32 node_index)
1522 snat_ipfix_logging_nat44_ses (0, 0, 0, 0, 0, 0, 0, 1);
1527 snat_ipfix_logging_addr_exhausted_rpc_cb
1528 (snat_ipfix_logging_addr_exhausted_args_t * a)
1530 snat_ipfix_logging_addr_exhausted (a->pool_id, 0);
1534 * @brief Generate NAT addresses exhausted event
1536 * @param pool_id NAT pool ID
1539 snat_ipfix_logging_addresses_exhausted (u32 pool_id)
1541 //TODO: This event SHOULD be rate limited
1542 snat_ipfix_logging_addr_exhausted_args_t a;
1544 skip_if_disabled ();
1546 a.pool_id = pool_id;
1548 vl_api_rpc_call_main_thread (snat_ipfix_logging_addr_exhausted_rpc_cb,
1549 (u8 *) & a, sizeof (a));
1553 snat_data_callback_addr_exhausted (flow_report_main_t * frm,
1556 u32 * to_next, u32 node_index)
1558 snat_ipfix_logging_addr_exhausted (0, 1);
1563 snat_ipfix_logging_max_entries_per_usr_rpc_cb
1564 (snat_ipfix_logging_max_entries_per_user_args_t * a)
1566 snat_ipfix_logging_max_entries_per_usr (a->limit, a->src_ip, 0);
1570 * @brief Generate maximum entries per user exceeded event
1572 * @param limit maximum NAT entries that can be created per user
1573 * @param src_ip source IPv4 address
1576 snat_ipfix_logging_max_entries_per_user (u32 limit, u32 src_ip)
1578 //TODO: This event SHOULD be rate limited
1579 snat_ipfix_logging_max_entries_per_user_args_t a;
1581 skip_if_disabled ();
1586 vl_api_rpc_call_main_thread (snat_ipfix_logging_max_entries_per_usr_rpc_cb,
1587 (u8 *) & a, sizeof (a));
1591 snat_data_callback_max_entries_per_usr (flow_report_main_t * frm,
1594 u32 * to_next, u32 node_index)
1596 snat_ipfix_logging_max_entries_per_usr (0, 0, 1);
1601 nat_ipfix_logging_max_ses_rpc_cb (nat_ipfix_logging_max_sessions_args_t * a)
1603 nat_ipfix_logging_max_ses (a->limit, 0);
1607 * @brief Generate maximum session entries exceeded event
1609 * @param limit configured limit
1612 nat_ipfix_logging_max_sessions (u32 limit)
1614 //TODO: This event SHOULD be rate limited
1615 nat_ipfix_logging_max_sessions_args_t a;
1617 skip_if_disabled ();
1621 vl_api_rpc_call_main_thread (nat_ipfix_logging_max_ses_rpc_cb,
1622 (u8 *) & a, sizeof (a));
1626 nat_data_callback_max_sessions (flow_report_main_t * frm,
1629 u32 * to_next, u32 node_index)
1631 nat_ipfix_logging_max_ses (0, 1);
1636 nat_ipfix_logging_max_bib_rpc_cb (nat_ipfix_logging_max_bibs_args_t * a)
1638 nat_ipfix_logging_max_bib (a->limit, 0);
1642 * @brief Generate maximum BIB entries exceeded event
1644 * @param limit configured limit
1647 nat_ipfix_logging_max_bibs (u32 limit)
1649 //TODO: This event SHOULD be rate limited
1650 nat_ipfix_logging_max_bibs_args_t a;
1652 skip_if_disabled ();
1656 vl_api_rpc_call_main_thread (nat_ipfix_logging_max_bib_rpc_cb,
1657 (u8 *) & a, sizeof (a));
1661 nat_data_callback_max_bibs (flow_report_main_t * frm,
1664 u32 * to_next, u32 node_index)
1666 nat_ipfix_logging_max_bib (0, 1);
1671 nat_ipfix_logging_max_frag_ip4_rpc_cb (nat_ipfix_logging_max_frags_ip4_args_t * a)
1673 nat_ipfix_logging_max_frag_ip4 (a->limit, a->src, 0);
1677 * @brief Generate maximum IPv4 fragments pending reassembly exceeded event
1679 * @param limit configured limit
1680 * @param src source IPv4 address
1683 nat_ipfix_logging_max_fragments_ip4 (u32 limit, ip4_address_t * src)
1685 //TODO: This event SHOULD be rate limited
1686 nat_ipfix_logging_max_frags_ip4_args_t a;
1688 skip_if_disabled ();
1691 a.src = src->as_u32;
1693 vl_api_rpc_call_main_thread (nat_ipfix_logging_max_frag_ip4_rpc_cb,
1694 (u8 *) & a, sizeof (a));
1698 nat_data_callback_max_frags_ip4 (flow_report_main_t * frm,
1701 u32 * to_next, u32 node_index)
1703 nat_ipfix_logging_max_frag_ip4 (0, 0, 1);
1708 nat_ipfix_logging_max_frag_ip6_rpc_cb (nat_ipfix_logging_max_frags_ip6_args_t * a)
1711 src.as_u64[0] = a->src[0];
1712 src.as_u64[1] = a->src[1];
1713 nat_ipfix_logging_max_frag_ip6 (a->limit, &src, 0);
1717 * @brief Generate maximum IPv6 fragments pending reassembly exceeded event
1719 * @param limit configured limit
1720 * @param src source IPv6 address
1723 nat_ipfix_logging_max_fragments_ip6 (u32 limit, ip6_address_t * src)
1725 //TODO: This event SHOULD be rate limited
1726 nat_ipfix_logging_max_frags_ip6_args_t a;
1728 skip_if_disabled ();
1731 a.src[0] = src->as_u64[0];
1732 a.src[1] = src->as_u64[1];
1734 vl_api_rpc_call_main_thread (nat_ipfix_logging_max_frag_ip6_rpc_cb,
1735 (u8 *) & a, sizeof (a));
1739 nat_data_callback_max_frags_ip6 (flow_report_main_t * frm,
1742 u32 * to_next, u32 node_index)
1744 nat_ipfix_logging_max_frag_ip6 (0, 0, 1);
1749 nat_ipfix_logging_nat64_bib_rpc_cb (nat_ipfix_logging_nat64_bib_args_t * a)
1751 ip6_address_t src_ip;
1752 src_ip.as_u64[0] = a->src_ip[0];
1753 src_ip.as_u64[1] = a->src_ip[1];
1754 nat_ipfix_logging_nat64_bibe (a->nat_event, &src_ip, a->nat_src_ip,
1755 a->proto, a->src_port, a->nat_src_port,
1760 * @brief Generate NAT64 BIB create and delete events
1762 * @param src_ip source IPv6 address
1763 * @param nat_src_ip transaltes source IPv4 address
1764 * @param proto L4 protocol
1765 * @param src_port source port
1766 * @param nat_src_port translated source port
1767 * @param vrf_id VRF ID
1768 * @param is_create non-zero value if create event otherwise delete event
1771 nat_ipfix_logging_nat64_bib (ip6_address_t * src_ip,
1772 ip4_address_t * nat_src_ip, u8 proto,
1773 u16 src_port, u16 nat_src_port, u32 vrf_id,
1776 nat_ipfix_logging_nat64_bib_args_t a;
1778 skip_if_disabled ();
1780 a.src_ip[0] = src_ip->as_u64[0];
1781 a.src_ip[1] = src_ip->as_u64[1];
1782 a.nat_src_ip = nat_src_ip->as_u32;
1784 a.src_port = src_port;
1785 a.nat_src_port = nat_src_port;
1787 a.nat_event = is_create ? NAT64_BIB_CREATE : NAT64_BIB_DELETE;
1789 vl_api_rpc_call_main_thread (nat_ipfix_logging_nat64_bib_rpc_cb,
1790 (u8 *) & a, sizeof (a));
1794 nat_data_callback_nat64_bib (flow_report_main_t * frm,
1797 u32 * to_next, u32 node_index)
1799 nat_ipfix_logging_nat64_bibe (0, 0, 0, 0, 0, 0, 0, 1);
1804 nat_ipfix_logging_nat64_ses_rpc_cb (nat_ipfix_logging_nat64_ses_args_t * a)
1806 ip6_address_t src_ip, dst_ip;
1807 src_ip.as_u64[0] = a->src_ip[0];
1808 src_ip.as_u64[1] = a->src_ip[1];
1809 dst_ip.as_u64[0] = a->dst_ip[0];
1810 dst_ip.as_u64[1] = a->dst_ip[1];
1811 nat_ipfix_logging_nat64_ses (a->nat_event, &src_ip, a->nat_src_ip,
1812 a->proto, a->src_port, a->nat_src_port,
1813 &dst_ip, a->nat_dst_ip, a->dst_port,
1814 a->nat_dst_port, a->vrf_id, 0);
1818 * @brief Generate NAT64 session create and delete events
1820 * @param src_ip source IPv6 address
1821 * @param nat_src_ip transaltes source IPv4 address
1822 * @param proto L4 protocol
1823 * @param src_port source port
1824 * @param nat_src_port translated source port
1825 * @param dst_ip destination IPv6 address
1826 * @param nat_dst_ip destination IPv4 address
1827 * @param dst_port destination port
1828 * @param nat_dst_port translated destination port
1829 * @param vrf_id VRF ID
1830 * @param is_create non-zero value if create event otherwise delete event
1833 nat_ipfix_logging_nat64_session (ip6_address_t * src_ip,
1834 ip4_address_t * nat_src_ip, u8 proto,
1835 u16 src_port, u16 nat_src_port,
1836 ip6_address_t * dst_ip,
1837 ip4_address_t * nat_dst_ip, u16 dst_port,
1838 u16 nat_dst_port, u32 vrf_id, u8 is_create)
1840 nat_ipfix_logging_nat64_ses_args_t a;
1842 skip_if_disabled ();
1844 a.src_ip[0] = src_ip->as_u64[0];
1845 a.src_ip[1] = src_ip->as_u64[1];
1846 a.nat_src_ip = nat_src_ip->as_u32;
1848 a.src_port = src_port;
1849 a.nat_src_port = nat_src_port;
1850 a.dst_ip[0] = dst_ip->as_u64[0];
1851 a.dst_ip[1] = dst_ip->as_u64[1];
1852 a.nat_dst_ip = nat_dst_ip->as_u32;
1853 a.dst_port = dst_port;
1854 a.nat_dst_port = nat_dst_port;
1856 a.nat_event = is_create ? NAT64_SESSION_CREATE : NAT64_SESSION_DELETE;
1858 vl_api_rpc_call_main_thread (nat_ipfix_logging_nat64_ses_rpc_cb,
1859 (u8 *) & a, sizeof (a));
1863 nat_data_callback_nat64_session (flow_report_main_t * frm,
1866 u32 * to_next, u32 node_index)
1868 nat_ipfix_logging_nat64_ses (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1);
1873 * @brief Enable/disable NAT plugin IPFIX logging
1875 * @param enable 1 if enable, 0 if disable
1876 * @param domain_id observation domain ID
1877 * @param src_port source port number
1879 * @returns 0 if success
1882 snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
1884 snat_main_t *sm = &snat_main;
1885 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
1886 flow_report_main_t *frm = &flow_report_main;
1887 vnet_flow_report_add_del_args_t a;
1889 u8 e = enable ? 1 : 0;
1891 if (silm->enabled == e)
1896 clib_memset (&a, 0, sizeof (a));
1898 a.domain_id = domain_id ? domain_id : 1;
1899 a.src_port = src_port ? src_port : UDP_DST_PORT_ipfix;
1901 if (sm->deterministic)
1903 a.rewrite_callback = snat_template_rewrite_max_entries_per_usr;
1904 a.flow_data_callback = snat_data_callback_max_entries_per_usr;
1906 rv = vnet_flow_report_add_del (frm, &a, NULL);
1909 nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
1915 a.rewrite_callback = snat_template_rewrite_nat44_session;
1916 a.flow_data_callback = snat_data_callback_nat44_session;
1918 rv = vnet_flow_report_add_del (frm, &a, NULL);
1921 nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
1925 a.rewrite_callback = snat_template_rewrite_addr_exhausted;
1926 a.flow_data_callback = snat_data_callback_addr_exhausted;
1928 rv = vnet_flow_report_add_del (frm, &a, NULL);
1931 nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
1935 a.rewrite_callback = nat_template_rewrite_max_sessions;
1936 a.flow_data_callback = nat_data_callback_max_sessions;
1938 rv = vnet_flow_report_add_del (frm, &a, NULL);
1941 nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
1945 a.rewrite_callback = nat_template_rewrite_max_bibs;
1946 a.flow_data_callback = nat_data_callback_max_bibs;
1948 rv = vnet_flow_report_add_del (frm, &a, NULL);
1951 nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
1955 a.rewrite_callback = nat_template_rewrite_max_frags_ip4;
1956 a.flow_data_callback = nat_data_callback_max_frags_ip4;
1958 rv = vnet_flow_report_add_del (frm, &a, NULL);
1961 nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
1965 a.rewrite_callback = nat_template_rewrite_max_frags_ip6;
1966 a.flow_data_callback = nat_data_callback_max_frags_ip6;
1968 rv = vnet_flow_report_add_del (frm, &a, NULL);
1971 nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
1975 a.rewrite_callback = nat_template_rewrite_nat64_bib;
1976 a.flow_data_callback = nat_data_callback_nat64_bib;
1978 rv = vnet_flow_report_add_del (frm, &a, NULL);
1981 nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
1985 a.rewrite_callback = nat_template_rewrite_nat64_session;
1986 a.flow_data_callback = nat_data_callback_nat64_session;
1988 rv = vnet_flow_report_add_del (frm, &a, NULL);
1991 nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
1995 if (sm->endpoint_dependent)
1997 a.rewrite_callback = snat_template_rewrite_max_entries_per_usr;
1998 a.flow_data_callback = snat_data_callback_max_entries_per_usr;
2000 rv = vnet_flow_report_add_del (frm, &a, NULL);
2003 nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
2013 * @brief Initialize NAT plugin IPFIX logging
2015 * @param vm vlib main
2018 snat_ipfix_logging_init (vlib_main_t * vm)
2020 snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
2024 /* Set up time reference pair */
2025 silm->vlib_time_0 = vlib_time_now (vm);
2026 silm->milisecond_time_0 = unix_time_now_nsec () * 1e-6;
Code Review / vpp.git / blob