cnat: Prepare extended snat policies

Type: refactor

Change-Id: I9ca3333274d6f32b6aff57f0fb3d2049c066337a
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>

1 files changed, 95 insertions, 0 deletions

diff --git a/src/plugins/cnat/cnat_snat_policy.h b/src/plugins/cnat/cnat_snat_policy.h
new file mode 100644
index 00000000000..ff30d19c884
--- /dev/null
+++ b/src/plugins/cnat/cnat_snat_policy.h
@@ -0,0 +1,95 @@
+/*
+ * Copyright (c) 2020 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __CNAT_SNAT_H__
+#define __CNAT_SNAT_H__
+
+#include <cnat/cnat_types.h>
+#include <cnat/cnat_session.h>
+
+/* function to use to decide whether to snat connections in the output
+ * feature. Returns 1 if we should source NAT */
+typedef int (*cnat_snat_policy_t) (vlib_buffer_t *b, cnat_session_t *session);
+
+typedef struct cnat_snat_pfx_table_meta_t_
+{
+  u32 dst_address_length_refcounts[129];
+  u16 *prefix_lengths_in_search_order;
+  uword *non_empty_dst_address_length_bitmap;
+} cnat_snat_pfx_table_meta_t;
+
+typedef struct cnat_snat_exclude_pfx_table_t_
+{
+  /* Stores (ip family, prefix & mask) */
+  clib_bihash_24_8_t ip_hash;
+  /* family dependant cache */
+  cnat_snat_pfx_table_meta_t meta[2];
+  /* Precomputed ip masks (ip4 & ip6) */
+  ip6_address_t ip_masks[129];
+} cnat_snat_exclude_pfx_table_t;
+
+typedef enum cnat_snat_interface_map_type_t_
+{
+  CNAT_SNAT_IF_MAP_INCLUDE_V4 = AF_IP4,
+  CNAT_SNAT_IF_MAP_INCLUDE_V6 = AF_IP6,
+  CNAT_N_SNAT_IF_MAP,
+} cnat_snat_interface_map_type_t;
+
+typedef enum cnat_snat_policy_type_t_
+{
+  CNAT_SNAT_POLICY_NONE = 0,
+  CNAT_SNAT_POLICY_IF_PFX = 1,
+} cnat_snat_policy_type_t;
+
+typedef struct cnat_snat_policy_main_t_
+{
+  /* Longest prefix Match table for source NATing */
+  cnat_snat_exclude_pfx_table_t excluded_pfx;
+
+  /* interface maps including or excluding sw_if_indexes  */
+  clib_bitmap_t *interface_maps[CNAT_N_SNAT_IF_MAP];
+
+  /* SNAT policy for the output feature node */
+  cnat_snat_policy_t snat_policy;
+
+  /* Ip4 Address to use for source NATing */
+  cnat_endpoint_t snat_ip4;
+
+  /* Ip6 Address to use for source NATing */
+  cnat_endpoint_t snat_ip6;
+
+} cnat_snat_policy_main_t;
+
+extern cnat_snat_policy_main_t cnat_snat_policy_main;
+
+extern void cnat_set_snat (ip4_address_t *ip4, ip6_address_t *ip6,
+			   u32 sw_if_index);
+extern int cnat_snat_policy_add_pfx (ip_prefix_t *pfx);
+extern int cnat_snat_policy_del_pfx (ip_prefix_t *pfx);
+extern int cnat_set_snat_policy (cnat_snat_policy_type_t policy);
+extern int cnat_snat_policy_add_del_if (u32 sw_if_index, u8 is_add,
+					cnat_snat_interface_map_type_t table);
+
+int cnat_search_snat_prefix (ip46_address_t *addr, ip_address_family_t af);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
+
+#endif