diff options
| author |   Andrew Yourtchenko <ayourtch@gmail.com> | 2021-02-23 08:56:27 +0000 |
|---|---|---|
| committer |   Damjan Marion <dmarion@me.com> | 2021-03-15 17:53:05 +0000 |
| commit | ab3151c52e3686c629c79a6447cf9df4f73d5c6d (patch) | |
| tree | 9ac5439beef669ad54fda1a6779b99b7e659a48b /src/plugins/nat/pnat/pnat.c | |
| parent | 73d9c9da6a66ca8658f4ff2a0f8421f3d755cb95 (diff) | |
nat: pnat copy and clear byte instructions
Type: feature
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I8e48bdcc4c311717e067bb0a4e0b409a2eb8e83d
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Signed-off-by: Ole Troan <ot@cisco.com>
Diffstat (limited to 'src/plugins/nat/pnat/pnat.c')
| -rw-r--r-- | src/plugins/nat/pnat/pnat.c | 36 |
1 files changed, 30 insertions, 6 deletions
diff --git a/src/plugins/nat/pnat/pnat.c b/src/plugins/nat/pnat/pnat.c index a47521f1747..7f02ec4b2f8 100644 --- a/src/plugins/nat/pnat/pnat.c +++ b/src/plugins/nat/pnat/pnat.c @@ -178,7 +178,7 @@ static int pnat_disable_interface(u32 sw_if_index, */ static inline void pnat_calc_key_from_5tuple(u32 sw_if_index, pnat_attachment_point_t attachment, - pnat_5tuple_t *match, + pnat_match_tuple_t *match, clib_bihash_kv_16_8_t *kv) { pnat_mask_fast_t mask = pnat_mask2fast(match->mask); ip4_address_t src, dst; @@ -202,6 +202,10 @@ pnat_instructions_t pnat_instructions_from_mask(pnat_mask_t m) { i |= PNAT_INSTR_SOURCE_PORT; if (m & PNAT_DPORT) i |= PNAT_INSTR_DESTINATION_PORT; + if (m & PNAT_COPY_BYTE) + i |= PNAT_INSTR_COPY_BYTE; + if (m & PNAT_CLEAR_BYTE) + i |= PNAT_INSTR_CLEAR_BYTE; return i; } @@ -251,7 +255,15 @@ static int pnat_interface_check_mask(u32 sw_if_index, return 0; } -int pnat_binding_add(pnat_5tuple_t *match, pnat_5tuple_t *rewrite, u32 *index) { +/* + * Add a binding to the binding table. + * Returns 0 on success. + * -1: Invalid mask + * -2: Only matches ports for UDP or TCP + * + */ +int pnat_binding_add(pnat_match_tuple_t *match, pnat_rewrite_tuple_t *rewrite, + u32 *index) { pnat_main_t *pm = &pnat_main; *index = -1; @@ -272,21 +284,25 @@ int pnat_binding_add(pnat_5tuple_t *match, pnat_5tuple_t *rewrite, u32 *index) { memcpy(&t->post_sa, &rewrite->src, 4); t->post_sp = rewrite->sport; t->post_dp = rewrite->dport; + t->from_offset = rewrite->from_offset; + t->to_offset = rewrite->to_offset; + t->clear_offset = rewrite->clear_offset; t->instructions = pnat_instructions_from_mask(rewrite->mask); /* These are only used for show commands and trace */ t->match = *match; - - /* Rewrite of protocol is not supported, ignore. */ t->rewrite = *rewrite; - t->rewrite.proto = 0; *index = t - pm->translations; return 0; } + +/* + * Looks a match flow in the flow cache, returns the index in the binding table + */ u32 pnat_flow_lookup(u32 sw_if_index, pnat_attachment_point_t attachment, - pnat_5tuple_t *match) { + pnat_match_tuple_t *match) { pnat_main_t *pm = &pnat_main; clib_bihash_kv_16_8_t kv, value; pnat_calc_key_from_5tuple(sw_if_index, attachment, match, &kv); @@ -296,6 +312,14 @@ u32 pnat_flow_lookup(u32 sw_if_index, pnat_attachment_point_t attachment, return ~0; } +/* + * Attach a binding to an interface / direction. + * Returns 0 on success. + * -1: Binding does not exist + * -2: Interface mask does not match + * -3: Existing match entry in flow table + * -4: Adding flow table entry failed + */ int pnat_binding_attach(u32 sw_if_index, pnat_attachment_point_t attachment, u32 binding_index) { pnat_main_t *pm = &pnat_main; |