#include <vnet/ip/ip.h>
#include <vnet/ip/ip4.h>
#include <vnet/plugin/plugin.h>
-#include <snat/snat.h>
-#include <snat/snat_ipfix_logging.h>
-#include <snat/snat_det.h>
-#include <snat/nat64.h>
+#include <nat/nat.h>
+#include <nat/nat_ipfix_logging.h>
+#include <nat/nat_det.h>
+#include <nat/nat64.h>
#include <vnet/fib/fib_table.h>
#include <vnet/fib/ip4_fib.h>
/* Hook up input features */
VNET_FEATURE_INIT (ip4_snat_in2out, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-in2out",
- .runs_before = VNET_FEATURES ("snat-out2in"),
+ .node_name = "nat44-in2out",
+ .runs_before = VNET_FEATURES ("nat44-out2in"),
};
VNET_FEATURE_INIT (ip4_snat_out2in, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-out2in",
+ .node_name = "nat44-out2in",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
VNET_FEATURE_INIT (ip4_snat_det_in2out, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-det-in2out",
- .runs_before = VNET_FEATURES ("snat-det-out2in"),
+ .node_name = "nat44-det-in2out",
+ .runs_before = VNET_FEATURES ("nat44-det-out2in"),
};
VNET_FEATURE_INIT (ip4_snat_det_out2in, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-det-out2in",
+ .node_name = "nat44-det-out2in",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
VNET_FEATURE_INIT (ip4_snat_in2out_worker_handoff, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-in2out-worker-handoff",
- .runs_before = VNET_FEATURES ("snat-out2in-worker-handoff"),
+ .node_name = "nat44-in2out-worker-handoff",
+ .runs_before = VNET_FEATURES ("nat44-out2in-worker-handoff"),
};
VNET_FEATURE_INIT (ip4_snat_out2in_worker_handoff, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-out2in-worker-handoff",
+ .node_name = "nat44-out2in-worker-handoff",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
VNET_FEATURE_INIT (ip4_snat_in2out_fast, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-in2out-fast",
- .runs_before = VNET_FEATURES ("snat-out2in-fast"),
+ .node_name = "nat44-in2out-fast",
+ .runs_before = VNET_FEATURES ("nat44-out2in-fast"),
};
VNET_FEATURE_INIT (ip4_snat_out2in_fast, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-out2in-fast",
+ .node_name = "nat44-out2in-fast",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
VNET_FEATURE_INIT (ip4_snat_hairpin_dst, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-hairpin-dst",
+ .node_name = "nat44-hairpin-dst",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
/* Hook up output features */
VNET_FEATURE_INIT (ip4_snat_in2out_output, static) = {
.arc_name = "ip4-output",
- .node_name = "snat-in2out-output",
+ .node_name = "nat44-in2out-output",
.runs_before = VNET_FEATURES ("interface-output"),
};
VNET_FEATURE_INIT (ip4_snat_in2out_output_worker_handoff, static) = {
.arc_name = "ip4-output",
- .node_name = "snat-in2out-output-worker-handoff",
+ .node_name = "nat44-in2out-output-worker-handoff",
.runs_before = VNET_FEATURES ("interface-output"),
};
VNET_FEATURE_INIT (ip4_snat_hairpin_src, static) = {
.arc_name = "ip4-output",
- .node_name = "snat-hairpin-src",
+ .node_name = "nat44-hairpin-src",
.runs_before = VNET_FEATURES ("interface-output"),
};
void increment_v4_address (ip4_address_t * a)
{
u32 v;
-
+
v = clib_net_to_host_u32(a->as_u32) + 1;
a->as_u32 = clib_host_to_net_u32(v);
}
-static void
-snat_add_static_mapping_when_resolved (snat_main_t * sm,
- ip4_address_t l_addr,
- u16 l_port,
- u32 sw_if_index,
- u16 e_port,
+static void
+snat_add_static_mapping_when_resolved (snat_main_t * sm,
+ ip4_address_t l_addr,
+ u16 l_port,
+ u32 sw_if_index,
+ u16 e_port,
u32 vrf_id,
snat_protocol_t proto,
- int addr_only,
+ int addr_only,
int is_add)
{
snat_static_map_resolve_t *rp;
ip4_address_t * first_int_addr;
/* Might be already set... */
- first_int_addr = ip4_interface_first_address
+ first_int_addr = ip4_interface_first_address
(sm->ip4_main, sw_if_index, 0 /* just want the address*/);
/* DHCP resolution required? */
if (first_int_addr == 0)
{
- snat_add_static_mapping_when_resolved
+ snat_add_static_mapping_when_resolved
(sm, l_addr, l_port, sw_if_index, e_port, vrf_id, proto,
addr_only, is_add);
return 0;
snat_det_map_t * dm;
if (sm->static_mapping_only && !(sm->static_mapping_connection_tracking))
- feature_name = is_inside ? "snat-in2out-fast" : "snat-out2in-fast";
+ feature_name = is_inside ? "nat44-in2out-fast" : "nat44-out2in-fast";
else
{
if (sm->num_workers > 1 && !sm->deterministic)
- feature_name = is_inside ? "snat-in2out-worker-handoff" : "snat-out2in-worker-handoff";
+ feature_name = is_inside ? "nat44-in2out-worker-handoff" : "nat44-out2in-worker-handoff";
else if (sm->deterministic)
- feature_name = is_inside ? "snat-det-in2out" : "snat-det-out2in";
+ feature_name = is_inside ? "nat44-det-in2out" : "nat44-det-out2in";
else
- feature_name = is_inside ? "snat-in2out" : "snat-out2in";
+ feature_name = is_inside ? "nat44-in2out" : "nat44-out2in";
}
vnet_feature_enable_disable ("ip4-unicast", feature_name, sw_if_index,
if (is_inside)
{
- vnet_feature_enable_disable ("ip4-unicast", "snat-hairpin-dst",
+ vnet_feature_enable_disable ("ip4-unicast", "nat44-hairpin-dst",
sw_if_index, !is_del, 0, 0);
- vnet_feature_enable_disable ("ip4-output", "snat-hairpin-src",
+ vnet_feature_enable_disable ("ip4-output", "nat44-hairpin-src",
sw_if_index, !is_del, 0, 0);
goto fq;
}
if (sm->num_workers > 1)
{
- vnet_feature_enable_disable ("ip4-unicast", "snat-out2in-worker-handoff",
+ vnet_feature_enable_disable ("ip4-unicast", "nat44-out2in-worker-handoff",
sw_if_index, !is_del, 0, 0);
vnet_feature_enable_disable ("ip4-output",
- "snat-in2out-output-worker-handoff",
+ "nat44-in2out-output-worker-handoff",
sw_if_index, !is_del, 0, 0);
}
else
{
- vnet_feature_enable_disable ("ip4-unicast", "snat-out2in", sw_if_index,
+ vnet_feature_enable_disable ("ip4-unicast", "nat44-out2in", sw_if_index,
!is_del, 0, 0);
- vnet_feature_enable_disable ("ip4-output", "snat-in2out-output",
+ vnet_feature_enable_disable ("ip4-output", "nat44-in2out-output",
sw_if_index, !is_del, 0, 0);
}
VLIB_INIT_FUNCTION (snat_init);
-void snat_free_outside_address_and_port (snat_main_t * sm,
- snat_session_key_t * k,
+void snat_free_outside_address_and_port (snat_main_t * sm,
+ snat_session_key_t * k,
u32 address_index)
{
snat_address_t *a;
u16 port_host_byte_order = clib_net_to_host_u16 (k->port);
-
+
ASSERT (address_index < vec_len (sm->addresses));
a = sm->addresses + address_index;
clib_warning("unknown_protocol");
return;
}
-}
+}
/**
- * @brief Match SNAT static mapping.
+ * @brief Match NAT44 static mapping.
*
- * @param sm SNAT main.
+ * @param sm NAT main.
* @param match Address and port to match.
* @param mapping External or local address and port of the matched mapping.
* @param by_external If 0 match by local address otherwise match by external
start_host_order = clib_host_to_net_u32 (start_addr.as_u32);
end_host_order = clib_host_to_net_u32 (end_addr.as_u32);
-
+
if (end_host_order < start_host_order)
{
error = clib_error_return (0, "end address less than start address");
format_ip4_address, &start_addr,
format_ip4_address, &end_addr,
count);
-
+
this_addr = start_addr;
for (i = 0; i < count; i++)
}
VLIB_CLI_COMMAND (add_address_command, static) = {
- .path = "snat add address",
- .short_help = "snat add addresses <ip4-range-start> [- <ip4-range-end>] "
+ .path = "nat44 add address",
+ .short_help = "nat44 add addresses <ip4-range-start> [- <ip4-range-end>] "
"[tenant-vrf <vrf-id>] [del]",
.function = add_address_command_fn,
};
}
VLIB_CLI_COMMAND (set_interface_snat_command, static) = {
- .path = "set interface snat",
+ .path = "set interface nat44",
.function = snat_feature_command_fn,
- .short_help = "set interface snat in <intfc> out <intfc> [output-feature] "
+ .short_help = "set interface nat44 in <intfc> out <intfc> [output-feature] "
"[del]",
};
* to to the local network host.
* To create static mapping between local host address 10.0.0.3 port 6303 and
* external address 4.4.4.4 port 3606 for TCP protocol use:
- * vpp# snat add static mapping local tcp 10.0.0.3 6303 external 4.4.4.4 3606
- * If not runnig "static mapping only" S-NAT plugin mode use before:
- * vpp# snat add address 4.4.4.4
+ * vpp# nat44 add static mapping local tcp 10.0.0.3 6303 external 4.4.4.4 3606
+ * If not runnig "static mapping only" NAT plugin mode use before:
+ * vpp# nat44 add address 4.4.4.4
* To create static mapping between local and external address use:
- * vpp# snat add static mapping local 10.0.0.3 external 4.4.4.4
+ * vpp# nat44 add static mapping local 10.0.0.3 external 4.4.4.4
* @cliexend
?*/
VLIB_CLI_COMMAND (add_static_mapping_command, static) = {
- .path = "snat add static mapping",
+ .path = "nat44 add static mapping",
.function = add_static_mapping_command_fn,
.short_help =
- "
snat add static mapping local tcp|udp|icmp <addr> [<port>] external <addr> [<port>] [vrf <table-id>] [del]",
+ "
nat44 add static mapping local tcp|udp|icmp <addr> [<port>] external <addr> [<port>] [vrf <table-id>] [del]",
};
static clib_error_t *
/*?
* @cliexpar
* @cliexstart{set snat workers}
- * Set SNAT workers if 2 or more workers available, use:
+ * Set NAT workers if 2 or more workers available, use:
* vpp# set snat workers 0-2,5
* @cliexend
?*/
VLIB_CLI_COMMAND (set_workers_command, static) = {
- .path = "set snat workers",
+ .path = "set nat workers",
.function = set_workers_command_fn,
.short_help =
- "set snat workers <workers-list>",
+ "set nat workers <workers-list>",
};
static clib_error_t *
/*?
* @cliexpar
* @cliexstart{snat ipfix logging}
- * To enable SNAT IPFIX logging use:
- * vpp# snat ipfix logging
+ * To enable NAT IPFIX logging use:
+ * vpp# nat ipfix logging
* To set IPFIX exporter use:
* vpp# set ipfix exporter collector 10.10.10.3 src 10.10.10.1
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_ipfix_logging_enable_disable_command, static) = {
- .path = "snat ipfix logging",
+ .path = "nat ipfix logging",
.function = snat_ipfix_logging_enable_disable_command_fn,
- .short_help = "
snat ipfix logging [domain <domain-id>] [src-port <port>] [disable]",
+ .short_help = "nat ipfix logging [domain <domain-id>] [src-port <port>] [disable]",
};
static u32
return 0;
}
-VLIB_CONFIG_FUNCTION (snat_config, "snat");
+VLIB_CONFIG_FUNCTION (snat_config, "nat");
u8 * format_snat_session_state (u8 * s, va_list * args)
{
if (sm->static_mapping_only)
{
if (sm->static_mapping_connection_tracking)
- vlib_cli_output (vm, "SNAT mode: static mapping only connection "
+ vlib_cli_output (vm, "NAT plugin mode: static mapping only connection "
"tracking");
else
- vlib_cli_output (vm, "SNAT mode: static mapping only");
+ vlib_cli_output (vm, "NAT plugin mode: static mapping only");
}
else if (sm->deterministic)
{
- vlib_cli_output (vm, "SNAT mode: deterministic mapping");
+ vlib_cli_output (vm, "NAT plugin mode: deterministic mapping");
}
else
{
- vlib_cli_output (vm, "SNAT mode: dynamic translations enabled");
+ vlib_cli_output (vm, "NAT plugin mode: dynamic translations enabled");
}
if (verbose > 0)
if (vec_len (sm->auto_add_sw_if_indices))
{
- vlib_cli_output (vm, "SNAT pool addresses interfaces:");
+ vlib_cli_output (vm, "NAT44 pool addresses interfaces:");
vec_foreach (sw_if_index, sm->auto_add_sw_if_indices)
{
vlib_cli_output (vm, "%U", format_vnet_sw_interface_name, vnm,
}
VLIB_CLI_COMMAND (show_snat_command, static) = {
- .path = "show snat",
- .short_help = "show snat",
+ .path = "show nat44",
+ .short_help = "show nat44",
.function = show_snat_command_fn,
};
return 0;
}
}
-
+
if (is_del)
return VNET_API_ERROR_NO_SUCH_ENTRY;
}
VLIB_CLI_COMMAND (snat_add_interface_address_command, static) = {
- .path = "snat add interface address",
- .short_help = "snat add interface address <interface> [del]",
+ .path = "nat44 add interface address",
+ .short_help = "nat44 add interface address <interface> [del]",
.function = snat_add_interface_address_command_fn,
};
* CGN deployments.
* To create deterministic mapping between inside network 10.0.0.0/18 and
* outside network 1.1.1.0/30 use:
- * # vpp# snat deterministic add in 10.0.0.0/18 out 1.1.1.0/30
+ * # vpp# nat44 deterministic add in 10.0.0.0/18 out 1.1.1.0/30
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_map_command, static) = {
- .path = "snat deterministic add",
- .short_help = "
snat deterministic add in <addr>/<plen> out <addr>/<plen> [del]",
+ .path = "nat44 deterministic add",
+ .short_help = "
nat44 deterministic add in <addr>/<plen> out <addr>/<plen> [del]",
.function = snat_det_map_command_fn,
};
* Return outside address and port range from inside address for deterministic
* NAT.
* To obtain outside address and port of inside host use:
- * vpp# snat deterministic forward 10.0.0.2
+ * vpp# nat44 deterministic forward 10.0.0.2
* 1.1.1.0:<1054-1068>
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_forward_command, static) = {
- .path = "snat deterministic forward",
- .short_help = "
snat deterministic forward <addr>",
+ .path = "nat44 deterministic forward",
+ .short_help = "
nat44 deterministic forward <addr>",
.function = snat_det_forward_command_fn,
};
* @cliexstart{snat deterministic reverse}
* Return inside address from outside address and port for deterministic NAT.
* To obtain inside host address from outside address and port use:
- * #vpp snat deterministic reverse 1.1.1.1:1276
+ * #vpp nat44 deterministic reverse 1.1.1.1:1276
* 10.0.16.16
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_reverse_command, static) = {
- .path = "snat deterministic reverse",
- .short_help = "
snat deterministic reverse <addr>:<port>",
+ .path = "nat44 deterministic reverse",
+ .short_help = "
nat44 deterministic reverse <addr>:<port>",
.function = snat_det_reverse_command_fn,
};
* @cliexpar
* @cliexstart{set snat deterministic timeout}
* Set values of timeouts for deterministic NAT (in seconds), use:
- * vpp# set snat deterministic timeout udp 120 tcp-established 7500
+ * vpp# set nat44 deterministic timeout udp 120 tcp-established 7500
* tcp-transitory 250 icmp 90
* To reset default values use:
- * vpp# set snat deterministic timeout reset
+ * vpp# set nat44 deterministic timeout reset
* @cliexend
?*/
VLIB_CLI_COMMAND (set_timeout_command, static) = {
- .path = "set snat deterministic timeout",
+ .path = "set nat44 deterministic timeout",
.function = set_timeout_command_fn,
.short_help =
- "set snat deterministic timeout [udp <sec> | tcp-established <sec> "
+ "set nat44 deterministic timeout [udp <sec> | tcp-established <sec> "
"tcp-transitory <sec> | icmp <sec> | reset]",
};
* @cliexstart{snat deterministic close session out}
* Close session using outside ip address and port
* and external ip address and port, use:
- * vpp# snat deterministic close session out 1.1.1.1:1276 2.2.2.2:2387
+ * vpp# nat44 deterministic close session out 1.1.1.1:1276 2.2.2.2:2387
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_close_sesion_out_command, static) = {
- .path = "snat deterministic close session out",
- .short_help = "snat deterministic close session out "
+ .path = "nat44 deterministic close session out",
+ .short_help = "nat44 deterministic close session out "
"<out_addr>:<out_port> <ext_addr>:<ext_port>",
.function = snat_det_close_session_out_fn,
};
* @cliexstart{snat deterministic close_session_in}
* Close session using inside ip address and port
* and external ip address and port, use:
- * vpp# snat deterministic close session in 3.3.3.3:3487 2.2.2.2:2387
+ * vpp# nat44 deterministic close session in 3.3.3.3:3487 2.2.2.2:2387
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_close_session_in_command, static) = {
- .path = "snat deterministic close session in",
- .short_help = "snat deterministic close session in "
+ .path = "nat44 deterministic close session in",
+ .short_help = "nat44 deterministic close session in "
"<in_addr>:<in_port> <ext_addr>:<ext_port>",
.function = snat_det_close_session_in_fn,
};
Code Review / vpp.git / blobdiff