summaryrefslogtreecommitdiffstats
path: root/src/plugins/cnat/cnat_node_snat.c
diff options
context:
space:
mode:
authorNathan Skrzypczak <nathan.skrzypczak@gmail.com>2021-02-25 17:39:03 +0100
committerDave Barach <openvpp@barachs.net>2021-03-04 12:35:15 +0000
commit3fd77f7dea1ac91c5b4c9ede69b992a4e2243153 (patch)
tree21550f5d6e28f55f4e64ee1ddb7697c9e261dd85 /src/plugins/cnat/cnat_node_snat.c
parent8786a4cd4a62f2817da7060afd8523857f504912 (diff)
cnat: Prepare extended snat policies
Type: refactor Change-Id: I9ca3333274d6f32b6aff57f0fb3d2049c066337a Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Diffstat (limited to 'src/plugins/cnat/cnat_node_snat.c')
-rw-r--r--src/plugins/cnat/cnat_node_snat.c25
1 files changed, 12 insertions, 13 deletions
diff --git a/src/plugins/cnat/cnat_node_snat.c b/src/plugins/cnat/cnat_node_snat.c
index 5cc84c42ccd..9212d67ead6 100644
--- a/src/plugins/cnat/cnat_node_snat.c
+++ b/src/plugins/cnat/cnat_node_snat.c
@@ -15,7 +15,7 @@
#include <vlibmemory/api.h>
#include <cnat/cnat_node.h>
-#include <cnat/cnat_snat.h>
+#include <cnat/cnat_snat_policy.h>
#include <cnat/cnat_inline.h>
#include <cnat/cnat_src_policy.h>
@@ -36,7 +36,7 @@ cnat_snat_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
vlib_buffer_t *b, cnat_node_ctx_t *ctx,
int session_not_found, cnat_session_t *session)
{
- cnat_main_t *cm = &cnat_main;
+ cnat_snat_policy_main_t *cpm = &cnat_snat_policy_main;
ip4_header_t *ip4 = NULL;
ip_protocol_t iproto;
ip6_header_t *ip6 = NULL;
@@ -45,7 +45,7 @@ cnat_snat_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
u16 next0;
u16 sport;
u8 trace_flags = 0;
- int rv;
+ int rv, do_snat;
if (AF_IP4 == ctx->af)
{
@@ -80,12 +80,11 @@ cnat_snat_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
ip46_address_set_ip4 (&ip46_dst_address, &ip4->dst_address);
else
ip46_address_set_ip6 (&ip46_dst_address, &ip6->dst_address);
- rv = cnat_search_snat_prefix (&ip46_dst_address, ctx->af);
- if (!rv)
- {
- /* Prefix table hit, we shouldn't source NAT */
- goto trace;
- }
+
+ do_snat = cpm->snat_policy (b, session);
+ if (!do_snat)
+ goto trace;
+
/* New flow, create the sessions if necessary. session will be a snat
session, and rsession will be a dnat session
Note: packet going through this path are going to the outside,
@@ -93,19 +92,19 @@ cnat_snat_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
a VIP) */
if (AF_IP4 == ctx->af)
{
- if (!(cm->snat_ip4.ce_flags & CNAT_EP_FLAG_RESOLVED))
+ if (!(cpm->snat_ip4.ce_flags & CNAT_EP_FLAG_RESOLVED))
goto trace;
ip46_address_set_ip4 (&session->value.cs_ip[VLIB_RX],
- &ip_addr_v4 (&cm->snat_ip4.ce_ip));
+ &ip_addr_v4 (&cpm->snat_ip4.ce_ip));
ip46_address_set_ip4 (&session->value.cs_ip[VLIB_TX],
&ip4->dst_address);
}
else
{
- if (!(cm->snat_ip6.ce_flags & CNAT_EP_FLAG_RESOLVED))
+ if (!(cpm->snat_ip6.ce_flags & CNAT_EP_FLAG_RESOLVED))
goto trace;
ip46_address_set_ip6 (&session->value.cs_ip[VLIB_RX],
- &ip_addr_v6 (&cm->snat_ip6.ce_ip));
+ &ip_addr_v6 (&cpm->snat_ip6.ce_ip));
ip46_address_set_ip6 (&session->value.cs_ip[VLIB_TX],
&ip6->dst_address);
}