snat_interface_t *i;
vlib_thread_main_t *tm = vlib_get_thread_main ();
+ if (!sm->enabled)
+ {
+ return VNET_API_ERROR_UNSUPPORTED;
+ }
+
/* Check if address already exists */
vec_foreach (ap, twice_nat ? sm->twice_nat_addresses : sm->addresses)
{
u32 fib_index = ~0;
int rv;
+ if (!sm->enabled)
+ {
+ return VNET_API_ERROR_UNSUPPORTED;
+ }
+
rv = nat44_ed_validate_sm_input (flags);
if (rv != 0)
{
u32 fib_index = ~0;
int rv;
+ if (!sm->enabled)
+ {
+ return VNET_API_ERROR_UNSUPPORTED;
+ }
+
rv = nat44_ed_validate_sm_input (flags);
if (rv != 0)
{
int i;
+ if (!sm->enabled)
+ {
+ return VNET_API_ERROR_UNSUPPORTED;
+ }
+
init_nat_k (&kv, e_addr, e_port, 0, proto);
if (clib_bihash_search_8_8 (&sm->static_mapping_by_external, &kv, &value))
m = 0;
snat_session_t *s;
int i;
+ if (!sm->enabled)
+ {
+ return VNET_API_ERROR_UNSUPPORTED;
+ }
+
init_nat_k (&kv, e_addr, e_port, 0, proto);
if (clib_bihash_search_8_8 (&sm->static_mapping_by_external, &kv, &value))
m = 0;
uword *bitmap = 0;
int i;
+ if (!sm->enabled)
+ {
+ return VNET_API_ERROR_UNSUPPORTED;
+ }
+
init_nat_k (&kv, e_addr, e_port, 0, proto);
if (!clib_bihash_search_8_8 (&sm->static_mapping_by_external, &kv, &value))
m = pool_elt_at_index (sm->static_mappings, value.value);
snat_main_per_thread_data_t *tsm;
snat_static_mapping_t *m;
snat_interface_t *interface;
+ snat_address_t *addresses;
int i;
- snat_address_t *addresses =
- twice_nat ? sm->twice_nat_addresses : sm->addresses;
+
+ if (!sm->enabled)
+ {
+ return VNET_API_ERROR_UNSUPPORTED;
+ }
+
+ addresses = twice_nat ? sm->twice_nat_addresses : sm->addresses;
/* Find SNAT address */
for (i = 0; i < vec_len (addresses); i++)
sm->forwarding_enabled = is_enable != 0;
- if (is_enable)
- return;
+ if (!sm->enabled || is_enable)
+ {
+ return;
+ }
vec_foreach (tsm, sm->per_thread_data)
{
}
}
-int
-nat_set_outside_address_and_port (snat_address_t *addresses, u32 thread_index,
- ip4_address_t addr, u16 port,
- nat_protocol_t protocol)
-{
- snat_main_t *sm = &snat_main;
- snat_address_t *a = 0;
- u32 address_index;
- u16 port_host_byte_order = clib_net_to_host_u16 (port);
-
- for (address_index = 0; address_index < vec_len (addresses);
- address_index++)
- {
- if (addresses[address_index].addr.as_u32 != addr.as_u32)
- continue;
-
- a = addresses + address_index;
- switch (protocol)
- {
-#define _(N, j, n, s) \
- case NAT_PROTOCOL_##N: \
- if (a->busy_##n##_port_refcounts[port_host_byte_order]) \
- return VNET_API_ERROR_INSTANCE_IN_USE; \
- ++a->busy_##n##_port_refcounts[port_host_byte_order]; \
- a->busy_##n##_ports_per_thread[thread_index]++; \
- a->busy_##n##_ports++; \
- return 0;
- foreach_nat_protocol
-#undef _
- default : nat_elog_info (sm, "unknown protocol");
- return 1;
- }
- }
-
- return VNET_API_ERROR_NO_SUCH_ENTRY;
-}
-
int
snat_static_mapping_match (vlib_main_t *vm, snat_main_t *sm,
ip4_address_t match_addr, u16 match_port,
snat_static_map_resolve_t *rp;
u32 *indices_to_delete = 0;
int i, j;
- u32 *auto_add_sw_if_indices =
- twice_nat ? sm->
- auto_add_sw_if_indices_twice_nat : sm->auto_add_sw_if_indices;
+ u32 *auto_add_sw_if_indices;
+
+ if (!sm->enabled)
+ {
+ return VNET_API_ERROR_UNSUPPORTED;
+ }
+
+ auto_add_sw_if_indices = twice_nat ? sm->auto_add_sw_if_indices_twice_nat :
+ sm->auto_add_sw_if_indices;
- first_int_addr = ip4_interface_first_address (ip4_main, sw_if_index, 0 /* just want the address */
- );
+ first_int_addr = ip4_interface_first_address (ip4_main, sw_if_index, 0);
for (i = 0; i < vec_len (auto_add_sw_if_indices); i++)
{
}
int
-nat44_del_ed_session (snat_main_t * sm, ip4_address_t * addr, u16 port,
- ip4_address_t * eh_addr, u16 eh_port, u8 proto,
+nat44_ed_del_session (snat_main_t *sm, ip4_address_t *addr, u16 port,
+ ip4_address_t *eh_addr, u16 eh_port, u8 proto,
u32 vrf_id, int is_in)
{
ip4_header_t ip;
clib_bihash_kv_16_8_t kv, value;
- u32 fib_index = fib_table_find (FIB_PROTOCOL_IP4, vrf_id);
+ u32 fib_index;
snat_session_t *s;
snat_main_per_thread_data_t *tsm;
+ if (!sm->enabled)
+ {
+ return VNET_API_ERROR_UNSUPPORTED;
+ }
+
+ fib_index = fib_table_find (FIB_PROTOCOL_IP4, vrf_id);
ip.dst_address.as_u32 = ip.src_address.as_u32 = addr->as_u32;
if (sm->num_workers > 1)
tsm = vec_elt_at_index (
*
* @return 0 on success, non-zero value otherwise
*/
-int nat44_del_ed_session (snat_main_t * sm, ip4_address_t * addr, u16 port,
- ip4_address_t * eh_addr, u16 eh_port, u8 proto,
+int nat44_ed_del_session (snat_main_t *sm, ip4_address_t *addr, u16 port,
+ ip4_address_t *eh_addr, u16 eh_port, u8 proto,
u32 vrf_id, int is_in);
/**
void snat_add_del_addr_to_fib (ip4_address_t * addr,
u8 p_len, u32 sw_if_index, int is_add);
-int nat_set_outside_address_and_port (snat_address_t *addresses,
- u32 thread_index, ip4_address_t addr,
- u16 port, nat_protocol_t protocol);
-
/*
* Why is this here? Because we don't need to touch this layer to
* simply reply to an icmp. We need to change id to a unique
Code Review / vpp.git / commitdiff