nat: pnat copy and clear byte instructions

Type: feature
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I8e48bdcc4c311717e067bb0a4e0b409a2eb8e83d
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Signed-off-by: Ole Troan <ot@cisco.com>

1 files changed, 30 insertions, 6 deletions

diff --git a/src/plugins/nat/pnat/pnat.c b/src/plugins/nat/pnat/pnat.c
index a47521f1747..7f02ec4b2f8 100644
--- a/src/plugins/nat/pnat/pnat.c
+++ b/src/plugins/nat/pnat/pnat.c
@@ -178,7 +178,7 @@ static int pnat_disable_interface(u32 sw_if_index,
  */
 static inline void pnat_calc_key_from_5tuple(u32 sw_if_index,
                                              pnat_attachment_point_t attachment,
-                                             pnat_5tuple_t *match,
+                                             pnat_match_tuple_t *match,
                                              clib_bihash_kv_16_8_t *kv) {
     pnat_mask_fast_t mask = pnat_mask2fast(match->mask);
     ip4_address_t src, dst;
@@ -202,6 +202,10 @@ pnat_instructions_t pnat_instructions_from_mask(pnat_mask_t m) {
         i |= PNAT_INSTR_SOURCE_PORT;
     if (m & PNAT_DPORT)
         i |= PNAT_INSTR_DESTINATION_PORT;
+    if (m & PNAT_COPY_BYTE)
+        i |= PNAT_INSTR_COPY_BYTE;
+    if (m & PNAT_CLEAR_BYTE)
+        i |= PNAT_INSTR_CLEAR_BYTE;
     return i;
 }
 
@@ -251,7 +255,15 @@ static int pnat_interface_check_mask(u32 sw_if_index,
     return 0;
 }
 
-int pnat_binding_add(pnat_5tuple_t *match, pnat_5tuple_t *rewrite, u32 *index) {
+/*
+ * Add a binding to the binding table.
+ * Returns 0 on success.
+ *  -1: Invalid mask
+ *  -2: Only matches ports for UDP or TCP
+ *
+ */
+int pnat_binding_add(pnat_match_tuple_t *match, pnat_rewrite_tuple_t *rewrite,
+                     u32 *index) {
     pnat_main_t *pm = &pnat_main;
 
     *index = -1;
@@ -272,21 +284,25 @@ int pnat_binding_add(pnat_5tuple_t *match, pnat_5tuple_t *rewrite, u32 *index) {
     memcpy(&t->post_sa, &rewrite->src, 4);
     t->post_sp = rewrite->sport;
     t->post_dp = rewrite->dport;
+    t->from_offset = rewrite->from_offset;
+    t->to_offset = rewrite->to_offset;
+    t->clear_offset = rewrite->clear_offset;
     t->instructions = pnat_instructions_from_mask(rewrite->mask);
 
     /* These are only used for show commands and trace */
     t->match = *match;
-
-    /* Rewrite of protocol is not supported, ignore. */
     t->rewrite = *rewrite;
-    t->rewrite.proto = 0;
 
     *index = t - pm->translations;
 
     return 0;
 }
+
+/*
+ * Looks a match flow in the flow cache, returns the index  in the binding table
+ */
 u32 pnat_flow_lookup(u32 sw_if_index, pnat_attachment_point_t attachment,
-                     pnat_5tuple_t *match) {
+                     pnat_match_tuple_t *match) {
     pnat_main_t *pm = &pnat_main;
     clib_bihash_kv_16_8_t kv, value;
     pnat_calc_key_from_5tuple(sw_if_index, attachment, match, &kv);
@@ -296,6 +312,14 @@ u32 pnat_flow_lookup(u32 sw_if_index, pnat_attachment_point_t attachment,
     return ~0;
 }
 
+/*
+ * Attach a binding to an interface / direction.
+ * Returns 0 on success.
+ * -1: Binding does not exist
+ * -2: Interface mask does not match
+ * -3: Existing match entry in flow table
+ * -4: Adding flow table entry failed
+ */
 int pnat_binding_attach(u32 sw_if_index, pnat_attachment_point_t attachment,
                         u32 binding_index) {
     pnat_main_t *pm = &pnat_main;