diff options
author | Filip Varga <fivarga@cisco.com> | 2020-09-29 16:53:20 +0200 |
---|---|---|
committer | Filip Varga <fivarga@cisco.com> | 2020-10-09 10:20:21 +0000 |
commit | dd9eae5c29a4379943e60ddf6b7ab96b8e154040 (patch) | |
tree | 5e915d1377ffaf452e9dfa1945516d44c1ac8355 | |
parent | aa04395573f26fe420d7eb9ca329732b7197fe52 (diff) |
nat: ipfix logging separation & refactor
Type: refactor
Change-Id: I8785e4987e4f60361072440d0c3c6954c9c12394
Signed-off-by: Filip Varga <fivarga@cisco.com>
-rw-r--r-- | src/plugins/nat/CMakeLists.txt | 5 | ||||
-rw-r--r-- | src/plugins/nat/det44/det44.h | 8 | ||||
-rw-r--r-- | src/plugins/nat/in2out.c | 28 | ||||
-rw-r--r-- | src/plugins/nat/in2out_ed.c | 30 | ||||
-rw-r--r-- | src/plugins/nat/lib/ipfix_logging.c (renamed from src/plugins/nat/nat_ipfix_logging.c) | 223 | ||||
-rw-r--r-- | src/plugins/nat/lib/ipfix_logging.h (renamed from src/plugins/nat/nat_ipfix_logging.h) | 33 | ||||
-rw-r--r-- | src/plugins/nat/nat.c | 38 | ||||
-rw-r--r-- | src/plugins/nat/nat44_cli.c | 8 | ||||
-rw-r--r-- | src/plugins/nat/nat64/nat64.c | 6 | ||||
-rw-r--r-- | src/plugins/nat/nat64/nat64_db.c | 44 | ||||
-rw-r--r-- | src/plugins/nat/nat_api.c | 11 | ||||
-rw-r--r-- | src/plugins/nat/out2in.c | 28 | ||||
-rw-r--r-- | src/plugins/nat/out2in_ed.c | 30 | ||||
-rw-r--r-- | src/plugins/nat/test/test_nat64.py | 11 |
14 files changed, 240 insertions, 263 deletions
diff --git a/src/plugins/nat/CMakeLists.txt b/src/plugins/nat/CMakeLists.txt index 727f57904af..47a84cb830b 100644 --- a/src/plugins/nat/CMakeLists.txt +++ b/src/plugins/nat/CMakeLists.txt @@ -15,9 +15,11 @@ set(CMAKE_VERBOSE_MAKEFILE ON) add_vpp_library(nat SOURCES + lib/ipfix_logging.c lib/alloc.c INSTALL_HEADERS + lib/ipfix_logging.h lib/alloc.h ) @@ -29,7 +31,6 @@ add_vpp_plugin(nat in2out_ed.c out2in.c out2in_ed.c - nat_ipfix_logging.c nat_dpo.c nat44_cli.c nat44_handoff.c @@ -59,6 +60,8 @@ add_vpp_plugin(nat INSTALL_HEADERS nat_all_api_h.h nat_msg_enum.h + + LINK_LIBRARIES nat ) add_vpp_plugin(dslite diff --git a/src/plugins/nat/det44/det44.h b/src/plugins/nat/det44/det44.h index 3db6081788a..83eefc9fe0d 100644 --- a/src/plugins/nat/det44/det44.h +++ b/src/plugins/nat/det44/det44.h @@ -39,6 +39,7 @@ #include <nat/lib/lib.h> #include <nat/lib/inlines.h> +#include <nat/lib/ipfix_logging.h> /* Session state */ #define foreach_det44_session_state \ @@ -417,10 +418,9 @@ snat_det_ses_create (u32 thread_index, snat_det_map_t * dm, } } - // TODO: - /*snat_ipfix_logging_max_entries_per_user (thread_index, - DET44_SES_PER_USER, - in_addr->as_u32); */ + nat_ipfix_logging_max_entries_per_user (thread_index, + DET44_SES_PER_USER, + in_addr->as_u32); return 0; } diff --git a/src/plugins/nat/in2out.c b/src/plugins/nat/in2out.c index 074653f40cd..5f67f9b7ccd 100644 --- a/src/plugins/nat/in2out.c +++ b/src/plugins/nat/in2out.c @@ -25,7 +25,7 @@ #include <vnet/fib/ip4_fib.h> #include <vnet/udp/udp.h> #include <nat/nat.h> -#include <nat/nat_ipfix_logging.h> +#include <nat/lib/ipfix_logging.h> #include <nat/nat_inlines.h> #include <nat/nat44/inlines.h> #include <nat/nat_syslog.h> @@ -203,13 +203,13 @@ nat44_i2o_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg) if (clib_bihash_add_del_8_8 (&tsm->out2in, &s_kv, 0)) nat_elog_warn ("out2in key del failed"); - snat_ipfix_logging_nat44_ses_delete (ctx->thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, - s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_delete (ctx->thread_index, + s->in2out.addr.as_u32, + s->out2in.addr.as_u32, + s->nat_proto, + s->in2out.port, + s->out2in.port, + s->in2out.fib_index); nat_syslog_nat44_apmdel (s->user_index, s->in2out.fib_index, &s->in2out.addr, s->in2out.port, @@ -370,12 +370,12 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0, nat_elog_notice ("out2in key add failed"); /* log NAT event */ - snat_ipfix_logging_nat44_ses_create (thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_create (thread_index, + s->in2out.addr.as_u32, + s->out2in.addr.as_u32, + s->nat_proto, + s->in2out.port, + s->out2in.port, s->in2out.fib_index); nat_syslog_nat44_apmadd (s->user_index, s->in2out.fib_index, &s->in2out.addr, s->in2out.port, &s->out2in.addr, diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c index e4870d276c9..f52026b1f11 100644 --- a/src/plugins/nat/in2out_ed.c +++ b/src/plugins/nat/in2out_ed.c @@ -25,7 +25,7 @@ #include <vnet/udp/udp.h> #include <vppinfra/error.h> #include <nat/nat.h> -#include <nat/nat_ipfix_logging.h> +#include <nat/lib/ipfix_logging.h> #include <nat/nat_inlines.h> #include <nat/nat44/inlines.h> #include <nat/nat_syslog.h> @@ -118,13 +118,13 @@ nat44_i2o_ed_is_idle_session_cb (clib_bihash_kv_16_8_t * kv, void *arg) if (snat_is_unk_proto_session (s)) goto delete; - snat_ipfix_logging_nat44_ses_delete (ctx->thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, - s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_delete (ctx->thread_index, + s->in2out.addr.as_u32, + s->out2in.addr.as_u32, + s->nat_proto, + s->in2out.port, + s->out2in.port, + s->in2out.fib_index); nat_syslog_nat44_sdel (s->user_index, s->in2out.fib_index, &s->in2out.addr, s->in2out.port, @@ -284,7 +284,7 @@ nat_ed_alloc_addr_and_port (snat_main_t * sm, u32 rx_fib_index, #undef _ /* Totally out of translations to use... */ - snat_ipfix_logging_addresses_exhausted (thread_index, 0); + nat_ipfix_logging_addresses_exhausted (thread_index, 0); return 1; } @@ -468,12 +468,12 @@ slow_path_ed (snat_main_t * sm, *sessionp = s; /* log NAT event */ - snat_ipfix_logging_nat44_ses_create (thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_create (thread_index, + s->in2out.addr.as_u32, + s->out2in.addr.as_u32, + s->nat_proto, + s->in2out.port, + s->out2in.port, s->in2out.fib_index); nat_syslog_nat44_sadd (s->user_index, s->in2out.fib_index, &s->in2out.addr, s->in2out.port, diff --git a/src/plugins/nat/nat_ipfix_logging.c b/src/plugins/nat/lib/ipfix_logging.c index 42252b2eb0c..e4fc0cedf19 100644 --- a/src/plugins/nat/nat_ipfix_logging.c +++ b/src/plugins/nat/lib/ipfix_logging.c @@ -17,12 +17,12 @@ #include <vnet/ipfix-export/flow_report.h> #include <vlibmemory/api.h> -#include <nat/nat_inlines.h> -#include <nat/nat_ipfix_logging.h> #include <vppinfra/atomics.h> +#include <nat/lib/ipfix_logging.h> +#include <nat/lib/inlines.h> -vlib_node_registration_t snat_ipfix_flush_node; -snat_ipfix_logging_main_t snat_ipfix_logging_main; +vlib_node_registration_t nat_ipfix_flush_node; +nat_ipfix_logging_main_t nat_ipfix_logging_main; #define NAT44_SESSION_CREATE_LEN 26 #define NAT_ADDRESSES_EXHAUTED_LEN 13 @@ -52,18 +52,18 @@ typedef struct u16 src_port; u16 nat_src_port; u32 vrf_id; -} snat_ipfix_logging_nat44_ses_args_t; +} nat_ipfix_logging_nat44_ses_args_t; typedef struct { u32 pool_id; -} snat_ipfix_logging_addr_exhausted_args_t; +} nat_ipfix_logging_addr_exhausted_args_t; typedef struct { u32 limit; u32 src_ip; -} snat_ipfix_logging_max_entries_per_user_args_t; +} nat_ipfix_logging_max_entries_per_user_args_t; typedef struct { @@ -115,7 +115,7 @@ typedef struct #define skip_if_disabled() \ do { \ - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; \ + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; \ if (PREDICT_TRUE (!clib_atomic_fetch_or(&silm->enabled, 0))) \ return; \ } while (0) @@ -140,14 +140,14 @@ do { \ * @returns template packet */ static inline u8 * -snat_template_rewrite (flow_report_main_t * frm, +nat_template_rewrite (flow_report_main_t * frm, flow_report_t * fr, ip4_address_t * collector_address, ip4_address_t * src_address, u16 collector_port, nat_event_t event, quota_exceed_event_t quota_event) { - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; ip4_header_t *ip; udp_header_t *udp; ipfix_message_header_t *h; @@ -387,7 +387,7 @@ snat_template_rewrite (flow_report_main_t * frm, } u8 * -snat_template_rewrite_addr_exhausted (flow_report_main_t * frm, +nat_template_rewrite_addr_exhausted (flow_report_main_t * frm, flow_report_t * fr, ip4_address_t * collector_address, ip4_address_t * src_address, @@ -395,12 +395,12 @@ snat_template_rewrite_addr_exhausted (flow_report_main_t * frm, ipfix_report_element_t *elts, u32 n_elts, u32 *stream_index) { - return snat_template_rewrite (frm, fr, collector_address, src_address, + return nat_template_rewrite (frm, fr, collector_address, src_address, collector_port, NAT_ADDRESSES_EXHAUTED, 0); } u8 * -snat_template_rewrite_nat44_session (flow_report_main_t * frm, +nat_template_rewrite_nat44_session (flow_report_main_t * frm, flow_report_t * fr, ip4_address_t * collector_address, ip4_address_t * src_address, @@ -408,12 +408,12 @@ snat_template_rewrite_nat44_session (flow_report_main_t * frm, ipfix_report_element_t *elts, u32 n_elts, u32 *stream_index) { - return snat_template_rewrite (frm, fr, collector_address, src_address, + return nat_template_rewrite (frm, fr, collector_address, src_address, collector_port, NAT44_SESSION_CREATE, 0); } u8 * -snat_template_rewrite_max_entries_per_usr (flow_report_main_t * frm, +nat_template_rewrite_max_entries_per_usr (flow_report_main_t * frm, flow_report_t * fr, ip4_address_t * collector_address, ip4_address_t * src_address, @@ -421,7 +421,7 @@ snat_template_rewrite_max_entries_per_usr (flow_report_main_t * frm, ipfix_report_element_t *elts, u32 n_elts, u32 *stream_index) { - return snat_template_rewrite (frm, fr, collector_address, src_address, + return nat_template_rewrite (frm, fr, collector_address, src_address, collector_port, QUOTA_EXCEEDED, MAX_ENTRIES_PER_USER); } @@ -435,7 +435,7 @@ nat_template_rewrite_max_sessions (flow_report_main_t * frm, ipfix_report_element_t *elts, u32 n_elts, u32 *stream_index) { - return snat_template_rewrite (frm, fr, collector_address, src_address, + return nat_template_rewrite (frm, fr, collector_address, src_address, collector_port, QUOTA_EXCEEDED, MAX_SESSION_ENTRIES); } @@ -449,7 +449,7 @@ nat_template_rewrite_max_bibs (flow_report_main_t * frm, ipfix_report_element_t *elts, u32 n_elts, u32 *stream_index) { - return snat_template_rewrite (frm, fr, collector_address, src_address, + return nat_template_rewrite (frm, fr, collector_address, src_address, collector_port, QUOTA_EXCEEDED, MAX_BIB_ENTRIES); } @@ -463,7 +463,7 @@ nat_template_rewrite_nat64_bib (flow_report_main_t * frm, ipfix_report_element_t *elts, u32 n_elts, u32 *stream_index) { - return snat_template_rewrite (frm, fr, collector_address, src_address, + return nat_template_rewrite (frm, fr, collector_address, src_address, collector_port, NAT64_BIB_CREATE, 0); } @@ -476,15 +476,15 @@ nat_template_rewrite_nat64_session (flow_report_main_t * frm, ipfix_report_element_t *elts, u32 n_elts, u32 *stream_index) { - return snat_template_rewrite (frm, fr, collector_address, src_address, + return nat_template_rewrite (frm, fr, collector_address, src_address, collector_port, NAT64_SESSION_CREATE, 0); } static inline void -snat_ipfix_header_create (flow_report_main_t * frm, +nat_ipfix_header_create (flow_report_main_t * frm, vlib_buffer_t * b0, u32 * offset) { - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; flow_report_stream_t *stream; ip4_ipfix_template_packet_t *tp; ipfix_message_header_t *h = 0; @@ -533,7 +533,7 @@ snat_ipfix_header_create (flow_report_main_t * frm, } static inline void -snat_ipfix_send (u32 thread_index, flow_report_main_t * frm, +nat_ipfix_send (u32 thread_index, flow_report_main_t * frm, vlib_frame_t * f, vlib_buffer_t * b0, u16 template_id) { ip4_ipfix_template_packet_t *tp; @@ -573,13 +573,13 @@ snat_ipfix_send (u32 thread_index, flow_report_main_t * frm, } static void -snat_ipfix_logging_nat44_ses (u32 thread_index, u8 nat_event, u32 src_ip, +nat_ipfix_logging_nat44_ses (u32 thread_index, u8 nat_event, u32 src_ip, u32 nat_src_ip, nat_protocol_t nat_proto, u16 src_port, u16 nat_src_port, u32 vrf_id, int do_flush) { - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; - snat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; + nat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; flow_report_main_t *frm = &flow_report_main; vlib_frame_t *f; vlib_buffer_t *b0 = 0; @@ -604,7 +604,7 @@ snat_ipfix_logging_nat44_ses (u32 thread_index, u8 nat_event, u32 src_ip, if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_elog_err ("can't allocate buffer for NAT IPFIX event"); + //nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -630,7 +630,7 @@ snat_ipfix_logging_nat44_ses (u32 thread_index, u8 nat_event, u32 src_ip, } if (PREDICT_FALSE (offset == 0)) - snat_ipfix_header_create (frm, b0, &offset); + nat_ipfix_header_create (frm, b0, &offset); if (PREDICT_TRUE (do_flush == 0)) { @@ -668,7 +668,7 @@ snat_ipfix_logging_nat44_ses (u32 thread_index, u8 nat_event, u32 src_ip, template_id = clib_atomic_fetch_or ( &silm->nat44_session_template_id, 0); - snat_ipfix_send (thread_index, frm, f, b0, template_id); + nat_ipfix_send (thread_index, frm, f, b0, template_id); sitd->nat44_session_frame = 0; sitd->nat44_session_buffer = 0; offset = 0; @@ -677,10 +677,10 @@ snat_ipfix_logging_nat44_ses (u32 thread_index, u8 nat_event, u32 src_ip, } static void -snat_ipfix_logging_addr_exhausted (u32 thread_index, u32 pool_id, int do_flush) +nat_ipfix_logging_addr_exhausted (u32 thread_index, u32 pool_id, int do_flush) { - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; - snat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; + nat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; flow_report_main_t *frm = &flow_report_main; vlib_frame_t *f; vlib_buffer_t *b0 = 0; @@ -703,7 +703,7 @@ snat_ipfix_logging_addr_exhausted (u32 thread_index, u32 pool_id, int do_flush) if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_elog_err ("can't allocate buffer for NAT IPFIX event"); + //nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -729,7 +729,7 @@ snat_ipfix_logging_addr_exhausted (u32 thread_index, u32 pool_id, int do_flush) } if (PREDICT_FALSE (offset == 0)) - snat_ipfix_header_create (frm, b0, &offset); + nat_ipfix_header_create (frm, b0, &offset); if (PREDICT_TRUE (do_flush == 0)) { @@ -752,7 +752,7 @@ snat_ipfix_logging_addr_exhausted (u32 thread_index, u32 pool_id, int do_flush) template_id = clib_atomic_fetch_or ( &silm->addr_exhausted_template_id, 0); - snat_ipfix_send (thread_index, frm, f, b0, template_id); + nat_ipfix_send (thread_index, frm, f, b0, template_id); sitd->addr_exhausted_frame = 0; sitd->addr_exhausted_buffer = 0; offset = 0; @@ -761,11 +761,11 @@ snat_ipfix_logging_addr_exhausted (u32 thread_index, u32 pool_id, int do_flush) } static void -snat_ipfix_logging_max_entries_per_usr (u32 thread_index, +nat_ipfix_logging_max_entries_per_usr (u32 thread_index, u32 limit, u32 src_ip, int do_flush) { - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; - snat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; + nat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; flow_report_main_t *frm = &flow_report_main; vlib_frame_t *f; vlib_buffer_t *b0 = 0; @@ -789,7 +789,7 @@ snat_ipfix_logging_max_entries_per_usr (u32 thread_index, if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_elog_err ("can't allocate buffer for NAT IPFIX event"); + //nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -815,7 +815,7 @@ snat_ipfix_logging_max_entries_per_usr (u32 thread_index, } if (PREDICT_FALSE (offset == 0)) - snat_ipfix_header_create (frm, b0, &offset); + nat_ipfix_header_create (frm, b0, &offset); if (PREDICT_TRUE (do_flush == 0)) { @@ -844,7 +844,7 @@ snat_ipfix_logging_max_entries_per_usr (u32 thread_index, template_id = clib_atomic_fetch_or ( &silm->max_entries_per_user_template_id, 0); - snat_ipfix_send (thread_index, frm, f, b0, template_id); + nat_ipfix_send (thread_index, frm, f, b0, template_id); sitd->max_entries_per_user_frame = 0; sitd->max_entries_per_user_buffer = 0; offset = 0; @@ -855,8 +855,8 @@ snat_ipfix_logging_max_entries_per_usr (u32 thread_index, static void nat_ipfix_logging_max_ses (u32 thread_index, u32 limit, int do_flush) { - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; - snat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; + nat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; flow_report_main_t *frm = &flow_report_main; vlib_frame_t *f; vlib_buffer_t *b0 = 0; @@ -880,7 +880,7 @@ nat_ipfix_logging_max_ses (u32 thread_index, u32 limit, int do_flush) if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_elog_err ("can't allocate buffer for NAT IPFIX event"); + //nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -906,7 +906,7 @@ nat_ipfix_logging_max_ses (u32 thread_index, u32 limit, int do_flush) } if (PREDICT_FALSE (offset == 0)) - snat_ipfix_header_create (frm, b0, &offset); + nat_ipfix_header_create (frm, b0, &offset); if (PREDICT_TRUE (do_flush == 0)) { @@ -932,7 +932,7 @@ nat_ipfix_logging_max_ses (u32 thread_index, u32 limit, int do_flush) template_id = clib_atomic_fetch_or ( &silm->max_sessions_template_id, 0); - snat_ipfix_send (thread_index, frm, f, b0, template_id); + nat_ipfix_send (thread_index, frm, f, b0, template_id); sitd->max_sessions_frame = 0; sitd->max_sessions_buffer = 0; offset = 0; @@ -943,8 +943,8 @@ nat_ipfix_logging_max_ses (u32 thread_index, u32 limit, int do_flush) static void nat_ipfix_logging_max_bib (u32 thread_index, u32 limit, int do_flush) { - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; - snat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; + nat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; flow_report_main_t *frm = &flow_report_main; vlib_frame_t *f; vlib_buffer_t *b0 = 0; @@ -968,7 +968,7 @@ nat_ipfix_logging_max_bib (u32 thread_index, u32 limit, int do_flush) if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_elog_err ("can't allocate buffer for NAT IPFIX event"); + //nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -994,7 +994,7 @@ nat_ipfix_logging_max_bib (u32 thread_index, u32 limit, int do_flush) } if (PREDICT_FALSE (offset == 0)) - snat_ipfix_header_create (frm, b0, &offset); + nat_ipfix_header_create (frm, b0, &offset); if (PREDICT_TRUE (do_flush == 0)) { @@ -1020,7 +1020,7 @@ nat_ipfix_logging_max_bib (u32 thread_index, u32 limit, int do_flush) template_id = clib_atomic_fetch_or ( &silm->max_bibs_template_id, 0); - snat_ipfix_send (thread_index, frm, f, b0, template_id); + nat_ipfix_send (thread_index, frm, f, b0, template_id); sitd->max_bibs_frame = 0; sitd->max_bibs_buffer = 0; offset = 0; @@ -1034,8 +1034,8 @@ nat_ipfix_logging_nat64_bibe (u32 thread_index, u8 nat_event, u8 proto, u16 src_port, u16 nat_src_port, u32 vrf_id, int do_flush) { - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; - snat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; + nat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; flow_report_main_t *frm = &flow_report_main; vlib_frame_t *f; vlib_buffer_t *b0 = 0; @@ -1057,7 +1057,7 @@ nat_ipfix_logging_nat64_bibe (u32 thread_index, u8 nat_event, if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_elog_err ("can't allocate buffer for NAT IPFIX event"); + //nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -1083,7 +1083,7 @@ nat_ipfix_logging_nat64_bibe (u32 thread_index, u8 nat_event, } if (PREDICT_FALSE (offset == 0)) - snat_ipfix_header_create (frm, b0, &offset); + nat_ipfix_header_create (frm, b0, &offset); if (PREDICT_TRUE (do_flush == 0)) { @@ -1121,7 +1121,7 @@ nat_ipfix_logging_nat64_bibe (u32 thread_index, u8 nat_event, template_id = clib_atomic_fetch_or ( &silm->nat64_bib_template_id, 0); - snat_ipfix_send (thread_index, frm, f, b0, template_id); + nat_ipfix_send (thread_index, frm, f, b0, template_id); sitd->nat64_bib_frame = 0; sitd->nat64_bib_buffer = 0; offset = 0; @@ -1137,8 +1137,8 @@ nat_ipfix_logging_nat64_ses (u32 thread_index, u8 nat_event, u16 dst_port, u16 nat_dst_port, u32 vrf_id, int do_flush) { - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; - snat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; + nat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index]; flow_report_main_t *frm = &flow_report_main; vlib_frame_t *f; vlib_buffer_t *b0 = 0; @@ -1160,7 +1160,7 @@ nat_ipfix_logging_nat64_ses (u32 thread_index, u8 nat_event, if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_elog_err ("can't allocate buffer for NAT IPFIX event"); + //nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -1186,7 +1186,7 @@ nat_ipfix_logging_nat64_ses (u32 thread_index, u8 nat_event, } if (PREDICT_FALSE (offset == 0)) - snat_ipfix_header_create (frm, b0, &offset); + nat_ipfix_header_create (frm, b0, &offset); if (PREDICT_TRUE (do_flush == 0)) { @@ -1236,7 +1236,7 @@ nat_ipfix_logging_nat64_ses (u32 thread_index, u8 nat_event, template_id = clib_atomic_fetch_or ( &silm->nat64_ses_template_id, 0); - snat_ipfix_send (thread_index, frm, f, b0, template_id); + nat_ipfix_send (thread_index, frm, f, b0, template_id); sitd->nat64_ses_frame = 0; sitd->nat64_ses_buffer = 0; offset = 0; @@ -1245,14 +1245,14 @@ nat_ipfix_logging_nat64_ses (u32 thread_index, u8 nat_event, } void -snat_ipfix_flush (u32 thread_index) +nat_ipfix_flush (u32 thread_index) { int do_flush = 1; - snat_ipfix_logging_nat44_ses (thread_index, + nat_ipfix_logging_nat44_ses (thread_index, 0, 0, 0, 0, 0, 0, 0, do_flush); - snat_ipfix_logging_addr_exhausted (thread_index, 0, do_flush); - snat_ipfix_logging_max_entries_per_usr (thread_index, 0, 0, do_flush); + nat_ipfix_logging_addr_exhausted (thread_index, 0, do_flush); + nat_ipfix_logging_max_entries_per_usr (thread_index, 0, 0, do_flush); nat_ipfix_logging_max_ses (thread_index, 0, do_flush); nat_ipfix_logging_max_bib (thread_index, 0, do_flush); nat_ipfix_logging_nat64_bibe (thread_index, @@ -1262,9 +1262,9 @@ snat_ipfix_flush (u32 thread_index) } void -snat_ipfix_flush_from_main (void) +nat_ipfix_flush_from_main (void) { - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; vlib_main_t *worker_vm; int i; @@ -1287,11 +1287,11 @@ snat_ipfix_flush_from_main (void) worker_vm = silm->worker_vms[i]; if (worker_vm) vlib_node_set_interrupt_pending (worker_vm, - snat_ipfix_flush_node.index); + nat_ipfix_flush_node.index); } /* Finally flush main thread */ - snat_ipfix_flush (0); + nat_ipfix_flush (0); } /** @@ -1306,7 +1306,7 @@ snat_ipfix_flush_from_main (void) * @param vrf_id VRF ID */ void -snat_ipfix_logging_nat44_ses_create (u32 thread_index, +nat_ipfix_logging_nat44_ses_create (u32 thread_index, u32 src_ip, u32 nat_src_ip, nat_protocol_t nat_proto, @@ -1315,7 +1315,7 @@ snat_ipfix_logging_nat44_ses_create (u32 thread_index, { skip_if_disabled (); - snat_ipfix_logging_nat44_ses (thread_index, NAT44_SESSION_CREATE, src_ip, + nat_ipfix_logging_nat44_ses (thread_index, NAT44_SESSION_CREATE, src_ip, nat_src_ip, nat_proto, src_port, nat_src_port, vrf_id, 0); } @@ -1332,7 +1332,7 @@ snat_ipfix_logging_nat44_ses_create (u32 thread_index, * @param vrf_id VRF ID */ void -snat_ipfix_logging_nat44_ses_delete (u32 thread_index, +nat_ipfix_logging_nat44_ses_delete (u32 thread_index, u32 src_ip, u32 nat_src_ip, nat_protocol_t nat_proto, @@ -1341,7 +1341,7 @@ snat_ipfix_logging_nat44_ses_delete (u32 thread_index, { skip_if_disabled (); - snat_ipfix_logging_nat44_ses (thread_index, NAT44_SESSION_DELETE, src_ip, + nat_ipfix_logging_nat44_ses (thread_index, NAT44_SESSION_DELETE, src_ip, nat_src_ip, nat_proto, src_port, nat_src_port, vrf_id, 0); } @@ -1353,12 +1353,12 @@ snat_ipfix_logging_nat44_ses_delete (u32 thread_index, * @param pool_id NAT pool ID */ void -snat_ipfix_logging_addresses_exhausted (u32 thread_index, u32 pool_id) +nat_ipfix_logging_addresses_exhausted (u32 thread_index, u32 pool_id) { //TODO: This event SHOULD be rate limited skip_if_disabled (); - snat_ipfix_logging_addr_exhausted (thread_index, pool_id, 0); + nat_ipfix_logging_addr_exhausted (thread_index, pool_id, 0); } /** @@ -1369,12 +1369,12 @@ snat_ipfix_logging_addresses_exhausted (u32 thread_index, u32 pool_id) * @param src_ip source IPv4 address */ void -snat_ipfix_logging_max_entries_per_user (u32 thread_index, u32 limit, u32 src_ip) +nat_ipfix_logging_max_entries_per_user (u32 thread_index, u32 limit, u32 src_ip) { //TODO: This event SHOULD be rate limited skip_if_disabled (); - snat_ipfix_logging_max_entries_per_usr (thread_index, limit, src_ip, 0); + nat_ipfix_logging_max_entries_per_usr (thread_index, limit, src_ip, 0); } vlib_frame_t * @@ -1384,7 +1384,7 @@ deterministic_nat_data_callback vlib_frame_t * f, u32 * to_next, u32 node_index) { - snat_ipfix_flush_from_main(); + nat_ipfix_flush_from_main(); return f; } @@ -1489,11 +1489,11 @@ vlib_frame_t * data_callback (flow_report_main_t * frm, flow_report_t * fr, vlib_frame_t * f, u32 * to_next, u32 node_index) { - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; if (PREDICT_FALSE (++silm->call_counter >= vec_len (frm->reports))) { - snat_ipfix_flush_from_main(); + nat_ipfix_flush_from_main(); silm->call_counter = 0; } @@ -1510,10 +1510,9 @@ data_callback (flow_report_main_t * frm, flow_report_t * fr, * @returns 0 if success */ int -snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) +nat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) { - snat_main_t *sm = &snat_main; - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; flow_report_main_t *frm = &flow_report_main; vnet_flow_report_add_del_args_t a; int rv; @@ -1528,80 +1527,64 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) a.src_port = src_port ? src_port : UDP_DST_PORT_ipfix; a.flow_data_callback = data_callback; - /* TODO: ipfix needs to be separated from NAT base plugin - a.rewrite_callback = snat_template_rewrite_max_entries_per_usr; + a.rewrite_callback = nat_template_rewrite_nat44_session; rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); + //nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } - */ - a.rewrite_callback = snat_template_rewrite_nat44_session; - - rv = vnet_flow_report_add_del (frm, &a, NULL); - if (rv) - { - nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); - return -1; - } - - a.rewrite_callback = snat_template_rewrite_addr_exhausted; + a.rewrite_callback = nat_template_rewrite_addr_exhausted; rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); + //nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } a.rewrite_callback = nat_template_rewrite_max_sessions; - rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); + //nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } a.rewrite_callback = nat_template_rewrite_max_bibs; - rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); + //nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } a.rewrite_callback = nat_template_rewrite_nat64_bib; - rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); + //nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } a.rewrite_callback = nat_template_rewrite_nat64_session; - rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); + //nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } - if (sm->endpoint_dependent) + // if endpoint dependent per user max entries is also required + /* + a.rewrite_callback = nat_template_rewrite_max_entries_per_usr; + rv = vnet_flow_report_add_del (frm, &a, NULL); + if (rv) { - a.rewrite_callback = snat_template_rewrite_max_entries_per_usr; - - rv = vnet_flow_report_add_del (frm, &a, NULL); - if (rv) - { - nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); - return -1; - } + //nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); + return -1; } + */ return 0; } @@ -1612,9 +1595,9 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) * @param vm vlib main */ void -snat_ipfix_logging_init (vlib_main_t * vm) +nat_ipfix_logging_init (vlib_main_t * vm) { - snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main; + nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main; vlib_thread_main_t *tm = vlib_get_thread_main (); silm->enabled = 0; @@ -1633,14 +1616,14 @@ ipfix_flush_process (vlib_main_t *vm, vlib_node_runtime_t *rt, vlib_frame_t *f) { - snat_ipfix_flush(vm->thread_index); + nat_ipfix_flush(vm->thread_index); return 0; } /* *INDENT-OFF* */ -VLIB_REGISTER_NODE (snat_ipfix_flush_node) = { +VLIB_REGISTER_NODE (nat_ipfix_flush_node) = { .function = ipfix_flush_process, - .name = "snat-ipfix-flush", + .name = "nat-ipfix-flush", .type = VLIB_NODE_TYPE_INPUT, .state = VLIB_NODE_STATE_INTERRUPT, }; diff --git a/src/plugins/nat/nat_ipfix_logging.h b/src/plugins/nat/lib/ipfix_logging.h index f8a9b6b5f5b..b37c8567c8e 100644 --- a/src/plugins/nat/nat_ipfix_logging.h +++ b/src/plugins/nat/lib/ipfix_logging.h @@ -1,5 +1,5 @@ /* - * nat_ipfix_logging.h - NAT Events IPFIX logging + * ipfix_logging.h - NAT Events IPFIX logging * * Copyright (c) 2016 Cisco and/or its affiliates. * Licensed under the Apache License, Version 2.0 (the "License"); @@ -14,10 +14,13 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -#ifndef __included_nat_ipfix_logging_h__ -#define __included_nat_ipfix_logging_h__ +#ifndef __included_nat_lib_ipfix_logging_h__ +#define __included_nat_lib_ipfix_logging_h__ -#include <nat/nat.h> +#include <vlib/buffer.h> +#include <vlib/node.h> + +#include <nat/lib/lib.h> typedef enum { NAT_ADDRESSES_EXHAUTED = 3, @@ -72,7 +75,7 @@ typedef struct { u32 nat64_bib_next_record_offset; u32 nat64_ses_next_record_offset; -} snat_ipfix_per_thread_data_t; +} nat_ipfix_per_thread_data_t; typedef struct { /** NAT plugin IPFIX logging enabled */ @@ -83,7 +86,7 @@ typedef struct { f64 vlib_time_0; /* Per thread data */ - snat_ipfix_per_thread_data_t *per_thread_data; + nat_ipfix_per_thread_data_t *per_thread_data; /** template IDs */ u16 nat44_session_template_id; @@ -105,24 +108,24 @@ typedef struct { /** nat data callbacks call counter */ u16 call_counter; -} snat_ipfix_logging_main_t; +} nat_ipfix_logging_main_t; -extern snat_ipfix_logging_main_t snat_ipfix_logging_main; +extern nat_ipfix_logging_main_t nat_ipfix_logging_main; -void snat_ipfix_logging_init (vlib_main_t * vm); -int snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port); -void snat_ipfix_logging_nat44_ses_create (u32 thread_index, u32 src_ip, +void nat_ipfix_logging_init (vlib_main_t * vm); +int nat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port); +void nat_ipfix_logging_nat44_ses_create (u32 thread_index, u32 src_ip, u32 nat_src_ip, nat_protocol_t nat_proto, u16 src_port, u16 nat_src_port, u32 vrf_id); -void snat_ipfix_logging_nat44_ses_delete (u32 thread_index, u32 src_ip, +void nat_ipfix_logging_nat44_ses_delete (u32 thread_index, u32 src_ip, u32 nat_src_ip, nat_protocol_t nat_proto, u16 src_port, u16 nat_src_port, u32 vrf_id); -void snat_ipfix_logging_addresses_exhausted(u32 thread_index, u32 pool_id); -void snat_ipfix_logging_max_entries_per_user(u32 thread_index, +void nat_ipfix_logging_addresses_exhausted(u32 thread_index, u32 pool_id); +void nat_ipfix_logging_max_entries_per_user(u32 thread_index, u32 limit, u32 src_ip); void nat_ipfix_logging_max_sessions(u32 thread_index, u32 limit); void nat_ipfix_logging_max_bibs(u32 thread_index, u32 limit); @@ -140,4 +143,4 @@ void nat_ipfix_logging_nat64_bib(u32 thread_index, u16 src_port, u16 nat_src_port, u32 vrf_id, u8 is_create); -#endif /* __included_nat_ipfix_logging_h__ */ +#endif /* __included_nat_lib_ipfix_logging_h__ */ diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c index ad7fab9032b..a7a8842996e 100644 --- a/src/plugins/nat/nat.c +++ b/src/plugins/nat/nat.c @@ -21,7 +21,7 @@ #include <vnet/plugin/plugin.h> #include <nat/nat.h> #include <nat/nat_dpo.h> -#include <nat/nat_ipfix_logging.h> +#include <nat/lib/ipfix_logging.h> #include <nat/nat_inlines.h> #include <nat/nat44/inlines.h> #include <nat/nat_affinity.h> @@ -288,13 +288,13 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index, if (!is_ha) { /* log NAT event */ - snat_ipfix_logging_nat44_ses_delete (thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, - s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_delete (thread_index, + s->in2out.addr.as_u32, + s->out2in.addr.as_u32, + s->nat_proto, + s->in2out.port, + s->out2in.port, + s->in2out.fib_index); nat_ha_sdel (&s->out2in.addr, s->out2in.port, &s->ext_host_addr, s->ext_host_port, s->nat_proto, s->out2in.fib_index, @@ -411,13 +411,13 @@ nat44_free_session_data (snat_main_t * sm, snat_session_t * s, if (!is_ha) { - snat_ipfix_logging_nat44_ses_delete (thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, - s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_delete (thread_index, + s->in2out.addr.as_u32, + s->out2in.addr.as_u32, + s->nat_proto, + s->in2out.port, + s->out2in.port, + s->in2out.fib_index); nat_ha_sdel (&s->out2in.addr, s->out2in.port, &s->ext_host_addr, s->ext_host_port, s->nat_proto, s->out2in.fib_index, thread_index); @@ -2710,7 +2710,7 @@ snat_init (vlib_main_t * vm) sm->counters.hairpinning.stat_segment_name = "/nat44/hairpinning"; /* Init IPFIX logging */ - snat_ipfix_logging_init (vm); + nat_ipfix_logging_init (vm); ip4_table_bind_callback_t cbt4 = { .function = snat_ip4_table_bind, @@ -3067,7 +3067,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses, } /* Totally out of translations to use... */ - snat_ipfix_logging_addresses_exhausted (thread_index, 0); + nat_ipfix_logging_addresses_exhausted (thread_index, 0); return 1; } @@ -3116,7 +3116,7 @@ nat_alloc_addr_and_port_mape (snat_address_t * addresses, u32 fib_index, exhausted: /* Totally out of translations to use... */ - snat_ipfix_logging_addresses_exhausted (thread_index, 0); + nat_ipfix_logging_addresses_exhausted (thread_index, 0); return 1; } @@ -3163,7 +3163,7 @@ nat_alloc_addr_and_port_range (snat_address_t * addresses, u32 fib_index, exhausted: /* Totally out of translations to use... */ - snat_ipfix_logging_addresses_exhausted (thread_index, 0); + nat_ipfix_logging_addresses_exhausted (thread_index, 0); return 1; } diff --git a/src/plugins/nat/nat44_cli.c b/src/plugins/nat/nat44_cli.c index ef11f519fa1..680a1e2a18a 100644 --- a/src/plugins/nat/nat44_cli.c +++ b/src/plugins/nat/nat44_cli.c @@ -18,7 +18,7 @@ */ #include <nat/nat.h> -#include <nat/nat_ipfix_logging.h> +#include <nat/lib/ipfix_logging.h> #include <nat/lib/nat_inlines.h> #include <nat/nat_inlines.h> #include <nat/nat44/inlines.h> @@ -156,8 +156,8 @@ snat_ipfix_logging_enable_disable_command_fn (vlib_main_t * vm, /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) { - rv = snat_ipfix_logging_enable_disable (enable, domain_id, - (u16) src_port); + rv = nat_ipfix_logging_enable_disable (enable, domain_id, + (u16) src_port); if (rv) return clib_error_return (0, "ipfix logging enable failed"); return 0; @@ -179,7 +179,7 @@ snat_ipfix_logging_enable_disable_command_fn (vlib_main_t * vm, } } - rv = snat_ipfix_logging_enable_disable (enable, domain_id, (u16) src_port); + rv = nat_ipfix_logging_enable_disable (enable, domain_id, (u16) src_port); if (rv) { diff --git a/src/plugins/nat/nat64/nat64.c b/src/plugins/nat/nat64/nat64.c index 5da498670f6..30142a70048 100644 --- a/src/plugins/nat/nat64/nat64.c +++ b/src/plugins/nat/nat64/nat64.c @@ -21,6 +21,7 @@ #include <vnet/plugin/plugin.h> #include <vpp/app/version.h> +#include <nat/lib/ipfix_logging.h> #include <nat/nat64/nat64.h> nat64_main_t nat64_main; @@ -293,9 +294,8 @@ nat64_init (vlib_main_t * vm) nm->port_per_thread = (0xffff - 1024) / _vec_len (nm->workers); } - // TODO: ipfix needs to be separated from NAT base plugin /* Init IPFIX logging */ - //snat_ipfix_logging_init (vm); + nat_ipfix_logging_init (vm); #define _(x) \ nm->counters.in2out.x.name = #x; \ @@ -749,7 +749,7 @@ nat64_alloc_addr_and_port_default (nat64_address_t * addresses, } /* Totally out of translations to use... */ - //snat_ipfix_logging_addresses_exhausted (thread_index, 0); + nat_ipfix_logging_addresses_exhausted (thread_index, 0); return 1; } diff --git a/src/plugins/nat/nat64/nat64_db.c b/src/plugins/nat/nat64/nat64_db.c index ffc5e7e7e84..2c52d3b6ca2 100644 --- a/src/plugins/nat/nat64/nat64_db.c +++ b/src/plugins/nat/nat64/nat64_db.c @@ -14,7 +14,7 @@ */ #include <vnet/fib/fib_table.h> -//#include <nat/nat_ipfix_logging.h> +#include <nat/lib/ipfix_logging.h> #include <nat/nat_syslog.h> #include <nat/lib/inlines.h> #include <nat/nat64/nat64_db.h> @@ -137,9 +137,9 @@ nat64_db_bib_entry_create (u32 thread_index, nat64_db_t * db, kv.key[2] = bibe_key.as_u64[2]; clib_bihash_add_del_24_8 (&db->bib.out2in, &kv, 1); - /*fib_table_t *fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6); - nat_ipfix_logging_nat64_bib (thread_index, in_addr, out_addr, proto, - in_port, out_port, fib->ft_table_id, 1); */ + fib_table_t *fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6); + nat_ipfix_logging_nat64_bib (thread_index, in_addr, out_addr, proto, + in_port, out_port, fib->ft_table_id, 1); return bibe; } @@ -212,10 +212,10 @@ nat64_db_bib_entry_free (u32 thread_index, nat64_db_t * db, if (!db->addr_free) db->free_addr_port_cb (db, &bibe->out_addr, bibe->out_port, bibe->proto); - /*fib_table_t *fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6); - nat_ipfix_logging_nat64_bib (thread_index, &bibe->in_addr, &bibe->out_addr, - bibe->proto, bibe->in_port, bibe->out_port, - fib->ft_table_id, 0); */ + fib_table_t *fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6); + nat_ipfix_logging_nat64_bib (thread_index, &bibe->in_addr, &bibe->out_addr, + bibe->proto, bibe->in_port, bibe->out_port, + fib->ft_table_id, 0); /* delete from pool */ pool_put (bib, bibe); @@ -470,13 +470,13 @@ nat64_db_st_entry_create (u32 thread_index, nat64_db_t * db, kv.key[5] = ste_key.as_u64[5]; clib_bihash_add_del_48_8 (&db->st.out2in, &kv, 1); - /*fib_table_t *fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6); - nat_ipfix_logging_nat64_session (thread_index, &bibe->in_addr, - &bibe->out_addr, bibe->proto, - bibe->in_port, bibe->out_port, - &ste->in_r_addr, &ste->out_r_addr, - ste->r_port, ste->r_port, fib->ft_table_id, - 1); */ + fib_table_t *fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6); + nat_ipfix_logging_nat64_session (thread_index, &bibe->in_addr, + &bibe->out_addr, bibe->proto, + bibe->in_port, bibe->out_port, + &ste->in_r_addr, &ste->out_r_addr, + ste->r_port, ste->r_port, fib->ft_table_id, + 1); nat_syslog_nat64_sadd (bibe->fib_index, &bibe->in_addr, bibe->in_port, &bibe->out_addr, bibe->out_port, &ste->out_r_addr, ste->r_port, bibe->proto); @@ -545,13 +545,13 @@ nat64_db_st_entry_free (u32 thread_index, kv.key[5] = ste_key.as_u64[5]; clib_bihash_add_del_48_8 (&db->st.out2in, &kv, 0); - /*fib_table_t *fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6); - nat_ipfix_logging_nat64_session (thread_index, &bibe->in_addr, - &bibe->out_addr, bibe->proto, - bibe->in_port, bibe->out_port, - &ste->in_r_addr, &ste->out_r_addr, - ste->r_port, ste->r_port, fib->ft_table_id, - 0); */ + fib_table_t *fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6); + nat_ipfix_logging_nat64_session (thread_index, &bibe->in_addr, + &bibe->out_addr, bibe->proto, + bibe->in_port, bibe->out_port, + &ste->in_r_addr, &ste->out_r_addr, + ste->r_port, ste->r_port, fib->ft_table_id, + 0); nat_syslog_nat64_sdel (bibe->fib_index, &bibe->in_addr, bibe->in_port, &bibe->out_addr, bibe->out_port, &ste->out_r_addr, ste->r_port, bibe->proto); diff --git a/src/plugins/nat/nat_api.c b/src/plugins/nat/nat_api.c index 2187eabb8c2..11d4ded48a9 100644 --- a/src/plugins/nat/nat_api.c +++ b/src/plugins/nat/nat_api.c @@ -30,7 +30,7 @@ #include <vnet/fib/fib_table.h> #include <vnet/ip/ip_types_api.h> #include <nat/nat44/ed_inlines.h> -#include <nat/nat_ipfix_logging.h> +#include <nat/lib/ipfix_logging.h> #define vl_api_nat44_add_del_lb_static_mapping_t_endian vl_noop_handler #define vl_api_nat44_nat44_lb_static_mapping_details_t_endian vl_noop_handler @@ -341,11 +341,10 @@ vl_api_nat_ipfix_enable_disable_t_handler (vl_api_nat_ipfix_enable_disable_t * vl_api_nat_ipfix_enable_disable_reply_t *rmp; int rv = 0; - rv = snat_ipfix_logging_enable_disable (mp->enable, - clib_host_to_net_u32 - (mp->domain_id), - clib_host_to_net_u16 - (mp->src_port)); + rv = nat_ipfix_logging_enable_disable (mp->enable, + clib_host_to_net_u32 + (mp->domain_id), + clib_host_to_net_u16 (mp->src_port)); REPLY_MACRO (VL_API_NAT_IPFIX_ENABLE_DISABLE_REPLY); } diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c index c830c0c79d1..99a4bb41c3a 100644 --- a/src/plugins/nat/out2in.c +++ b/src/plugins/nat/out2in.c @@ -25,7 +25,7 @@ #include <vnet/ethernet/ethernet.h> #include <vnet/fib/ip4_fib.h> #include <nat/nat.h> -#include <nat/nat_ipfix_logging.h> +#include <nat/lib/ipfix_logging.h> #include <nat/nat_inlines.h> #include <nat/nat44/inlines.h> #include <nat/nat_syslog.h> @@ -119,13 +119,13 @@ nat44_o2i_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg) if (clib_bihash_add_del_8_8 (&tsm->in2out, &s_kv, 0)) nat_elog_warn ("out2in key del failed"); - snat_ipfix_logging_nat44_ses_delete (ctx->thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, - s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_delete (ctx->thread_index, + s->in2out.addr.as_u32, + s->out2in.addr.as_u32, + s->nat_proto, + s->in2out.port, + s->out2in.port, + s->in2out.fib_index); nat_syslog_nat44_apmdel (s->user_index, s->in2out.fib_index, &s->in2out.addr, s->in2out.port, @@ -235,12 +235,12 @@ create_session_for_static_mapping (snat_main_t * sm, nat_elog_notice ("out2in key add failed"); /* log NAT event */ - snat_ipfix_logging_nat44_ses_create (thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_create (thread_index, + s->in2out.addr.as_u32, + s->out2in.addr.as_u32, + s->nat_proto, + s->in2out.port, + s->out2in.port, s->in2out.fib_index); nat_syslog_nat44_apmadd (s->user_index, s->in2out.fib_index, &s->in2out.addr, s->in2out.port, &s->out2in.addr, diff --git a/src/plugins/nat/out2in_ed.c b/src/plugins/nat/out2in_ed.c index c1bc5320c18..de3595b4a33 100644 --- a/src/plugins/nat/out2in_ed.c +++ b/src/plugins/nat/out2in_ed.c @@ -25,7 +25,7 @@ #include <vnet/udp/udp.h> #include <vppinfra/error.h> #include <nat/nat.h> -#include <nat/nat_ipfix_logging.h> +#include <nat/lib/ipfix_logging.h> #include <nat/nat_inlines.h> #include <nat/nat44/inlines.h> #include <nat/nat_syslog.h> @@ -137,13 +137,13 @@ nat44_o2i_ed_is_idle_session_cb (clib_bihash_kv_16_8_t * kv, void *arg) if (snat_is_unk_proto_session (s)) goto delete; - snat_ipfix_logging_nat44_ses_delete (ctx->thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, - s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_delete (ctx->thread_index, + s->in2out.addr.as_u32, + s->out2in.addr.as_u32, + s->nat_proto, + s->in2out.port, + s->out2in.port, + s->in2out.fib_index); nat_syslog_nat44_sdel (s->user_index, s->in2out.fib_index, &s->in2out.addr, s->in2out.port, @@ -230,7 +230,7 @@ nat_alloc_addr_and_port_exact (snat_address_t * a, } /* Totally out of translations to use... */ - snat_ipfix_logging_addresses_exhausted (thread_index, 0); + nat_ipfix_logging_addresses_exhausted (thread_index, 0); return 1; } @@ -371,12 +371,12 @@ create_session_for_static_mapping_ed (snat_main_t * sm, &ctx)) nat_elog_notice ("in2out-ed key add failed"); - snat_ipfix_logging_nat44_ses_create (thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_create (thread_index, + s->in2out.addr.as_u32, + s->out2in.addr.as_u32, + s->nat_proto, + s->in2out.port, + s->out2in.port, s->in2out.fib_index); nat_syslog_nat44_sadd (s->user_index, s->in2out.fib_index, &s->in2out.addr, s->in2out.port, diff --git a/src/plugins/nat/test/test_nat64.py b/src/plugins/nat/test/test_nat64.py index 6f88702d16a..d3bec97801e 100644 --- a/src/plugins/nat/test/test_nat64.py +++ b/src/plugins/nat/test/test_nat64.py @@ -415,8 +415,6 @@ class TestNAT64(VppTestCase): self.assert_packet_checksums_valid(p) return p - # TODO: ipfix needs to be separated from NAT base plugin - @unittest.skipUnless(running_extended_tests, "part of extended tests") def verify_ipfix_max_bibs(self, data, limit): """ Verify IPFIX maximum BIB entries exceeded event @@ -433,8 +431,6 @@ class TestNAT64(VppTestCase): # maxBIBEntries self.assertEqual(struct.pack("I", limit), record[472]) - # TODO: ipfix needs to be separated from NAT base plugin - @unittest.skipUnless(running_extended_tests, "part of extended tests") def verify_ipfix_bib(self, data, is_create, src_addr): """ Verify IPFIX NAT64 BIB create and delete events @@ -463,8 +459,6 @@ class TestNAT64(VppTestCase): # postNAPTSourceTransportPort self.assertEqual(struct.pack("!H", self.tcp_port_out), record[227]) - # TODO: ipfix needs to be separated from NAT base plugin - @unittest.skipUnless(running_extended_tests, "part of extended tests") def verify_ipfix_nat64_ses(self, data, is_create, src_addr, dst_addr, dst_port): """ @@ -583,8 +577,6 @@ class TestNAT64(VppTestCase): packed_pref_n = b''.join([scapy.compat.chb(x) for x in pref_n]) return socket.inet_ntop(socket.AF_INET6, packed_pref_n) - # TODO: ipfix needs to be separated from NAT base plugin - @unittest.skipUnless(running_extended_tests, "part of extended tests") def verify_ipfix_max_sessions(self, data, limit): """ Verify IPFIX maximum session entries exceeded event @@ -1655,7 +1647,6 @@ class TestNAT64(VppTestCase): addresses = self.vapi.nat64_pool_addr_dump() self.assertEqual(0, len(addresses)) - # TODO: ipfix needs to be separated from NAT base plugin @unittest.skipUnless(running_extended_tests, "part of extended tests") def test_ipfix_max_bibs_sessions(self): """ IPFIX logging maximum session and BIB entries exceeded """ @@ -1751,8 +1742,6 @@ class TestNAT64(VppTestCase): data = ipfix.decode_data_set(p.getlayer(Set)) self.verify_ipfix_max_bibs(data, max_bibs) - # TODO: ipfix needs to be separated from NAT base plugin - @unittest.skipUnless(running_extended_tests, "part of extended tests") def test_ipfix_bib_ses(self): """ IPFIX logging NAT64 BIB/session create and delete events """ self.tcp_port_in = random.randint(1025, 65535) |