aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins
diff options
context:
space:
mode:
authorMatus Fabian <matfabia@cisco.com>2017-08-21 07:05:03 -0700
committerOle Trøan <otroan@employees.org>2017-08-23 07:42:10 +0000
commit2ba92e32e0197f676dd905e5edcb4ff3e1bec241 (patch)
tree4d5eba20eda422bde4e9218834e1b8662a43b001 /src/plugins
parentcfc997ef3da9f406afe5caad99fc98a53aab7a77 (diff)
NAT: Rename snat plugin to nat (VPP-955)
Change-Id: I30a7e3da7a4efc6038a91e27b48045d4b07e2764 Signed-off-by: Matus Fabian <matfabia@cisco.com>
Diffstat (limited to 'src/plugins')
-rw-r--r--src/plugins/Makefile.am4
-rw-r--r--src/plugins/nat.am41
-rw-r--r--src/plugins/nat/in2out.c (renamed from src/plugins/snat/in2out.c)144
-rw-r--r--src/plugins/nat/nat.api (renamed from src/plugins/snat/snat.api)684
-rw-r--r--src/plugins/nat/nat.c (renamed from src/plugins/snat/snat.c)190
-rw-r--r--src/plugins/nat/nat.h (renamed from src/plugins/snat/snat.h)18
-rw-r--r--src/plugins/nat/nat64.c (renamed from src/plugins/snat/nat64.c)4
-rw-r--r--src/plugins/nat/nat64.h (renamed from src/plugins/snat/nat64.h)4
-rw-r--r--src/plugins/nat/nat64_cli.c (renamed from src/plugins/snat/nat64_cli.c)4
-rw-r--r--src/plugins/nat/nat64_db.c (renamed from src/plugins/snat/nat64_db.c)2
-rw-r--r--src/plugins/nat/nat64_db.h (renamed from src/plugins/snat/nat64_db.h)2
-rw-r--r--src/plugins/nat/nat64_doc.md (renamed from src/plugins/snat/nat64_doc.md)0
-rw-r--r--src/plugins/nat/nat64_in2out.c (renamed from src/plugins/snat/nat64_in2out.c)2
-rw-r--r--src/plugins/nat/nat64_out2in.c (renamed from src/plugins/snat/nat64_out2in.c)2
-rw-r--r--src/plugins/nat/nat_all_api_h.h (renamed from src/plugins/snat/snat_all_api_h.h)4
-rw-r--r--src/plugins/nat/nat_api.c (renamed from src/plugins/snat/snat_api.c)1311
-rw-r--r--src/plugins/nat/nat_det.c (renamed from src/plugins/snat/snat_det.c)6
-rw-r--r--src/plugins/nat/nat_det.h (renamed from src/plugins/snat/snat_det.h)12
-rw-r--r--src/plugins/nat/nat_ipfix_logging.c (renamed from src/plugins/snat/snat_ipfix_logging.c)14
-rw-r--r--src/plugins/nat/nat_ipfix_logging.h (renamed from src/plugins/snat/snat_ipfix_logging.h)10
-rw-r--r--src/plugins/nat/nat_msg_enum.h (renamed from src/plugins/snat/snat_msg_enum.h)10
-rw-r--r--src/plugins/nat/nat_test.c (renamed from src/plugins/snat/snat_test.c)14
-rw-r--r--src/plugins/nat/out2in.c (renamed from src/plugins/snat/out2in.c)134
-rw-r--r--src/plugins/snat.am41
24 files changed, 2279 insertions, 378 deletions
diff --git a/src/plugins/Makefile.am b/src/plugins/Makefile.am
index 8c7b3fac..205bfe6d 100644
--- a/src/plugins/Makefile.am
+++ b/src/plugins/Makefile.am
@@ -74,8 +74,8 @@ if ENABLE_SIXRD_PLUGIN
include sixrd.am
endif
-if ENABLE_SNAT_PLUGIN
-include snat.am
+if ENABLE_NAT_PLUGIN
+include nat.am
endif
include ../suffix-rules.mk
diff --git a/src/plugins/nat.am b/src/plugins/nat.am
new file mode 100644
index 00000000..b967a716
--- /dev/null
+++ b/src/plugins/nat.am
@@ -0,0 +1,41 @@
+
+# Copyright (c) <current-year> <your-organization>
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+vppapitestplugins_LTLIBRARIES += nat_test_plugin.la
+vppplugins_LTLIBRARIES += nat_plugin.la
+
+nat_plugin_la_SOURCES = nat/nat.c \
+ nat/nat_api.c \
+ nat/in2out.c \
+ nat/out2in.c \
+ nat/nat_plugin.api.h \
+ nat/nat_ipfix_logging.c \
+ nat/nat_det.c \
+ nat/nat64.c \
+ nat/nat64_cli.c \
+ nat/nat64_in2out.c \
+ nat/nat64_out2in.c \
+ nat/nat64_db.c
+
+API_FILES += nat/nat.api
+
+nobase_apiinclude_HEADERS += \
+ nat/nat_all_api_h.h \
+ nat/nat_msg_enum.h \
+ nat/nat.api.h
+
+nat_test_plugin_la_SOURCES = \
+ nat/nat_test.c nat/nat_plugin.api.h
+
+# vi:syntax=automake
diff --git a/src/plugins/snat/in2out.c b/src/plugins/nat/in2out.c
index abe0d9db..62a11170 100644
--- a/src/plugins/snat/in2out.c
+++ b/src/plugins/nat/in2out.c
@@ -21,9 +21,9 @@
#include <vnet/ip/ip.h>
#include <vnet/ethernet/ethernet.h>
#include <vnet/fib/ip4_fib.h>
-#include <snat/snat.h>
-#include <snat/snat_ipfix_logging.h>
-#include <snat/snat_det.h>
+#include <nat/nat.h>
+#include <nat/nat_ipfix_logging.h>
+#include <nat/nat_det.h>
#include <vppinfra/hash.h>
#include <vppinfra/error.h>
@@ -49,8 +49,8 @@ static u8 * format_snat_in2out_trace (u8 * s, va_list * args)
snat_in2out_trace_t * t = va_arg (*args, snat_in2out_trace_t *);
char * tag;
- tag = t->is_slow_path ? "SNAT_IN2OUT_SLOW_PATH" : "SNAT_IN2OUT_FAST_PATH";
-
+ tag = t->is_slow_path ? "NAT44_IN2OUT_SLOW_PATH" : "NAT44_IN2OUT_FAST_PATH";
+
s = format (s, "%s: sw_if_index %d, next index %d, session %d", tag,
t->sw_if_index, t->next_index, t->session_index);
@@ -63,7 +63,7 @@ static u8 * format_snat_in2out_fast_trace (u8 * s, va_list * args)
CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
snat_in2out_trace_t * t = va_arg (*args, snat_in2out_trace_t *);
- s = format (s, "SANT_IN2OUT_FAST: sw_if_index %d, next index %d",
+ s = format (s, "NAT44_IN2OUT_FAST: sw_if_index %d, next index %d",
t->sw_if_index, t->next_index);
return s;
@@ -78,7 +78,7 @@ static u8 * format_snat_in2out_worker_handoff_trace (u8 * s, va_list * args)
char * m;
m = t->do_handoff ? "next worker" : "same worker";
- s = format (s, "SNAT_IN2OUT_WORKER_HANDOFF: %s %d", m, t->next_worker_index);
+ s = format (s, "NAT44_IN2OUT_WORKER_HANDOFF: %s %d", m, t->next_worker_index);
return s;
}
@@ -102,7 +102,7 @@ _(OUT_OF_PORTS, "Out of ports") \
_(BAD_OUTSIDE_FIB, "Outside VRF ID not found") \
_(BAD_ICMP_TYPE, "unsupported ICMP type") \
_(NO_TRANSLATION, "No translation")
-
+
typedef enum {
#define _(sym,str) SNAT_IN2OUT_ERROR_##sym,
foreach_snat_in2out_error
@@ -138,11 +138,11 @@ typedef enum {
* Packets aimed at outside interface and external addresss with active session
* should be translated.
*
- * @param sm SNAT main
- * @param rt SNAT runtime data
+ * @param sm NAT main
+ * @param rt NAT runtime data
* @param sw_if_index0 index of the inside interface
* @param ip0 IPv4 header
- * @param proto0 SNAT protocol
+ * @param proto0 NAT protocol
* @param rx_fib_index0 RX FIB index
*
* @returns 0 if packet should be translated otherwise 1
@@ -254,7 +254,7 @@ static u32 slow_path (snat_main_t *sm, vlib_buffer_t *b0,
user_key.addr = ip0->src_address;
user_key.fib_index = rx_fib_index0;
kv0.key = user_key.as_u64;
-
+
/* Ever heard of the "user" = src ip4 address before? */
if (clib_bihash_search_8_8 (&sm->user_hash, &kv0, &value0))
{
@@ -387,7 +387,7 @@ static u32 slow_path (snat_main_t *sm, vlib_buffer_t *b0,
/* Create a new session */
pool_get (sm->per_thread_data[thread_index].sessions, s);
memset (s, 0, sizeof (*s));
-
+
s->outside_address_index = address_index;
if (static_mapping)
@@ -418,7 +418,7 @@ static u32 slow_path (snat_main_t *sm, vlib_buffer_t *b0,
per_user_translation_list_elt -
sm->per_thread_data[thread_index].list_pool);
}
-
+
s->in2out = *key0;
s->out2in = key1;
s->out2in.protocol = key0->protocol;
@@ -431,10 +431,10 @@ static u32 slow_path (snat_main_t *sm, vlib_buffer_t *b0,
kv0.value = s - sm->per_thread_data[thread_index].sessions;
if (clib_bihash_add_del_8_8 (&sm->in2out, &kv0, 1 /* is_add */))
clib_warning ("in2out key add failed");
-
+
kv0.key = s->out2in.as_u64;
kv0.value = s - sm->per_thread_data[thread_index].sessions;
-
+
if (clib_bihash_add_del_8_8 (&sm->out2in, &kv0, 1 /* is_add */))
clib_warning ("out2in key add failed");
@@ -502,11 +502,11 @@ snat_in2out_error_t icmp_get_key(ip4_header_t *ip0,
}
/**
- * Get address and port values to be used for packet SNAT translation
+ * Get address and port values to be used for ICMP packet translation
* and create session if needed
*
- * @param[in,out] sm SNAT main
- * @param[in,out] node SNAT node runtime
+ * @param[in,out] sm NAT main
+ * @param[in,out] node NAT node runtime
* @param[in] thread_index thread index
* @param[in,out] b0 buffer containing packet to be translated
* @param[out] p_proto protocol used for matching
@@ -601,10 +601,10 @@ out:
}
/**
- * Get address and port values to be used for packet SNAT translation
+ * Get address and port values to be used for ICMP packet translation
*
- * @param[in] sm SNAT main
- * @param[in,out] node SNAT node runtime
+ * @param[in] sm NAT main
+ * @param[in,out] node NAT node runtime
* @param[in] thread_index thread index
* @param[in,out] b0 buffer containing packet to be translated
* @param[out] p_proto protocol used for matching
@@ -732,7 +732,7 @@ static inline u32 icmp_in2out (snat_main_t *sm,
sum0 = ip_csum_update (sum0, old_addr0, new_addr0, ip4_header_t,
src_address /* changed member */);
ip0->checksum = ip_csum_fold (sum0);
-
+
if (!icmp_is_error_message (icmp0))
{
new_id0 = sm0.port;
@@ -810,12 +810,12 @@ out:
* communicate even if they only use each other's external IP addresses
* and ports.
*
- * @param sm SNAT main.
+ * @param sm NAT main.
* @param b0 Vlib buffer.
* @param ip0 IP header.
* @param udp0 UDP header.
* @param tcp0 TCP header.
- * @param proto0 SNAT protocol.
+ * @param proto0 NAT protocol.
*/
static inline void
snat_hairpinning (snat_main_t *sm,
@@ -1413,14 +1413,14 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
snat_session_t * s0 = 0, * s1 = 0;
clib_bihash_kv_8_8_t kv0, value0, kv1, value1;
u32 iph_offset0 = 0, iph_offset1 = 0;
-
+
/* Prefetch next iteration. */
{
vlib_buffer_t * p2, * p3;
-
+
p2 = vlib_get_buffer (vm, from[2]);
p3 = vlib_get_buffer (vm, from[3]);
-
+
vlib_prefetch_buffer_header (p2, LOAD);
vlib_prefetch_buffer_header (p3, LOAD);
@@ -1435,7 +1435,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
to_next += 2;
n_left_from -= 2;
n_left_to_next -= 2;
-
+
b0 = vlib_get_buffer (vm, bi0);
b1 = vlib_get_buffer (vm, bi1);
@@ -1450,7 +1450,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
icmp0 = (icmp46_header_t *) udp0;
sw_if_index0 = vnet_buffer(b0)->sw_if_index[VLIB_RX];
- rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
+ rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
sw_if_index0);
next0 = next1 = SNAT_IN2OUT_NEXT_LOOKUP;
@@ -1479,8 +1479,8 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP))
{
- next0 = icmp_in2out_slow_path
- (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0,
+ next0 = icmp_in2out_slow_path
+ (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0,
node, next0, now, thread_index, &s0);
goto trace00;
}
@@ -1498,7 +1498,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
key0.port = udp0->src_port;
key0.protocol = proto0;
key0.fib_index = rx_fib_index0;
-
+
kv0.key = key0.as_u64;
if (PREDICT_FALSE (clib_bihash_search_8_8 (&sm->in2out, &kv0, &value0) != 0))
@@ -1577,10 +1577,10 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
}
trace00:
- if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b0->flags & VLIB_BUFFER_IS_TRACED)))
+ if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b0->flags & VLIB_BUFFER_IS_TRACED)))
{
- snat_in2out_trace_t *t =
+ snat_in2out_trace_t *t =
vlib_add_trace (vm, node, b0, sizeof (*t));
t->is_slow_path = is_slow_path;
t->sw_if_index = sw_if_index0;
@@ -1603,7 +1603,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
icmp1 = (icmp46_header_t *) udp1;
sw_if_index1 = vnet_buffer(b1)->sw_if_index[VLIB_RX];
- rx_fib_index1 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
+ rx_fib_index1 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
sw_if_index1);
if (PREDICT_FALSE(ip1->ttl == 1))
@@ -1630,7 +1630,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
if (PREDICT_FALSE (proto1 == SNAT_PROTOCOL_ICMP))
{
- next1 = icmp_in2out_slow_path
+ next1 = icmp_in2out_slow_path
(sm, b1, ip1, icmp1, sw_if_index1, rx_fib_index1, node,
next1, now, thread_index, &s1);
goto trace01;
@@ -1649,7 +1649,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
key1.port = udp1->src_port;
key1.protocol = proto1;
key1.fib_index = rx_fib_index1;
-
+
kv1.key = key1.as_u64;
if (PREDICT_FALSE(clib_bihash_search_8_8 (&sm->in2out, &kv1, &value1) != 0))
@@ -1728,10 +1728,10 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
}
trace01:
- if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b1->flags & VLIB_BUFFER_IS_TRACED)))
+ if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b1->flags & VLIB_BUFFER_IS_TRACED)))
{
- snat_in2out_trace_t *t =
+ snat_in2out_trace_t *t =
vlib_add_trace (vm, node, b1, sizeof (*t));
t->sw_if_index = sw_if_index1;
t->next_index = next1;
@@ -1790,7 +1790,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
icmp0 = (icmp46_header_t *) udp0;
sw_if_index0 = vnet_buffer(b0)->sw_if_index[VLIB_RX];
- rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
+ rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
sw_if_index0);
if (PREDICT_FALSE(ip0->ttl == 1))
@@ -1817,7 +1817,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP))
{
- next0 = icmp_in2out_slow_path
+ next0 = icmp_in2out_slow_path
(sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
next0, now, thread_index, &s0);
goto trace0;
@@ -1836,7 +1836,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
key0.port = udp0->src_port;
key0.protocol = proto0;
key0.fib_index = rx_fib_index0;
-
+
kv0.key = key0.as_u64;
if (clib_bihash_search_8_8 (&sm->in2out, &kv0, &value0))
@@ -1916,10 +1916,10 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
}
trace0:
- if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b0->flags & VLIB_BUFFER_IS_TRACED)))
+ if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b0->flags & VLIB_BUFFER_IS_TRACED)))
{
- snat_in2out_trace_t *t =
+ snat_in2out_trace_t *t =
vlib_add_trace (vm, node, b0, sizeof (*t));
t->is_slow_path = is_slow_path;
t->sw_if_index = sw_if_index0;
@@ -1940,8 +1940,8 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
vlib_put_next_frame (vm, node, next_index, n_left_to_next);
}
- vlib_node_increment_counter (vm, stats_node_index,
- SNAT_IN2OUT_ERROR_IN2OUT_PACKETS,
+ vlib_node_increment_counter (vm, stats_node_index,
+ SNAT_IN2OUT_ERROR_IN2OUT_PACKETS,
pkts_processed);
return frame->n_vectors;
}
@@ -1956,7 +1956,7 @@ snat_in2out_fast_path_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_in2out_node) = {
.function = snat_in2out_fast_path_fn,
- .name = "snat-in2out",
+ .name = "nat44-in2out",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -1972,7 +1972,7 @@ VLIB_REGISTER_NODE (snat_in2out_node) = {
.next_nodes = {
[SNAT_IN2OUT_NEXT_DROP] = "error-drop",
[SNAT_IN2OUT_NEXT_LOOKUP] = "ip4-lookup",
- [SNAT_IN2OUT_NEXT_SLOW_PATH] = "snat-in2out-slowpath",
+ [SNAT_IN2OUT_NEXT_SLOW_PATH] = "nat44-in2out-slowpath",
[SNAT_IN2OUT_NEXT_ICMP_ERROR] = "ip4-icmp-error",
},
};
@@ -1989,7 +1989,7 @@ snat_in2out_output_fast_path_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_in2out_output_node) = {
.function = snat_in2out_output_fast_path_fn,
- .name = "snat-in2out-output",
+ .name = "nat44-in2out-output",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -2005,7 +2005,7 @@ VLIB_REGISTER_NODE (snat_in2out_output_node) = {
.next_nodes = {
[SNAT_IN2OUT_NEXT_DROP] = "error-drop",
[SNAT_IN2OUT_NEXT_LOOKUP] = "interface-output",
- [SNAT_IN2OUT_NEXT_SLOW_PATH] = "snat-in2out-output-slowpath",
+ [SNAT_IN2OUT_NEXT_SLOW_PATH] = "nat44-in2out-output-slowpath",
[SNAT_IN2OUT_NEXT_ICMP_ERROR] = "ip4-icmp-error",
},
};
@@ -2023,7 +2023,7 @@ snat_in2out_slow_path_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_in2out_slowpath_node) = {
.function = snat_in2out_slow_path_fn,
- .name = "snat-in2out-slowpath",
+ .name = "nat44-in2out-slowpath",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -2039,7 +2039,7 @@ VLIB_REGISTER_NODE (snat_in2out_slowpath_node) = {
.next_nodes = {
[SNAT_IN2OUT_NEXT_DROP] = "error-drop",
[SNAT_IN2OUT_NEXT_LOOKUP] = "ip4-lookup",
- [SNAT_IN2OUT_NEXT_SLOW_PATH] = "snat-in2out-slowpath",
+ [SNAT_IN2OUT_NEXT_SLOW_PATH] = "nat44-in2out-slowpath",
[SNAT_IN2OUT_NEXT_ICMP_ERROR] = "ip4-icmp-error",
},
};
@@ -2057,7 +2057,7 @@ snat_in2out_output_slow_path_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_in2out_output_slowpath_node) = {
.function = snat_in2out_output_slow_path_fn,
- .name = "snat-in2out-output-slowpath",
+ .name = "nat44-in2out-output-slowpath",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -2073,7 +2073,7 @@ VLIB_REGISTER_NODE (snat_in2out_output_slowpath_node) = {
.next_nodes = {
[SNAT_IN2OUT_NEXT_DROP] = "error-drop",
[SNAT_IN2OUT_NEXT_LOOKUP] = "interface-output",
- [SNAT_IN2OUT_NEXT_SLOW_PATH] = "snat-in2out-output-slowpath",
+ [SNAT_IN2OUT_NEXT_SLOW_PATH] = "nat44-in2out-output-slowpath",
[SNAT_IN2OUT_NEXT_ICMP_ERROR] = "ip4-icmp-error",
},
};
@@ -2658,7 +2658,7 @@ snat_det_in2out_node_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_det_in2out_node) = {
.function = snat_det_in2out_node_fn,
- .name = "snat-det-in2out",
+ .name = "nat44-det-in2out",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -2681,11 +2681,11 @@ VLIB_REGISTER_NODE (snat_det_in2out_node) = {
VLIB_NODE_FUNCTION_MULTIARCH (snat_det_in2out_node, snat_det_in2out_node_fn);
/**
- * Get address and port values to be used for packet SNAT translation
+ * Get address and port values to be used for ICMP packet translation
* and create session if needed
*
- * @param[in,out] sm SNAT main
- * @param[in,out] node SNAT node runtime
+ * @param[in,out] sm NAT main
+ * @param[in,out] node NAT node runtime
* @param[in] thread_index thread index
* @param[in,out] b0 buffer containing packet to be translated
* @param[out] p_proto protocol used for matching
@@ -3009,7 +3009,7 @@ snat_in2out_worker_handoff_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_in2out_worker_handoff_node) = {
.function = snat_in2out_worker_handoff_fn,
- .name = "snat-in2out-worker-handoff",
+ .name = "nat44-in2out-worker-handoff",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_worker_handoff_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -3034,7 +3034,7 @@ snat_in2out_output_worker_handoff_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_in2out_output_worker_handoff_node) = {
.function = snat_in2out_output_worker_handoff_fn,
- .name = "snat-in2out-output-worker-handoff",
+ .name = "nat44-in2out-output-worker-handoff",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_worker_handoff_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -3160,7 +3160,7 @@ snat_hairpin_dst_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_hairpin_dst_node) = {
.function = snat_hairpin_dst_fn,
- .name = "snat-hairpin-dst",
+ .name = "nat44-hairpin-dst",
.vector_size = sizeof (u32),
.type = VLIB_NODE_TYPE_INTERNAL,
.n_errors = ARRAY_LEN(snat_in2out_error_strings),
@@ -3240,7 +3240,7 @@ snat_hairpin_src_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_hairpin_src_node) = {
.function = snat_hairpin_src_fn,
- .name = "snat-hairpin-src",
+ .name = "nat44-hairpin-src",
.vector_size = sizeof (u32),
.type = VLIB_NODE_TYPE_INTERNAL,
.n_errors = ARRAY_LEN(snat_in2out_error_strings),
@@ -3248,9 +3248,9 @@ VLIB_REGISTER_NODE (snat_hairpin_src_node) = {
.n_next_nodes = SNAT_HAIRPIN_SRC_N_NEXT,
.next_nodes = {
[SNAT_HAIRPIN_SRC_NEXT_DROP] = "error-drop",
- [SNAT_HAIRPIN_SRC_NEXT_SNAT_IN2OUT] = "snat-in2out-output",
+ [SNAT_HAIRPIN_SRC_NEXT_SNAT_IN2OUT] = "nat44-in2out-output",
[SNAT_HAIRPIN_SRC_NEXT_INTERFACE_OUTPUT] = "interface-output",
- [SNAT_HAIRPIN_SRC_NEXT_SNAT_IN2OUT_WH] = "snat-in2out-output-worker-handoff",
+ [SNAT_HAIRPIN_SRC_NEXT_SNAT_IN2OUT_WH] = "nat44-in2out-output-worker-handoff",
},
};
@@ -3430,23 +3430,23 @@ snat_in2out_fast_static_map_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_in2out_fast_node) = {
.function = snat_in2out_fast_static_map_fn,
- .name = "snat-in2out-fast",
+ .name = "nat44-in2out-fast",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_fast_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
-
+
.n_errors = ARRAY_LEN(snat_in2out_error_strings),
.error_strings = snat_in2out_error_strings,
.runtime_data_bytes = sizeof (snat_runtime_t),
-
+
.n_next_nodes = SNAT_IN2OUT_N_NEXT,
/* edit / add dispositions here */
.next_nodes = {
[SNAT_IN2OUT_NEXT_DROP] = "error-drop",
[SNAT_IN2OUT_NEXT_LOOKUP] = "ip4-lookup",
- [SNAT_IN2OUT_NEXT_SLOW_PATH] = "snat-in2out-slowpath",
+ [SNAT_IN2OUT_NEXT_SLOW_PATH] = "nat44-in2out-slowpath",
[SNAT_IN2OUT_NEXT_ICMP_ERROR] = "ip4-icmp-error",
},
};
diff --git a/src/plugins/snat/snat.api b/src/plugins/nat/nat.api
index 3c493dda..7245cb07 100644
--- a/src/plugins/snat/snat.api
+++ b/src/plugins/nat/nat.api
@@ -13,14 +13,18 @@
* limitations under the License.
*/
/**
- * @file snat.api
+ * @file nat.api
* @brief VPP control-plane API messages.
*
* This file defines VPP control-plane API messages which are generally
* called through a shared memory interface.
*/
-/** \brief Add/del S-NAT address range
+/*
+ * Old "snat" APIs, will be deprecated after 17.10
+ */
+
+/** \brief Add/del NAT44 address range
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@param is_ip4 - 1 if address type is IPv4
@@ -39,7 +43,7 @@ autoreply define snat_add_address_range {
u8 is_add;
};
-/** \brief Dump S-NAT addresses
+/** \brief Dump NAT44 addresses
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
*/
@@ -48,7 +52,7 @@ define snat_address_dump {
u32 context;
};
-/** \brief S-NAT address details response
+/** \brief NAT44 address details response
@param context - sender context, to match reply w/ request
@param is_ip4 - 1 if address type is IPv4
@param ip_address - IP address
@@ -61,7 +65,7 @@ define snat_address_details {
u32 vrf_id;
};
-/** \brief Enable/disable S-NAT feature on the interface
+/** \brief Enable/disable NAT44 feature on the interface
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@param is_add - 1 if add, 0 if delete
@@ -76,7 +80,7 @@ autoreply define snat_interface_add_del_feature {
u32 sw_if_index;
};
-/** \brief Dump interfaces with S-NAT feature
+/** \brief Dump interfaces with NAT44 feature
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
*/
@@ -85,7 +89,7 @@ define snat_interface_dump {
u32 context;
};
-/** \brief S-NAT interface details response
+/** \brief NAT44 interface details response
@param context - sender context, to match reply w/ request
@param is_inside - 1 if inside, 0 if outside
@param sw_if_index - software index of the interface
@@ -96,7 +100,7 @@ define snat_interface_details {
u32 sw_if_index;
};
-/** \brief Enable/disbale S-NAT as an interface output feature (postrouting
+/** \brief Enable/disbale NAT44 as an interface output feature (postrouting
in2out translation)
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@@ -112,7 +116,7 @@ autoreply define snat_interface_add_del_output_feature {
u32 sw_if_index;
};
-/** \brief Dump interfaces with S-NAT output feature
+/** \brief Dump interfaces with NAT44 output feature
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
*/
@@ -121,7 +125,7 @@ define snat_interface_output_feature_dump {
u32 context;
};
-/** \brief S-NAT interface with output feature details response
+/** \brief NAT44 interface with output feature details response
@param context - sender context, to match reply w/ request
@param is_inside - 1 if inside, 0 if outside
@param sw_if_index - software index of the interface
@@ -132,7 +136,7 @@ define snat_interface_output_feature_details {
u32 sw_if_index;
};
-/** \brief Add/delete S-NAT static mapping
+/** \brief Add/delete NAT44 static mapping
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@param is_add - 1 if add, 0 if delete
@@ -163,7 +167,7 @@ autoreply define snat_add_static_mapping {
u32 vrf_id;
};
-/** \brief Dump S-NAT static mappings
+/** \brief Dump NAT44 static mappings
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
*/
@@ -172,7 +176,7 @@ define snat_static_mapping_dump {
u32 context;
};
-/** \brief S-NAT static mapping details response
+/** \brief NAT44 static mapping details response
@param context - sender context, to match reply w/ request
@param is_ip4 - 1 if address type is IPv4
@param addr_only - 1 if address only mapping
@@ -221,7 +225,7 @@ define snat_control_ping_reply
u32 vpe_pid;
};
-/** \brief Show S-NAT plugin startup config
+/** \brief Show NAT plugin startup config
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
*/
@@ -231,7 +235,7 @@ define snat_show_config
u32 context;
};
-/** \brief Show S-NAT plugin startup config reply
+/** \brief Show NAT plugin startup config reply
@param context - sender context, to match reply w/ request
@param retval - return code for the request
@param static_mapping_only - if 1 dynamic translations disabled
@@ -261,10 +265,10 @@ define snat_show_config_reply
u32 inside_vrf_id;
};
-/** \brief Set S-NAT workers
+/** \brief Set NAT workers
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
- @param worker_mask - S-NAT workers mask
+ @param worker_mask - NAT workers mask
*/
autoreply define snat_set_workers {
u32 client_index;
@@ -272,7 +276,7 @@ autoreply define snat_set_workers {
u64 worker_mask;
};
-/** \brief Dump S-NAT workers
+/** \brief Dump NAT workers
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
*/
@@ -281,7 +285,7 @@ define snat_worker_dump {
u32 context;
};
-/** \brief S-NAT workers details response
+/** \brief NAT workers details response
@param context - sender context, to match reply w/ request
@param worker_index - worker index
@param lcore_id - lcore ID
@@ -294,7 +298,7 @@ define snat_worker_details {
u8 name[64];
};
-/** \brief Add/delete S-NAT pool address from specific interfce
+/** \brief Add/delete NAT44 pool address from specific interfce
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@param is_add - 1 if add, 0 if delete
@@ -308,7 +312,7 @@ autoreply define snat_add_del_interface_addr {
u32 sw_if_index;
};
-/** \brief Dump S-NAT pool addresses interfaces
+/** \brief Dump NAT44 pool addresses interfaces
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
*/
@@ -317,7 +321,7 @@ define snat_interface_addr_dump {
u32 context;
};
-/** \brief S-NAT pool addresses interfaces details response
+/** \brief NAT44 pool addresses interfaces details response
@param context - sender context, to match reply w/ request
@param sw_if_index - software index of the interface
*/
@@ -326,7 +330,7 @@ define snat_interface_addr_details {
u32 sw_if_index;
};
-/** \brief Enable/disable S-NAT IPFIX logging
+/** \brief Enable/disable NAT IPFIX logging
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@param domain_id - observation domain ID
@@ -341,7 +345,7 @@ autoreply define snat_ipfix_enable_disable {
u8 enable;
};
-/** \brief Dump S-NAT users
+/** \brief Dump NAT44 users
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
*/
@@ -350,7 +354,7 @@ define snat_user_dump {
u32 context;
};
-/** \brief S-NAT users response
+/** \brief NAT44 users response
@param context - sender context, to match reply w/ request
@vrf_id - VRF ID
@param is_ip4 - 1 if address type is IPv4
@@ -367,7 +371,7 @@ define snat_user_details {
u32 nstaticsessions;
};
-/** \brief S-NAT user's sessions
+/** \brief NAT44 user's sessions
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@param is_ip4 - 1 if address type is IPv4
@@ -382,7 +386,7 @@ define snat_user_session_dump {
u32 vrf_id;
};
-/** \brief S-NAT user's sessions response
+/** \brief NAT44 user's sessions response
@param context - sender context, to match reply w/ request
@param is_ip4 - 1 if address type is IPv4
@param outside_ip_address - outside IP address
@@ -409,7 +413,7 @@ define snat_user_session_details {
u32 total_pkts;
};
-/** \brief Add/delete S-NAT deterministic mapping
+/** \brief Add/delete NAT deterministic mapping
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@param is_add - 1 if add, 0 if delete
@@ -489,7 +493,7 @@ define snat_det_reverse_reply {
u8 in_addr[16];
};
-/** \brief Dump S-NAT deterministic mappings
+/** \brief Dump NAT deterministic mappings
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
*/
@@ -498,7 +502,7 @@ define snat_det_map_dump {
u32 context;
};
-/** \brief S-NAT users response
+/** \brief NAT users response
@param context - sender context, to match reply w/ request
@param is_ip4 - 1 if address type is IPv4
@param in_addr - inside IP address
@@ -564,7 +568,7 @@ define snat_det_get_timeouts_reply {
u32 icmp;
};
-/** \brief Close CGNAT session by outside address and port
+/** \brief Close deterministic NAT session by outside address and port
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@param is_ip4 - 1 if address type is IPv4
@@ -583,7 +587,7 @@ autoreply define snat_det_close_session_out {
u16 ext_port;
};
-/** \brief Close CGNAT session by inside address and port
+/** \brief Close deterministic NAT session by inside address and port
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@param is_ip4 - 1 if address type is IPv4
@@ -602,7 +606,7 @@ autoreply define snat_det_close_session_in {
u16 ext_port;
};
-/** \brief Dump S-NAT deterministic sessions
+/** \brief Dump determinstic NAT sessions
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@param is_ip4 - 1 if address type is IPv4
@@ -615,7 +619,7 @@ define snat_det_session_dump {
u8 user_addr[16];
};
-/** \brief S-NAT deterministic sessions reply
+/** \brief Deterministic NAT sessions reply
@param context - sender context, to match reply w/ request
@param is_ip4 - 1 if address type is IPv4
@param in_port - inside port
@@ -637,6 +641,618 @@ define snat_det_session_details {
u32 expire;
};
+/*
+ * Common NAT plugin APIs
+ */
+
+/** \brief Control ping from client to api server request
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat_control_ping
+{
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Control ping from the client to the server response
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param retval - return code for the request
+ @param vpe_pid - the pid of the vpe, returned by the server
+*/
+define nat_control_ping_reply
+{
+ u32 context;
+ i32 retval;
+ u32 client_index;
+ u32 vpe_pid;
+};
+
+/** \brief Show NAT plugin startup config
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat_show_config
+{
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Show NAT plugin startup config reply
+ @param context - sender context, to match reply w/ request
+ @param retval - return code for the request
+ @param static_mapping_only - if 1 dynamic translations disabled
+ @param static_mapping_connection_tracking - if 1 create session data
+ @param deterministic - if 1 deterministic mapping
+ @param translation_buckets - number of translation hash buckets
+ @param translation_memory_size - translation hash memory size
+ @param user_buckets - number of user hash buckets
+ @param user_memory_size - user hash memory size
+ @param max_translations_per_user - maximum number of translations per user
+ @param outside_vrf_id - outside VRF id
+ @param inside_vrf_id - default inside VRF id
+*/
+define nat_show_config_reply
+{
+ u32 context;
+ i32 retval;
+ u8 static_mapping_only;
+ u8 static_mapping_connection_tracking;
+ u8 deterministic;
+ u32 translation_buckets;
+ u32 translation_memory_size;
+ u32 user_buckets;
+ u32 user_memory_size;
+ u32 max_translations_per_user;
+ u32 outside_vrf_id;
+ u32 inside_vrf_id;
+};
+
+/** \brief Set NAT workers
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param worker_mask - NAT workers mask
+*/
+autoreply define nat_set_workers {
+ u32 client_index;
+ u32 context;
+ u64 worker_mask;
+};
+
+/** \brief Dump NAT workers
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat_worker_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT workers details response
+ @param context - sender context, to match reply w/ request
+ @param worker_index - worker index
+ @param lcore_id - lcore ID
+ @param name - worker name
+*/
+define nat_worker_details {
+ u32 context;
+ u32 worker_index;
+ u32 lcore_id;
+ u8 name[64];
+};
+
+/** \brief Enable/disable NAT IPFIX logging
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param domain_id - observation domain ID
+ @param src_port - source port number
+ @param enable - 1 if enable, 0 if disable
+*/
+autoreply define nat_ipfix_enable_disable {
+ u32 client_index;
+ u32 context;
+ u32 domain_id;
+ u16 src_port;
+ u8 enable;
+};
+
+/*
+ * NAT44 APIs
+ */
+
+/** \brief Add/del NAT44 address range
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param first_ip_address - first IPv4 address
+ @param last_ip_address - last IPv4 address
+ @param vrf_id - VRF id of tenant, ~0 means independent of VRF
+ @param is_add - 1 if add, 0 if delete
+*/
+autoreply define nat44_add_del_address_range {
+ u32 client_index;
+ u32 context;
+ u8 first_ip_address[4];
+ u8 last_ip_address[4];
+ u32 vrf_id;
+ u8 is_add;
+};
+
+/** \brief Dump NAT44 addresses
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat44_address_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 address details response
+ @param context - sender context, to match reply w/ request
+ @param ip_address - IPv4 address
+ @param vrf_id - VRF id of tenant, ~0 means independent of VRF
+*/
+define nat44_address_details {
+ u32 context;
+ u8 ip_address[4];
+ u32 vrf_id;
+};
+
+/** \brief Enable/disable NAT44 feature on the interface
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - software index of the interface
+*/
+autoreply define nat44_interface_add_del_feature {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Dump interfaces with NAT44 feature
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat44_interface_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 interface details response
+ @param context - sender context, to match reply w/ request
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - software index of the interface
+*/
+define nat44_interface_details {
+ u32 context;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Enable/disbale NAT44 as an interface output feature (postrouting
+ in2out translation)
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - software index of the interface
+*/
+autoreply define nat44_interface_add_del_output_feature {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Dump interfaces with NAT44 output feature
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat44_interface_output_feature_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 interface with output feature details response
+ @param context - sender context, to match reply w/ request
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - software index of the interface
+*/
+define nat44_interface_output_feature_details {
+ u32 context;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Add/delete NAT44 static mapping
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param addr_only - 1 if address only mapping
+ @param local_ip_address - local IPv4 address
+ @param external_ip_address - external IPv4 address
+ @param protocol - IP protocol
+ @param local_port - local port number
+ @param external_port - external port number
+ @param external_sw_if_index - external interface (if set
+ external_ip_address is ignored, ~0 means not
+ used)
+ @param vfr_id - VRF ID
+*/
+autoreply define nat44_add_del_static_mapping {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 addr_only;
+ u8 local_ip_address[4];
+ u8 external_ip_address[4];
+ u8 protocol;
+ u16 local_port;
+ u16 external_port;
+ u32 external_sw_if_index;
+ u32 vrf_id;
+};
+
+/** \brief Dump NAT44 static mappings
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat44_static_mapping_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 static mapping details response
+ @param context - sender context, to match reply w/ request
+ @param addr_only - 1 if address only mapping
+ @param local_ip_address - local IPv4 address
+ @param external_ip_address - external IPv4 address
+ @param protocol - IP protocol
+ @param local_port - local port number
+ @param external_port - external port number
+ @param external_sw_if_index - external interface
+ @param vfr_id - VRF ID
+*/
+define nat44_static_mapping_details {
+ u32 context;
+ u8 addr_only;
+ u8 local_ip_address[4];
+ u8 external_ip_address[4];
+ u8 protocol;
+ u16 local_port;
+ u16 external_port;
+ u32 external_sw_if_index;
+ u32 vrf_id;
+};
+
+/** \brief Add/delete NAT44 pool address from specific interfce
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param sw_if_index - software index of the interface
+*/
+autoreply define nat44_add_del_interface_addr {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Dump NAT44 pool addresses interfaces
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat44_interface_addr_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 pool addresses interfaces details response
+ @param context - sender context, to match reply w/ request
+ @param sw_if_index - software index of the interface
+*/
+define nat44_interface_addr_details {
+ u32 context;
+ u32 sw_if_index;
+};
+
+/** \brief Dump NAT44 users
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat44_user_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 users response
+ @param context - sender context, to match reply w/ request
+ @vrf_id - VRF ID
+ @param ip_adress - IPv4 address
+ @param nsessions - number of dynamic sessions
+ @param nstaticsessions - number of static sessions
+*/
+define nat44_user_details {
+ u32 context;
+ u32 vrf_id;
+ u8 ip_address[4];
+ u32 nsessions;
+ u32 nstaticsessions;
+};
+
+/** \brief NAT44 user's sessions
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param user_ip - IP address of the user to dump
+ @param vrf_id - VRF_ID
+*/
+define nat44_user_session_dump {
+ u32 client_index;
+ u32 context;
+ u8 ip_address[4];
+ u32 vrf_id;
+};
+
+/** \brief NAT44 user's sessions response
+ @param context - sender context, to match reply w/ request
+ @param outside_ip_address - outside IPv4 address
+ @param outside_port - outside port
+ @param inside_ip_address - inside IPv4 address
+ @param inside_port - inside port
+ @param protocol - protocol
+ @param is_static - 1 if session is static
+ @param last_heard - last heard timer
+ @param total_bytes - count of bytes sent through session
+ @param total_pkts - count of pakets sent through session
+*/
+define nat44_user_session_details {
+ u32 context;
+ u8 outside_ip_address[4];
+ u16 outside_port;
+ u8 inside_ip_address[4];
+ u16 inside_port;
+ u16 protocol;
+ u8 is_static;
+ u64 last_heard;
+ u64 total_bytes;
+ u32 total_pkts;
+};
+
+/*
+ * Deterministic NAT (CGN) APIs
+ */
+
+/** \brief Add/delete NAT deterministic mapping
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param is_nat44 - 1 if NAT44
+ @param in_addr - inside IP address
+ @param in_plen - inside IP address prefix length
+ @param out_addr - outside IPv4 address
+ @param out_addr - outside IPv4 address prefix length
+*/
+autoreply define nat_det_add_del_map {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_nat44;
+ u8 addr_only;
+ u8 in_addr[16];
+ u8 in_plen;
+ u8 out_addr[4];
+ u8 out_plen;
+};
+
+/** \brief Get outside address and port range from inside address
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_nat44 - 1 if NAT44
+ @param in_addr - inside IP address
+*/
+define nat_det_forward {
+ u32 client_index;
+ u32 context;
+ u8 is_nat44;
+ u8 in_addr[16];
+};
+
+/** \brief Get outside address and port range from inside address
+ @param context - sender context, to match reply w/ request
+ @param retval - return code
+ @param out_port_lo - outside port range start
+ @param out_port_hi - outside port range end
+ @param out_addr - outside IPv4 address
+*/
+define nat_det_forward_reply {
+ u32 context;
+ i32 retval;
+ u16 out_port_lo;
+ u16 out_port_hi;
+ u8 out_addr[4];
+};
+
+/** \brief Get inside address from outside address and port
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param out_port - outside port
+ @param out_addr - outside IPv4 address
+*/
+define nat_det_reverse {
+ u32 client_index;
+ u32 context;
+ u16 out_port;
+ u8 out_addr[4];
+};
+
+/** \brief Get inside address from outside address and port reply
+ @param context - sender context, to match reply w/ request
+ @param retval - return code
+ @param is_nat44 - 1 if NAT44
+ @param in_addr - inside IP address
+*/
+define nat_det_reverse_reply {
+ u32 context;
+ i32 retval;
+ u8 is_nat44;
+ u8 in_addr[16];
+};
+
+/** \brief Dump NAT deterministic mappings
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat_det_map_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT users response
+ @param context - sender context, to match reply w/ request
+ @param is_nat44 - 1 if NAT44
+ @param in_addr - inside IP address
+ @param in_plen - inside IP address prefix length
+ @param out_addr - outside IPv4 address
+ @param out_plen - outside IPv4 address prefix length
+ @param sharing_ratio - outside to inside address sharing ratio
+ @param ports_per_host - number of ports available to a host
+ @param ses_num - number of sessions belonging to this mapping
+*/
+define nat_det_map_details {
+ u32 context;
+ u8 is_nat44;
+ u8 in_addr[16];
+ u8 in_plen;
+ u8 out_addr[4];
+ u8 out_plen;
+ u32 sharing_ratio;
+ u16 ports_per_host;
+ u32 ses_num;
+};
+
+/** \brief Set values of timeouts for deterministic NAT (seconds, 0 = default)
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param udp - UDP timeout (default 300sec)
+ @param tcp_established - TCP established timeout (default 7440sec)
+ @param tcp_transitory - TCP transitory timeout (default 240sec)
+ @param icmp - ICMP timeout (default 60sec)
+*/
+autoreply define nat_det_set_timeouts {
+ u32 client_index;
+ u32 context;
+ u32 udp;
+ u32 tcp_established;
+ u32 tcp_transitory;
+ u32 icmp;
+};
+
+/** \brief Get values of timeouts for deterministic NAT (seconds)
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat_det_get_timeouts {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Get values of timeouts for deterministic NAT reply
+ @param context - sender context, to match reply w/ request
+ @param retval - return code
+ @param udp - UDP timeout (default 300sec)
+ @param tcp_established - TCP established timeout (default 7440sec)
+ @param tcp_transitory - TCP transitory timeout (default 240sec)
+ @param icmp - ICMP timeout (default 60sec)
+*/
+define nat_det_get_timeouts_reply {
+ u32 context;
+ i32 retval;
+ u32 udp;
+ u32 tcp_established;
+ u32 tcp_transitory;
+ u32 icmp;
+};
+
+/** \brief Close deterministic NAT session by outside address and port
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param out_addr - outside IPv4 address
+ @param out_port - outside port
+ @param ext_addr - external host IPv4 address
+ @param ext_port - external host port
+*/
+autoreply define nat_det_close_session_out {
+ u32 client_index;
+ u32 context;
+ u8 out_addr[4];
+ u16 out_port;
+ u8 ext_addr[4];
+ u16 ext_port;
+};
+
+/** \brief Close deterministic NAT session by inside address and port
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_nat44 - 1 if NAT44
+ @param in_addr - inside IP address
+ @param in_port - inside port
+ @param ext_addr - external host IP address
+ @param ext_port - external host port
+*/
+autoreply define nat_det_close_session_in {
+ u32 client_index;
+ u32 context;
+ u8 is_nat44;
+ u8 in_addr[16];
+ u16 in_port;
+ u8 ext_addr[16];
+ u16 ext_port;
+};
+
+/** \brief Dump determinstic NAT sessions
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_nat44 - 1 if NAT44
+ @param user_addr - address of an inside user whose sessions to dump
+*/
+define nat_det_session_dump {
+ u32 client_index;
+ u32 context;
+ u8 is_nat44;
+ u8 user_addr[16];
+};
+
+/** \brief Deterministic NAT sessions reply
+ @param context - sender context, to match reply w/ request
+ @param in_port - inside port
+ @param ext_addr - external host address
+ @param ext_port - external host port
+ @param out_port - outside NAT port
+ @param state - session state
+ @param expire - session expiration timestamp
+*/
+define nat_det_session_details {
+ u32 client_index;
+ u32 context;
+ u16 in_port;
+ u8 ext_addr[4];
+ u16 ext_port;
+ u16 out_port;
+ u8 state;
+ u32 expire;
+};
+
+/*
+ * NAT64 APIs
+ */
+
/** \brief Add/delete address range to NAT64 pool
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
diff --git a/src/plugins/snat/snat.c b/src/plugins/nat/nat.c
index 315cec8a..ac39be95 100644
--- a/src/plugins/snat/snat.c
+++ b/src/plugins/nat/nat.c
@@ -19,10 +19,10 @@
#include <vnet/ip/ip.h>
#include <vnet/ip/ip4.h>
#include <vnet/plugin/plugin.h>
-#include <snat/snat.h>
-#include <snat/snat_ipfix_logging.h>
-#include <snat/snat_det.h>
-#include <snat/nat64.h>
+#include <nat/nat.h>
+#include <nat/nat_ipfix_logging.h>
+#include <nat/nat_det.h>
+#include <nat/nat64.h>
#include <vnet/fib/fib_table.h>
#include <vnet/fib/ip4_fib.h>
@@ -34,64 +34,64 @@ snat_main_t snat_main;
/* Hook up input features */
VNET_FEATURE_INIT (ip4_snat_in2out, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-in2out",
- .runs_before = VNET_FEATURES ("snat-out2in"),
+ .node_name = "nat44-in2out",
+ .runs_before = VNET_FEATURES ("nat44-out2in"),
};
VNET_FEATURE_INIT (ip4_snat_out2in, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-out2in",
+ .node_name = "nat44-out2in",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
VNET_FEATURE_INIT (ip4_snat_det_in2out, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-det-in2out",
- .runs_before = VNET_FEATURES ("snat-det-out2in"),
+ .node_name = "nat44-det-in2out",
+ .runs_before = VNET_FEATURES ("nat44-det-out2in"),
};
VNET_FEATURE_INIT (ip4_snat_det_out2in, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-det-out2in",
+ .node_name = "nat44-det-out2in",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
VNET_FEATURE_INIT (ip4_snat_in2out_worker_handoff, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-in2out-worker-handoff",
- .runs_before = VNET_FEATURES ("snat-out2in-worker-handoff"),
+ .node_name = "nat44-in2out-worker-handoff",
+ .runs_before = VNET_FEATURES ("nat44-out2in-worker-handoff"),
};
VNET_FEATURE_INIT (ip4_snat_out2in_worker_handoff, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-out2in-worker-handoff",
+ .node_name = "nat44-out2in-worker-handoff",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
VNET_FEATURE_INIT (ip4_snat_in2out_fast, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-in2out-fast",
- .runs_before = VNET_FEATURES ("snat-out2in-fast"),
+ .node_name = "nat44-in2out-fast",
+ .runs_before = VNET_FEATURES ("nat44-out2in-fast"),
};
VNET_FEATURE_INIT (ip4_snat_out2in_fast, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-out2in-fast",
+ .node_name = "nat44-out2in-fast",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
VNET_FEATURE_INIT (ip4_snat_hairpin_dst, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-hairpin-dst",
+ .node_name = "nat44-hairpin-dst",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
/* Hook up output features */
VNET_FEATURE_INIT (ip4_snat_in2out_output, static) = {
.arc_name = "ip4-output",
- .node_name = "snat-in2out-output",
+ .node_name = "nat44-in2out-output",
.runs_before = VNET_FEATURES ("interface-output"),
};
VNET_FEATURE_INIT (ip4_snat_in2out_output_worker_handoff, static) = {
.arc_name = "ip4-output",
- .node_name = "snat-in2out-output-worker-handoff",
+ .node_name = "nat44-in2out-output-worker-handoff",
.runs_before = VNET_FEATURES ("interface-output"),
};
VNET_FEATURE_INIT (ip4_snat_hairpin_src, static) = {
.arc_name = "ip4-output",
- .node_name = "snat-hairpin-src",
+ .node_name = "nat44-hairpin-src",
.runs_before = VNET_FEATURES ("interface-output"),
};
@@ -210,20 +210,20 @@ static int is_snat_address_used_in_static_mapping (snat_main_t *sm,
void increment_v4_address (ip4_address_t * a)
{
u32 v;
-
+
v = clib_net_to_host_u32(a->as_u32) + 1;
a->as_u32 = clib_host_to_net_u32(v);
}
-static void
-snat_add_static_mapping_when_resolved (snat_main_t * sm,
- ip4_address_t l_addr,
- u16 l_port,
- u32 sw_if_index,
- u16 e_port,
+static void
+snat_add_static_mapping_when_resolved (snat_main_t * sm,
+ ip4_address_t l_addr,
+ u16 l_port,
+ u32 sw_if_index,
+ u16 e_port,
u32 vrf_id,
snat_protocol_t proto,
- int addr_only,
+ int addr_only,
int is_add)
{
snat_static_map_resolve_t *rp;
@@ -275,13 +275,13 @@ int snat_add_static_mapping(ip4_address_t l_addr, ip4_address_t e_addr,
ip4_address_t * first_int_addr;
/* Might be already set... */
- first_int_addr = ip4_interface_first_address
+ first_int_addr = ip4_interface_first_address
(sm->ip4_main, sw_if_index, 0 /* just want the address*/);
/* DHCP resolution required? */
if (first_int_addr == 0)
{
- snat_add_static_mapping_when_resolved
+ snat_add_static_mapping_when_resolved
(sm, l_addr, l_port, sw_if_index, e_port, vrf_id, proto,
addr_only, is_add);
return 0;
@@ -736,15 +736,15 @@ int snat_interface_add_del (u32 sw_if_index, u8 is_inside, int is_del)
snat_det_map_t * dm;
if (sm->static_mapping_only && !(sm->static_mapping_connection_tracking))
- feature_name = is_inside ? "snat-in2out-fast" : "snat-out2in-fast";
+ feature_name = is_inside ? "nat44-in2out-fast" : "nat44-out2in-fast";
else
{
if (sm->num_workers > 1 && !sm->deterministic)
- feature_name = is_inside ? "snat-in2out-worker-handoff" : "snat-out2in-worker-handoff";
+ feature_name = is_inside ? "nat44-in2out-worker-handoff" : "nat44-out2in-worker-handoff";
else if (sm->deterministic)
- feature_name = is_inside ? "snat-det-in2out" : "snat-det-out2in";
+ feature_name = is_inside ? "nat44-det-in2out" : "nat44-det-out2in";
else
- feature_name = is_inside ? "snat-in2out" : "snat-out2in";
+ feature_name = is_inside ? "nat44-in2out" : "nat44-out2in";
}
vnet_feature_enable_disable ("ip4-unicast", feature_name, sw_if_index,
@@ -815,26 +815,26 @@ int snat_interface_add_del_output_feature (u32 sw_if_index,
if (is_inside)
{
- vnet_feature_enable_disable ("ip4-unicast", "snat-hairpin-dst",
+ vnet_feature_enable_disable ("ip4-unicast", "nat44-hairpin-dst",
sw_if_index, !is_del, 0, 0);
- vnet_feature_enable_disable ("ip4-output", "snat-hairpin-src",
+ vnet_feature_enable_disable ("ip4-output", "nat44-hairpin-src",
sw_if_index, !is_del, 0, 0);
goto fq;
}
if (sm->num_workers > 1)
{
- vnet_feature_enable_disable ("ip4-unicast", "snat-out2in-worker-handoff",
+ vnet_feature_enable_disable ("ip4-unicast", "nat44-out2in-worker-handoff",
sw_if_index, !is_del, 0, 0);
vnet_feature_enable_disable ("ip4-output",
- "snat-in2out-output-worker-handoff",
+ "nat44-in2out-output-worker-handoff",
sw_if_index, !is_del, 0, 0);
}
else
{
- vnet_feature_enable_disable ("ip4-unicast", "snat-out2in", sw_if_index,
+ vnet_feature_enable_disable ("ip4-unicast", "nat44-out2in", sw_if_index,
!is_del, 0, 0);
- vnet_feature_enable_disable ("ip4-output", "snat-in2out-output",
+ vnet_feature_enable_disable ("ip4-output", "nat44-in2out-output",
sw_if_index, !is_del, 0, 0);
}
@@ -997,13 +997,13 @@ static clib_error_t * snat_init (vlib_main_t * vm)
VLIB_INIT_FUNCTION (snat_init);
-void snat_free_outside_address_and_port (snat_main_t * sm,
- snat_session_key_t * k,
+void snat_free_outside_address_and_port (snat_main_t * sm,
+ snat_session_key_t * k,
u32 address_index)
{
snat_address_t *a;
u16 port_host_byte_order = clib_net_to_host_u16 (k->port);
-
+
ASSERT (address_index < vec_len (sm->addresses));
a = sm->addresses + address_index;
@@ -1024,12 +1024,12 @@ void snat_free_outside_address_and_port (snat_main_t * sm,
clib_warning("unknown_protocol");
return;
}
-}
+}
/**
- * @brief Match SNAT static mapping.
+ * @brief Match NAT44 static mapping.
*
- * @param sm SNAT main.
+ * @param sm NAT main.
* @param match Address and port to match.
* @param mapping External or local address and port of the matched mapping.
* @param by_external If 0 match by local address otherwise match by external
@@ -1199,7 +1199,7 @@ add_address_command_fn (vlib_main_t * vm,
start_host_order = clib_host_to_net_u32 (start_addr.as_u32);
end_host_order = clib_host_to_net_u32 (end_addr.as_u32);
-
+
if (end_host_order < start_host_order)
{
error = clib_error_return (0, "end address less than start address");
@@ -1213,7 +1213,7 @@ add_address_command_fn (vlib_main_t * vm,
format_ip4_address, &start_addr,
format_ip4_address, &end_addr,
count);
-
+
this_addr = start_addr;
for (i = 0; i < count; i++)
@@ -1245,8 +1245,8 @@ done:
}
VLIB_CLI_COMMAND (add_address_command, static) = {
- .path = "snat add address",
- .short_help = "snat add addresses <ip4-range-start> [- <ip4-range-end>] "
+ .path = "nat44 add address",
+ .short_help = "nat44 add addresses <ip4-range-start> [- <ip4-range-end>] "
"[tenant-vrf <vrf-id>] [del]",
.function = add_address_command_fn,
};
@@ -1365,9 +1365,9 @@ done:
}
VLIB_CLI_COMMAND (set_interface_snat_command, static) = {
- .path = "set interface snat",
+ .path = "set interface nat44",
.function = snat_feature_command_fn,
- .short_help = "set interface snat in <intfc> out <intfc> [output-feature] "
+ .short_help = "set interface nat44 in <intfc> out <intfc> [output-feature] "
"[del]",
};
@@ -1503,18 +1503,18 @@ done:
* to to the local network host.
* To create static mapping between local host address 10.0.0.3 port 6303 and
* external address 4.4.4.4 port 3606 for TCP protocol use:
- * vpp# snat add static mapping local tcp 10.0.0.3 6303 external 4.4.4.4 3606
- * If not runnig "static mapping only" S-NAT plugin mode use before:
- * vpp# snat add address 4.4.4.4
+ * vpp# nat44 add static mapping local tcp 10.0.0.3 6303 external 4.4.4.4 3606
+ * If not runnig "static mapping only" NAT plugin mode use before:
+ * vpp# nat44 add address 4.4.4.4
* To create static mapping between local and external address use:
- * vpp# snat add static mapping local 10.0.0.3 external 4.4.4.4
+ * vpp# nat44 add static mapping local 10.0.0.3 external 4.4.4.4
* @cliexend
?*/
VLIB_CLI_COMMAND (add_static_mapping_command, static) = {
- .path = "snat add static mapping",
+ .path = "nat44 add static mapping",
.function = add_static_mapping_command_fn,
.short_help =
- "snat add static mapping local tcp|udp|icmp <addr> [<port>] external <addr> [<port>] [vrf <table-id>] [del]",
+ "nat44 add static mapping local tcp|udp|icmp <addr> [<port>] external <addr> [<port>] [vrf <table-id>] [del]",
};
static clib_error_t *
@@ -1575,15 +1575,15 @@ done:
/*?
* @cliexpar
* @cliexstart{set snat workers}
- * Set SNAT workers if 2 or more workers available, use:
+ * Set NAT workers if 2 or more workers available, use:
* vpp# set snat workers 0-2,5
* @cliexend
?*/
VLIB_CLI_COMMAND (set_workers_command, static) = {
- .path = "set snat workers",
+ .path = "set nat workers",
.function = set_workers_command_fn,
.short_help =
- "set snat workers <workers-list>",
+ "set nat workers <workers-list>",
};
static clib_error_t *
@@ -1635,16 +1635,16 @@ done:
/*?
* @cliexpar
* @cliexstart{snat ipfix logging}
- * To enable SNAT IPFIX logging use:
- * vpp# snat ipfix logging
+ * To enable NAT IPFIX logging use:
+ * vpp# nat ipfix logging
* To set IPFIX exporter use:
* vpp# set ipfix exporter collector 10.10.10.3 src 10.10.10.1
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_ipfix_logging_enable_disable_command, static) = {
- .path = "snat ipfix logging",
+ .path = "nat ipfix logging",
.function = snat_ipfix_logging_enable_disable_command_fn,
- .short_help = "snat ipfix logging [domain <domain-id>] [src-port <port>] [disable]",
+ .short_help = "nat ipfix logging [domain <domain-id>] [src-port <port>] [disable]",
};
static u32
@@ -1862,7 +1862,7 @@ snat_config (vlib_main_t * vm, unformat_input_t * input)
return 0;
}
-VLIB_CONFIG_FUNCTION (snat_config, "snat");
+VLIB_CONFIG_FUNCTION (snat_config, "nat");
u8 * format_snat_session_state (u8 * s, va_list * args)
{
@@ -2067,18 +2067,18 @@ show_snat_command_fn (vlib_main_t * vm,
if (sm->static_mapping_only)
{
if (sm->static_mapping_connection_tracking)
- vlib_cli_output (vm, "SNAT mode: static mapping only connection "
+ vlib_cli_output (vm, "NAT plugin mode: static mapping only connection "
"tracking");
else
- vlib_cli_output (vm, "SNAT mode: static mapping only");
+ vlib_cli_output (vm, "NAT plugin mode: static mapping only");
}
else if (sm->deterministic)
{
- vlib_cli_output (vm, "SNAT mode: deterministic mapping");
+ vlib_cli_output (vm, "NAT plugin mode: deterministic mapping");
}
else
{
- vlib_cli_output (vm, "SNAT mode: dynamic translations enabled");
+ vlib_cli_output (vm, "NAT plugin mode: dynamic translations enabled");
}
if (verbose > 0)
@@ -2100,7 +2100,7 @@ show_snat_command_fn (vlib_main_t * vm,
if (vec_len (sm->auto_add_sw_if_indices))
{
- vlib_cli_output (vm, "SNAT pool addresses interfaces:");
+ vlib_cli_output (vm, "NAT44 pool addresses interfaces:");
vec_foreach (sw_if_index, sm->auto_add_sw_if_indices)
{
vlib_cli_output (vm, "%U", format_vnet_sw_interface_name, vnm,
@@ -2253,8 +2253,8 @@ show_snat_command_fn (vlib_main_t * vm,
}
VLIB_CLI_COMMAND (show_snat_command, static) = {
- .path = "show snat",
- .short_help = "show snat",
+ .path = "show nat44",
+ .short_help = "show nat44",
.function = show_snat_command_fn,
};
@@ -2372,7 +2372,7 @@ int snat_add_interface_address (snat_main_t *sm, u32 sw_if_index, int is_del)
return 0;
}
}
-
+
if (is_del)
return VNET_API_ERROR_NO_SUCH_ENTRY;
@@ -2437,8 +2437,8 @@ done:
}
VLIB_CLI_COMMAND (snat_add_interface_address_command, static) = {
- .path = "snat add interface address",
- .short_help = "snat add interface address <interface> [del]",
+ .path = "nat44 add interface address",
+ .short_help = "nat44 add interface address <interface> [del]",
.function = snat_add_interface_address_command_fn,
};
@@ -2499,12 +2499,12 @@ done:
* CGN deployments.
* To create deterministic mapping between inside network 10.0.0.0/18 and
* outside network 1.1.1.0/30 use:
- * # vpp# snat deterministic add in 10.0.0.0/18 out 1.1.1.0/30
+ * # vpp# nat44 deterministic add in 10.0.0.0/18 out 1.1.1.0/30
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_map_command, static) = {
- .path = "snat deterministic add",
- .short_help = "snat deterministic add in <addr>/<plen> out <addr>/<plen> [del]",
+ .path = "nat44 deterministic add",
+ .short_help = "nat44 deterministic add in <addr>/<plen> out <addr>/<plen> [del]",
.function = snat_det_map_command_fn,
};
@@ -2560,13 +2560,13 @@ done:
* Return outside address and port range from inside address for deterministic
* NAT.
* To obtain outside address and port of inside host use:
- * vpp# snat deterministic forward 10.0.0.2
+ * vpp# nat44 deterministic forward 10.0.0.2
* 1.1.1.0:<1054-1068>
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_forward_command, static) = {
- .path = "snat deterministic forward",
- .short_help = "snat deterministic forward <addr>",
+ .path = "nat44 deterministic forward",
+ .short_help = "nat44 deterministic forward <addr>",
.function = snat_det_forward_command_fn,
};
@@ -2625,13 +2625,13 @@ done:
* @cliexstart{snat deterministic reverse}
* Return inside address from outside address and port for deterministic NAT.
* To obtain inside host address from outside address and port use:
- * #vpp snat deterministic reverse 1.1.1.1:1276
+ * #vpp nat44 deterministic reverse 1.1.1.1:1276
* 10.0.16.16
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_reverse_command, static) = {
- .path = "snat deterministic reverse",
- .short_help = "snat deterministic reverse <addr>:<port>",
+ .path = "nat44 deterministic reverse",
+ .short_help = "nat44 deterministic reverse <addr>:<port>",
.function = snat_det_reverse_command_fn,
};
@@ -2687,17 +2687,17 @@ done:
* @cliexpar
* @cliexstart{set snat deterministic timeout}
* Set values of timeouts for deterministic NAT (in seconds), use:
- * vpp# set snat deterministic timeout udp 120 tcp-established 7500
+ * vpp# set nat44 deterministic timeout udp 120 tcp-established 7500
* tcp-transitory 250 icmp 90
* To reset default values use:
- * vpp# set snat deterministic timeout reset
+ * vpp# set nat44 deterministic timeout reset
* @cliexend
?*/
VLIB_CLI_COMMAND (set_timeout_command, static) = {
- .path = "set snat deterministic timeout",
+ .path = "set nat44 deterministic timeout",
.function = set_timeout_command_fn,
.short_help =
- "set snat deterministic timeout [udp <sec> | tcp-established <sec> "
+ "set nat44 deterministic timeout [udp <sec> | tcp-established <sec> "
"tcp-transitory <sec> | icmp <sec> | reset]",
};
@@ -2762,12 +2762,12 @@ done:
* @cliexstart{snat deterministic close session out}
* Close session using outside ip address and port
* and external ip address and port, use:
- * vpp# snat deterministic close session out 1.1.1.1:1276 2.2.2.2:2387
+ * vpp# nat44 deterministic close session out 1.1.1.1:1276 2.2.2.2:2387
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_close_sesion_out_command, static) = {
- .path = "snat deterministic close session out",
- .short_help = "snat deterministic close session out "
+ .path = "nat44 deterministic close session out",
+ .short_help = "nat44 deterministic close session out "
"<out_addr>:<out_port> <ext_addr>:<ext_port>",
.function = snat_det_close_session_out_fn,
};
@@ -2831,12 +2831,12 @@ done:
* @cliexstart{snat deterministic close_session_in}
* Close session using inside ip address and port
* and external ip address and port, use:
- * vpp# snat deterministic close session in 3.3.3.3:3487 2.2.2.2:2387
+ * vpp# nat44 deterministic close session in 3.3.3.3:3487 2.2.2.2:2387
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_close_session_in_command, static) = {
- .path = "snat deterministic close session in",
- .short_help = "snat deterministic close session in "
+ .path = "nat44 deterministic close session in",
+ .short_help = "nat44 deterministic close session in "
"<in_addr>:<in_port> <ext_addr>:<ext_port>",
.function = snat_det_close_session_in_fn,
};
diff --git a/src/plugins/snat/snat.h b/src/plugins/nat/nat.h
index aa0f82fc..04c466dc 100644
--- a/src/plugins/snat/snat.h
+++ b/src/plugins/nat/nat.h
@@ -1,6 +1,6 @@
/*
- * snat.h - simple nat definitions
+ * nat.h - NAT plugin definitions
*
* Copyright (c) 2016 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,8 +15,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-#ifndef __included_snat_h__
-#define __included_snat_h__
+#ifndef __included_nat_h__
+#define __included_nat_h__
#include <vnet/vnet.h>
#include <vnet/ip/ip.h>
@@ -41,9 +41,9 @@
/* Key */
typedef struct {
- union
+ union
{
- struct
+ struct
{
ip4_address_t addr;
u16 port;
@@ -156,7 +156,7 @@ typedef CLIB_PACKED(struct {
f64 last_heard; /* 44-51 */
u64 total_bytes; /* 52-59 */
-
+
u32 total_pkts; /* 60-63 */
/* Outside address */
@@ -418,12 +418,12 @@ typedef struct {
*/
#define snat_is_unk_proto_session(s) s->flags & SNAT_SESSION_FLAG_UNKNOWN_PROTO
-/*
+/*
* Why is this here? Because we don't need to touch this layer to
* simply reply to an icmp. We need to change id to a unique
* value to NAT an echo request/reply.
*/
-
+
typedef struct {
u16 identifier;
u16 sequence;
@@ -538,4 +538,4 @@ is_interface_addr(snat_main_t *sm, vlib_node_runtime_t *node, u32 sw_if_index0,
return 0;
}
-#endif /* __included_snat_h__ */
+#endif /* __included_nat_h__ */
diff --git a/src/plugins/snat/nat64.c b/src/plugins/nat/nat64.c
index bd915b59..b04901fa 100644
--- a/src/plugins/snat/nat64.c
+++ b/src/plugins/nat/nat64.c
@@ -17,8 +17,8 @@
* @brief NAT64 implementation
*/
-#include <snat/nat64.h>
-#include <snat/nat64_db.h>
+#include <nat/nat64.h>
+#include <nat/nat64_db.h>
#include <vnet/fib/ip4_fib.h>
diff --git a/src/plugins/snat/nat64.h b/src/plugins/nat/nat64.h
index 771b9075..68224cab 100644
--- a/src/plugins/snat/nat64.h
+++ b/src/plugins/nat/nat64.h
@@ -19,8 +19,8 @@
#ifndef __included_nat64_h__
#define __included_nat64_h__
-#include <snat/snat.h>
-#include <snat/nat64_db.h>
+#include <nat/nat.h>
+#include <nat/nat64_db.h>
#define foreach_nat64_tcp_ses_state \
_(0, CLOSED, "closed") \
diff --git a/src/plugins/snat/nat64_cli.c b/src/plugins/nat/nat64_cli.c
index ca60b12c..bb62ecf2 100644
--- a/src/plugins/snat/nat64_cli.c
+++ b/src/plugins/nat/nat64_cli.c
@@ -17,8 +17,8 @@
* @brief NAT64 CLI
*/
-#include <snat/nat64.h>
-#include <snat/snat.h>
+#include <nat/nat64.h>
+#include <nat/nat.h>
#include <vnet/fib/fib_table.h>
static clib_error_t *
diff --git a/src/plugins/snat/nat64_db.c b/src/plugins/nat/nat64_db.c
index 9584827e..da73ceee 100644
--- a/src/plugins/snat/nat64_db.c
+++ b/src/plugins/nat/nat64_db.c
@@ -16,7 +16,7 @@
* @file
* @brief NAT64 DB
*/
-#include <snat/nat64_db.h>
+#include <nat/nat64_db.h>
int
nat64_db_init (nat64_db_t * db)
diff --git a/src/plugins/snat/nat64_db.h b/src/plugins/nat/nat64_db.h
index 1e2dcc93..394ca875 100644
--- a/src/plugins/snat/nat64_db.h
+++ b/src/plugins/nat/nat64_db.h
@@ -21,7 +21,7 @@
#include <vppinfra/bihash_24_8.h>
#include <vppinfra/bihash_48_8.h>
-#include <snat/snat.h>
+#include <nat/nat.h>
typedef struct
diff --git a/src/plugins/snat/nat64_doc.md b/src/plugins/nat/nat64_doc.md
index f94467da..f94467da 100644
--- a/src/plugins/snat/nat64_doc.md
+++ b/src/plugins/nat/nat64_doc.md
diff --git a/src/plugins/snat/nat64_in2out.c b/src/plugins/nat/nat64_in2out.c
index 8c67fec2..f78baff4 100644
--- a/src/plugins/snat/nat64_in2out.c
+++ b/src/plugins/nat/nat64_in2out.c
@@ -17,7 +17,7 @@
* @brief NAT64 IPv6 to IPv4 translation (inside to outside network)
*/
-#include <snat/nat64.h>
+#include <nat/nat64.h>
#include <vnet/ip/ip6_to_ip4.h>
#include <vnet/fib/fib_table.h>
diff --git a/src/plugins/snat/nat64_out2in.c b/src/plugins/nat/nat64_out2in.c
index cd5b253a..61e88a7f 100644
--- a/src/plugins/snat/nat64_out2in.c
+++ b/src/plugins/nat/nat64_out2in.c
@@ -17,7 +17,7 @@
* @brief NAT64 IPv4 to IPv6 translation (otside to inside network)
*/
-#include <snat/nat64.h>
+#include <nat/nat64.h>
#include <vnet/ip/ip4_to_ip6.h>
#include <vnet/fib/ip4_fib.h>
diff --git a/src/plugins/snat/snat_all_api_h.h b/src/plugins/nat/nat_all_api_h.h
index 49017700..acd9ba1c 100644
--- a/src/plugins/snat/snat_all_api_h.h
+++ b/src/plugins/nat/nat_all_api_h.h
@@ -1,6 +1,6 @@
/*
- * snat_all_api_h.h - skeleton vpp engine plug-in api #include file
+ * nat_all_api_h.h - skeleton vpp engine plug-in api #include file
*
* Copyright (c) <current-year> <your-organization>
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,4 +16,4 @@
* limitations under the License.
*/
/* Include the generated file, see BUILT_SOURCES in Makefile.am */
-#include <snat/snat.api.h>
+#include <nat/nat.api.h>
diff --git a/src/plugins/snat/snat_api.c b/src/plugins/nat/nat_api.c
index 227074f9..0a2141f2 100644
--- a/src/plugins/snat/snat_api.c
+++ b/src/plugins/nat/nat_api.c
@@ -15,26 +15,26 @@
*/
/**
* @file
- * @brief SNAT plugin API implementation
+ * @brief NAT plugin API implementation
*/
-#include <snat/snat.h>
-#include <snat/snat_det.h>
-#include <snat/nat64.h>
+#include <nat/nat.h>
+#include <nat/nat_det.h>
+#include <nat/nat64.h>
#include <vlibapi/api.h>
#include <vlibmemory/api.h>
#include <vlibsocket/api.h>
-#include <snat/snat_msg_enum.h>
+#include <nat/nat_msg_enum.h>
#include <vnet/fib/fib_table.h>
/* define message structures */
#define vl_typedefs
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_typedefs
/* define generated endian-swappers */
#define vl_endianfun
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_endianfun
#define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__)
@@ -44,7 +44,7 @@
/* Get the API version number */
#define vl_api_version(n,v) static u32 api_version=(v);
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_api_version
/* Macro to finish up custom dump fns */
@@ -901,9 +901,9 @@ static void *vl_api_snat_user_session_dump_t_print
FINISH;
}
-/****************************/
-/*** detrministic NAT/CGN ***/
-/****************************/
+/******************************************************************/
+/*** detrministic NAT/CGN (old, will be deprecated after 17.10) ***/
+/******************************************************************/
static void
vl_api_snat_add_det_map_t_handler (vl_api_snat_add_det_map_t * mp)
@@ -1293,6 +1293,1263 @@ static void *vl_api_snat_det_session_dump_t_print
FINISH;
}
+/******************************/
+/*** Common NAT plugin APIs ***/
+/******************************/
+
+static void
+vl_api_nat_control_ping_t_handler (vl_api_nat_control_ping_t * mp)
+{
+ vl_api_nat_control_ping_reply_t *rmp;
+ snat_main_t *sm = &snat_main;
+ int rv = 0;
+
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_NAT_CONTROL_PING_REPLY,
+ ({
+ rmp->vpe_pid = ntohl (getpid ());
+ }));
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_control_ping_t_print (vl_api_nat_control_ping_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_control_ping ");
+
+ FINISH;
+}
+
+static void
+vl_api_nat_show_config_t_handler (vl_api_nat_show_config_t * mp)
+{
+ vl_api_nat_show_config_reply_t *rmp;
+ snat_main_t *sm = &snat_main;
+ int rv = 0;
+
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_NAT_SHOW_CONFIG_REPLY,
+ ({
+ rmp->translation_buckets = htonl (sm->translation_buckets);
+ rmp->translation_memory_size = htonl (sm->translation_memory_size);
+ rmp->user_buckets = htonl (sm->user_buckets);
+ rmp->user_memory_size = htonl (sm->user_memory_size);
+ rmp->max_translations_per_user = htonl (sm->max_translations_per_user);
+ rmp->outside_vrf_id = htonl (sm->outside_vrf_id);
+ rmp->inside_vrf_id = htonl (sm->inside_vrf_id);
+ rmp->static_mapping_only = sm->static_mapping_only;
+ rmp->static_mapping_connection_tracking =
+ sm->static_mapping_connection_tracking;
+ rmp->deterministic = sm->deterministic;
+ }));
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_show_config_t_print (vl_api_nat_show_config_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_show_config ");
+
+ FINISH;
+}
+
+static void
+vl_api_nat_set_workers_t_handler (vl_api_nat_set_workers_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_set_workers_reply_t *rmp;
+ int rv = 0;
+ uword *bitmap = 0;
+ u64 mask = clib_net_to_host_u64 (mp->worker_mask);
+
+ if (sm->num_workers < 2)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto send_reply;
+ }
+
+ bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask));
+ rv = snat_set_workers (bitmap);
+ clib_bitmap_free (bitmap);
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY);
+}
+
+static void *
+vl_api_nat_set_workers_t_print (vl_api_nat_set_workers_t * mp, void *handle)
+{
+ u8 *s;
+ uword *bitmap = 0;
+ u8 first = 1;
+ int i;
+ u64 mask = clib_net_to_host_u64 (mp->worker_mask);
+
+ s = format (0, "SCRIPT: nat_set_workers ");
+ bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask));
+ /* *INDENT-OFF* */
+ clib_bitmap_foreach (i, bitmap,
+ ({
+ if (first)
+ s = format (s, "%d", i);
+ else
+ s = format (s, ",%d", i);
+ first = 0;
+ }));
+ /* *INDENT-ON* */
+ clib_bitmap_free (bitmap);
+ FINISH;
+}
+
+static void
+send_nat_worker_details (u32 worker_index, unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat_worker_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+ vlib_worker_thread_t *w =
+ vlib_worker_threads + worker_index + sm->first_worker_index;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT_WORKER_DETAILS + sm->msg_id_base);
+ rmp->context = context;
+ rmp->worker_index = htonl (worker_index);
+ rmp->lcore_id = htonl (w->lcore_id);
+ strncpy ((char *) rmp->name, (char *) w->name, ARRAY_LEN (rmp->name) - 1);
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat_worker_dump_t_handler (vl_api_nat_worker_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ u32 *worker_index;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach (worker_index, sm->workers)
+ send_nat_worker_details(*worker_index, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_worker_dump_t_print (vl_api_nat_worker_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_worker_dump ");
+
+ FINISH;
+}
+
+static void
+vl_api_nat_ipfix_enable_disable_t_handler (vl_api_nat_ipfix_enable_disable_t *
+ mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_ipfix_enable_disable_reply_t *rmp;
+ int rv = 0;
+
+ rv = snat_ipfix_logging_enable_disable (mp->enable,
+ clib_host_to_net_u32
+ (mp->domain_id),
+ clib_host_to_net_u16
+ (mp->src_port));
+
+ REPLY_MACRO (VL_API_NAT_IPFIX_ENABLE_DISABLE_REPLY);
+}
+
+static void *
+vl_api_nat_ipfix_enable_disable_t_print (vl_api_nat_ipfix_enable_disable_t *
+ mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_ipfix_enable_disable ");
+ if (mp->domain_id)
+ s = format (s, "domain %d ", clib_net_to_host_u32 (mp->domain_id));
+ if (mp->src_port)
+ s = format (s, "src_port %d ", clib_net_to_host_u16 (mp->src_port));
+ if (!mp->enable)
+ s = format (s, "disable ");
+
+ FINISH;
+}
+
+/*************/
+/*** NAT44 ***/
+/*************/
+static void
+ vl_api_nat44_add_del_address_range_t_handler
+ (vl_api_nat44_add_del_address_range_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat44_add_del_address_range_reply_t *rmp;
+ ip4_address_t this_addr;
+ u32 start_host_order, end_host_order;
+ u32 vrf_id;
+ int i, count;
+ int rv = 0;
+ u32 *tmp;
+
+ if (sm->static_mapping_only)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto send_reply;
+ }
+
+ tmp = (u32 *) mp->first_ip_address;
+ start_host_order = clib_host_to_net_u32 (tmp[0]);
+ tmp = (u32 *) mp->last_ip_address;
+ end_host_order = clib_host_to_net_u32 (tmp[0]);
+
+ count = (end_host_order - start_host_order) + 1;
+
+ vrf_id = clib_host_to_net_u32 (mp->vrf_id);
+
+ if (count > 1024)
+ clib_warning ("%U - %U, %d addresses...",
+ format_ip4_address, mp->first_ip_address,
+ format_ip4_address, mp->last_ip_address, count);
+
+ memcpy (&this_addr.as_u8, mp->first_ip_address, 4);
+
+ for (i = 0; i < count; i++)
+ {
+ if (mp->is_add)
+ snat_add_address (sm, &this_addr, vrf_id);
+ else
+ rv = snat_del_address (sm, this_addr, 0);
+
+ if (rv)
+ goto send_reply;
+
+ increment_v4_address (&this_addr);
+ }
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT44_ADD_DEL_ADDRESS_RANGE_REPLY);
+}
+
+static void *vl_api_nat44_add_del_address_range_t_print
+ (vl_api_nat44_add_del_address_range_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_add_address_range ");
+ s = format (s, "%U ", format_ip4_address, mp->first_ip_address);
+ if (memcmp (mp->first_ip_address, mp->last_ip_address, 4))
+ {
+ s = format (s, " - %U ", format_ip4_address, mp->last_ip_address);
+ }
+ FINISH;
+}
+
+static void
+send_nat44_address_details (snat_address_t * a,
+ unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_nat44_address_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT44_ADDRESS_DETAILS + sm->msg_id_base);
+ clib_memcpy (rmp->ip_address, &(a->addr), 4);
+ if (a->fib_index != ~0)
+ {
+ fib_table_t *fib = fib_table_get (a->fib_index, FIB_PROTOCOL_IP4);
+ rmp->vrf_id = ntohl (fib->ft_table_id);
+ }
+ else
+ rmp->vrf_id = ~0;
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat44_address_dump_t_handler (vl_api_nat44_address_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_address_t *a;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach (a, sm->addresses)
+ send_nat44_address_details (a, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat44_address_dump_t_print (vl_api_nat44_address_dump_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_address_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_nat44_interface_add_del_feature_t_handler
+ (vl_api_nat44_interface_add_del_feature_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat44_interface_add_del_feature_reply_t *rmp;
+ u8 is_del = mp->is_add == 0;
+ u32 sw_if_index = ntohl (mp->sw_if_index);
+ int rv = 0;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ rv = snat_interface_add_del (sw_if_index, mp->is_inside, is_del);
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_FEATURE_REPLY);
+}
+
+static void *vl_api_nat44_interface_add_del_feature_t_print
+ (vl_api_nat44_interface_add_del_feature_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_interface_add_del_feature ");
+ s = format (s, "sw_if_index %d %s %s",
+ clib_host_to_net_u32 (mp->sw_if_index),
+ mp->is_inside ? "in" : "out", mp->is_add ? "" : "del");
+
+ FINISH;
+}
+
+static void
+send_nat44_interface_details (snat_interface_t * i,
+ unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_nat44_interface_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT44_INTERFACE_DETAILS + sm->msg_id_base);
+ rmp->sw_if_index = ntohl (i->sw_if_index);
+ rmp->is_inside = i->is_inside;
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat44_interface_dump_t_handler (vl_api_nat44_interface_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_interface_t *i;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ pool_foreach (i, sm->interfaces,
+ ({
+ send_nat44_interface_details(i, q, mp->context);
+ }));
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat44_interface_dump_t_print (vl_api_nat44_interface_dump_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_interface_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_nat44_interface_add_del_output_feature_t_handler
+ (vl_api_nat44_interface_add_del_output_feature_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat44_interface_add_del_output_feature_reply_t *rmp;
+ u8 is_del = mp->is_add == 0;
+ u32 sw_if_index = ntohl (mp->sw_if_index);
+ int rv = 0;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ rv = snat_interface_add_del_output_feature (sw_if_index, mp->is_inside,
+ is_del);
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_OUTPUT_FEATURE_REPLY);
+}
+
+static void *vl_api_nat44_interface_add_del_output_feature_t_print
+ (vl_api_nat44_interface_add_del_output_feature_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_interface_add_del_output_feature ");
+ s = format (s, "sw_if_index %d %s %s",
+ clib_host_to_net_u32 (mp->sw_if_index),
+ mp->is_inside ? "in" : "out", mp->is_add ? "" : "del");
+
+ FINISH;
+}
+
+static void
+send_nat44_interface_output_feature_details (snat_interface_t * i,
+ unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat44_interface_output_feature_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_NAT44_INTERFACE_OUTPUT_FEATURE_DETAILS + sm->msg_id_base);
+ rmp->sw_if_index = ntohl (i->sw_if_index);
+ rmp->context = context;
+ rmp->is_inside = i->is_inside;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+ vl_api_nat44_interface_output_feature_dump_t_handler
+ (vl_api_nat44_interface_output_feature_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_interface_t *i;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ pool_foreach (i, sm->output_feature_interfaces,
+ ({
+ send_nat44_interface_output_feature_details(i, q, mp->context);
+ }));
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_nat44_interface_output_feature_dump_t_print
+ (vl_api_nat44_interface_output_feature_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_interface_output_feature_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_nat44_add_del_static_mapping_t_handler
+ (vl_api_nat44_add_del_static_mapping_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat44_add_del_static_mapping_reply_t *rmp;
+ ip4_address_t local_addr, external_addr;
+ u16 local_port = 0, external_port = 0;
+ u32 vrf_id, external_sw_if_index;
+ int rv = 0;
+ snat_protocol_t proto;
+
+ memcpy (&local_addr.as_u8, mp->local_ip_address, 4);
+ memcpy (&external_addr.as_u8, mp->external_ip_address, 4);
+ if (mp->addr_only == 0)
+ {
+ local_port = clib_net_to_host_u16 (mp->local_port);
+ external_port = clib_net_to_host_u16 (mp->external_port);
+ }
+ vrf_id = clib_net_to_host_u32 (mp->vrf_id);
+ external_sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
+ proto = ip_proto_to_snat_proto (mp->protocol);
+
+ rv = snat_add_static_mapping (local_addr, external_addr, local_port,
+ external_port, vrf_id, mp->addr_only,
+ external_sw_if_index, proto, mp->is_add);
+
+ REPLY_MACRO (VL_API_NAT44_ADD_DEL_STATIC_MAPPING_REPLY);
+}
+
+static void *vl_api_nat44_add_del_static_mapping_t_print
+ (vl_api_nat44_add_del_static_mapping_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_add_del_static_mapping ");
+ s = format (s, "protocol %d local_addr %U external_addr %U ",
+ mp->protocol,
+ format_ip4_address, mp->local_ip_address,
+ format_ip4_address, mp->external_ip_address);
+
+ if (mp->addr_only == 0)
+ s = format (s, "local_port %d external_port %d ",
+ clib_net_to_host_u16 (mp->local_port),
+ clib_net_to_host_u16 (mp->external_port));
+
+ if (mp->vrf_id != ~0)
+ s = format (s, "vrf %d", clib_net_to_host_u32 (mp->vrf_id));
+
+ if (mp->external_sw_if_index != ~0)
+ s = format (s, "external_sw_if_index %d",
+ clib_net_to_host_u32 (mp->external_sw_if_index));
+ FINISH;
+}
+
+static void
+send_nat44_static_mapping_details (snat_static_mapping_t * m,
+ unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat44_static_mapping_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
+ rmp->addr_only = m->addr_only;
+ clib_memcpy (rmp->local_ip_address, &(m->local_addr), 4);
+ clib_memcpy (rmp->external_ip_address, &(m->external_addr), 4);
+ rmp->local_port = htons (m->local_port);
+ rmp->external_port = htons (m->external_port);
+ rmp->external_sw_if_index = ~0;
+ rmp->vrf_id = htonl (m->vrf_id);
+ rmp->protocol = snat_proto_to_ip_proto (m->proto);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+send_nat44_static_map_resolve_details (snat_static_map_resolve_t * m,
+ unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat44_static_mapping_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
+ rmp->addr_only = m->addr_only;
+ clib_memcpy (rmp->local_ip_address, &(m->l_addr), 4);
+ rmp->local_port = htons (m->l_port);
+ rmp->external_port = htons (m->e_port);
+ rmp->external_sw_if_index = htonl (m->sw_if_index);
+ rmp->vrf_id = htonl (m->vrf_id);
+ rmp->protocol = snat_proto_to_ip_proto (m->proto);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat44_static_mapping_dump_t_handler (vl_api_nat44_static_mapping_dump_t
+ * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_static_mapping_t *m;
+ snat_static_map_resolve_t *rp;
+ int j;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ pool_foreach (m, sm->static_mappings,
+ ({
+ send_nat44_static_mapping_details (m, q, mp->context);
+ }));
+ /* *INDENT-ON* */
+
+ for (j = 0; j < vec_len (sm->to_resolve); j++)
+ {
+ rp = sm->to_resolve + j;
+ send_nat44_static_map_resolve_details (rp, q, mp->context);
+ }
+}
+
+static void *
+vl_api_nat44_static_mapping_dump_t_print (vl_api_nat44_static_mapping_dump_t *
+ mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_static_mapping_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_nat44_add_del_interface_addr_t_handler
+ (vl_api_nat44_add_del_interface_addr_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat44_add_del_interface_addr_reply_t *rmp;
+ u8 is_del = mp->is_add == 0;
+ u32 sw_if_index = ntohl (mp->sw_if_index);
+ int rv = 0;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ rv = snat_add_interface_address (sm, sw_if_index, is_del);
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ REPLY_MACRO (VL_API_NAT44_ADD_DEL_INTERFACE_ADDR_REPLY);
+}
+
+static void *vl_api_nat44_add_del_interface_addr_t_print
+ (vl_api_nat44_add_del_interface_addr_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_add_del_interface_addr ");
+ s = format (s, "sw_if_index %d %s",
+ clib_host_to_net_u32 (mp->sw_if_index),
+ mp->is_add ? "" : "del");
+
+ FINISH;
+}
+
+static void
+send_nat44_interface_addr_details (u32 sw_if_index,
+ unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat44_interface_addr_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_NAT44_INTERFACE_ADDR_DETAILS + sm->msg_id_base);
+ rmp->sw_if_index = ntohl (sw_if_index);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat44_interface_addr_dump_t_handler (vl_api_nat44_interface_addr_dump_t
+ * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ u32 *i;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach (i, sm->auto_add_sw_if_indices)
+ send_nat44_interface_addr_details(*i, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat44_interface_addr_dump_t_print (vl_api_nat44_interface_addr_dump_t *
+ mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_interface_addr_dump ");
+
+ FINISH;
+}
+
+static void
+send_nat44_user_details (snat_user_t * u, unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat44_user_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+ fib_table_t *fib = fib_table_get (u->fib_index, FIB_PROTOCOL_IP4);
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT44_USER_DETAILS + sm->msg_id_base);
+
+ rmp->vrf_id = ntohl (fib->ft_table_id);
+
+ clib_memcpy (rmp->ip_address, &(u->addr), 4);
+ rmp->nsessions = ntohl (u->nsessions);
+ rmp->nstaticsessions = ntohl (u->nstaticsessions);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat44_user_dump_t_handler (vl_api_nat44_user_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_main_per_thread_data_t *tsm;
+ snat_user_t *u;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach (tsm, sm->per_thread_data)
+ vec_foreach (u, tsm->users)
+ send_nat44_user_details (u, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat44_user_dump_t_print (vl_api_nat44_user_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_user_dump ");
+
+ FINISH;
+}
+
+static void
+send_nat44_user_session_details (snat_session_t * s,
+ unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_nat44_user_session_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_NAT44_USER_SESSION_DETAILS + sm->msg_id_base);
+ clib_memcpy (rmp->outside_ip_address, (&s->out2in.addr), 4);
+ clib_memcpy (rmp->inside_ip_address, (&s->in2out.addr), 4);
+ rmp->is_static = s->flags & SNAT_SESSION_FLAG_STATIC_MAPPING ? 1 : 0;
+ rmp->last_heard = clib_host_to_net_u64 ((u64) s->last_heard);
+ rmp->total_bytes = clib_host_to_net_u64 (s->total_bytes);
+ rmp->total_pkts = ntohl (s->total_pkts);
+ rmp->context = context;
+ if (snat_is_unk_proto_session (s))
+ {
+ rmp->outside_port = 0;
+ rmp->inside_port = 0;
+ rmp->protocol = ntohs (s->in2out.port);
+ }
+ else
+ {
+ rmp->outside_port = s->out2in.port;
+ rmp->inside_port = s->in2out.port;
+ rmp->protocol = ntohs (snat_proto_to_ip_proto (s->in2out.protocol));
+ }
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat44_user_session_dump_t_handler (vl_api_nat44_user_session_dump_t *
+ mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_main_per_thread_data_t *tsm;
+ snat_session_t *s;
+ clib_bihash_kv_8_8_t key, value;
+ snat_user_key_t ukey;
+ snat_user_t *u;
+ u32 session_index, head_index, elt_index;
+ dlist_elt_t *head, *elt;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ clib_memcpy (&ukey.addr, mp->ip_address, 4);
+ ukey.fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->vrf_id));
+ key.key = ukey.as_u64;
+ if (!clib_bihash_search_8_8 (&sm->worker_by_in, &key, &value))
+ tsm = vec_elt_at_index (sm->per_thread_data, value.value);
+ else
+ tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
+ if (clib_bihash_search_8_8 (&sm->user_hash, &key, &value))
+ return;
+ u = pool_elt_at_index (tsm->users, value.value);
+ if (!u->nsessions && !u->nstaticsessions)
+ return;
+
+ head_index = u->sessions_per_user_list_head_index;
+ head = pool_elt_at_index (tsm->list_pool, head_index);
+ elt_index = head->next;
+ elt = pool_elt_at_index (tsm->list_pool, elt_index);
+ session_index = elt->value;
+ while (session_index != ~0)
+ {
+ s = pool_elt_at_index (tsm->sessions, session_index);
+
+ send_nat44_user_session_details (s, q, mp->context);
+
+ elt_index = elt->next;
+ elt = pool_elt_at_index (tsm->list_pool, elt_index);
+ session_index = elt->value;
+ }
+}
+
+static void *
+vl_api_nat44_user_session_dump_t_print (vl_api_nat44_user_session_dump_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_user_session_dump ");
+ s = format (s, "ip_address %U vrf_id %d\n",
+ format_ip4_address, mp->ip_address,
+ clib_net_to_host_u32 (mp->vrf_id));
+
+ FINISH;
+}
+
+/*******************************/
+/*** Deterministic NAT (CGN) ***/
+/*******************************/
+
+static void
+vl_api_nat_det_add_del_map_t_handler (vl_api_nat_det_add_del_map_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_add_del_map_reply_t *rmp;
+ int rv = 0;
+ ip4_address_t in_addr, out_addr;
+
+ if (!mp->is_nat44)
+ {
+ rv = VNET_API_ERROR_UNIMPLEMENTED;
+ goto send_reply;
+ }
+
+ clib_memcpy (&in_addr, mp->in_addr, 4);
+ clib_memcpy (&out_addr, mp->out_addr, 4);
+ rv = snat_det_add_map (sm, &in_addr, mp->in_plen, &out_addr,
+ mp->out_plen, mp->is_add);
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT_DET_ADD_DEL_MAP_REPLY);
+}
+
+static void *
+vl_api_nat_det_add_del_map_t_print (vl_api_nat_det_add_del_map_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_add_del_map ");
+ s = format (s, "inside address %U/%d outside address %U/%d\n",
+ format_ip4_address, mp->in_addr, mp->in_plen,
+ format_ip4_address, mp->out_addr, mp->out_plen);
+
+ FINISH;
+}
+
+static void
+vl_api_nat_det_forward_t_handler (vl_api_nat_det_forward_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_forward_reply_t *rmp;
+ int rv = 0;
+ u16 lo_port = 0, hi_port = 0;
+ snat_det_map_t *dm;
+ ip4_address_t in_addr, out_addr;
+
+ if (!mp->is_nat44)
+ {
+ out_addr.as_u32 = 0;
+ rv = VNET_API_ERROR_UNIMPLEMENTED;
+ goto send_reply;
+ }
+
+ out_addr.as_u32 = 0;
+ clib_memcpy (&in_addr, mp->in_addr, 4);
+ dm = snat_det_map_by_user (sm, &in_addr);
+ if (!dm)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+
+ snat_det_forward (dm, &in_addr, &out_addr, &lo_port);
+ hi_port = lo_port + dm->ports_per_host - 1;
+
+send_reply:
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_NAT_DET_FORWARD_REPLY,
+ ({
+ rmp->out_port_lo = ntohs (lo_port);
+ rmp->out_port_hi = ntohs (hi_port);
+ clib_memcpy (rmp->out_addr, &out_addr, 4);
+ }))
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_det_forward_t_print (vl_api_nat_det_forward_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_forward");
+ s = format (s, "inside ip address %U\n", format_ip4_address, mp->in_addr);
+
+ FINISH;
+}
+
+static void
+vl_api_nat_det_reverse_t_handler (vl_api_nat_det_reverse_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_reverse_reply_t *rmp;
+ int rv = 0;
+ ip4_address_t out_addr, in_addr;
+ snat_det_map_t *dm;
+
+ in_addr.as_u32 = 0;
+ clib_memcpy (&out_addr, mp->out_addr, 4);
+ dm = snat_det_map_by_out (sm, &out_addr);
+ if (!dm)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+
+ snat_det_reverse (dm, &out_addr, htons (mp->out_port), &in_addr);
+
+send_reply:
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_NAT_DET_REVERSE_REPLY,
+ ({
+ rmp->is_nat44 = 1;
+ memset (rmp->in_addr, 0, 16);
+ clib_memcpy (rmp->in_addr, &in_addr, 4);
+ }))
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_det_reverse_t_print (vl_api_nat_det_reverse_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_reverse");
+ s = format (s, "outside ip address %U outside port %d",
+ format_ip4_address, mp->out_addr, ntohs (mp->out_port));
+
+ FINISH;
+}
+
+static void
+sent_nat_det_map_details (snat_det_map_t * m, unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat_det_map_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT_DET_MAP_DETAILS + sm->msg_id_base);
+ rmp->is_nat44 = 1;
+ clib_memcpy (rmp->in_addr, &m->in_addr, 4);
+ rmp->in_plen = m->in_plen;
+ clib_memcpy (rmp->out_addr, &m->out_addr, 4);
+ rmp->out_plen = m->out_plen;
+ rmp->sharing_ratio = htonl (m->sharing_ratio);
+ rmp->ports_per_host = htons (m->ports_per_host);
+ rmp->ses_num = htonl (m->ses_num);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat_det_map_dump_t_handler (vl_api_nat_det_map_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_det_map_t *m;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach(m, sm->det_maps)
+ sent_nat_det_map_details(m, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_det_map_dump_t_print (vl_api_nat_det_map_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_map_dump ");
+
+ FINISH;
+}
+
+static void
+vl_api_nat_det_set_timeouts_t_handler (vl_api_nat_det_set_timeouts_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_set_timeouts_reply_t *rmp;
+ int rv = 0;
+
+ sm->udp_timeout = ntohl (mp->udp);
+ sm->tcp_established_timeout = ntohl (mp->tcp_established);
+ sm->tcp_transitory_timeout = ntohl (mp->tcp_transitory);
+ sm->icmp_timeout = ntohl (mp->icmp);
+
+ REPLY_MACRO (VL_API_NAT_DET_SET_TIMEOUTS_REPLY);
+}
+
+static void *
+vl_api_nat_det_set_timeouts_t_print (vl_api_nat_det_set_timeouts_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_set_timeouts ");
+ s = format (s, "udp %d tcp_established %d tcp_transitory %d icmp %d\n",
+ ntohl (mp->udp),
+ ntohl (mp->tcp_established),
+ ntohl (mp->tcp_transitory), ntohl (mp->icmp));
+
+ FINISH;
+}
+
+static void
+vl_api_nat_det_get_timeouts_t_handler (vl_api_nat_det_get_timeouts_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_get_timeouts_reply_t *rmp;
+ int rv = 0;
+
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_NAT_DET_GET_TIMEOUTS_REPLY,
+ ({
+ rmp->udp = htonl (sm->udp_timeout);
+ rmp->tcp_established = htonl (sm->tcp_established_timeout);
+ rmp->tcp_transitory = htonl (sm->tcp_transitory_timeout);
+ rmp->icmp = htonl (sm->icmp_timeout);
+ }))
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_det_get_timeouts_t_print (vl_api_nat_det_get_timeouts_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_get_timeouts");
+
+ FINISH;
+}
+
+static void
+vl_api_nat_det_close_session_out_t_handler (vl_api_nat_det_close_session_out_t
+ * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_close_session_out_reply_t *rmp;
+ ip4_address_t out_addr, ext_addr, in_addr;
+ snat_det_out_key_t key;
+ snat_det_map_t *dm;
+ snat_det_session_t *ses;
+ int rv = 0;
+
+ clib_memcpy (&out_addr, mp->out_addr, 4);
+ clib_memcpy (&ext_addr, mp->ext_addr, 4);
+
+ dm = snat_det_map_by_out (sm, &out_addr);
+ if (!dm)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+ snat_det_reverse (dm, &ext_addr, ntohs (mp->out_port), &in_addr);
+ key.ext_host_addr = ext_addr;
+ key.ext_host_port = mp->ext_port;
+ key.out_port = mp->out_port;
+ ses = snat_det_get_ses_by_out (dm, &in_addr, key.as_u64);
+ if (!ses)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+ snat_det_ses_close (dm, ses);
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT_DET_CLOSE_SESSION_OUT_REPLY);
+}
+
+static void *
+vl_api_nat_det_close_session_out_t_print (vl_api_nat_det_close_session_out_t *
+ mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_close_session_out ");
+ s = format (s, "out_addr %U out_port %d "
+ "ext_addr %U ext_port %d\n",
+ format_ip4_address, mp->out_addr, ntohs (mp->out_port),
+ format_ip4_address, mp->ext_addr, ntohs (mp->ext_port));
+
+ FINISH;
+}
+
+static void
+vl_api_nat_det_close_session_in_t_handler (vl_api_nat_det_close_session_in_t *
+ mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_close_session_in_reply_t *rmp;
+ ip4_address_t in_addr, ext_addr;
+ snat_det_out_key_t key;
+ snat_det_map_t *dm;
+ snat_det_session_t *ses;
+ int rv = 0;
+
+ if (!mp->is_nat44)
+ {
+ rv = VNET_API_ERROR_UNIMPLEMENTED;
+ goto send_reply;
+ }
+
+ clib_memcpy (&in_addr, mp->in_addr, 4);
+ clib_memcpy (&ext_addr, mp->ext_addr, 4);
+
+ dm = snat_det_map_by_user (sm, &in_addr);
+ if (!dm)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+ key.ext_host_addr = ext_addr;
+ key.ext_host_port = mp->ext_port;
+ ses = snat_det_find_ses_by_in (dm, &in_addr, mp->in_port, key);
+ if (!ses)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+ snat_det_ses_close (dm, ses);
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT_DET_CLOSE_SESSION_OUT_REPLY);
+}
+
+static void *
+vl_api_nat_det_close_session_in_t_print (vl_api_nat_det_close_session_in_t *
+ mp, void *handle)
+{
+ u8 *s;
+ s = format (0, "SCRIPT: nat_det_close_session_in ");
+ s = format (s, "in_addr %U in_port %d ext_addr %U ext_port %d\n",
+ format_ip4_address, mp->in_addr, ntohs (mp->in_port),
+ format_ip4_address, mp->ext_addr, ntohs (mp->ext_port));
+
+ FINISH;
+}
+
+static void
+send_nat_det_session_details (snat_det_session_t * s,
+ unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_nat_det_session_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT_DET_SESSION_DETAILS + sm->msg_id_base);
+ rmp->in_port = s->in_port;
+ clib_memcpy (rmp->ext_addr, &s->out.ext_host_addr, 4);
+ rmp->ext_port = s->out.ext_host_port;
+ rmp->out_port = s->out.out_port;
+ rmp->state = s->state;
+ rmp->expire = ntohl (s->expire);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat_det_session_dump_t_handler (vl_api_nat_det_session_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ ip4_address_t user_addr;
+ snat_det_map_t *dm;
+ snat_det_session_t *s, empty_ses;
+ u16 i;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+ if (!mp->is_nat44)
+ return;
+
+ memset (&empty_ses, 0, sizeof (empty_ses));
+ clib_memcpy (&user_addr, mp->user_addr, 4);
+ dm = snat_det_map_by_user (sm, &user_addr);
+ if (!dm)
+ return;
+
+ s = dm->sessions + snat_det_user_ses_offset (&user_addr, dm->in_plen);
+ for (i = 0; i < SNAT_DET_SES_PER_USER; i++)
+ {
+ if (s->out.as_u64)
+ send_nat_det_session_details (s, q, mp->context);
+ s++;
+ }
+}
+
+static void *
+vl_api_nat_det_session_dump_t_print (vl_api_nat_det_session_dump_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_session_dump ");
+ s = format (s, "user_addr %U\n", format_ip4_address, mp->user_addr);
+
+ FINISH;
+}
+
/*************/
/*** NAT64 ***/
/*************/
@@ -1883,6 +3140,34 @@ _(SNAT_DET_GET_TIMEOUTS, snat_det_get_timeouts) \
_(SNAT_DET_CLOSE_SESSION_OUT, snat_det_close_session_out) \
_(SNAT_DET_CLOSE_SESSION_IN, snat_det_close_session_in) \
_(SNAT_DET_SESSION_DUMP, snat_det_session_dump) \
+_(NAT_CONTROL_PING, nat_control_ping) \
+_(NAT_SHOW_CONFIG, nat_show_config) \
+_(NAT_SET_WORKERS, nat_set_workers) \
+_(NAT_WORKER_DUMP, nat_worker_dump) \
+_(NAT_IPFIX_ENABLE_DISABLE, nat_ipfix_enable_disable) \
+_(NAT44_ADD_DEL_ADDRESS_RANGE, nat44_add_del_address_range) \
+_(NAT44_INTERFACE_ADD_DEL_FEATURE, nat44_interface_add_del_feature) \
+_(NAT44_ADD_DEL_STATIC_MAPPING, nat44_add_del_static_mapping) \
+_(NAT44_STATIC_MAPPING_DUMP, nat44_static_mapping_dump) \
+_(NAT44_ADDRESS_DUMP, nat44_address_dump) \
+_(NAT44_INTERFACE_DUMP, nat44_interface_dump) \
+_(NAT44_ADD_DEL_INTERFACE_ADDR, nat44_add_del_interface_addr) \
+_(NAT44_INTERFACE_ADDR_DUMP, nat44_interface_addr_dump) \
+_(NAT44_USER_DUMP, nat44_user_dump) \
+_(NAT44_USER_SESSION_DUMP, nat44_user_session_dump) \
+_(NAT44_INTERFACE_ADD_DEL_OUTPUT_FEATURE, \
+ nat44_interface_add_del_output_feature) \
+_(NAT44_INTERFACE_OUTPUT_FEATURE_DUMP, \
+ nat44_interface_output_feature_dump) \
+_(NAT_DET_ADD_DEL_MAP, nat_det_add_del_map) \
+_(NAT_DET_FORWARD, nat_det_forward) \
+_(NAT_DET_REVERSE, nat_det_reverse) \
+_(NAT_DET_MAP_DUMP, nat_det_map_dump) \
+_(NAT_DET_SET_TIMEOUTS, nat_det_set_timeouts) \
+_(NAT_DET_GET_TIMEOUTS, nat_det_get_timeouts) \
+_(NAT_DET_CLOSE_SESSION_OUT, nat_det_close_session_out) \
+_(NAT_DET_CLOSE_SESSION_IN, nat_det_close_session_in) \
+_(NAT_DET_SESSION_DUMP, nat_det_session_dump) \
_(NAT64_ADD_DEL_POOL_ADDR_RANGE, nat64_add_del_pool_addr_range) \
_(NAT64_POOL_ADDR_DUMP, nat64_pool_addr_dump) \
_(NAT64_ADD_DEL_INTERFACE, nat64_add_del_interface) \
@@ -1915,7 +3200,7 @@ snat_plugin_api_hookup (vlib_main_t * vm)
}
#define vl_msg_name_crc_list
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_msg_name_crc_list
static void
@@ -1923,7 +3208,7 @@ setup_message_id_table (snat_main_t * sm, api_main_t * am)
{
#define _(id,n,crc) \
vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id + sm->msg_id_base);
- foreach_vl_msg_name_crc_snat;
+ foreach_vl_msg_name_crc_nat;
#undef _
}
diff --git a/src/plugins/snat/snat_det.c b/src/plugins/nat/nat_det.c
index 2d6fce85..3af6698c 100644
--- a/src/plugins/snat/snat_det.c
+++ b/src/plugins/nat/nat_det.c
@@ -19,7 +19,7 @@
* @brief deterministic NAT
*/
-#include <snat/snat_det.h>
+#include <nat/nat_det.h>
/**
@@ -105,7 +105,7 @@ snat_det_add_map (snat_main_t * sm, ip4_address_t * in_addr, u8 in_plen,
}
/**
- * @brief The 'snat-det-expire-walk' process's main loop.
+ * @brief The 'nat-det-expire-walk' process's main loop.
*
* Check expire time for active sessions.
*/
@@ -145,7 +145,7 @@ VLIB_REGISTER_NODE (snat_det_expire_walk_node, static) = {
.function = snat_det_expire_walk_fn,
.type = VLIB_NODE_TYPE_PROCESS,
.name =
- "snat-det-expire-walk",
+ "nat-det-expire-walk",
};
/* *INDENT-ON* */
diff --git a/src/plugins/snat/snat_det.h b/src/plugins/nat/nat_det.h
index f4fdb256..2ab7f27e 100644
--- a/src/plugins/snat/snat_det.h
+++ b/src/plugins/nat/nat_det.h
@@ -1,5 +1,5 @@
/*
- * snat_det.h - deterministic nat definitions
+ * snat_det.h - deterministic NAT definitions
*
* Copyright (c) 2017 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,12 +19,12 @@
* @brief deterministic NAT definitions
*/
-#ifndef __included_snat_det_h__
-#define __included_snat_det_h__
+#ifndef __included_nat_det_h__
+#define __included_nat_det_h__
#include <vnet/ip/ip.h>
-#include <snat/snat.h>
-#include <snat/snat_ipfix_logging.h>
+#include <nat/nat.h>
+#include <nat/nat_ipfix_logging.h>
#define SNAT_DET_SES_PER_USER 1000
@@ -185,7 +185,7 @@ snat_det_ses_close (snat_det_map_t * dm, snat_det_session_t * ses)
}
}
-#endif /* __included_snat_det_h__ */
+#endif /* __included_nat_det_h__ */
/*
* fd.io coding-style-patch-verification: ON
diff --git a/src/plugins/snat/snat_ipfix_logging.c b/src/plugins/nat/nat_ipfix_logging.c
index c68dc540..0cc0f82a 100644
--- a/src/plugins/snat/snat_ipfix_logging.c
+++ b/src/plugins/nat/nat_ipfix_logging.c
@@ -1,5 +1,5 @@
/*
- * snat_ipfix_logging.c - NAT Events IPFIX logging
+ * nat_ipfix_logging.c - NAT Events IPFIX logging
*
* Copyright (c) 2016 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,8 +17,8 @@
#include <vnet/flow/flow_report.h>
#include <vlibmemory/api.h>
-#include <snat/snat.h>
-#include <snat/snat_ipfix_logging.h>
+#include <nat/nat.h>
+#include <nat/nat_ipfix_logging.h>
snat_ipfix_logging_main_t snat_ipfix_logging_main;
@@ -610,7 +610,7 @@ snat_ipfix_logging_nat44_ses_rpc_cb (snat_ipfix_logging_nat44_ses_args_t *a)
*
* @param src_ip source IPv4 address
* @param nat_src_ip transaltes source IPv4 address
- * @param snat_proto SNAT transport protocol
+ * @param snat_proto NAT transport protocol
* @param src_port source port
* @param nat_src_port translated source port
* @param vrf_id VRF ID
@@ -642,7 +642,7 @@ snat_ipfix_logging_nat44_ses_create (u32 src_ip,
*
* @param src_ip source IPv4 address
* @param nat_src_ip transaltes source IPv4 address
- * @param snat_proto SNAT transport protocol
+ * @param snat_proto NAT transport protocol
* @param src_port source port
* @param nat_src_port translated source port
* @param vrf_id VRF ID
@@ -751,7 +751,7 @@ snat_data_callback_max_entries_per_usr (flow_report_main_t * frm,
}
/**
- * @brief Enable/disable SNAT IPFIX logging
+ * @brief Enable/disable NAT plugin IPFIX logging
*
* @param enable 1 if enable, 0 if disable
* @param domain_id observation domain ID
@@ -818,7 +818,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
}
/**
- * @brief Initialize SNAT IPFIX logging
+ * @brief Initialize NAT plugin IPFIX logging
*
* @param vm vlib main
*/
diff --git a/src/plugins/snat/snat_ipfix_logging.h b/src/plugins/nat/nat_ipfix_logging.h
index 45c1a7bf..6dbf6627 100644
--- a/src/plugins/snat/snat_ipfix_logging.h
+++ b/src/plugins/nat/nat_ipfix_logging.h
@@ -1,5 +1,5 @@
/*
- * snat_ipfix_logging.h - NAT Events IPFIX logging
+ * nat_ipfix_logging.h - NAT Events IPFIX logging
*
* Copyright (c) 2016 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-#ifndef __included_snat_ipfix_logging_h__
-#define __included_snat_ipfix_logging_h__
+#ifndef __included_nat_ipfix_logging_h__
+#define __included_nat_ipfix_logging_h__
typedef enum {
NAT_ADDRESSES_EXHAUTED = 3,
@@ -30,7 +30,7 @@ typedef enum {
} quota_exceed_event_t;
typedef struct {
- /** S-NAT IPFIX logging enabled */
+ /** NAT plugin IPFIX logging enabled */
u8 enabled;
/** ipfix buffers under construction */
@@ -76,4 +76,4 @@ void snat_ipfix_logging_nat44_ses_delete (u32 src_ip, u32 nat_src_ip,
void snat_ipfix_logging_addresses_exhausted(u32 pool_id);
void snat_ipfix_logging_max_entries_per_user(u32 src_ip);
-#endif /* __included_snat_ipfix_logging_h__ */
+#endif /* __included_nat_ipfix_logging_h__ */
diff --git a/src/plugins/snat/snat_msg_enum.h b/src/plugins/nat/nat_msg_enum.h
index 2c76fd51..710b631c 100644
--- a/src/plugins/snat/snat_msg_enum.h
+++ b/src/plugins/nat/nat_msg_enum.h
@@ -1,6 +1,6 @@
/*
- * snat_msg_enum.h - skeleton vpp engine plug-in message enumeration
+ * nat_msg_enum.h - skeleton vpp engine plug-in message enumeration
*
* Copyright (c) <current-year> <your-organization>
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,17 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-#ifndef included_snat_msg_enum_h
-#define included_snat_msg_enum_h
+#ifndef included_nat_msg_enum_h
+#define included_nat_msg_enum_h
#include <vppinfra/byte_order.h>
#define vl_msg_id(n,h) n,
typedef enum {
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
/* We'll want to know how many messages IDs we need... */
VL_MSG_FIRST_AVAILABLE,
} vl_msg_id_t;
#undef vl_msg_id
-#endif /* included_snat_msg_enum_h */
+#endif /* included_nat_msg_enum_h */
diff --git a/src/plugins/snat/snat_test.c b/src/plugins/nat/nat_test.c
index 905b8fac..b653b77e 100644
--- a/src/plugins/snat/snat_test.c
+++ b/src/plugins/nat/nat_test.c
@@ -1,6 +1,6 @@
/*
- * snat.c - skeleton vpp-api-test plug-in
+ * nat.c - skeleton vpp-api-test plug-in
*
* Copyright (c) <current-year> <your-organization>
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,7 +21,7 @@
#include <vlibsocket/api.h>
#include <vppinfra/error.h>
#include <vnet/ip/ip.h>
-#include <snat/snat.h>
+#include <nat/nat.h>
#define __plugin_msg_base snat_test_main.msg_id_base
#include <vlibapi/vat_helper_macros.h>
@@ -29,28 +29,28 @@
uword unformat_sw_if_index (unformat_input_t * input, va_list * args);
/* Declare message IDs */
-#include <snat/snat_msg_enum.h>
+#include <nat/nat_msg_enum.h>
/* define message structures */
#define vl_typedefs
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_typedefs
/* declare message handlers for each api */
#define vl_endianfun /* define message structures */
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_endianfun
/* instantiate all the print functions we know about */
#define vl_print(handle, ...)
#define vl_printfun
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_printfun
/* Get the API version number. */
#define vl_api_version(n,v) static u32 api_version=(v);
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_api_version
typedef struct {
diff --git a/src/plugins/snat/out2in.c b/src/plugins/nat/out2in.c
index 329d67dc..67950066 100644
--- a/src/plugins/snat/out2in.c
+++ b/src/plugins/nat/out2in.c
@@ -22,9 +22,9 @@
#include <vnet/udp/udp.h>
#include <vnet/ethernet/ethernet.h>
#include <vnet/fib/ip4_fib.h>
-#include <snat/snat.h>
-#include <snat/snat_ipfix_logging.h>
-#include <snat/snat_det.h>
+#include <nat/nat.h>
+#include <nat/nat_ipfix_logging.h>
+#include <nat/nat_det.h>
#include <vppinfra/hash.h>
#include <vppinfra/error.h>
@@ -47,8 +47,8 @@ static u8 * format_snat_out2in_trace (u8 * s, va_list * args)
CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
snat_out2in_trace_t * t = va_arg (*args, snat_out2in_trace_t *);
-
- s = format (s, "SNAT_OUT2IN: sw_if_index %d, next index %d, session index %d",
+
+ s = format (s, "NAT44_OUT2IN: sw_if_index %d, next index %d, session index %d",
t->sw_if_index, t->next_index, t->session_index);
return s;
}
@@ -58,8 +58,8 @@ static u8 * format_snat_out2in_fast_trace (u8 * s, va_list * args)
CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
snat_out2in_trace_t * t = va_arg (*args, snat_out2in_trace_t *);
-
- s = format (s, "SNAT_OUT2IN_FAST: sw_if_index %d, next index %d",
+
+ s = format (s, "NAT44_OUT2IN_FAST: sw_if_index %d, next index %d",
t->sw_if_index, t->next_index);
return s;
}
@@ -73,7 +73,7 @@ static u8 * format_snat_out2in_worker_handoff_trace (u8 * s, va_list * args)
char * m;
m = t->do_handoff ? "next worker" : "same worker";
- s = format (s, "SNAT_OUT2IN_WORKER_HANDOFF: %s %d", m, t->next_worker_index);
+ s = format (s, "NAT44_OUT2IN_WORKER_HANDOFF: %s %d", m, t->next_worker_index);
return s;
}
@@ -88,7 +88,7 @@ _(UNSUPPORTED_PROTOCOL, "Unsupported protocol") \
_(OUT2IN_PACKETS, "Good out2in packets processed") \
_(BAD_ICMP_TYPE, "unsupported ICMP type") \
_(NO_TRANSLATION, "No translation")
-
+
typedef enum {
#define _(sym,str) SNAT_OUT2IN_ERROR_##sym,
foreach_snat_out2in_error
@@ -115,10 +115,10 @@ typedef enum {
* Create NAT session initiated by host from external network with static
* mapping.
*
- * @param sm SNAT main.
+ * @param sm NAT main.
* @param b0 Vlib buffer.
- * @param in2out In2out SNAT session key.
- * @param out2in Out2in SNAT session key.
+ * @param in2out In2out NAT44 session key.
+ * @param out2in Out2in NAT44 session key.
* @param node Vlib node.
*
* @returns SNAT session if successfully created otherwise 0.
@@ -276,11 +276,11 @@ snat_out2in_error_t icmp_get_key(ip4_header_t *ip0,
}
/**
- * Get address and port values to be used for packet SNAT translation
+ * Get address and port values to be used for ICMP packet translation
* and create session if needed
*
- * @param[in,out] sm SNAT main
- * @param[in,out] node SNAT node runtime
+ * @param[in,out] sm NAT main
+ * @param[in,out] node NAT node runtime
* @param[in] thread_index thread index
* @param[in,out] b0 buffer containing packet to be translated
* @param[out] p_proto protocol used for matching
@@ -387,10 +387,10 @@ out:
}
/**
- * Get address and port values to be used for packet SNAT translation
+ * Get address and port values to be used for ICMP packet translation
*
- * @param[in] sm SNAT main
- * @param[in,out] node SNAT node runtime
+ * @param[in] sm NAT main
+ * @param[in,out] node NAT node runtime
* @param[in] thread_index thread index
* @param[in,out] b0 buffer containing packet to be translated
* @param[out] p_proto protocol used for matching
@@ -793,14 +793,14 @@ snat_out2in_node_fn (vlib_main_t * vm,
u32 proto0, proto1;
snat_session_t * s0 = 0, * s1 = 0;
clib_bihash_kv_8_8_t kv0, kv1, value0, value1;
-
+
/* Prefetch next iteration. */
{
vlib_buffer_t * p2, * p3;
-
+
p2 = vlib_get_buffer (vm, from[2]);
p3 = vlib_get_buffer (vm, from[3]);
-
+
vlib_prefetch_buffer_header (p2, LOAD);
vlib_prefetch_buffer_header (p3, LOAD);
@@ -828,7 +828,7 @@ snat_out2in_node_fn (vlib_main_t * vm,
icmp0 = (icmp46_header_t *) udp0;
sw_if_index0 = vnet_buffer(b0)->sw_if_index[VLIB_RX];
- rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
+ rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
sw_if_index0);
if (PREDICT_FALSE(ip0->ttl == 1))
@@ -852,8 +852,8 @@ snat_out2in_node_fn (vlib_main_t * vm,
if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP))
{
- next0 = icmp_out2in_slow_path
- (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
+ next0 = icmp_out2in_slow_path
+ (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
next0, now, thread_index, &s0);
goto trace0;
}
@@ -862,7 +862,7 @@ snat_out2in_node_fn (vlib_main_t * vm,
key0.port = udp0->dst_port;
key0.protocol = proto0;
key0.fib_index = rx_fib_index0;
-
+
kv0.key = key0.as_u64;
if (clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0))
@@ -872,12 +872,12 @@ snat_out2in_node_fn (vlib_main_t * vm,
if (snat_static_mapping_match(sm, key0, &sm0, 1, 0))
{
b0->error = node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
- /*
+ /*
* Send DHCP packets to the ipv4 stack, or we won't
* be able to use dhcp client on the outside interface
*/
- if (proto0 != SNAT_PROTOCOL_UDP
- || (udp0->dst_port
+ if (proto0 != SNAT_PROTOCOL_UDP
+ || (udp0->dst_port
!= clib_host_to_net_u16(UDP_DST_PORT_dhcp_to_client)))
next0 = SNAT_OUT2IN_NEXT_DROP;
goto trace0;
@@ -946,10 +946,10 @@ snat_out2in_node_fn (vlib_main_t * vm,
}
trace0:
- if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b0->flags & VLIB_BUFFER_IS_TRACED)))
+ if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b0->flags & VLIB_BUFFER_IS_TRACED)))
{
- snat_out2in_trace_t *t =
+ snat_out2in_trace_t *t =
vlib_add_trace (vm, node, b0, sizeof (*t));
t->sw_if_index = sw_if_index0;
t->next_index = next0;
@@ -967,7 +967,7 @@ snat_out2in_node_fn (vlib_main_t * vm,
icmp1 = (icmp46_header_t *) udp1;
sw_if_index1 = vnet_buffer(b1)->sw_if_index[VLIB_RX];
- rx_fib_index1 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
+ rx_fib_index1 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
sw_if_index1);
if (PREDICT_FALSE(ip1->ttl == 1))
@@ -991,8 +991,8 @@ snat_out2in_node_fn (vlib_main_t * vm,
if (PREDICT_FALSE (proto1 == SNAT_PROTOCOL_ICMP))
{
- next1 = icmp_out2in_slow_path
- (sm, b1, ip1, icmp1, sw_if_index1, rx_fib_index1, node,
+ next1 = icmp_out2in_slow_path
+ (sm, b1, ip1, icmp1, sw_if_index1, rx_fib_index1, node,
next1, now, thread_index, &s1);
goto trace1;
}
@@ -1001,7 +1001,7 @@ snat_out2in_node_fn (vlib_main_t * vm,
key1.port = udp1->dst_port;
key1.protocol = proto1;
key1.fib_index = rx_fib_index1;
-
+
kv1.key = key1.as_u64;
if (clib_bihash_search_8_8 (&sm->out2in, &kv1, &value1))
@@ -1011,12 +1011,12 @@ snat_out2in_node_fn (vlib_main_t * vm,
if (snat_static_mapping_match(sm, key1, &sm1, 1, 0))
{
b1->error = node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
- /*
+ /*
* Send DHCP packets to the ipv4 stack, or we won't
* be able to use dhcp client on the outside interface
*/
- if (proto1 != SNAT_PROTOCOL_UDP
- || (udp1->dst_port
+ if (proto1 != SNAT_PROTOCOL_UDP
+ || (udp1->dst_port
!= clib_host_to_net_u16(UDP_DST_PORT_dhcp_to_client)))
next1 = SNAT_OUT2IN_NEXT_DROP;
goto trace1;
@@ -1085,10 +1085,10 @@ snat_out2in_node_fn (vlib_main_t * vm,
}
trace1:
- if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b1->flags & VLIB_BUFFER_IS_TRACED)))
+ if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b1->flags & VLIB_BUFFER_IS_TRACED)))
{
- snat_out2in_trace_t *t =
+ snat_out2in_trace_t *t =
vlib_add_trace (vm, node, b1, sizeof (*t));
t->sw_if_index = sw_if_index1;
t->next_index = next1;
@@ -1123,7 +1123,7 @@ snat_out2in_node_fn (vlib_main_t * vm,
u32 proto0;
snat_session_t * s0 = 0;
clib_bihash_kv_8_8_t kv0, value0;
-
+
/* speculatively enqueue b0 to the current next frame */
bi0 = from[0];
to_next[0] = bi0;
@@ -1142,7 +1142,7 @@ snat_out2in_node_fn (vlib_main_t * vm,
icmp0 = (icmp46_header_t *) udp0;
sw_if_index0 = vnet_buffer(b0)->sw_if_index[VLIB_RX];
- rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
+ rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
sw_if_index0);
proto0 = ip_proto_to_snat_proto (ip0->protocol);
@@ -1166,8 +1166,8 @@ snat_out2in_node_fn (vlib_main_t * vm,
if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP))
{
- next0 = icmp_out2in_slow_path
- (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
+ next0 = icmp_out2in_slow_path
+ (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
next0, now, thread_index, &s0);
goto trace00;
}
@@ -1176,7 +1176,7 @@ snat_out2in_node_fn (vlib_main_t * vm,
key0.port = udp0->dst_port;
key0.protocol = proto0;
key0.fib_index = rx_fib_index0;
-
+
kv0.key = key0.as_u64;
if (clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0))
@@ -1186,12 +1186,12 @@ snat_out2in_node_fn (vlib_main_t * vm,
if (snat_static_mapping_match(sm, key0, &sm0, 1, 0))
{
b0->error = node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
- /*
+ /*
* Send DHCP packets to the ipv4 stack, or we won't
* be able to use dhcp client on the outside interface
*/
- if (proto0 != SNAT_PROTOCOL_UDP
- || (udp0->dst_port
+ if (proto0 != SNAT_PROTOCOL_UDP
+ || (udp0->dst_port
!= clib_host_to_net_u16(UDP_DST_PORT_dhcp_to_client)))
next0 = SNAT_OUT2IN_NEXT_DROP;
@@ -1261,10 +1261,10 @@ snat_out2in_node_fn (vlib_main_t * vm,
}
trace00:
- if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b0->flags & VLIB_BUFFER_IS_TRACED)))
+ if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b0->flags & VLIB_BUFFER_IS_TRACED)))
{
- snat_out2in_trace_t *t =
+ snat_out2in_trace_t *t =
vlib_add_trace (vm, node, b0, sizeof (*t));
t->sw_if_index = sw_if_index0;
t->next_index = next0;
@@ -1284,24 +1284,24 @@ snat_out2in_node_fn (vlib_main_t * vm,
vlib_put_next_frame (vm, node, next_index, n_left_to_next);
}
- vlib_node_increment_counter (vm, snat_out2in_node.index,
- SNAT_OUT2IN_ERROR_OUT2IN_PACKETS,
+ vlib_node_increment_counter (vm, snat_out2in_node.index,
+ SNAT_OUT2IN_ERROR_OUT2IN_PACKETS,
pkts_processed);
return frame->n_vectors;
}
VLIB_REGISTER_NODE (snat_out2in_node) = {
.function = snat_out2in_node_fn,
- .name = "snat-out2in",
+ .name = "nat44-out2in",
.vector_size = sizeof (u32),
.format_trace = format_snat_out2in_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
-
+
.n_errors = ARRAY_LEN(snat_out2in_error_strings),
.error_strings = snat_out2in_error_strings,
.runtime_data_bytes = sizeof (snat_runtime_t),
-
+
.n_next_nodes = SNAT_OUT2IN_N_NEXT,
/* edit / add dispositions here */
@@ -1779,7 +1779,7 @@ snat_det_out2in_node_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_det_out2in_node) = {
.function = snat_det_out2in_node_fn,
- .name = "snat-det-out2in",
+ .name = "nat44-det-out2in",
.vector_size = sizeof (u32),
.format_trace = format_snat_out2in_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -1801,11 +1801,11 @@ VLIB_REGISTER_NODE (snat_det_out2in_node) = {
VLIB_NODE_FUNCTION_MULTIARCH (snat_det_out2in_node, snat_det_out2in_node_fn);
/**
- * Get address and port values to be used for packet SNAT translation
+ * Get address and port values to be used for ICMP packet translation
* and create session if needed
*
- * @param[in,out] sm SNAT main
- * @param[in,out] node SNAT node runtime
+ * @param[in,out] sm NAT main
+ * @param[in,out] node NAT node runtime
* @param[in] thread_index thread index
* @param[in,out] b0 buffer containing packet to be translated
* @param[out] p_proto protocol used for matching
@@ -2089,11 +2089,11 @@ snat_out2in_worker_handoff_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_out2in_worker_handoff_node) = {
.function = snat_out2in_worker_handoff_fn,
- .name = "snat-out2in-worker-handoff",
+ .name = "nat44-out2in-worker-handoff",
.vector_size = sizeof (u32),
.format_trace = format_snat_out2in_worker_handoff_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
-
+
.n_next_nodes = 1,
.next_nodes = {
@@ -2105,7 +2105,7 @@ VLIB_NODE_FUNCTION_MULTIARCH (snat_out2in_worker_handoff_node, snat_out2in_worke
static uword
snat_out2in_fast_node_fn (vlib_main_t * vm,
- vlib_node_runtime_t * node,
+ vlib_node_runtime_t * node,
vlib_frame_t * frame)
{
u32 n_left_from, * from, * to_next;
@@ -2272,16 +2272,16 @@ snat_out2in_fast_node_fn (vlib_main_t * vm,
VLIB_REGISTER_NODE (snat_out2in_fast_node) = {
.function = snat_out2in_fast_node_fn,
- .name = "snat-out2in-fast",
+ .name = "nat44-out2in-fast",
.vector_size = sizeof (u32),
.format_trace = format_snat_out2in_fast_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
-
+
.n_errors = ARRAY_LEN(snat_out2in_error_strings),
.error_strings = snat_out2in_error_strings,
.runtime_data_bytes = sizeof (snat_runtime_t),
-
+
.n_next_nodes = SNAT_OUT2IN_N_NEXT,
/* edit / add dispositions here */
diff --git a/src/plugins/snat.am b/src/plugins/snat.am
deleted file mode 100644
index 6b75f3d2..00000000
--- a/src/plugins/snat.am
+++ /dev/null
@@ -1,41 +0,0 @@
-
-# Copyright (c) <current-year> <your-organization>
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-vppapitestplugins_LTLIBRARIES += snat_test_plugin.la
-vppplugins_LTLIBRARIES += snat_plugin.la
-
-snat_plugin_la_SOURCES = snat/snat.c \
- snat/snat_api.c \
- snat/in2out.c \
- snat/out2in.c \
- snat/snat_plugin.api.h \
- snat/snat_ipfix_logging.c \
- snat/snat_det.c \
- snat/nat64.c \
- snat/nat64_cli.c \
- snat/nat64_in2out.c \
- snat/nat64_out2in.c \
- snat/nat64_db.c
-
-API_FILES += snat/snat.api
-
-nobase_apiinclude_HEADERS += \
- snat/snat_all_api_h.h \
- snat/snat_msg_enum.h \
- snat/snat.api.h
-
-snat_test_plugin_la_SOURCES = \
- snat/snat_test.c snat/snat_plugin.api.h
-
-# vi:syntax=automake