cnat: Prepare extended snat policies

Type: refactor Change-Id: I9ca3333274d6f32b6aff57f0fb3d2049c066337a Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
author: Nathan Skrzypczak <nathan.skrzypczak@gmail.com> 2021-02-25 17:39:03 +0100
committer: Dave Barach <openvpp@barachs.net> 2021-03-04 12:35:15 +0000
commit: 3fd77f7dea1ac91c5b4c9ede69b992a4e2243153 (patch)
tree: 21550f5d6e28f55f4e64ee1ddb7697c9e261dd85 /src/plugins/cnat/cnat_node_snat.c
parent: 8786a4cd4a62f2817da7060afd8523857f504912 (diff)
1 files changed, 12 insertions, 13 deletions
diff --git a/src/plugins/cnat/cnat_node_snat.c b/src/plugins/cnat/cnat_node_snat.c
index 5cc84c42ccd..9212d67ead6 100644
--- a/src/plugins/cnat/cnat_node_snat.c
+++ b/src/plugins/cnat/cnat_node_snat.c
@@ -15,7 +15,7 @@
 
 #include <vlibmemory/api.h>
 #include <cnat/cnat_node.h>
-#include <cnat/cnat_snat.h>
+#include <cnat/cnat_snat_policy.h>
 #include <cnat/cnat_inline.h>
 #include <cnat/cnat_src_policy.h>
 
@@ -36,7 +36,7 @@ cnat_snat_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 		   vlib_buffer_t *b, cnat_node_ctx_t *ctx,
 		   int session_not_found, cnat_session_t *session)
 {
-  cnat_main_t *cm = &cnat_main;
+  cnat_snat_policy_main_t *cpm = &cnat_snat_policy_main;
   ip4_header_t *ip4 = NULL;
   ip_protocol_t iproto;
   ip6_header_t *ip6 = NULL;
@@ -45,7 +45,7 @@ cnat_snat_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
   u16 next0;
   u16 sport;
   u8 trace_flags = 0;
-  int rv;
+  int rv, do_snat;
 
   if (AF_IP4 == ctx->af)
     {
@@ -80,12 +80,11 @@ cnat_snat_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 	ip46_address_set_ip4 (&ip46_dst_address, &ip4->dst_address);
       else
 	ip46_address_set_ip6 (&ip46_dst_address, &ip6->dst_address);
-      rv = cnat_search_snat_prefix (&ip46_dst_address, ctx->af);
-      if (!rv)
-	{
-	  /* Prefix table hit, we shouldn't source NAT */
-	  goto trace;
-	}
+
+      do_snat = cpm->snat_policy (b, session);
+      if (!do_snat)
+	goto trace;
+
       /* New flow, create the sessions if necessary. session will be a snat
          session, and rsession will be a dnat session
          Note: packet going through this path are going to the outside,
@@ -93,19 +92,19 @@ cnat_snat_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
          a VIP) */
       if (AF_IP4 == ctx->af)
 	{
-	  if (!(cm->snat_ip4.ce_flags & CNAT_EP_FLAG_RESOLVED))
+	  if (!(cpm->snat_ip4.ce_flags & CNAT_EP_FLAG_RESOLVED))
 	    goto trace;
 	  ip46_address_set_ip4 (&session->value.cs_ip[VLIB_RX],
-				&ip_addr_v4 (&cm->snat_ip4.ce_ip));
+				&ip_addr_v4 (&cpm->snat_ip4.ce_ip));
 	  ip46_address_set_ip4 (&session->value.cs_ip[VLIB_TX],
 				&ip4->dst_address);
 	}
       else
 	{
-	  if (!(cm->snat_ip6.ce_flags & CNAT_EP_FLAG_RESOLVED))
+	  if (!(cpm->snat_ip6.ce_flags & CNAT_EP_FLAG_RESOLVED))
 	    goto trace;
 	  ip46_address_set_ip6 (&session->value.cs_ip[VLIB_RX],
-				&ip_addr_v6 (&cm->snat_ip6.ce_ip));
+				&ip_addr_v6 (&cpm->snat_ip6.ce_ip));
 	  ip46_address_set_ip6 (&session->value.cs_ip[VLIB_TX],
 				&ip6->dst_address);
 	}
author	Nathan Skrzypczak <nathan.skrzypczak@gmail.com>	2021-02-25 17:39:03 +0100
committer	Dave Barach <openvpp@barachs.net>	2021-03-04 12:35:15 +0000
commit	3fd77f7dea1ac91c5b4c9ede69b992a4e2243153 (patch)
tree	21550f5d6e28f55f4e64ee1ddb7697c9e261dd85 /src/plugins/cnat/cnat_node_snat.c
parent	8786a4cd4a62f2817da7060afd8523857f504912 (diff)