Adding option to pass NAT info in TCP ACK of first SYN

1 files changed, 103 insertions, 19 deletions

diff --git a/src/nat_check.h b/src/nat_check.h
index a500ddaf..133501ae 100755
--- a/src/nat_check.h
+++ b/src/nat_check.h
@@ -21,18 +21,103 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-#include "rx_check_header.h"
 #include "msg_manager.h"
 #include <common/Network/Packet/TcpHeader.h>
 #include <common/Network/Packet/UdpHeader.h>
 #include <common/Network/Packet/IPHeader.h>
 #include <common/Network/Packet/IPv6Header.h>
 #include <common/Network/Packet/EthernetHeader.h>
-
-
+#include "os_time.h"
 
 // 2msec timeout                                            
 #define MAX_TIME_MSG_IN_QUEUE_SEC  ( 0.002 )
+#define NAT_FLOW_ID_MASK 0x00ffffff
+
+class  CNatOption {
+public:
+    enum {
+        noIPV4_OPTION   = 0x10, /* dummy IPV4 option */
+        noOPTION_LEN    = 0x8,
+        noIPV4_MAGIC    = 0xEE,
+        noIPV4_MAGIC_RX    = 0xED,
+
+        noIPV6_OPTION_LEN    = (noOPTION_LEN/8)-1,
+        noIPV6_OPTION = 0x3C, /*IPv6-Opts	Destination Options for IPv6	RFC 2460*/
+    };
+
+    void set_option_type(uint8_t id) {
+        u.m_data[0 ] =id;
+    }
+
+    uint8_t get_option_type() {
+        return (u.m_data[0]);
+    }
+
+    void set_option_len(uint8_t len) {
+        u.m_data[1] = len;
+    }
+    uint8_t get_option_len(){
+        return ( u.m_data[1]);
+    }
+
+    void set_thread_id(uint8_t thread_id) {
+        u.m_data[3] = thread_id;
+    }
+
+    uint8_t get_thread_id() {
+        return (u.m_data[3]);
+    }
+
+    void set_magic(uint8_t magic){
+        u.m_data[2] = magic;
+    }
+
+    uint8_t get_magic(){
+        return (u.m_data[2]);
+    }
+
+    void set_fid(uint32_t fid) {
+        u.m_data_uint32[1] = fid & NAT_FLOW_ID_MASK;
+    }
+
+    uint32_t get_fid() {
+        return (u.m_data_uint32[1]);
+    }
+
+    bool is_valid_ipv4_magic_op0(void){
+        return ( ( PKT_NTOHL( u.m_data_uint32[0] )& 0xFFFFFF00 ) ==
+                 (CNatOption::noIPV4_OPTION <<24) +  (CNatOption::noOPTION_LEN<<16) + (CNatOption::noIPV4_MAGIC<<8) ?true:false);
+    }
+
+    bool is_valid_ipv4_magic(void) {
+        return (is_valid_ipv4_magic_op0());
+    }
+
+    bool is_valid_ipv6_magic(void) {
+        return ( ( PKT_NTOHL( u.m_data_uint32[0] )& 0x00FFFF00 ) ==
+                 (CNatOption::noIPV6_OPTION_LEN<<16) + (CNatOption::noIPV4_MAGIC<<8) ?true:false);
+
+    }
+
+    void set_init_ipv4_header() {
+        set_option_type(CNatOption::noIPV4_OPTION);
+        set_option_len(CNatOption::noOPTION_LEN);
+        set_magic(CNatOption::noIPV4_MAGIC);
+    }
+
+    void set_init_ipv6_header(void){
+        set_option_len(noIPV6_OPTION_LEN);
+        set_magic(CNatOption::noIPV4_MAGIC);
+    }
+
+    void dump(FILE *fd);
+
+private:
+    union u_ {
+        uint8_t  m_data[8];
+        uint32_t m_data_uint32[2];
+    } u;
+};
 
 struct CNatFlowInfo {
     uint32_t m_external_ip;
@@ -46,31 +131,28 @@ struct CNatFlowInfo {
 /* size of 64 bytes */
     #define MAX_NAT_FLOW_INFO (7)
     #define MAX_PKT_MSG_INFO  (26)
-
 #else
     #define MAX_NAT_FLOW_INFO (8)
     #define MAX_PKT_MSG_INFO  (30)
 #endif
 
-
 /* 
      !!!   WARNING  - CGenNodeNatInfo !!
 
  this struct should be in the same size of CGenNode beacuse allocator is global .
 
 */
-
-struct CGenNodeNatInfo : public CGenNodeMsgBase  {
+struct CGenNodeNatInfo : public CGenNodeMsgBase {
     uint8_t       m_pad;
     uint16_t      m_cnt;
     //uint32_t      m_pad2;
-    #if __x86_64__
+ #if __x86_64__
     uint32_t      m_pad3;
-    #endif
+ #endif
     CNatFlowInfo  m_data[MAX_NAT_FLOW_INFO];
 
 public:
-      CNatFlowInfo * get_next_msg(){
+      CNatFlowInfo * get_next_msg() {
           CNatFlowInfo * lp=&m_data[m_cnt];
           m_cnt++;
           return (lp);
@@ -84,12 +166,12 @@ public:
       void dump(FILE *fd);
 };
 
-struct CGenNodeLatencyPktInfo : public CGenNodeMsgBase  {
+struct CGenNodeLatencyPktInfo : public CGenNodeMsgBase {
     uint8_t       m_dir;
     uint16_t      m_latency_offset;
-    #if __x86_64__
+ #if __x86_64__
     uint32_t      m_pad3;
-    #endif
+#endif
     struct rte_mbuf *   m_pkt;
 
     uint32_t      m_pad4[MAX_PKT_MSG_INFO];
@@ -100,7 +182,7 @@ struct CGenNodeLatencyPktInfo : public CGenNodeMsgBase  {
    try to put as many messages  */
 class CNatPerThreadInfo {
 public:
-    CNatPerThreadInfo(){
+    CNatPerThreadInfo() {
         m_last_time=0;
         m_cur_nat_msg=0;
         m_ring=0;
@@ -114,8 +196,6 @@ public:
 
 class CNatStats {
 public:
-    void reset();
-public:
     uint64_t  m_total_rx;
     uint64_t  m_total_msg;
     /* errors */
@@ -123,6 +203,7 @@ public:
     uint64_t  m_err_no_valid_proto;
     uint64_t  m_err_queue_full;
 public:
+    void reset();
     uint64_t get_errs(){
         return  (m_err_no_valid_thread_id+m_err_no_valid_proto+m_err_queue_full);
     }
@@ -135,11 +216,14 @@ class CNatRxManager {
 public:
     bool Create();
     void Delete();
-    void handle_packet_ipv4(CNatOption * option,
-                       IPHeader * ipv4);
+    void handle_packet_ipv4(CNatOption * option, IPHeader * ipv4);
     void handle_aging();
-	void Dump(FILE *fd);
+    void Dump(FILE *fd);
     void DumpShort(FILE *fd);
+    static inline uint32_t calc_tcp_ack_val(uint32_t fid, uint8_t thread_id) {
+	return ((fid &  NAT_FLOW_ID_MASK) << 8) | thread_id;
+    }
+    void get_info_from_tcp_ack(uint32_t tcp_ack, uint32_t &fid, uint8_t &thread_id);
 private:
     CNatPerThreadInfo * get_thread_info(uint8_t thread_id);
     void flush_node(CNatPerThreadInfo * thread_info);