From b227aa699faabd79d6f3e8c43c0a912086b0c95e Mon Sep 17 00:00:00 2001 From: Filip Varga Date: Mon, 2 Nov 2020 12:11:12 +0100 Subject: [PATCH] nat: api,cli and test update & cleanup Cleanup of print functions in api file, splitting functionality of cleanup callbacks for ED and EI NAT. Updating and fixing API & CLI calls. Type: refactor Change-Id: I7a9dc4c8b1d2ca29db4754be7dfa4f698942127a Signed-off-by: Filip Varga --- src/plugins/nat/CMakeLists.txt | 11 +- src/plugins/nat/nat.c | 543 +++++++-------- src/plugins/nat/nat.h | 71 +- src/plugins/nat/{nat.api => nat44.api} | 56 +- src/plugins/nat/nat44/inlines.h | 73 -- src/plugins/nat/{nat_api.c => nat44_api.c} | 840 ++--------------------- src/plugins/nat/nat44_cli.c | 4 +- src/plugins/nat/nat_all_api_h.h | 24 - src/plugins/nat/nat_msg_enum.h | 31 - src/plugins/nat/nat_test.c | 1017 ---------------------------- 10 files changed, 429 insertions(+), 2241 deletions(-) rename src/plugins/nat/{nat.api => nat44.api} (95%) rename src/plugins/nat/{nat_api.c => nat44_api.c} (66%) delete mode 100644 src/plugins/nat/nat_all_api_h.h delete mode 100644 src/plugins/nat/nat_msg_enum.h delete mode 100644 src/plugins/nat/nat_test.c diff --git a/src/plugins/nat/CMakeLists.txt b/src/plugins/nat/CMakeLists.txt index 47a84cb830b..054ad687f75 100644 --- a/src/plugins/nat/CMakeLists.txt +++ b/src/plugins/nat/CMakeLists.txt @@ -26,7 +26,7 @@ add_vpp_library(nat add_vpp_plugin(nat SOURCES nat.c - nat_api.c + nat44_api.c in2out.c in2out_ed.c out2in.c @@ -51,16 +51,9 @@ add_vpp_plugin(nat out2in_ed.c API_FILES - nat.api + nat44.api nat_types.api - API_TEST_SOURCES - nat_test.c - - INSTALL_HEADERS - nat_all_api_h.h - nat_msg_enum.h - LINK_LIBRARIES nat ) diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c index b60014d085e..39dd1db650a 100644 --- a/src/plugins/nat/nat.c +++ b/src/plugins/nat/nat.c @@ -38,9 +38,6 @@ snat_main_t snat_main; -fib_source_t nat_fib_src_hi; -fib_source_t nat_fib_src_low; - /* *INDENT-OFF* */ /* Hook up input features */ VNET_FEATURE_INIT (nat_pre_in2out, static) = { @@ -200,49 +197,180 @@ snat_get_worker_in2out_cb (ip4_header_t * ip0, u32 rx_fib_index0, static u32 nat_calc_bihash_buckets (u32 n_elts); -u8 *format_static_mapping_kvp (u8 * s, va_list * args); +u8 * +format_session_kvp (u8 * s, va_list * args) +{ + clib_bihash_kv_8_8_t *v = va_arg (*args, clib_bihash_kv_8_8_t *); -u8 *format_ed_session_kvp (u8 * s, va_list * args); + s = format (s, "%U session-index %llu", format_snat_key, v->key, v->value); -void -nat_ha_sadd_cb (ip4_address_t * in_addr, u16 in_port, - ip4_address_t * out_addr, u16 out_port, - ip4_address_t * eh_addr, u16 eh_port, - ip4_address_t * ehn_addr, u16 ehn_port, u8 proto, - u32 fib_index, u16 flags, u32 thread_index); + return s; +} -void -nat_ha_sdel_cb (ip4_address_t * out_addr, u16 out_port, - ip4_address_t * eh_addr, u16 eh_port, u8 proto, u32 fib_index, - u32 ti); +u8 * +format_static_mapping_kvp (u8 * s, va_list * args) +{ + clib_bihash_kv_8_8_t *v = va_arg (*args, clib_bihash_kv_8_8_t *); -void -nat_ha_sref_cb (ip4_address_t * out_addr, u16 out_port, - ip4_address_t * eh_addr, u16 eh_port, u8 proto, u32 fib_index, - u32 total_pkts, u64 total_bytes, u32 thread_index); + s = format (s, "%U static-mapping-index %llu", + format_snat_key, v->key, v->value); -void -nat_ha_sadd_ed_cb (ip4_address_t * in_addr, u16 in_port, - ip4_address_t * out_addr, u16 out_port, - ip4_address_t * eh_addr, u16 eh_port, - ip4_address_t * ehn_addr, u16 ehn_port, u8 proto, - u32 fib_index, u16 flags, u32 thread_index); + return s; +} -void -nat_ha_sdel_ed_cb (ip4_address_t * out_addr, u16 out_port, - ip4_address_t * eh_addr, u16 eh_port, u8 proto, - u32 fib_index, u32 ti); +u8 * +format_user_kvp (u8 * s, va_list * args) +{ + clib_bihash_kv_8_8_t *v = va_arg (*args, clib_bihash_kv_8_8_t *); + snat_user_key_t k; -void -nat_ha_sdel_ed_cb (ip4_address_t * out_addr, u16 out_port, - ip4_address_t * eh_addr, u16 eh_port, u8 proto, - u32 fib_index, u32 ti); + k.as_u64 = v->key; + + s = format (s, "%U fib %d user-index %llu", format_ip4_address, &k.addr, + k.fib_index, v->value); + + return s; +} + +u8 * +format_ed_session_kvp (u8 * s, va_list * args) +{ + clib_bihash_kv_16_8_t *v = va_arg (*args, clib_bihash_kv_16_8_t *); + + u8 proto; + u16 r_port, l_port; + ip4_address_t l_addr, r_addr; + u32 fib_index; + + split_ed_kv (v, &l_addr, &r_addr, &proto, &fib_index, &l_port, &r_port); + s = + format (s, + "local %U:%d remote %U:%d proto %U fib %d thread-index %u session-index %u", + format_ip4_address, &l_addr, clib_net_to_host_u16 (l_port), + format_ip4_address, &r_addr, clib_net_to_host_u16 (r_port), + format_ip_protocol, proto, fib_index, + ed_value_get_session_index (v), ed_value_get_thread_index (v)); + + return s; +} void -nat_ha_sref_ed_cb (ip4_address_t * out_addr, u16 out_port, - ip4_address_t * eh_addr, u16 eh_port, u8 proto, - u32 fib_index, u32 total_pkts, u64 total_bytes, - u32 thread_index); +nat44_ei_free_session_data (snat_main_t * sm, snat_session_t * s, + u32 thread_index, u8 is_ha) +{ + clib_bihash_kv_8_8_t kv; + + snat_main_per_thread_data_t *tsm = + vec_elt_at_index (sm->per_thread_data, thread_index); + + init_nat_i2o_k (&kv, s); + if (clib_bihash_add_del_8_8 (&tsm->in2out, &kv, 0)) + nat_elog_warn ("in2out key del failed"); + + init_nat_o2i_k (&kv, s); + if (clib_bihash_add_del_8_8 (&tsm->out2in, &kv, 0)) + nat_elog_warn ("out2in key del failed"); + + if (!is_ha) + { + nat_syslog_nat44_apmdel (s->user_index, s->in2out.fib_index, + &s->in2out.addr, s->in2out.port, + &s->out2in.addr, s->out2in.port, s->nat_proto); + + nat_ipfix_logging_nat44_ses_delete (thread_index, + s->in2out.addr.as_u32, + s->out2in.addr.as_u32, + s->nat_proto, + s->in2out.port, + s->out2in.port, + s->in2out.fib_index); + + nat_ha_sdel (&s->out2in.addr, s->out2in.port, &s->ext_host_addr, + s->ext_host_port, s->nat_proto, s->out2in.fib_index, + thread_index); + + } + + if (snat_is_session_static (s)) + return; + + snat_free_outside_address_and_port (sm->addresses, thread_index, + &s->out2in.addr, s->out2in.port, + s->nat_proto); +} + +static_always_inline void +nat44_ei_user_del_sessions (snat_user_t * u, u32 thread_index) +{ + dlist_elt_t *elt; + snat_session_t *s; + + snat_main_t *sm = &snat_main; + snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index]; + + // get head + elt = pool_elt_at_index (tsm->list_pool, + u->sessions_per_user_list_head_index); + // get first element + elt = pool_elt_at_index (tsm->list_pool, elt->next); + + while (elt->value != ~0) + { + s = pool_elt_at_index (tsm->sessions, elt->value); + elt = pool_elt_at_index (tsm->list_pool, elt->next); + + nat44_ei_free_session_data (sm, s, thread_index, 0); + nat44_delete_session (sm, s, thread_index); + } +} + +int +nat44_ei_user_del (ip4_address_t * addr, u32 fib_index) +{ + int rv = 1; + + snat_main_t *sm = &snat_main; + snat_main_per_thread_data_t *tsm; + + snat_user_key_t user_key; + clib_bihash_kv_8_8_t kv, value; + + if (sm->endpoint_dependent) + return rv; + + user_key.addr.as_u32 = addr->as_u32; + user_key.fib_index = fib_index; + kv.key = user_key.as_u64; + + if (sm->num_workers > 1) + { + /* *INDENT-OFF* */ + vec_foreach (tsm, sm->per_thread_data) + { + if (!clib_bihash_search_8_8 (&tsm->user_hash, &kv, &value)) + { + nat44_ei_user_del_sessions ( + pool_elt_at_index (tsm->users, value.value), + tsm->thread_index); + rv = 0; + break; + } + } + /* *INDENT-ON* */ + } + else + { + tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers); + if (!clib_bihash_search_8_8 (&tsm->user_hash, &kv, &value)) + { + nat44_ei_user_del_sessions (pool_elt_at_index + (tsm->users, value.value), + tsm->thread_index); + rv = 0; + } + } + return rv; +} void nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index, @@ -382,129 +510,6 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index, s->nat_proto); } -void -nat44_free_session_data (snat_main_t * sm, snat_session_t * s, - u32 thread_index, u8 is_ha) -{ - u8 proto; - u16 r_port, l_port; - ip4_address_t *l_addr, *r_addr; - u32 fib_index; - clib_bihash_kv_16_8_t ed_kv; - snat_main_per_thread_data_t *tsm = - vec_elt_at_index (sm->per_thread_data, thread_index); - - if (is_fwd_bypass_session (s)) - { - if (snat_is_unk_proto_session (s)) - { - proto = s->in2out.port; - r_port = 0; - l_port = 0; - } - else - { - proto = nat_proto_to_ip_proto (s->nat_proto); - l_port = s->in2out.port; - r_port = s->ext_host_port; - } - - l_addr = &s->in2out.addr; - r_addr = &s->ext_host_addr; - fib_index = 0; - init_ed_k (&ed_kv, *l_addr, l_port, *r_addr, r_port, fib_index, proto); - - if (PREDICT_FALSE - (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &ed_kv, 0))) - nat_elog_warn ("in2out_ed key del failed"); - return; - } - - /* session lookup tables */ - if (is_affinity_sessions (s)) - nat_affinity_unlock (s->ext_host_addr, s->out2in.addr, - s->nat_proto, s->out2in.port); - l_addr = &s->out2in.addr; - r_addr = &s->ext_host_addr; - fib_index = s->out2in.fib_index; - if (snat_is_unk_proto_session (s)) - { - proto = s->in2out.port; - r_port = 0; - l_port = 0; - } - else - { - proto = nat_proto_to_ip_proto (s->nat_proto); - l_port = s->out2in.port; - r_port = s->ext_host_port; - } - init_ed_k (&ed_kv, *l_addr, l_port, *r_addr, r_port, fib_index, proto); - - if (PREDICT_FALSE (clib_bihash_add_del_16_8 (&sm->out2in_ed, &ed_kv, 0))) - nat_elog_warn ("out2in_ed key del failed"); - - l_addr = &s->in2out.addr; - fib_index = s->in2out.fib_index; - - if (!snat_is_unk_proto_session (s)) - l_port = s->in2out.port; - - if (is_twice_nat_session (s)) - { - r_addr = &s->ext_host_nat_addr; - r_port = s->ext_host_nat_port; - } - init_ed_k (&ed_kv, *l_addr, l_port, *r_addr, r_port, fib_index, proto); - - if (PREDICT_FALSE (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &ed_kv, 0))) - nat_elog_warn ("in2out_ed key del failed"); - - if (!is_ha) - { - nat_syslog_nat44_sdel (s->user_index, s->in2out.fib_index, - &s->in2out.addr, s->in2out.port, - &s->ext_host_nat_addr, s->ext_host_nat_port, - &s->out2in.addr, s->out2in.port, - &s->ext_host_addr, s->ext_host_port, - s->nat_proto, is_twice_nat_session (s)); - } - - if (snat_is_unk_proto_session (s)) - return; - - if (!is_ha) - { - nat_ipfix_logging_nat44_ses_delete (thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, - s->in2out.fib_index); - nat_ha_sdel (&s->out2in.addr, s->out2in.port, &s->ext_host_addr, - s->ext_host_port, s->nat_proto, s->out2in.fib_index, - thread_index); - } - - /* Twice NAT address and port for external host */ - if (is_twice_nat_session (s)) - { - snat_free_outside_address_and_port (sm->twice_nat_addresses, - thread_index, - &s->ext_host_nat_addr, - s->ext_host_nat_port, s->nat_proto); - } - - if (snat_is_session_static (s)) - return; - - snat_free_outside_address_and_port (sm->addresses, thread_index, - &s->out2in.addr, s->out2in.port, - s->nat_proto); -} - - snat_user_t * nat_user_get_or_create (snat_main_t * sm, ip4_address_t * addr, u32 fib_index, u32 thread_index) @@ -564,6 +569,7 @@ nat_user_get_or_create (snat_main_t * sm, ip4_address_t * addr, u32 fib_index, return u; } +// only NAT EI snat_session_t * nat_session_alloc_or_recycle (snat_main_t * sm, snat_user_t * u, u32 thread_index, f64 now) @@ -597,6 +603,8 @@ nat_session_alloc_or_recycle (snat_main_t * sm, snat_user_t * u, /* Get the session */ s = pool_elt_at_index (tsm->sessions, session_index); + + // TODO: ONLY EI version should be called nat_free_session_data (sm, s, thread_index, 0); if (snat_is_session_static (s)) u->nstaticsessions--; @@ -643,6 +651,7 @@ void snat_add_del_addr_to_fib (ip4_address_t * addr, u8 p_len, u32 sw_if_index, int is_add) { + snat_main_t *sm = &snat_main; fib_prefix_t prefix = { .fp_len = p_len, .fp_proto = FIB_PROTOCOL_IP4, @@ -655,7 +664,7 @@ snat_add_del_addr_to_fib (ip4_address_t * addr, u8 p_len, u32 sw_if_index, if (is_add) fib_table_entry_update_one_path (fib_index, &prefix, - nat_fib_src_low, + sm->fib_src_low, (FIB_ENTRY_FLAG_CONNECTED | FIB_ENTRY_FLAG_LOCAL | FIB_ENTRY_FLAG_EXCLUSIVE), @@ -664,7 +673,7 @@ snat_add_del_addr_to_fib (ip4_address_t * addr, u8 p_len, u32 sw_if_index, sw_if_index, ~0, 1, NULL, FIB_ROUTE_PATH_FLAG_NONE); else - fib_table_entry_delete (fib_index, &prefix, nat_fib_src_low); + fib_table_entry_delete (fib_index, &prefix, sm->fib_src_low); } int @@ -702,7 +711,7 @@ snat_add_address (snat_main_t * sm, ip4_address_t * addr, u32 vrf_id, if (vrf_id != ~0) ap->fib_index = fib_table_find_or_create_and_lock (FIB_PROTOCOL_IP4, vrf_id, - nat_fib_src_low); + sm->fib_src_low); else ap->fib_index = ~0; @@ -808,10 +817,10 @@ get_thread_idx_by_port (u16 e_port) } void -snat_static_mapping_del_sessions (snat_main_t * sm, - snat_main_per_thread_data_t * tsm, - snat_user_key_t u_key, int addr_only, - ip4_address_t e_addr, u16 e_port) +nat_ei_static_mapping_del_sessions (snat_main_t * sm, + snat_main_per_thread_data_t * tsm, + snat_user_key_t u_key, int addr_only, + ip4_address_t e_addr, u16 e_port) { clib_bihash_kv_8_8_t kv, value; kv.key = u_key.as_u64; @@ -820,6 +829,7 @@ snat_static_mapping_del_sessions (snat_main_t * sm, snat_user_t *u; snat_session_t *s; u32 elt_index, head_index, ses_index; + if (!clib_bihash_search_8_8 (&tsm->user_hash, &kv, &value)) { user_index = value.value; @@ -861,13 +871,13 @@ snat_static_mapping_del_sessions (snat_main_t * sm, } void -snat_ed_static_mapping_del_sessions (snat_main_t * sm, - snat_main_per_thread_data_t * tsm, - ip4_address_t l_addr, - u16 l_port, - u8 protocol, - u32 fib_index, int addr_only, - ip4_address_t e_addr, u16 e_port) +nat_ed_static_mapping_del_sessions (snat_main_t * sm, + snat_main_per_thread_data_t * tsm, + ip4_address_t l_addr, + u16 l_port, + u8 protocol, + u32 fib_index, int addr_only, + ip4_address_t e_addr, u16 e_port) { snat_session_t *s; u32 *indexes_to_free = NULL; @@ -935,7 +945,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, if (!sm->endpoint_dependent) { if (twice_nat || out2in_only) - return VNET_API_ERROR_FEATURE_DISABLED; + return VNET_API_ERROR_UNSUPPORTED; } /* If the external address is a specific interface address */ @@ -1031,7 +1041,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, local->vrf_id = vrf_id; local->fib_index = fib_table_find_or_create_and_lock (FIB_PROTOCOL_IP4, vrf_id, - nat_fib_src_low); + sm->fib_src_low); init_nat_kv (&kv, m->local_addr, m->local_port, local->fib_index, m->proto, m - sm->static_mappings); @@ -1049,13 +1059,13 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, if (vrf_id != ~0) fib_index = fib_table_find_or_create_and_lock (FIB_PROTOCOL_IP4, vrf_id, - nat_fib_src_low); + sm->fib_src_low); /* If not specified use inside VRF id from SNAT plugin startup config */ else { fib_index = sm->inside_fib_index; vrf_id = sm->inside_vrf_id; - fib_table_lock (fib_index, FIB_PROTOCOL_IP4, nat_fib_src_low); + fib_table_lock (fib_index, FIB_PROTOCOL_IP4, sm->fib_src_low); } if (!(out2in_only || identity_nat)) @@ -1180,6 +1190,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, clib_bihash_add_del_8_8 (&sm->static_mapping_by_external, &kv, 1); /* Delete dynamic sessions matching local address (+ local port) */ + // TODO: based on type of NAT EI/ED if (!(sm->static_mapping_only)) { u_key.addr = m->local_addr; @@ -1296,22 +1307,22 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, { if (sm->endpoint_dependent) { - snat_ed_static_mapping_del_sessions (sm, tsm, m->local_addr, - m->local_port, m->proto, - fib_index, addr_only, - e_addr, e_port); + nat_ed_static_mapping_del_sessions (sm, tsm, m->local_addr, + m->local_port, m->proto, + fib_index, addr_only, + e_addr, e_port); } else { u_key.addr = m->local_addr; u_key.fib_index = fib_index; kv.key = u_key.as_u64; - snat_static_mapping_del_sessions (sm, tsm, u_key, addr_only, - e_addr, e_port); + nat_ei_static_mapping_del_sessions (sm, tsm, u_key, addr_only, + e_addr, e_port); } } - fib_table_unlock (fib_index, FIB_PROTOCOL_IP4, nat_fib_src_low); + fib_table_unlock (fib_index, FIB_PROTOCOL_IP4, sm->fib_src_low); if (pool_elts (m->locals)) return 0; @@ -1452,7 +1463,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, locals[i].fib_index = fib_table_find_or_create_and_lock (FIB_PROTOCOL_IP4, locals[i].vrf_id, - nat_fib_src_low); + sm->fib_src_low); if (!out2in_only) { init_nat_kv (&kv, locals[i].addr, locals[i].port, @@ -1536,7 +1547,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, pool_foreach (local, m->locals, ({ fib_table_unlock (local->fib_index, FIB_PROTOCOL_IP4, - nat_fib_src_low); + sm->fib_src_low); if (!out2in_only) { init_nat_k(& kv, local->addr, local->port, local->fib_index, m->proto); @@ -1638,7 +1649,7 @@ nat44_lb_static_mapping_add_del_local (ip4_address_t e_addr, u16 e_port, local->vrf_id = vrf_id; local->fib_index = fib_table_find_or_create_and_lock (FIB_PROTOCOL_IP4, vrf_id, - nat_fib_src_low); + sm->fib_src_low); if (!is_out2in_only_static_mapping (m)) { @@ -1657,7 +1668,7 @@ nat44_lb_static_mapping_add_del_local (ip4_address_t e_addr, u16 e_port, return VNET_API_ERROR_UNSPECIFIED; fib_table_unlock (match_local->fib_index, FIB_PROTOCOL_IP4, - nat_fib_src_low); + sm->fib_src_low); if (!is_out2in_only_static_mapping (m)) { @@ -1795,39 +1806,42 @@ snat_del_address (snat_main_t * sm, ip4_address_t addr, u8 delete_sm, } if (a->fib_index != ~0) - fib_table_unlock (a->fib_index, FIB_PROTOCOL_IP4, nat_fib_src_low); + fib_table_unlock (a->fib_index, FIB_PROTOCOL_IP4, sm->fib_src_low); /* Delete sessions using address */ if (a->busy_tcp_ports || a->busy_udp_ports || a->busy_icmp_ports) { - /* *INDENT-OFF* */ vec_foreach (tsm, sm->per_thread_data) - { - pool_foreach (ses, tsm->sessions, ({ - if (ses->out2in.addr.as_u32 == addr.as_u32) - { - nat_free_session_data (sm, ses, tsm - sm->per_thread_data, 0); - vec_add1 (ses_to_be_removed, ses - tsm->sessions); - } - })); + { + /* *INDENT-OFF* */ + pool_foreach (ses, tsm->sessions, ({ + if (ses->out2in.addr.as_u32 == addr.as_u32) + { + nat_free_session_data (sm, ses, tsm - sm->per_thread_data, 0); + vec_add1 (ses_to_be_removed, ses - tsm->sessions); + } + })); + /* *INDENT-ON* */ - if (sm->endpoint_dependent){ - vec_foreach (ses_index, ses_to_be_removed) - { - ses = pool_elt_at_index (tsm->sessions, ses_index[0]); - nat_ed_session_delete (sm, ses, tsm - sm->per_thread_data, 1); - } - }else{ - vec_foreach (ses_index, ses_to_be_removed) - { - ses = pool_elt_at_index (tsm->sessions, ses_index[0]); - nat44_delete_session (sm, ses, tsm - sm->per_thread_data); - } + if (sm->endpoint_dependent) + { + vec_foreach (ses_index, ses_to_be_removed) + { + ses = pool_elt_at_index (tsm->sessions, ses_index[0]); + nat_ed_session_delete (sm, ses, tsm - sm->per_thread_data, 1); + } + } + else + { + vec_foreach (ses_index, ses_to_be_removed) + { + ses = pool_elt_at_index (tsm->sessions, ses_index[0]); + nat44_delete_session (sm, ses, tsm - sm->per_thread_data); + } } - vec_free (ses_to_be_removed); - } - /* *INDENT-ON* */ + vec_free (ses_to_be_removed); + } } #define _(N, i, n, s) \ @@ -2626,7 +2640,6 @@ nat_ip_table_add_del (vnet_main_t * vnm, u32 table_id, u32 is_add) if (sm->endpoint_dependent) { // TODO: consider removing all NAT interfaces - if (!is_add) { fib_index = ip4_fib_index_from_table_id (table_id); @@ -2707,7 +2720,6 @@ static clib_error_t * nat_init (vlib_main_t * vm) { snat_main_t *sm = &snat_main; - clib_error_t *error = 0; vlib_thread_main_t *tm = vlib_get_thread_main (); vlib_thread_registration_t *tr; ip4_add_del_interface_address_callback_t cbi = { 0 }; @@ -2808,11 +2820,10 @@ nat_init (vlib_main_t * vm) cbt.function = snat_update_outside_fib; vec_add1 (sm->ip4_main->table_bind_callbacks, cbt); - // TODO: is it possible to move it into snat_main ? - nat_fib_src_low = + sm->fib_src_low = fib_source_allocate ("nat-low", FIB_SOURCE_PRIORITY_LOW, FIB_SOURCE_BH_SIMPLE); - nat_fib_src_hi = + sm->fib_src_hi = fib_source_allocate ("nat-hi", FIB_SOURCE_PRIORITY_HI, FIB_SOURCE_BH_SIMPLE); @@ -2823,8 +2834,7 @@ nat_init (vlib_main_t * vm) nat_ha_init (vm, sm->num_workers, num_threads); test_key_calc_split (); - error = snat_api_init (vm, sm); - return error; + return nat44_api_hookup (vm); } VLIB_INIT_FUNCTION (nat_init); @@ -2878,18 +2888,14 @@ nat44_plugin_enable (nat44_config_t c) sm->mss_clamping = 0; if (!c.users) - { - c.users = 1024; - } + c.users = 1024; + sm->max_users_per_thread = c.users; sm->user_buckets = nat_calc_bihash_buckets (c.users); if (!c.sessions) - { - // default value based on legacy setting of load factor 10 * default - // translation buckets 1024 - c.sessions = 10 * 1024; - } + c.sessions = 10 * 1024; + sm->max_translations_per_thread = c.sessions; sm->translation_buckets = nat_calc_bihash_buckets (c.sessions); @@ -2900,12 +2906,12 @@ nat44_plugin_enable (nat44_config_t c) sm->outside_vrf_id = c.outside_vrf; sm->outside_fib_index = fib_table_find_or_create_and_lock - (FIB_PROTOCOL_IP4, c.outside_vrf, nat_fib_src_hi); + (FIB_PROTOCOL_IP4, c.outside_vrf, sm->fib_src_hi); sm->inside_vrf_id = c.inside_vrf; sm->inside_fib_index = fib_table_find_or_create_and_lock - (FIB_PROTOCOL_IP4, c.inside_vrf, nat_fib_src_hi); + (FIB_PROTOCOL_IP4, c.inside_vrf, sm->fib_src_hi); if (c.endpoint_dependent) { @@ -2917,6 +2923,8 @@ nat44_plugin_enable (nat44_config_t c) sm->icmp_match_out2in_cb = icmp_match_out2in_ed; sm->icmp_match_in2out_cb = icmp_match_in2out_ed; + // try to move it into nat44_db_init, + // consider static mapping requirements clib_bihash_init_16_8 (&sm->out2in_ed, "out2in-ed", sm->translation_buckets, 0); clib_bihash_set_kvp_format_fn_16_8 (&sm->out2in_ed, @@ -2977,8 +2985,7 @@ nat44_plugin_enable (nat44_config_t c) vlib_zero_simple_counter (&sm->user_limit_reached, 0); sm->enabled = 1; - - nat_log_info ("nat44 enable"); + sm->rconfig = c; return 0; } @@ -3092,6 +3099,7 @@ nat44_plugin_disable () sm->forwarding_enabled = 0; sm->enabled = 0; + clib_memset (&sm->rconfig, 0, sizeof (sm->rconfig)); return 0; } @@ -3536,6 +3544,7 @@ exhausted: void nat44_add_del_address_dpo (ip4_address_t addr, u8 is_add) { + snat_main_t *sm = &snat_main; dpo_id_t dpo_v4 = DPO_INVALID; fib_prefix_t pfx = { .fp_proto = FIB_PROTOCOL_IP4, @@ -3546,73 +3555,16 @@ nat44_add_del_address_dpo (ip4_address_t addr, u8 is_add) if (is_add) { nat_dpo_create (DPO_PROTO_IP4, 0, &dpo_v4); - fib_table_entry_special_dpo_add (0, &pfx, nat_fib_src_hi, + fib_table_entry_special_dpo_add (0, &pfx, sm->fib_src_hi, FIB_ENTRY_FLAG_EXCLUSIVE, &dpo_v4); dpo_reset (&dpo_v4); } else { - fib_table_entry_special_remove (0, &pfx, nat_fib_src_hi); + fib_table_entry_special_remove (0, &pfx, sm->fib_src_hi); } } -u8 * -format_session_kvp (u8 * s, va_list * args) -{ - clib_bihash_kv_8_8_t *v = va_arg (*args, clib_bihash_kv_8_8_t *); - - s = format (s, "%U session-index %llu", format_snat_key, v->key, v->value); - - return s; -} - -u8 * -format_static_mapping_kvp (u8 * s, va_list * args) -{ - clib_bihash_kv_8_8_t *v = va_arg (*args, clib_bihash_kv_8_8_t *); - - s = format (s, "%U static-mapping-index %llu", - format_snat_key, v->key, v->value); - - return s; -} - -u8 * -format_user_kvp (u8 * s, va_list * args) -{ - clib_bihash_kv_8_8_t *v = va_arg (*args, clib_bihash_kv_8_8_t *); - snat_user_key_t k; - - k.as_u64 = v->key; - - s = format (s, "%U fib %d user-index %llu", format_ip4_address, &k.addr, - k.fib_index, v->value); - - return s; -} - -u8 * -format_ed_session_kvp (u8 * s, va_list * args) -{ - clib_bihash_kv_16_8_t *v = va_arg (*args, clib_bihash_kv_16_8_t *); - - u8 proto; - u16 r_port, l_port; - ip4_address_t l_addr, r_addr; - u32 fib_index; - - split_ed_kv (v, &l_addr, &r_addr, &proto, &fib_index, &l_port, &r_port); - s = - format (s, - "local %U:%d remote %U:%d proto %U fib %d thread-index %u session-index %u", - format_ip4_address, &l_addr, clib_net_to_host_u16 (l_port), - format_ip4_address, &r_addr, clib_net_to_host_u16 (r_port), - format_ip_protocol, proto, fib_index, - ed_value_get_session_index (v), ed_value_get_thread_index (v)); - - return s; -} - static u32 snat_get_worker_in2out_cb (ip4_header_t * ip0, u32 rx_fib_index0, u8 is_output) @@ -4368,7 +4320,11 @@ nat44_db_init (snat_main_per_thread_data_t * tsm) sm->translation_buckets, 0); clib_bihash_set_kvp_format_fn_16_8 (&tsm->in2out_ed, format_ed_session_kvp); - + /* + clib_bihash_init_16_8 (&sm->out2in_ed, "out2in-ed", + sm->translation_buckets, 0); + clib_bihash_set_kvp_format_fn_16_8 (&sm->out2in_ed, + format_ed_session_kvp); */ } else { @@ -4597,7 +4553,6 @@ match: } } - int snat_add_interface_address (snat_main_t * sm, u32 sw_if_index, int is_del, u8 twice_nat) diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h index 76d819b6ee3..9b11736f5ac 100644 --- a/src/plugins/nat/nat.h +++ b/src/plugins/nat/nat.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016 Cisco and/or its affiliates. + * Copyright (c) 2020 Cisco and/or its affiliates. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: @@ -614,6 +614,9 @@ typedef struct snat_main_s u32 ed_hairpin_dst_node_index; u32 ed_hairpin_src_node_index; + nat44_config_t rconfig; + //nat44_config_t cconfig; + /* If forwarding is enabled */ u8 forwarding_enabled; @@ -720,6 +723,9 @@ typedef struct snat_main_s ip4_main_t *ip4_main; ip_lookup_main_t *ip4_lookup_main; + fib_source_t fib_src_hi; + fib_source_t fib_src_low; + /* nat44 plugin enabled */ u8 enabled; @@ -1242,7 +1248,7 @@ int nat44_lb_static_mapping_add_del_local (ip4_address_t e_addr, u16 e_port, nat_protocol_t proto, u32 vrf_id, u8 probability, u8 is_add); -clib_error_t *snat_api_init (vlib_main_t * vm, snat_main_t * sm); +clib_error_t *nat44_api_hookup (vlib_main_t * vm); /** * @brief Set NAT plugin workers @@ -1346,16 +1352,6 @@ int nat44_set_session_limit (u32 session_limit, u32 vrf_id); * @return 0 on success, non-zero value otherwise */ int nat44_update_session_limit (u32 session_limit, u32 vrf_id); -/** - * @brief Free NAT44 ED session data (lookup keys, external address port) - * - * @param s NAT session - * @param thread_index thread index - * @param is_ha is HA event - */ -void -nat44_free_session_data (snat_main_t * sm, snat_session_t * s, - u32 thread_index, u8 is_ha); /** * @brief Initialize NAT44 data @@ -1371,6 +1367,17 @@ void nat44_db_init (snat_main_per_thread_data_t * tsm); */ void nat44_db_free (snat_main_per_thread_data_t * tsm); +/** + * @brief Delete specific NAT44 EI user and his sessions + * + * @param addr IPv4 address + * @param fib_index FIB table index + */ +int nat44_ei_user_del (ip4_address_t * addr, u32 fib_index); + +/** + * @brief Free all NAT44 sessions + */ void nat44_sessions_clear (); /** @@ -1508,6 +1515,46 @@ int snat_static_mapping_match (snat_main_t * sm, void snat_add_del_addr_to_fib (ip4_address_t * addr, u8 p_len, u32 sw_if_index, int is_add); +void +nat_ha_sadd_cb (ip4_address_t * in_addr, u16 in_port, + ip4_address_t * out_addr, u16 out_port, + ip4_address_t * eh_addr, u16 eh_port, + ip4_address_t * ehn_addr, u16 ehn_port, u8 proto, + u32 fib_index, u16 flags, u32 thread_index); + +void +nat_ha_sdel_cb (ip4_address_t * out_addr, u16 out_port, + ip4_address_t * eh_addr, u16 eh_port, u8 proto, u32 fib_index, + u32 ti); + +void +nat_ha_sref_cb (ip4_address_t * out_addr, u16 out_port, + ip4_address_t * eh_addr, u16 eh_port, u8 proto, u32 fib_index, + u32 total_pkts, u64 total_bytes, u32 thread_index); + +void +nat_ha_sadd_ed_cb (ip4_address_t * in_addr, u16 in_port, + ip4_address_t * out_addr, u16 out_port, + ip4_address_t * eh_addr, u16 eh_port, + ip4_address_t * ehn_addr, u16 ehn_port, u8 proto, + u32 fib_index, u16 flags, u32 thread_index); + +void +nat_ha_sdel_ed_cb (ip4_address_t * out_addr, u16 out_port, + ip4_address_t * eh_addr, u16 eh_port, u8 proto, + u32 fib_index, u32 ti); + +void +nat_ha_sdel_ed_cb (ip4_address_t * out_addr, u16 out_port, + ip4_address_t * eh_addr, u16 eh_port, u8 proto, + u32 fib_index, u32 ti); + +void +nat_ha_sref_ed_cb (ip4_address_t * out_addr, u16 out_port, + ip4_address_t * eh_addr, u16 eh_port, u8 proto, + u32 fib_index, u32 total_pkts, u64 total_bytes, + u32 thread_index); + /* * Why is this here? Because we don't need to touch this layer to * simply reply to an icmp. We need to change id to a unique diff --git a/src/plugins/nat/nat.api b/src/plugins/nat/nat44.api similarity index 95% rename from src/plugins/nat/nat.api rename to src/plugins/nat/nat44.api index 753cfdfc9be..ec8c41640b0 100644 --- a/src/plugins/nat/nat.api +++ b/src/plugins/nat/nat44.api @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016 Cisco and/or its affiliates. + * Copyright (c) 2020 Cisco and/or its affiliates. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: @@ -79,6 +79,7 @@ autoreply define nat44_plugin_enable_disable { */ define nat_control_ping { + option deprecated; u32 client_index; u32 context; }; @@ -91,6 +92,7 @@ define nat_control_ping */ define nat_control_ping_reply { + option deprecated; u32 context; i32 retval; u32 client_index; @@ -213,6 +215,55 @@ define nat_show_config_2_reply u32 max_users_per_thread; }; +/** \brief Show NAT44 plugin running config + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request +*/ +define nat44_show_running_config +{ + option in_progress; + u32 client_index; + u32 context; +}; + +/** \brief Show NAT44 plugin running config reply + @param context - sender context, to match reply w/ request + @param retval - return code for the request + @param inside_vrf - default inside VRF id + @param outside_vrf - outside VRF id + @param users - maximum number of users per worker thread + (NAT44_IS_ENDPOINT_INDEPENDENT) + @param sessions - maximum number of sessions per worker thread + @param user_sessions - maximum number of sessions per user + (NAT44_IS_ENDPOINT_INDEPENDENT) + @param user_buckets - number of user hash buckets + (NAT44_IS_ENDPOINT_INDEPENDENT) + @param translation_buckets - number of translation hash buckets + @param flags - flag NAT44_IS_ENDPOINT_INDEPENDENT, + NAT44_IS_ENDPOINT_DEPENDENT, + NAT44_IS_STATIC_MAPPING_ONLY, + NAT44_IS_CONNECTION_TRACKING, + NAT44_IS_OUT2IN_DPO +*/ +define nat44_show_running_config_reply +{ + option in_progress; + u32 context; + i32 retval; + + u32 inside_vrf; + u32 outside_vrf; + + u32 users; + u32 sessions; + u32 user_sessions; + + u32 user_buckets; + u32 translation_buckets; + + vl_api_nat44_config_flags_t flags; +}; + enum nat_log_level : u8 { NAT_LOG_NONE = 0x00, @@ -228,6 +279,7 @@ enum nat_log_level : u8 @param context - sender context, to match reply w/ request */ autoreply define nat44_session_cleanup { + option deprecated; u32 client_index; u32 context; }; @@ -754,7 +806,7 @@ autoreply define nat44_add_del_static_mapping { @param tag - opaque string tag */ autoreply define nat44_add_del_static_mapping_v2 { - option status="in_progress"; + option in_progress; u32 client_index; u32 context; bool is_add; diff --git a/src/plugins/nat/nat44/inlines.h b/src/plugins/nat/nat44/inlines.h index ab5dc1fd9bc..97dfb6c4542 100644 --- a/src/plugins/nat/nat44/inlines.h +++ b/src/plugins/nat/nat44/inlines.h @@ -42,79 +42,6 @@ nat44_ed_maximum_sessions_exceeded (snat_main_t * sm, return translations >= sm->max_translations_per_fib[fib_index]; } -static_always_inline void -nat44_user_del_sessions (snat_user_t * u, u32 thread_index) -{ - dlist_elt_t *elt; - snat_session_t *s; - - snat_main_t *sm = &snat_main; - snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index]; - - // get head - elt = pool_elt_at_index (tsm->list_pool, - u->sessions_per_user_list_head_index); - // get first element - elt = pool_elt_at_index (tsm->list_pool, elt->next); - - while (elt->value != ~0) - { - s = pool_elt_at_index (tsm->sessions, elt->value); - elt = pool_elt_at_index (tsm->list_pool, elt->next); - - nat44_free_session_data (sm, s, thread_index, 0); - nat44_delete_session (sm, s, thread_index); - } -} - -static_always_inline int -nat44_user_del (ip4_address_t * addr, u32 fib_index) -{ - int rv = 1; - - snat_main_t *sm = &snat_main; - snat_main_per_thread_data_t *tsm; - - snat_user_key_t user_key; - clib_bihash_kv_8_8_t kv, value; - - if (sm->endpoint_dependent) - return rv; - - user_key.addr.as_u32 = addr->as_u32; - user_key.fib_index = fib_index; - kv.key = user_key.as_u64; - - if (sm->num_workers > 1) - { - /* *INDENT-OFF* */ - vec_foreach (tsm, sm->per_thread_data) - { - if (!clib_bihash_search_8_8 (&tsm->user_hash, &kv, &value)) - { - nat44_user_del_sessions ( - pool_elt_at_index (tsm->users, value.value), - tsm->thread_index); - rv = 0; - break; - } - } - /* *INDENT-ON* */ - } - else - { - tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers); - if (!clib_bihash_search_8_8 (&tsm->user_hash, &kv, &value)) - { - nat44_user_del_sessions (pool_elt_at_index - (tsm->users, value.value), - tsm->thread_index); - rv = 0; - } - } - return rv; -} - #endif /* included_nat44_inlines_h__ */ /* diff --git a/src/plugins/nat/nat_api.c b/src/plugins/nat/nat44_api.c similarity index 66% rename from src/plugins/nat/nat_api.c rename to src/plugins/nat/nat44_api.c index 933d3a2c2e5..2028b3510df 100644 --- a/src/plugins/nat/nat_api.c +++ b/src/plugins/nat/nat44_api.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017 Cisco and/or its affiliates. + * Copyright (c) 2020 Cisco and/or its affiliates. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,57 +15,34 @@ */ /** * @file - * @brief NAT plugin API implementation + * @brief NAT44 plugin API implementation */ -#include -#include -#include -#include -#include -#include +#define vl_api_nat44_lb_static_mapping_details_t_endian vl_noop_handler +#define vl_api_nat44_add_del_lb_static_mapping_t_endian vl_noop_handler + +#include #include -#include #include -#include -#include + +#include #include -#define vl_api_nat44_add_del_lb_static_mapping_t_endian vl_noop_handler -#define vl_api_nat44_nat44_lb_static_mapping_details_t_endian vl_noop_handler +#include -/* define message structures */ -#define vl_typedefs -#include -#undef vl_typedefs +#include +#include -/* define generated endian-swappers */ -#define vl_endianfun -#include -#undef vl_endianfun +#include +#include -#define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__) +#include +#include #define REPLY_MSG_ID_BASE sm->msg_id_base #include -/* Get the API version number */ -#define vl_api_version(n,v) static u32 api_version=(v); -#include -#undef vl_api_version - -/* Macro to finish up custom dump fns */ -#define FINISH \ - vec_add1 (s, 0); \ - vl_print (handle, (char *)s); \ - vec_free (s); \ - return handle; - -/******************************/ -/*** Common NAT plugin APIs ***/ -/******************************/ - static void vl_api_nat_control_ping_t_handler (vl_api_nat_control_ping_t * mp) { @@ -81,16 +58,6 @@ vl_api_nat_control_ping_t_handler (vl_api_nat_control_ping_t * mp) /* *INDENT-ON* */ } -static void * -vl_api_nat_control_ping_t_print (vl_api_nat_control_ping_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_control_ping "); - - FINISH; -} - static void vl_api_nat_show_config_t_handler (vl_api_nat_show_config_t * mp) { @@ -99,12 +66,10 @@ vl_api_nat_show_config_t_handler (vl_api_nat_show_config_t * mp) int rv = 0; /* *INDENT-OFF* */ - REPLY_MACRO2 (VL_API_NAT_SHOW_CONFIG_REPLY, + REPLY_MACRO2_ZERO (VL_API_NAT_SHOW_CONFIG_REPLY, ({ rmp->translation_buckets = htonl (sm->translation_buckets); - rmp->translation_memory_size = 0; rmp->user_buckets = htonl (sm->user_buckets); - rmp->user_memory_size = 0; rmp->max_translations_per_user = htonl (sm->max_translations_per_user); rmp->outside_vrf_id = htonl (sm->outside_vrf_id); rmp->inside_vrf_id = htonl (sm->inside_vrf_id); @@ -113,27 +78,10 @@ vl_api_nat_show_config_t_handler (vl_api_nat_show_config_t * mp) sm->static_mapping_connection_tracking; rmp->endpoint_dependent = sm->endpoint_dependent; rmp->out2in_dpo = sm->out2in_dpo; - // these are obsolete - rmp->dslite_ce = 0; - rmp->deterministic = 0; - rmp->nat64_bib_buckets = 0; - rmp->nat64_bib_memory_size = 0; - rmp->nat64_st_buckets = 0; - rmp->nat64_st_memory_size = 0; })); /* *INDENT-ON* */ } -static void * -vl_api_nat_show_config_t_print (vl_api_nat_show_config_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_show_config "); - - FINISH; -} - static void vl_api_nat_show_config_2_t_handler (vl_api_nat_show_config_2_t * mp) { @@ -142,12 +90,10 @@ vl_api_nat_show_config_2_t_handler (vl_api_nat_show_config_2_t * mp) int rv = 0; /* *INDENT-OFF* */ - REPLY_MACRO2 (VL_API_NAT_SHOW_CONFIG_2_REPLY, + REPLY_MACRO2_ZERO (VL_API_NAT_SHOW_CONFIG_2_REPLY, ({ rmp->translation_buckets = htonl (sm->translation_buckets); - rmp->translation_memory_size = 0; rmp->user_buckets = htonl (sm->user_buckets); - rmp->user_memory_size = 0; rmp->max_translations_per_user = htonl (sm->max_translations_per_user); rmp->outside_vrf_id = htonl (sm->outside_vrf_id); rmp->inside_vrf_id = htonl (sm->inside_vrf_id); @@ -158,25 +104,44 @@ vl_api_nat_show_config_2_t_handler (vl_api_nat_show_config_2_t * mp) rmp->out2in_dpo = sm->out2in_dpo; rmp->max_translations_per_thread = clib_net_to_host_u32(sm->max_translations_per_thread); rmp->max_users_per_thread = clib_net_to_host_u32(sm->max_users_per_thread); - // these are obsolete - rmp->dslite_ce = 0; - rmp->deterministic = 0; - rmp->nat64_bib_buckets = 0; - rmp->nat64_bib_memory_size = 0; - rmp->nat64_st_buckets = 0; - rmp->nat64_st_memory_size = 0; })); /* *INDENT-ON* */ } -static void * -vl_api_nat_show_config_2_t_print (vl_api_nat_show_config_t * mp, void *handle) +static void +vl_api_nat44_show_running_config_t_handler (vl_api_nat44_show_running_config_t + * mp) { - u8 *s; + vl_api_nat44_show_running_config_reply_t *rmp; + snat_main_t *sm = &snat_main; + nat44_config_t *rc = &sm->rconfig; + int rv = 0; + + /* *INDENT-OFF* */ + REPLY_MACRO2_ZERO (VL_API_NAT44_SHOW_RUNNING_CONFIG_REPLY, + ({ + rmp->inside_vrf = htonl (rc->inside_vrf); + rmp->outside_vrf = htonl (rc->outside_vrf); + rmp->users = htonl (rc->users); + rmp->sessions = htonl (rc->sessions); + rmp->user_sessions = htonl (rc->user_sessions); - s = format (0, "SCRIPT: nat_show_config_2 "); + rmp->user_buckets = htonl (sm->user_buckets); + rmp->translation_buckets = htonl (sm->translation_buckets); - FINISH; + if (rc->endpoint_dependent) + rmp->flags |= NAT44_IS_ENDPOINT_DEPENDENT; + else + rmp->flags |= NAT44_IS_ENDPOINT_INDEPENDENT; + + if (rc->static_mapping_only) + rmp->flags |= NAT44_IS_STATIC_MAPPING_ONLY; + if (rc->connection_tracking) + rmp->flags |= NAT44_IS_CONNECTION_TRACKING; + if (rc->out2in_dpo) + rmp->flags |= NAT44_IS_OUT2IN_DPO; + })); + /* *INDENT-ON* */ } static void @@ -204,31 +169,6 @@ send_reply: REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY); } -static void * -vl_api_nat_set_workers_t_print (vl_api_nat_set_workers_t * mp, void *handle) -{ - u8 *s; - uword *bitmap = 0; - u8 first = 1; - int i; - u64 mask = clib_net_to_host_u64 (mp->worker_mask); - - s = format (0, "SCRIPT: nat_set_workers "); - bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask)); - /* *INDENT-OFF* */ - clib_bitmap_foreach (i, bitmap, - ({ - if (first) - s = format (s, "%d", i); - else - s = format (s, ",%d", i); - first = 0; - })); - /* *INDENT-ON* */ - clib_bitmap_free (bitmap); - FINISH; -} - static void send_nat_worker_details (u32 worker_index, vl_api_registration_t * reg, u32 context) @@ -266,14 +206,13 @@ vl_api_nat_worker_dump_t_handler (vl_api_nat_worker_dump_t * mp) /* *INDENT-ON* */ } -static void * -vl_api_nat_worker_dump_t_print (vl_api_nat_worker_dump_t * mp, void *handle) +static void +vl_api_nat44_session_cleanup_t_handler (vl_api_nat44_session_cleanup_t * mp) { - u8 *s; - - s = format (0, "SCRIPT: nat_worker_dump "); - - FINISH; + snat_main_t *sm = &snat_main; + vl_api_nat44_session_cleanup_reply_t *rmp; + int rv = 0; + REPLY_MACRO (VL_API_NAT44_SESSION_CLEANUP_REPLY); } static void @@ -287,20 +226,7 @@ vl_api_nat44_set_session_limit_t_handler (vl_api_nat44_set_session_limit_t * rv = nat44_set_session_limit (ntohl (mp->session_limit), ntohl (mp->vrf_id)); - REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY); -} - -static void * -vl_api_nat44_set_session_limit_t_print (vl_api_nat44_set_session_limit_t * - mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_set_session_limit "); - s = format (s, "session_limit %d", ntohl (mp->session_limit)); - s = format (s, "vrf_id %d", ntohl (mp->vrf_id)); - - FINISH; + REPLY_MACRO (VL_API_NAT44_SET_SESSION_LIMIT_REPLY); } static void @@ -318,18 +244,6 @@ vl_api_nat_set_log_level_t_handler (vl_api_nat_set_log_level_t * mp) REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY); } -static void * -vl_api_nat_set_log_level_t_print (vl_api_nat_set_log_level_t * - mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_set_log_level "); - s = format (s, "log_level %d", mp->log_level); - - FINISH; -} - static void vl_api_nat44_plugin_enable_disable_t_handler (vl_api_nat44_plugin_enable_disable_t * mp) @@ -363,54 +277,6 @@ static void REPLY_MACRO (VL_API_NAT44_PLUGIN_ENABLE_DISABLE_REPLY); } -static void *vl_api_nat44_plugin_enable_disable_t_print - (vl_api_nat44_plugin_enable_disable_t * mp, void *handle) -{ - u8 *s; - u32 val; - - s = format (0, "SCRIPT: nat44_plugin_enable_disable "); - if (mp->enable) - { - s = format (s, "enable "); - if (mp->flags & NAT44_API_IS_ENDPOINT_DEPENDENT) - s = format (s, "endpoint-dependent "); - else - s = format (s, "endpoint-indepenednet "); - if (mp->flags & NAT44_API_IS_STATIC_MAPPING_ONLY) - s = format (s, "static_mapping_only "); - if (mp->flags & NAT44_API_IS_CONNECTION_TRACKING) - s = format (s, "connection_tracking "); - if (mp->flags & NAT44_API_IS_OUT2IN_DPO) - s = format (s, "out2in_dpo "); - val = ntohl (mp->inside_vrf); - if (val) - s = format (s, "inside_vrf %u ", val); - val = ntohl (mp->outside_vrf); - if (val) - s = format (s, "outside_vrf %u ", val); - val = ntohl (mp->users); - if (val) - s = format (s, "users %u ", val); - val = ntohl (mp->user_memory); - if (val) - s = format (s, "user_memory %u ", val); - val = ntohl (mp->sessions); - if (val) - s = format (s, "sessions %u ", val); - val = ntohl (mp->session_memory); - if (val) - s = format (s, "session_memory %u ", val); - val = ntohl (mp->user_sessions); - if (val) - s = format (s, "user_sessions %u ", val); - } - else - s = format (s, "disable "); - - FINISH; -} - static void vl_api_nat_ipfix_enable_disable_t_handler (vl_api_nat_ipfix_enable_disable_t * mp) @@ -427,23 +293,6 @@ vl_api_nat_ipfix_enable_disable_t_handler (vl_api_nat_ipfix_enable_disable_t * REPLY_MACRO (VL_API_NAT_IPFIX_ENABLE_DISABLE_REPLY); } -static void * -vl_api_nat_ipfix_enable_disable_t_print (vl_api_nat_ipfix_enable_disable_t * - mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_ipfix_enable_disable "); - if (mp->domain_id) - s = format (s, "domain %d ", clib_net_to_host_u32 (mp->domain_id)); - if (mp->src_port) - s = format (s, "src_port %d ", clib_net_to_host_u16 (mp->src_port)); - if (!mp->enable) - s = format (s, "disable "); - - FINISH; -} - static void vl_api_nat_set_timeouts_t_handler (vl_api_nat_set_timeouts_t * mp) { @@ -459,20 +308,6 @@ vl_api_nat_set_timeouts_t_handler (vl_api_nat_set_timeouts_t * mp) REPLY_MACRO (VL_API_NAT_SET_TIMEOUTS_REPLY); } -static void * -vl_api_nat_set_timeouts_t_print (vl_api_nat_set_timeouts_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_set_timeouts "); - s = format (s, "udp %d tcp_established %d tcp_transitory %d icmp %d\n", - ntohl (mp->udp), - ntohl (mp->tcp_established), - ntohl (mp->tcp_transitory), ntohl (mp->icmp)); - - FINISH; -} - static void vl_api_nat_get_timeouts_t_handler (vl_api_nat_get_timeouts_t * mp) { @@ -491,16 +326,6 @@ vl_api_nat_get_timeouts_t_handler (vl_api_nat_get_timeouts_t * mp) /* *INDENT-ON* */ } -static void * -vl_api_nat_get_timeouts_t_print (vl_api_nat_get_timeouts_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_get_timeouts"); - - FINISH; -} - static void vl_api_nat_set_addr_and_port_alloc_alg_t_handler (vl_api_nat_set_addr_and_port_alloc_alg_t * mp) @@ -538,21 +363,6 @@ send_reply: REPLY_MACRO (VL_API_NAT_SET_ADDR_AND_PORT_ALLOC_ALG_REPLY); } -static void *vl_api_nat_set_addr_and_port_alloc_alg_t_print - (vl_api_nat_set_addr_and_port_alloc_alg_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_set_addr_and_port_alloc_alg "); - s = format (s, "alg %d psid_offset %d psid_length %d psid %d start_port %d " - "end_port %d\n", - ntohl (mp->alg), ntohl (mp->psid_offset), - ntohl (mp->psid_length), ntohs (mp->psid), - ntohs (mp->start_port), ntohs (mp->end_port)); - - FINISH; -} - static void vl_api_nat_get_addr_and_port_alloc_alg_t_handler (vl_api_nat_get_addr_and_port_alloc_alg_t * mp) @@ -574,16 +384,6 @@ static void /* *INDENT-ON* */ } -static void *vl_api_nat_get_addr_and_port_alloc_alg_t_print - (vl_api_nat_get_addr_and_port_alloc_alg_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_get_addr_and_port_alloc_alg"); - - FINISH; -} - static void vl_api_nat_set_mss_clamping_t_handler (vl_api_nat_set_mss_clamping_t * mp) { @@ -599,18 +399,6 @@ vl_api_nat_set_mss_clamping_t_handler (vl_api_nat_set_mss_clamping_t * mp) REPLY_MACRO (VL_API_NAT_SET_MSS_CLAMPING_REPLY); } -static void * -vl_api_nat_set_mss_clamping_t_print (vl_api_nat_set_mss_clamping_t * mp, - void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_set_mss_clamping enable %d mss_value %d\n", - mp->enable, ntohs (mp->mss_value)); - - FINISH; -} - static void vl_api_nat_get_mss_clamping_t_handler (vl_api_nat_get_mss_clamping_t * mp) { @@ -627,17 +415,6 @@ vl_api_nat_get_mss_clamping_t_handler (vl_api_nat_get_mss_clamping_t * mp) /* *INDENT-ON* */ } -static void * -vl_api_nat_get_mss_clamping_t_print (vl_api_nat_get_mss_clamping_t * mp, - void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_get_mss_clamping"); - - FINISH; -} - static void vl_api_nat_ha_set_listener_t_handler (vl_api_nat_ha_set_listener_t * mp) { @@ -654,20 +431,6 @@ vl_api_nat_ha_set_listener_t_handler (vl_api_nat_ha_set_listener_t * mp) REPLY_MACRO (VL_API_NAT_HA_SET_LISTENER_REPLY); } -static void * -vl_api_nat_ha_set_listener_t_print (vl_api_nat_ha_set_listener_t * mp, - void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_ha_set_listener "); - s = format (s, "ip_address %U ", format_ip4_address, mp->ip_address); - s = format (s, "port %d ", clib_net_to_host_u16 (mp->port)); - s = format (s, "path_mtu %d", clib_net_to_host_u32 (mp->path_mtu)); - - FINISH; -} - static void vl_api_nat_ha_get_listener_t_handler (vl_api_nat_ha_get_listener_t * mp) { @@ -690,17 +453,6 @@ vl_api_nat_ha_get_listener_t_handler (vl_api_nat_ha_get_listener_t * mp) /* *INDENT-ON* */ } -static void * -vl_api_nat_ha_get_listener_t_print (vl_api_nat_ha_get_listener_t * mp, - void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_ha_get_listener"); - - FINISH; -} - static void vl_api_nat_ha_set_failover_t_handler (vl_api_nat_ha_set_failover_t * mp) { @@ -717,19 +469,6 @@ vl_api_nat_ha_set_failover_t_handler (vl_api_nat_ha_set_failover_t * mp) REPLY_MACRO (VL_API_NAT_HA_SET_FAILOVER_REPLY); } -static void * -vl_api_nat_ha_set_failover_t_print (vl_api_nat_ha_set_failover_t * mp, - void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_ha_set_failover "); - s = format (s, "ip_address %U ", format_ip4_address, mp->ip_address); - s = format (s, "port %d ", clib_net_to_host_u16 (mp->port)); - - FINISH; -} - static void vl_api_nat_ha_get_failover_t_handler (vl_api_nat_ha_get_failover_t * mp) { @@ -752,17 +491,6 @@ vl_api_nat_ha_get_failover_t_handler (vl_api_nat_ha_get_failover_t * mp) /* *INDENT-ON* */ } -static void * -vl_api_nat_ha_get_failover_t_print (vl_api_nat_ha_get_failover_t * mp, - void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_ha_get_failover"); - - FINISH; -} - static void vl_api_nat_ha_flush_t_handler (vl_api_nat_ha_flush_t * mp) { @@ -775,16 +503,6 @@ vl_api_nat_ha_flush_t_handler (vl_api_nat_ha_flush_t * mp) REPLY_MACRO (VL_API_NAT_HA_FLUSH_REPLY); } -static void * -vl_api_nat_ha_flush_t_print (vl_api_nat_ha_flush_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_ha_flush "); - - FINISH; -} - static void nat_ha_resync_completed_event_cb (u32 client_index, u32 pid, u32 missed_count) { @@ -822,22 +540,6 @@ vl_api_nat_ha_resync_t_handler (vl_api_nat_ha_resync_t * mp) REPLY_MACRO (VL_API_NAT_HA_RESYNC_REPLY); } -static void * -vl_api_nat_ha_resync_t_print (vl_api_nat_ha_resync_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat_ha_resync "); - s = - format (s, "want_resync_event %d pid %d", mp->want_resync_event, - clib_host_to_net_u32 (mp->pid)); - - FINISH; -} - -/*************/ -/*** NAT44 ***/ -/*************/ static void vl_api_nat44_del_user_t_handler (vl_api_nat44_del_user_t * mp) { @@ -846,20 +548,10 @@ vl_api_nat44_del_user_t_handler (vl_api_nat44_del_user_t * mp) ip4_address_t addr; int rv; memcpy (&addr.as_u8, mp->ip_address, 4); - rv = nat44_user_del (&addr, ntohl (mp->fib_index)); + rv = nat44_ei_user_del (&addr, ntohl (mp->fib_index)); REPLY_MACRO (VL_API_NAT44_DEL_USER_REPLY); } -static void *vl_api_nat44_del_user_t_print - (vl_api_nat44_del_user_t * mp, void *handle) -{ - u8 *s; - s = format (0, "SCRIPT: nat44_del_user "); - s = format (s, "ip_address %U fib_index %U ", - format_ip4_address, mp->ip_address, ntohl (mp->fib_index)); - FINISH; -} - static void vl_api_nat44_add_del_address_range_t_handler (vl_api_nat44_add_del_address_range_t * mp) @@ -919,21 +611,6 @@ send_reply: REPLY_MACRO (VL_API_NAT44_ADD_DEL_ADDRESS_RANGE_REPLY); } -static void *vl_api_nat44_add_del_address_range_t_print - (vl_api_nat44_add_del_address_range_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_add_address_range "); - s = format (s, "%U ", format_ip4_address, mp->first_ip_address); - if (memcmp (mp->first_ip_address, mp->last_ip_address, 4)) - { - s = format (s, " - %U ", format_ip4_address, mp->last_ip_address); - } - s = format (s, "twice_nat %d ", mp->flags & NAT_API_IS_TWICE_NAT); - FINISH; -} - static void send_nat44_address_details (snat_address_t * a, vl_api_registration_t * reg, u32 context, @@ -979,17 +656,6 @@ vl_api_nat44_address_dump_t_handler (vl_api_nat44_address_dump_t * mp) /* *INDENT-ON* */ } -static void * -vl_api_nat44_address_dump_t_print (vl_api_nat44_address_dump_t * mp, - void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_address_dump "); - - FINISH; -} - static void vl_api_nat44_interface_add_del_feature_t_handler (vl_api_nat44_interface_add_del_feature_t * mp) @@ -1013,20 +679,6 @@ static void REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_FEATURE_REPLY); } -static void *vl_api_nat44_interface_add_del_feature_t_print - (vl_api_nat44_interface_add_del_feature_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_interface_add_del_feature "); - s = format (s, "sw_if_index %d %s %s", - clib_host_to_net_u32 (mp->sw_if_index), - mp->flags & NAT_API_IS_INSIDE ? "in" : "out", - mp->is_add ? "" : "del"); - - FINISH; -} - static void send_nat44_interface_details (snat_interface_t * i, vl_api_registration_t * reg, u32 context) @@ -1068,17 +720,6 @@ vl_api_nat44_interface_dump_t_handler (vl_api_nat44_interface_dump_t * mp) /* *INDENT-ON* */ } -static void * -vl_api_nat44_interface_dump_t_print (vl_api_nat44_interface_dump_t * mp, - void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_interface_dump "); - - FINISH; -} - static void vl_api_nat44_interface_add_del_output_feature_t_handler (vl_api_nat44_interface_add_del_output_feature_t * mp) @@ -1098,20 +739,6 @@ static void REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_OUTPUT_FEATURE_REPLY); } -static void *vl_api_nat44_interface_add_del_output_feature_t_print - (vl_api_nat44_interface_add_del_output_feature_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_interface_add_del_output_feature "); - s = format (s, "sw_if_index %d %s %s", - clib_host_to_net_u32 (mp->sw_if_index), - mp->flags & NAT_API_IS_INSIDE ? "in" : "out", - mp->is_add ? "" : "del"); - - FINISH; -} - static void send_nat44_interface_output_feature_details (snat_interface_t * i, vl_api_registration_t * reg, @@ -1153,16 +780,6 @@ static void /* *INDENT-ON* */ } -static void *vl_api_nat44_interface_output_feature_dump_t_print - (vl_api_nat44_interface_output_feature_dump_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_interface_output_feature_dump "); - - FINISH; -} - static void vl_api_nat44_add_del_static_mapping_t_handler (vl_api_nat44_add_del_static_mapping_t * mp) @@ -1258,68 +875,6 @@ static void REPLY_MACRO (VL_API_NAT44_ADD_DEL_STATIC_MAPPING_V2_REPLY); } -static void *vl_api_nat44_add_del_static_mapping_t_print - (vl_api_nat44_add_del_static_mapping_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_add_del_static_mapping "); - s = format (s, "protocol %d local_addr %U external_addr %U ", - mp->protocol, - format_ip4_address, mp->local_ip_address, - format_ip4_address, mp->external_ip_address); - - if (!(mp->flags & NAT_API_IS_ADDR_ONLY)) - s = format (s, "local_port %d external_port %d ", - clib_net_to_host_u16 (mp->local_port), - clib_net_to_host_u16 (mp->external_port)); - - s = format (s, "twice_nat %d out2in_only %d ", - mp->flags & NAT_API_IS_TWICE_NAT, - mp->flags & NAT_API_IS_OUT2IN_ONLY); - - if (mp->vrf_id != ~0) - s = format (s, "vrf %d", clib_net_to_host_u32 (mp->vrf_id)); - - if (mp->external_sw_if_index != ~0) - s = format (s, "external_sw_if_index %d", - clib_net_to_host_u32 (mp->external_sw_if_index)); - FINISH; -} - -static void *vl_api_nat44_add_del_static_mapping_v2_t_print - (vl_api_nat44_add_del_static_mapping_v2_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_add_del_static_mapping_v2 "); - s = format (s, "protocol %d local_addr %U external_addr %U ", - mp->protocol, - format_ip4_address, mp->local_ip_address, - format_ip4_address, mp->external_ip_address); - - if (!(mp->flags & NAT_API_IS_ADDR_ONLY)) - s = format (s, "local_port %d external_port %d ", - clib_net_to_host_u16 (mp->local_port), - clib_net_to_host_u16 (mp->external_port)); - - s = format (s, "twice_nat %d out2in_only %d ", - mp->flags & NAT_API_IS_TWICE_NAT, - mp->flags & NAT_API_IS_OUT2IN_ONLY); - - if (mp->vrf_id != ~0) - s = format (s, "vrf %d", clib_net_to_host_u32 (mp->vrf_id)); - - if (mp->external_sw_if_index != ~0) - s = format (s, "external_sw_if_index %d", - clib_net_to_host_u32 (mp->external_sw_if_index)); - if (mp->match_pool) - s = format (s, "match pool address %U", - format_ip4_address, mp->pool_ip_address); - - FINISH; -} - static void send_nat44_static_mapping_details (snat_static_mapping_t * m, vl_api_registration_t * reg, u32 context) @@ -1430,17 +985,6 @@ vl_api_nat44_static_mapping_dump_t_handler (vl_api_nat44_static_mapping_dump_t } } -static void * -vl_api_nat44_static_mapping_dump_t_print (vl_api_nat44_static_mapping_dump_t * - mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_static_mapping_dump "); - - FINISH; -} - static void vl_api_nat44_add_del_identity_mapping_t_handler (vl_api_nat44_add_del_identity_mapping_t * mp) @@ -1478,28 +1022,6 @@ static void REPLY_MACRO (VL_API_NAT44_ADD_DEL_IDENTITY_MAPPING_REPLY); } -static void *vl_api_nat44_add_del_identity_mapping_t_print - (vl_api_nat44_add_del_identity_mapping_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_add_del_identity_mapping "); - if (mp->sw_if_index != ~0) - s = format (s, "sw_if_index %d", clib_net_to_host_u32 (mp->sw_if_index)); - else - s = format (s, "addr %U", format_ip4_address, mp->ip_address); - - if (!(mp->flags & NAT_API_IS_ADDR_ONLY)) - s = - format (s, " protocol %d port %d", mp->protocol, - clib_net_to_host_u16 (mp->port)); - - if (mp->vrf_id != ~0) - s = format (s, " vrf %d", clib_net_to_host_u32 (mp->vrf_id)); - - FINISH; -} - static void send_nat44_identity_mapping_details (snat_static_mapping_t * m, int index, vl_api_registration_t * reg, u32 context) @@ -1590,16 +1112,6 @@ static void } } -static void *vl_api_nat44_identity_mapping_dump_t_print - (vl_api_nat44_identity_mapping_dump_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_identity_mapping_dump "); - - FINISH; -} - static void vl_api_nat44_add_del_interface_addr_t_handler (vl_api_nat44_add_del_interface_addr_t * mp) @@ -1621,19 +1133,6 @@ static void REPLY_MACRO (VL_API_NAT44_ADD_DEL_INTERFACE_ADDR_REPLY); } -static void *vl_api_nat44_add_del_interface_addr_t_print - (vl_api_nat44_add_del_interface_addr_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_add_del_interface_addr "); - s = format (s, "sw_if_index %d twice_nat %d %s", - clib_host_to_net_u32 (mp->sw_if_index), - mp->flags & NAT_API_IS_TWICE_NAT, mp->is_add ? "" : "del"); - - FINISH; -} - static void send_nat44_interface_addr_details (u32 sw_if_index, vl_api_registration_t * reg, u32 context, @@ -1675,17 +1174,6 @@ vl_api_nat44_interface_addr_dump_t_handler (vl_api_nat44_interface_addr_dump_t /* *INDENT-ON* */ } -static void * -vl_api_nat44_interface_addr_dump_t_print (vl_api_nat44_interface_addr_dump_t * - mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_interface_addr_dump "); - - FINISH; -} - static void send_nat44_user_details (snat_user_t * u, vl_api_registration_t * reg, u32 context) @@ -1798,16 +1286,6 @@ vl_api_nat44_user_dump_t_handler (vl_api_nat44_user_dump_t * mp) /* *INDENT-ON* */ } -static void * -vl_api_nat44_user_dump_t_print (vl_api_nat44_user_dump_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_user_dump "); - - FINISH; -} - static void send_nat44_user_session_details (snat_session_t * s, vl_api_registration_t * reg, u32 context) @@ -1927,20 +1405,6 @@ vl_api_nat44_user_session_dump_t_handler (vl_api_nat44_user_session_dump_t * } } -static void * -vl_api_nat44_user_session_dump_t_print (vl_api_nat44_user_session_dump_t * mp, - void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_user_session_dump "); - s = format (s, "ip_address %U vrf_id %d\n", - format_ip4_address, mp->ip_address, - clib_net_to_host_u32 (mp->vrf_id)); - - FINISH; -} - static nat44_lb_addr_port_t * unformat_nat44_lb_addr_port (vl_api_nat44_lb_addr_port_t * addr_port_pairs, u32 addr_port_pair_num) @@ -2011,20 +1475,6 @@ send_reply: REPLY_MACRO (VL_API_NAT44_ADD_DEL_LB_STATIC_MAPPING_REPLY); } -static void *vl_api_nat44_add_del_lb_static_mapping_t_print - (vl_api_nat44_add_del_lb_static_mapping_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_add_del_lb_static_mapping "); - s = format (s, "is_add %d twice_nat %d out2in_only %d ", - mp->is_add, - mp->flags & NAT_API_IS_TWICE_NAT, - mp->flags & NAT_API_IS_OUT2IN_ONLY); - - FINISH; -} - static void vl_api_nat44_lb_static_mapping_add_del_local_t_handler (vl_api_nat44_lb_static_mapping_add_del_local_t * mp) @@ -2060,17 +1510,6 @@ send_reply: REPLY_MACRO (VL_API_NAT44_LB_STATIC_MAPPING_ADD_DEL_LOCAL_REPLY); } -static void *vl_api_nat44_lb_static_mapping_add_del_local_t_print - (vl_api_nat44_lb_static_mapping_add_del_local_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_lb_static_mapping_add_del_local "); - s = format (s, "is_add %d", mp->is_add); - - FINISH; -} - static void send_nat44_lb_static_mapping_details (snat_static_mapping_t * m, vl_api_registration_t * reg, @@ -2145,16 +1584,6 @@ static void /* *INDENT-ON* */ } -static void *vl_api_nat44_lb_static_mapping_dump_t_print - (vl_api_nat44_lb_static_mapping_dump_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_lb_static_mapping_dump "); - - FINISH; -} - static void vl_api_nat44_del_session_t_handler (vl_api_nat44_del_session_t * mp) { @@ -2186,26 +1615,6 @@ vl_api_nat44_del_session_t_handler (vl_api_nat44_del_session_t * mp) REPLY_MACRO (VL_API_NAT44_DEL_SESSION_REPLY); } -static void * -vl_api_nat44_del_session_t_print (vl_api_nat44_del_session_t * mp, - void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_add_del_session "); - s = format (s, "addr %U port %d protocol %d vrf_id %d is_in %d", - format_ip4_address, mp->address, - clib_net_to_host_u16 (mp->port), - mp->protocol, clib_net_to_host_u32 (mp->vrf_id), - mp->flags & NAT_API_IS_INSIDE); - if (mp->flags & NAT_API_IS_EXT_HOST_VALID) - s = format (s, "ext_host_address %U ext_host_port %d", - format_ip4_address, mp->ext_host_address, - clib_net_to_host_u16 (mp->ext_host_port)); - - FINISH; -} - static void vl_api_nat44_forwarding_enable_disable_t_handler (vl_api_nat44_forwarding_enable_disable_t * mp) @@ -2254,17 +1663,6 @@ static void REPLY_MACRO (VL_API_NAT44_FORWARDING_ENABLE_DISABLE_REPLY); } -static void *vl_api_nat44_forwarding_enable_disable_t_print - (vl_api_nat44_forwarding_enable_disable_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_forwarding_enable_disable "); - s = format (s, "enable %d", mp->enable != 0); - - FINISH; -} - static void vl_api_nat44_forwarding_is_enabled_t_handler (vl_api_nat44_forwarding_is_enabled_t * mp) @@ -2288,129 +1686,17 @@ static void vl_api_send_msg (reg, (u8 *) rmp); } -static void *vl_api_nat44_forwarding_is_enabled_t_print - (vl_api_nat44_forwarding_is_enabled_t * mp, void *handle) -{ - u8 *s; - - s = format (0, "SCRIPT: nat44_forwarding_is_enabled "); - - FINISH; -} - -/* List of message types that this plugin understands */ -#define foreach_snat_plugin_api_msg \ -_(NAT_CONTROL_PING, nat_control_ping) \ -_(NAT_SHOW_CONFIG, nat_show_config) \ -_(NAT_SHOW_CONFIG_2, nat_show_config_2) \ -_(NAT_SET_WORKERS, nat_set_workers) \ -_(NAT_WORKER_DUMP, nat_worker_dump) \ -_(NAT44_PLUGIN_ENABLE_DISABLE, nat44_plugin_enable_disable) \ -_(NAT44_DEL_USER, nat44_del_user) \ -_(NAT44_SET_SESSION_LIMIT, nat44_set_session_limit) \ -_(NAT_SET_LOG_LEVEL, nat_set_log_level) \ -_(NAT_IPFIX_ENABLE_DISABLE, nat_ipfix_enable_disable) \ -_(NAT_SET_TIMEOUTS, nat_set_timeouts) \ -_(NAT_GET_TIMEOUTS, nat_get_timeouts) \ -_(NAT_SET_ADDR_AND_PORT_ALLOC_ALG, nat_set_addr_and_port_alloc_alg) \ -_(NAT_GET_ADDR_AND_PORT_ALLOC_ALG, nat_get_addr_and_port_alloc_alg) \ -_(NAT_SET_MSS_CLAMPING, nat_set_mss_clamping) \ -_(NAT_GET_MSS_CLAMPING, nat_get_mss_clamping) \ -_(NAT_HA_SET_LISTENER, nat_ha_set_listener) \ -_(NAT_HA_SET_FAILOVER, nat_ha_set_failover) \ -_(NAT_HA_GET_LISTENER, nat_ha_get_listener) \ -_(NAT_HA_GET_FAILOVER, nat_ha_get_failover) \ -_(NAT_HA_FLUSH, nat_ha_flush) \ -_(NAT_HA_RESYNC, nat_ha_resync) \ -_(NAT44_ADD_DEL_ADDRESS_RANGE, nat44_add_del_address_range) \ -_(NAT44_INTERFACE_ADD_DEL_FEATURE, nat44_interface_add_del_feature) \ -_(NAT44_ADD_DEL_STATIC_MAPPING, nat44_add_del_static_mapping) \ -_(NAT44_ADD_DEL_STATIC_MAPPING_V2, nat44_add_del_static_mapping_v2) \ -_(NAT44_ADD_DEL_IDENTITY_MAPPING, nat44_add_del_identity_mapping) \ -_(NAT44_STATIC_MAPPING_DUMP, nat44_static_mapping_dump) \ -_(NAT44_IDENTITY_MAPPING_DUMP, nat44_identity_mapping_dump) \ -_(NAT44_ADDRESS_DUMP, nat44_address_dump) \ -_(NAT44_INTERFACE_DUMP, nat44_interface_dump) \ -_(NAT44_ADD_DEL_INTERFACE_ADDR, nat44_add_del_interface_addr) \ -_(NAT44_INTERFACE_ADDR_DUMP, nat44_interface_addr_dump) \ -_(NAT44_USER_DUMP, nat44_user_dump) \ -_(NAT44_USER_SESSION_DUMP, nat44_user_session_dump) \ -_(NAT44_INTERFACE_ADD_DEL_OUTPUT_FEATURE, \ - nat44_interface_add_del_output_feature) \ -_(NAT44_INTERFACE_OUTPUT_FEATURE_DUMP, \ - nat44_interface_output_feature_dump) \ -_(NAT44_ADD_DEL_LB_STATIC_MAPPING, nat44_add_del_lb_static_mapping) \ -_(NAT44_LB_STATIC_MAPPING_ADD_DEL_LOCAL, \ - nat44_lb_static_mapping_add_del_local) \ -_(NAT44_LB_STATIC_MAPPING_DUMP, nat44_lb_static_mapping_dump) \ -_(NAT44_DEL_SESSION, nat44_del_session) \ -_(NAT44_FORWARDING_ENABLE_DISABLE, nat44_forwarding_enable_disable) \ -_(NAT44_FORWARDING_IS_ENABLED, nat44_forwarding_is_enabled) +/* API definitions */ +#include +#include /* Set up the API message handling tables */ -static clib_error_t * -snat_plugin_api_hookup (vlib_main_t * vm) -{ - snat_main_t *sm __attribute__ ((unused)) = &snat_main; -#define _(N,n) \ - vl_msg_api_set_handlers((VL_API_##N + sm->msg_id_base), \ - #n, \ - vl_api_##n##_t_handler, \ - vl_noop_handler, \ - vl_api_##n##_t_endian, \ - vl_api_##n##_t_print, \ - sizeof(vl_api_##n##_t), 1); - foreach_snat_plugin_api_msg; -#undef _ - - return 0; -} - -#define vl_msg_name_crc_list -#include -#undef vl_msg_name_crc_list - -static void -setup_message_id_table (snat_main_t * sm, api_main_t * am) -{ -#define _(id,n,crc) \ - vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id + sm->msg_id_base); - foreach_vl_msg_name_crc_nat; -#undef _ -} - -static void -plugin_custom_dump_configure (snat_main_t * sm) -{ -#define _(n,f) sm->api_main->msg_print_handlers \ - [VL_API_##n + sm->msg_id_base] \ - = (void *) vl_api_##f##_t_print; - foreach_snat_plugin_api_msg; -#undef _ -} - clib_error_t * -snat_api_init (vlib_main_t * vm, snat_main_t * sm) +nat44_api_hookup (vlib_main_t * vm) { - u8 *name; - clib_error_t *error = 0; - - name = format (0, "nat_%08x%c", api_version, 0); - - /* Ask for a correctly-sized block of API message decode slots */ - sm->msg_id_base = - vl_msg_api_get_msg_ids ((char *) name, VL_MSG_FIRST_AVAILABLE); - - error = snat_plugin_api_hookup (vm); - - /* Add our API messages to the global name_crc hash table */ - setup_message_id_table (sm, sm->api_main); - - plugin_custom_dump_configure (sm); - - vec_free (name); - - return error; + snat_main_t *sm = &snat_main; + sm->msg_id_base = setup_message_id_table (); + return 0; } /* diff --git a/src/plugins/nat/nat44_cli.c b/src/plugins/nat/nat44_cli.c index 9db7db6ef22..695e8cc142e 100644 --- a/src/plugins/nat/nat44_cli.c +++ b/src/plugins/nat/nat44_cli.c @@ -1696,11 +1696,11 @@ nat44_del_user_command_fn (vlib_main_t * vm, } } - rv = nat44_user_del (&addr, fib_index); + rv = nat44_ei_user_del (&addr, fib_index); if (!rv) { - error = clib_error_return (0, "nat44_user_del returned %d", rv); + error = clib_error_return (0, "nat44_ei_user_del returned %d", rv); } done: diff --git a/src/plugins/nat/nat_all_api_h.h b/src/plugins/nat/nat_all_api_h.h deleted file mode 100644 index f011a089b09..00000000000 --- a/src/plugins/nat/nat_all_api_h.h +++ /dev/null @@ -1,24 +0,0 @@ - -/* - * nat_all_api_h.h - skeleton vpp engine plug-in api #include file - * - * Copyright (c) - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* Include the generated file, see BUILT_SOURCES in Makefile.am */ - -#ifdef vl_printfun -#include -#endif - -#include diff --git a/src/plugins/nat/nat_msg_enum.h b/src/plugins/nat/nat_msg_enum.h deleted file mode 100644 index 710b631c73d..00000000000 --- a/src/plugins/nat/nat_msg_enum.h +++ /dev/null @@ -1,31 +0,0 @@ - -/* - * nat_msg_enum.h - skeleton vpp engine plug-in message enumeration - * - * Copyright (c) - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef included_nat_msg_enum_h -#define included_nat_msg_enum_h - -#include - -#define vl_msg_id(n,h) n, -typedef enum { -#include - /* We'll want to know how many messages IDs we need... */ - VL_MSG_FIRST_AVAILABLE, -} vl_msg_id_t; -#undef vl_msg_id - -#endif /* included_nat_msg_enum_h */ diff --git a/src/plugins/nat/nat_test.c b/src/plugins/nat/nat_test.c deleted file mode 100644 index 228d5b58157..00000000000 --- a/src/plugins/nat/nat_test.c +++ /dev/null @@ -1,1017 +0,0 @@ -/* - * nat.c - skeleton vpp-api-test plug-in - * - * Copyright (c) - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include -#include -#include - -#include -#include -#include - -#define __plugin_msg_base snat_test_main.msg_id_base -#include - -uword unformat_sw_if_index (unformat_input_t * input, va_list * args); - -/* Declare message IDs */ -#include - -/* define message structures */ -#define vl_typedefs -#include -#undef vl_typedefs - -/* declare message handlers for each api */ - -#define vl_endianfun /* define message structures */ -#include -#undef vl_endianfun - -/* instantiate all the print functions we know about */ -#define vl_print(handle, ...) -#define vl_printfun -#include -#undef vl_printfun - -/* Get the API version number. */ -#define vl_api_version(n,v) static u32 api_version=(v); -#include -#undef vl_api_version - -typedef struct { - /* API message ID base */ - u16 msg_id_base; - vat_main_t *vat_main; -} snat_test_main_t; - -snat_test_main_t snat_test_main; - -#define foreach_standard_reply_retval_handler \ -_(nat44_add_del_address_range_reply) \ -_(nat44_interface_add_del_feature_reply) \ -_(nat44_interface_add_del_output_feature_reply) \ -_(nat44_add_del_static_mapping_reply) \ -_(nat_set_workers_reply) \ -_(nat44_add_del_interface_addr_reply) \ -_(nat_ipfix_enable_disable_reply) \ -_(nat_set_timeouts_reply) - -#define _(n) \ - static void vl_api_##n##_t_handler \ - (vl_api_##n##_t * mp) \ - { \ - vat_main_t * vam = snat_test_main.vat_main; \ - i32 retval = ntohl(mp->retval); \ - if (vam->async_mode) { \ - vam->async_errors += (retval < 0); \ - } else { \ - vam->retval = retval; \ - vam->result_ready = 1; \ - } \ - } -foreach_standard_reply_retval_handler; -#undef _ - -/* - * Table of message reply handlers, must include boilerplate handlers - * we just generated - */ -#define foreach_vpe_api_reply_msg \ -_(NAT44_ADD_DEL_ADDRESS_RANGE_REPLY, \ - nat44_add_del_address_range_reply) \ -_(NAT44_INTERFACE_ADD_DEL_FEATURE_REPLY, \ - nat44_interface_add_del_feature_reply) \ -_(NAT44_INTERFACE_ADD_DEL_OUTPUT_FEATURE_REPLY, \ - nat44_interface_add_del_output_feature_reply) \ -_(NAT44_ADD_DEL_STATIC_MAPPING_REPLY, \ - nat44_add_del_static_mapping_reply) \ -_(NAT_CONTROL_PING_REPLY, nat_control_ping_reply) \ -_(NAT44_STATIC_MAPPING_DETAILS, nat44_static_mapping_details) \ -_(NAT_SHOW_CONFIG_REPLY, nat_show_config_reply) \ -_(NAT_SHOW_CONFIG_2_REPLY, nat_show_config_2_reply) \ -_(NAT44_ADDRESS_DETAILS, nat44_address_details) \ -_(NAT44_INTERFACE_DETAILS, nat44_interface_details) \ -_(NAT_SET_WORKERS_REPLY, nat_set_workers_reply) \ -_(NAT_WORKER_DETAILS, nat_worker_details) \ -_(NAT44_ADD_DEL_INTERFACE_ADDR_REPLY, \ - nat44_add_del_interface_addr_reply) \ -_(NAT44_INTERFACE_ADDR_DETAILS, nat44_interface_addr_details) \ -_(NAT_IPFIX_ENABLE_DISABLE_REPLY, \ - nat_ipfix_enable_disable_reply) \ -_(NAT44_USER_DETAILS, nat44_user_details) \ -_(NAT44_USER_SESSION_DETAILS, nat44_user_session_details) \ -_(NAT_SET_TIMEOUTS_REPLY, nat_set_timeouts_reply) \ -_(NAT_GET_TIMEOUTS_REPLY, nat_get_timeouts_reply) - -static int api_nat44_add_del_address_range (vat_main_t * vam) -{ - unformat_input_t * i = vam->input; - ip4_address_t start_addr, end_addr; - u32 start_host_order, end_host_order; - vl_api_nat44_add_del_address_range_t * mp; - u8 is_add = 1; - u8 twice_nat = 0; - int vrf_id = ~0; - int count; - int ret; - - while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT) - { - if (unformat (i, "%U - %U", - unformat_ip4_address, &start_addr, - unformat_ip4_address, &end_addr)) - ; - else if (unformat (i, "%U", unformat_ip4_address, &start_addr)) - end_addr = start_addr; - else if (unformat (i, "twice-nat")) - twice_nat = 1; - else if (unformat (i, "vrf %u", &vrf_id)) - ; - else if (unformat (i, "del")) - is_add = 0; - else - { - clib_warning("unknown input '%U'", format_unformat_error, i); - return -99; - } - } - - start_host_order = clib_host_to_net_u32 (start_addr.as_u32); - end_host_order = clib_host_to_net_u32 (end_addr.as_u32); - - if (end_host_order < start_host_order) - { - errmsg ("end address less than start address\n"); - return -99; - } - - count = (end_host_order - start_host_order) + 1; - - if (count > 1024) - { - errmsg ("%U - %U, %d addresses...\n", - format_ip4_address, &start_addr, - format_ip4_address, &end_addr, - count); - } - - M(NAT44_ADD_DEL_ADDRESS_RANGE, mp); - - memcpy (mp->first_ip_address, &start_addr, 4); - memcpy (mp->last_ip_address, &end_addr, 4); - mp->vrf_id = vrf_id; - if (twice_nat) - mp->flags = (vl_api_nat_config_flags_t)NAT_API_IS_TWICE_NAT; - mp->is_add = is_add; - - S(mp); - W (ret); - return ret; -} - -static int api_nat44_interface_add_del_feature (vat_main_t * vam) -{ - unformat_input_t * i = vam->input; - vl_api_nat44_interface_add_del_feature_t * mp; - u32 sw_if_index; - u8 sw_if_index_set = 0; - u8 is_inside = 1; - u8 is_add = 1; - int ret; - - while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT) - { - if (unformat (i, "%U", unformat_sw_if_index, vam, &sw_if_index)) - sw_if_index_set = 1; - else if (unformat (i, "sw_if_index %d", &sw_if_index)) - sw_if_index_set = 1; - else if (unformat (i, "out")) - is_inside = 0; - else if (unformat (i, "in")) - is_inside = 1; - else if (unformat (i, "del")) - is_add = 0; - else - { - clib_warning("unknown input '%U'", format_unformat_error, i); - return -99; - } - } - - if (sw_if_index_set == 0) - { - errmsg ("interface / sw_if_index required\n"); - return -99; - } - - M(NAT44_INTERFACE_ADD_DEL_FEATURE, mp); - mp->sw_if_index = ntohl(sw_if_index); - mp->is_add = is_add; - if (is_inside) - mp->flags |= NAT_API_IS_INSIDE; - - S(mp); - W (ret); - return ret; -} - -static int api_nat44_interface_add_del_output_feature (vat_main_t * vam) -{ - unformat_input_t * i = vam->input; - vl_api_nat44_interface_add_del_output_feature_t * mp; - u32 sw_if_index; - u8 sw_if_index_set = 0; - u8 is_inside = 1; - u8 is_add = 1; - int ret; - - while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT) - { - if (unformat (i, "%U", unformat_sw_if_index, vam, &sw_if_index)) - sw_if_index_set = 1; - else if (unformat (i, "sw_if_index %d", &sw_if_index)) - sw_if_index_set = 1; - else if (unformat (i, "out")) - is_inside = 0; - else if (unformat (i, "in")) - is_inside = 1; - else if (unformat (i, "del")) - is_add = 0; - else - { - clib_warning("unknown input '%U'", format_unformat_error, i); - return -99; - } - } - - if (sw_if_index_set == 0) - { - errmsg ("interface / sw_if_index required\n"); - return -99; - } - - M(NAT44_INTERFACE_ADD_DEL_OUTPUT_FEATURE, mp); - mp->sw_if_index = ntohl(sw_if_index); - mp->is_add = is_add; - if (is_inside) - mp->flags |= NAT_API_IS_INSIDE; - - S(mp); - W (ret); - return ret; -} - -static int api_nat44_add_del_static_mapping(vat_main_t * vam) -{ - unformat_input_t * i = vam->input; - vl_api_nat44_add_del_static_mapping_t * mp; - u8 external_addr_set = 0; - u8 local_addr_set = 0; - u8 is_add = 1; - u8 addr_only = 1; - ip4_address_t local_addr, external_addr; - u32 local_port = 0, external_port = 0, vrf_id = ~0; - u32 sw_if_index = ~0; - u8 sw_if_index_set = 0; - u32 proto = NAT_PROTOCOL_OTHER; - u8 proto_set = 0; - int ret; - - while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT) - { - if (unformat (i, "local_addr %U", unformat_ip4_address, &local_addr)) - local_addr_set = 1; - else if (unformat (i, "external_addr %U", unformat_ip4_address, - &external_addr)) - external_addr_set = 1; - else if (unformat (i, "local_port %u", &local_port)) - addr_only = 0; - else if (unformat (i, "external_port %u", &external_port)) - addr_only = 0; - else if (unformat (i, "external_if %U", unformat_sw_if_index, vam, - &sw_if_index)) - sw_if_index_set = 1; - else if (unformat (i, "external_sw_if_index %d", &sw_if_index)) - sw_if_index_set = 1; - else if (unformat (i, "vrf %u", &vrf_id)) - ; - else if (unformat (i, "protocol %u", &proto)) - proto_set = 1; - else if (unformat (i, "del")) - is_add = 0; - else - { - clib_warning("unknown input '%U'", format_unformat_error, i); - return -99; - } - } - - if (!addr_only && !proto_set) - { - errmsg ("protocol required\n"); - return -99; - } - - if (!local_addr_set) - { - errmsg ("local addr required\n"); - return -99; - } - if (!external_addr_set && !sw_if_index_set) - { - errmsg ("external addr or interface required\n"); - return -99; - } - - M(NAT44_ADD_DEL_STATIC_MAPPING, mp); - - mp->is_add = is_add; - if (addr_only) - mp->flags |= NAT_API_IS_ADDR_ONLY; - - mp->local_port = ntohs ((u16) local_port); - mp->external_port = ntohs ((u16) external_port); - mp->external_sw_if_index = ntohl (sw_if_index); - mp->vrf_id = ntohl (vrf_id); - mp->protocol = (u8) proto; - memcpy (mp->local_ip_address, &local_addr, 4); - memcpy (mp->external_ip_address, &external_addr, 4); - - S(mp); - W (ret); - return ret; -} - -static void vl_api_nat_control_ping_reply_t_handler - (vl_api_nat_control_ping_reply_t * mp) -{ - vat_main_t *vam = &vat_main; - i32 retval = ntohl (mp->retval); - if (vam->async_mode) - { - vam->async_errors += (retval < 0); - } - else - { - vam->retval = retval; - vam->result_ready = 1; - } -} - -static void vl_api_nat44_static_mapping_details_t_handler - (vl_api_nat44_static_mapping_details_t *mp) -{ - snat_test_main_t * sm = &snat_test_main; - vat_main_t *vam = sm->vat_main; - nat_config_flags_t flags = (nat_config_flags_t) mp->flags; - - if (flags & NAT_API_IS_ADDR_ONLY && mp->external_sw_if_index != ~0) - fformat (vam->ofp, "%15U%6s%15d%6s%11d%6d\n", - format_ip4_address, &mp->local_ip_address, "", - ntohl (mp->external_sw_if_index), "", - ntohl (mp->vrf_id), - mp->protocol); - else if (flags & NAT_API_IS_ADDR_ONLY && mp->external_sw_if_index == ~0) - fformat (vam->ofp, "%15U%6s%15U%6s%11d%6d\n", - format_ip4_address, &mp->local_ip_address, "", - format_ip4_address, &mp->external_ip_address, "", - ntohl (mp->vrf_id), - mp->protocol); - else if (!(flags & NAT_API_IS_ADDR_ONLY) && mp->external_sw_if_index != ~0) - fformat (vam->ofp, "%15U%6d%15d%6d%11d%6d\n", - format_ip4_address, &mp->local_ip_address, - ntohs (mp->local_port), - ntohl (mp->external_sw_if_index), - ntohs (mp->external_port), - ntohl (mp->vrf_id), - mp->protocol); - else - fformat (vam->ofp, "%15U%6d%15U%6d%11d%6d\n", - format_ip4_address, &mp->local_ip_address, - ntohs (mp->local_port), - format_ip4_address, &mp->external_ip_address, - ntohs (mp->external_port), - ntohl (mp->vrf_id), - mp->protocol); - -} - -static int api_nat44_static_mapping_dump(vat_main_t * vam) -{ - vl_api_nat44_static_mapping_dump_t * mp; - vl_api_nat_control_ping_t *mp_ping; - int ret; - - if (vam->json_output) - { - clib_warning ("JSON output not supported for nat44_static_mapping_dump"); - return -99; - } - - fformat (vam->ofp, "%21s%21s\n", "local", "external"); - fformat (vam->ofp, "%15s%6s%15s%6s%11s%6s\n", "address", "port", - "address/if_idx", "port", "vrf", "proto"); - - M(NAT44_STATIC_MAPPING_DUMP, mp); - S(mp); - - /* Use a control ping for synchronization */ - M(NAT_CONTROL_PING, mp_ping); - S(mp_ping); - - W (ret); - return ret; -} - -static void vl_api_nat_show_config_reply_t_handler - (vl_api_nat_show_config_reply_t *mp) -{ - snat_test_main_t * sm = &snat_test_main; - vat_main_t *vam = sm->vat_main; - i32 retval = ntohl (mp->retval); - - if (retval >= 0) - { - fformat (vam->ofp, "translation hash buckets %d\n", - ntohl (mp->translation_buckets)); - fformat (vam->ofp, "translation hash memory %d\n", - ntohl (mp->translation_memory_size)); - fformat (vam->ofp, "user hash buckets %d\n", ntohl (mp->user_buckets)); - fformat (vam->ofp, "user hash memory %d\n", ntohl (mp->user_memory_size)); - fformat (vam->ofp, "max translations per user %d\n", - ntohl (mp->max_translations_per_user)); - fformat (vam->ofp, "outside VRF id %d\n", ntohl (mp->outside_vrf_id)); - fformat (vam->ofp, "inside VRF id %d\n", ntohl (mp->inside_vrf_id)); - if (mp->static_mapping_only) - { - fformat (vam->ofp, "static mapping only"); - if (mp->static_mapping_connection_tracking) - fformat (vam->ofp, " connection tracking"); - fformat (vam->ofp, "\n"); - } - } - vam->retval = retval; - vam->result_ready = 1; -} - -static void vl_api_nat_show_config_2_reply_t_handler - (vl_api_nat_show_config_2_reply_t *mp) -{ - snat_test_main_t * sm = &snat_test_main; - vat_main_t *vam = sm->vat_main; - i32 retval = ntohl (mp->retval); - - if (retval >= 0) - { - fformat (vam->ofp, "translation hash buckets %d\n", - ntohl (mp->translation_buckets)); - fformat (vam->ofp, "translation hash memory %d\n", - ntohl (mp->translation_memory_size)); - fformat (vam->ofp, "user hash buckets %d\n", ntohl (mp->user_buckets)); - fformat (vam->ofp, "user hash memory %d\n", ntohl (mp->user_memory_size)); - fformat (vam->ofp, "max translations per user %d\n", - ntohl (mp->max_translations_per_user)); - fformat (vam->ofp, "outside VRF id %d\n", ntohl (mp->outside_vrf_id)); - fformat (vam->ofp, "inside VRF id %d\n", ntohl (mp->inside_vrf_id)); - if (mp->static_mapping_only) - { - fformat (vam->ofp, "static mapping only"); - if (mp->static_mapping_connection_tracking) - fformat (vam->ofp, " connection tracking"); - fformat (vam->ofp, "\n"); - } - } - vam->retval = retval; - vam->result_ready = 1; -} - -static int api_nat_show_config(vat_main_t * vam) -{ - vl_api_nat_show_config_t * mp; - int ret; - - if (vam->json_output) - { - clib_warning ("JSON output not supported for nat_show_config"); - return -99; - } - - M(NAT_SHOW_CONFIG, mp); - S(mp); - W (ret); - return ret; -} - -static int api_nat_show_config_2(vat_main_t * vam) -{ - vl_api_nat_show_config_2_t * mp; - int ret; - - if (vam->json_output) - { - clib_warning ("JSON output not supported for nat_show_config_2"); - return -99; - } - - M(NAT_SHOW_CONFIG_2, mp); - S(mp); - W (ret); - return ret; -} - -static void vl_api_nat44_address_details_t_handler - (vl_api_nat44_address_details_t *mp) -{ - snat_test_main_t * sm = &snat_test_main; - vat_main_t *vam = sm->vat_main; - - fformat (vam->ofp, "%U\n", format_ip4_address, &mp->ip_address); -} - -static int api_nat44_address_dump(vat_main_t * vam) -{ - vl_api_nat44_address_dump_t * mp; - vl_api_nat_control_ping_t *mp_ping; - int ret; - - if (vam->json_output) - { - clib_warning ("JSON output not supported for nat44_address_dump"); - return -99; - } - - M(NAT44_ADDRESS_DUMP, mp); - S(mp); - - /* Use a control ping for synchronization */ - M(NAT_CONTROL_PING, mp_ping); - S(mp_ping); - - W (ret); - return ret; -} - -static void vl_api_nat44_interface_details_t_handler - (vl_api_nat44_interface_details_t *mp) -{ - nat_config_flags_t flags = (nat_config_flags_t) mp->flags; - snat_test_main_t * sm = &snat_test_main; - vat_main_t *vam = sm->vat_main; - - if ((flags & NAT_API_IS_INSIDE) && (flags & NAT_API_IS_OUTSIDE)) - { - fformat (vam->ofp, "sw_if_index %d in & out\n", ntohl (mp->sw_if_index)); - } - else - { - fformat (vam->ofp, "sw_if_index %d %s\n", ntohl (mp->sw_if_index), - flags & NAT_API_IS_INSIDE ? "in" : "out"); - } -} - -static int api_nat44_interface_dump(vat_main_t * vam) -{ - vl_api_nat44_interface_dump_t * mp; - vl_api_nat_control_ping_t *mp_ping; - int ret; - - if (vam->json_output) - { - clib_warning ("JSON output not supported for nat44_address_dump"); - return -99; - } - - M(NAT44_INTERFACE_DUMP, mp); - S(mp); - - /* Use a control ping for synchronization */ - M(NAT_CONTROL_PING, mp_ping); - S(mp_ping); - - W (ret); - return ret; -} - -static int api_nat_set_workers (vat_main_t * vam) -{ - unformat_input_t * i = vam->input; - vl_api_nat_set_workers_t * mp; - uword *bitmap; - int ret; - - while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT) - { - if (unformat (i, "%U", unformat_bitmap_list, &bitmap)) - ; - else - { - clib_warning("unknown input '%U'", format_unformat_error, i); - return -99; - } - } - - M(NAT_SET_WORKERS, mp); - mp->worker_mask = clib_host_to_net_u64 (bitmap[0]); - - S(mp); - W (ret); - return ret; -} - -static void vl_api_nat_worker_details_t_handler - (vl_api_nat_worker_details_t *mp) -{ - snat_test_main_t * sm = &snat_test_main; - vat_main_t *vam = sm->vat_main; - - fformat (vam->ofp, "worker_index %d (%s at lcore %u)\n", - ntohl (mp->worker_index), mp->name, ntohl (mp->lcore_id)); -} - -static int api_nat_worker_dump(vat_main_t * vam) -{ - vl_api_nat_worker_dump_t * mp; - vl_api_nat_control_ping_t *mp_ping; - int ret; - - if (vam->json_output) - { - clib_warning ("JSON output not supported for nat_address_dump"); - return -99; - } - - M(NAT_WORKER_DUMP, mp); - S(mp); - - /* Use a control ping for synchronization */ - M(NAT_CONTROL_PING, mp_ping); - S(mp_ping); - - W (ret); - return ret; -} - -static int api_nat44_add_del_interface_addr (vat_main_t * vam) -{ - unformat_input_t * i = vam->input; - vl_api_nat44_add_del_interface_addr_t * mp; - u32 sw_if_index; - u8 sw_if_index_set = 0; - u8 is_add = 1; - u8 twice_nat = 0; - int ret; - - while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT) - { - if (unformat (i, "%U", unformat_sw_if_index, vam, &sw_if_index)) - sw_if_index_set = 1; - else if (unformat (i, "sw_if_index %d", &sw_if_index)) - sw_if_index_set = 1; - else if (unformat (i, "twice-nat")) - twice_nat = 1; - else if (unformat (i, "del")) - is_add = 0; - else - { - clib_warning("unknown input '%U'", format_unformat_error, i); - return -99; - } - } - - if (sw_if_index_set == 0) - { - errmsg ("interface / sw_if_index required\n"); - return -99; - } - - M(NAT44_ADD_DEL_INTERFACE_ADDR, mp); - mp->sw_if_index = ntohl(sw_if_index); - if (twice_nat) - mp->flags = (vl_api_nat_config_flags_t)NAT_API_IS_TWICE_NAT; - mp->is_add = is_add; - - S(mp); - W (ret); - return ret; -} - -static void vl_api_nat44_interface_addr_details_t_handler - (vl_api_nat44_interface_addr_details_t *mp) -{ - snat_test_main_t * sm = &snat_test_main; - vat_main_t *vam = sm->vat_main; - - fformat (vam->ofp, "sw_if_index %d\n", ntohl (mp->sw_if_index)); -} - -static int api_nat44_interface_addr_dump(vat_main_t * vam) -{ - vl_api_nat44_interface_addr_dump_t * mp; - vl_api_nat_control_ping_t *mp_ping; - int ret; - - if (vam->json_output) - { - clib_warning ("JSON output not supported for nat44_address_dump"); - return -99; - } - - M(NAT44_INTERFACE_ADDR_DUMP, mp); - S(mp); - - /* Use a control ping for synchronization */ - M(NAT_CONTROL_PING, mp_ping); - S(mp_ping); - - W (ret); - return ret; -} - -static int api_nat_ipfix_enable_disable (vat_main_t * vam) -{ - unformat_input_t * i = vam->input; - vl_api_nat_ipfix_enable_disable_t * mp; - u32 domain_id = 0; - u32 src_port = 0; - u8 enable = 1; - int ret; - - while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT) - { - if (unformat (i, "domain %d", &domain_id)) - ; - else if (unformat (i, "src_port %d", &src_port)) - ; - else if (unformat (i, "disable")) - enable = 0; - else - { - clib_warning("unknown input '%U'", format_unformat_error, i); - return -99; - } - } - - M(NAT_IPFIX_ENABLE_DISABLE, mp); - mp->domain_id = htonl(domain_id); - mp->src_port = htons((u16) src_port); - mp->enable = enable; - - S(mp); - W (ret); - return ret; -} - -static void vl_api_nat44_user_session_details_t_handler - (vl_api_nat44_user_session_details_t *mp) -{ - snat_test_main_t * sm = &snat_test_main; - vat_main_t *vam = sm->vat_main; - - fformat(vam->ofp, "%s session %U:%d to %U:%d protocol id %d " - "total packets %d total bytes %lld\n", - mp->flags & NAT_API_IS_STATIC ? "static" : "dynamic", - format_ip4_address, mp->inside_ip_address, ntohs(mp->inside_port), - format_ip4_address, mp->outside_ip_address, ntohs(mp->outside_port), - ntohs(mp->protocol), ntohl(mp->total_pkts), - clib_net_to_host_u64(mp->total_bytes)); -} - -static int api_nat44_user_session_dump(vat_main_t * vam) -{ - unformat_input_t* i = vam->input; - vl_api_nat44_user_session_dump_t * mp; - vl_api_nat_control_ping_t *mp_ping; - ip4_address_t addr; - u32 vrf_id = ~0; - int ret; - - if (vam->json_output) - { - clib_warning ("JSON output not supported for nat44_address_dump"); - return -99; - } - - if (unformat (i, "ip_address %U vrf_id %d", - unformat_ip4_address, &addr, &vrf_id)) - ; - else - { - clib_warning("unknown input '%U'", format_unformat_error, i); - return -99; - } - - M(NAT44_USER_SESSION_DUMP, mp); - S(mp); - - /* Use a control ping for synchronization */ - M(NAT_CONTROL_PING, mp_ping); - clib_memset(mp->ip_address, 0, 16); - clib_memcpy(mp->ip_address, &addr, 4); - mp->vrf_id = htonl(vrf_id); - S(mp_ping); - - W (ret); - return ret; -} - -static void vl_api_nat44_user_details_t_handler - (vl_api_nat44_user_details_t *mp) -{ - snat_test_main_t * sm = &snat_test_main; - vat_main_t *vam = sm->vat_main; - - fformat(vam->ofp, "user with ip %U with vrf_id %d " - "with %d sessions and %d static sessions\n", - format_ip4_address, mp->ip_address, ntohl(mp->vrf_id), - ntohl(mp->nsessions), ntohl(mp->nstaticsessions)); -} - -static int api_nat44_user_dump(vat_main_t * vam) -{ - vl_api_nat44_user_dump_t * mp; - vl_api_nat_control_ping_t *mp_ping; - int ret; - - if (vam->json_output) - { - clib_warning ("JSON output not supported for nat44_address_dump"); - return -99; - } - - M(NAT44_USER_DUMP, mp); - S(mp); - - /* Use a control ping for synchronization */ - M(NAT_CONTROL_PING, mp_ping); - S(mp_ping); - - W (ret); - return ret; -} - -static int api_nat_set_timeouts (vat_main_t * vam) -{ - unformat_input_t * i = vam->input; - vl_api_nat_set_timeouts_t * mp; - u32 udp = SNAT_UDP_TIMEOUT; - u32 tcp_established = SNAT_TCP_ESTABLISHED_TIMEOUT; - u32 tcp_transitory = SNAT_TCP_TRANSITORY_TIMEOUT; - u32 icmp = SNAT_ICMP_TIMEOUT; - int ret; - - if (unformat (i, "udp %d", &udp)) - ; - else if (unformat (i, "tcp_established %d", &tcp_established)) - ; - else if (unformat (i, "tcp_transitory %d", &tcp_transitory)) - ; - else if (unformat (i, "icmp %d", &icmp)) - ; - else - { - clib_warning("unknown input '%U'", format_unformat_error, i); - return -99; - } - - M(NAT_SET_TIMEOUTS, mp); - mp->udp = htonl(udp); - mp->tcp_established = htonl(tcp_established); - mp->tcp_transitory = htonl(tcp_transitory); - mp->icmp = htonl(icmp); - - S(mp); - W (ret); - return ret; -} - -static void vl_api_nat_get_timeouts_reply_t_handler - (vl_api_nat_get_timeouts_reply_t *mp) -{ - snat_test_main_t * sm = &snat_test_main; - vat_main_t *vam = sm->vat_main; - i32 retval = ntohl (mp->retval); - - if (retval >= 0) - { - fformat (vam->ofp, "udp timeout: %dsec\n", ntohl (mp->udp)); - fformat (vam->ofp, "tcp-established timeout: %dsec", - ntohl (mp->tcp_established)); - fformat (vam->ofp, "tcp-transitory timeout: %dsec", - ntohl (mp->tcp_transitory)); - fformat (vam->ofp, "icmp timeout: %dsec", ntohl (mp->icmp)); - } - vam->retval = retval; - vam->result_ready = 1; -} - -static int api_nat_get_timeouts(vat_main_t * vam) -{ - vl_api_nat_get_timeouts_t * mp; - int ret; - - if (vam->json_output) - { - clib_warning ("JSON output not supported for nat_get_timeouts"); - return -99; - } - - M(NAT_GET_TIMEOUTS, mp); - S(mp); - W (ret); - return ret; -} - -/* - * List of messages that the api test plugin sends, - * and that the data plane plugin processes - */ -#define foreach_vpe_api_msg \ -_(nat44_add_del_address_range, \ - " [- ] [vrf ] [twice-nat] [del]") \ -_(nat44_interface_add_del_feature, \ - " | sw_if_index [in] [out] [del]") \ -_(nat44_interface_add_del_output_feature, \ - " | sw_if_index [in] [out] [del]") \ -_(nat44_add_del_static_mapping, "local_addr " \ - " (external_addr | external_if |" \ - " external_sw_if_ndex ) [local_port ]" \ - " [external_port ] [vrf ] [del] protocol ") \ -_(nat_set_workers, "") \ -_(nat44_static_mapping_dump, "") \ -_(nat_show_config, "") \ -_(nat_show_config_2, "") \ -_(nat44_address_dump, "") \ -_(nat44_interface_dump, "") \ -_(nat_worker_dump, "") \ -_(nat44_add_del_interface_addr, \ - " | sw_if_index [twice-nat] [del]") \ -_(nat44_interface_addr_dump, "") \ -_(nat_ipfix_enable_disable, "[domain ] [src_port ] " \ - "[disable]") \ -_(nat44_user_dump, "") \ -_(nat44_user_session_dump, "ip_address vrf_id ") \ -_(nat_set_timeouts, "[udp | tcp_established | " \ - "tcp_transitory | icmp ]") \ -_(nat_get_timeouts, "") - -static void -snat_vat_api_hookup (vat_main_t *vam) -{ - snat_test_main_t * sm __attribute__((unused)) = &snat_test_main; - /* Hook up handlers for replies from the data plane plug-in */ -#define _(N,n) \ - vl_msg_api_set_handlers((VL_API_##N + sm->msg_id_base), \ - #n, \ - vl_api_##n##_t_handler, \ - vl_noop_handler, \ - vl_api_##n##_t_endian, \ - vl_api_##n##_t_print, \ - sizeof(vl_api_##n##_t), 1); - foreach_vpe_api_reply_msg; -#undef _ - - /* API messages we can send */ -#define _(n,h) \ - hash_set_mem (vam->function_by_name, #n, api_##n); - foreach_vpe_api_msg; -#undef _ - - /* Help strings */ -#define _(n,h) hash_set_mem (vam->help_by_name, #n, h); - foreach_vpe_api_msg; -#undef _ -} - -clib_error_t * vat_plugin_register (vat_main_t *vam) -{ - snat_test_main_t * sm = &snat_test_main; - u8 * name; - - sm->vat_main = vam; - - /* Ask the vpp engine for the first assigned message-id */ - name = format (0, "nat_%08x%c", api_version, 0); - sm->msg_id_base = vl_client_get_first_plugin_msg_id ((char *) name); - vec_free(name); - - if (sm->msg_id_base != (u16) ~0) - snat_vat_api_hookup (vam); - else - return clib_error_return (0, "nat plugin not loaded..."); - - return 0; -} -- 2.16.6