aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/pnat/pnat_cli.c
diff options
context:
space:
mode:
authorAndrew Yourtchenko <ayourtch@gmail.com>2021-02-23 08:56:27 +0000
committerDamjan Marion <dmarion@me.com>2021-03-15 17:53:05 +0000
commitab3151c52e3686c629c79a6447cf9df4f73d5c6d (patch)
tree9ac5439beef669ad54fda1a6779b99b7e659a48b /src/plugins/nat/pnat/pnat_cli.c
parent73d9c9da6a66ca8658f4ff2a0f8421f3d755cb95 (diff)
nat: pnat copy and clear byte instructions
Type: feature Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I8e48bdcc4c311717e067bb0a4e0b409a2eb8e83d Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Signed-off-by: Ole Troan <ot@cisco.com>
Diffstat (limited to 'src/plugins/nat/pnat/pnat_cli.c')
-rw-r--r--src/plugins/nat/pnat/pnat_cli.c87
1 files changed, 76 insertions, 11 deletions
diff --git a/src/plugins/nat/pnat/pnat_cli.c b/src/plugins/nat/pnat/pnat_cli.c
index 84dfd8d5fc4..082f0778acb 100644
--- a/src/plugins/nat/pnat/pnat_cli.c
+++ b/src/plugins/nat/pnat/pnat_cli.c
@@ -26,8 +26,8 @@
/*
* This file contains the handlers for the (unsupported) VPP debug CLI.
*/
-u8 *format_pnat_5tuple(u8 *s, va_list *args) {
- pnat_5tuple_t *t = va_arg(*args, pnat_5tuple_t *);
+u8 *format_pnat_match_tuple(u8 *s, va_list *args) {
+ pnat_match_tuple_t *t = va_arg(*args, pnat_match_tuple_t *);
s = format(s, "{");
if (t->mask & PNAT_SA)
s = format(s, "%U", format_ip4_address, &t->src);
@@ -52,12 +52,38 @@ u8 *format_pnat_5tuple(u8 *s, va_list *args) {
s = format(s, "}");
return s;
}
+u8 *format_pnat_rewrite_tuple(u8 *s, va_list *args) {
+ pnat_rewrite_tuple_t *t = va_arg(*args, pnat_rewrite_tuple_t *);
+ s = format(s, "{");
+ if (t->mask & PNAT_SA)
+ s = format(s, "%U", format_ip4_address, &t->src);
+ else
+ s = format(s, "*");
+ if (t->mask & PNAT_SPORT)
+ s = format(s, ":%u,", t->sport);
+ else
+ s = format(s, ":*,");
+ if (t->mask & PNAT_DA)
+ s = format(s, "%U", format_ip4_address, &t->dst);
+ else
+ s = format(s, "*");
+ if (t->mask & PNAT_DPORT)
+ s = format(s, ":%u", t->dport);
+ else
+ s = format(s, ":*");
+ if (t->mask & PNAT_COPY_BYTE)
+ s = format(s, " copy byte@[%d->%d]", t->from_offset, t->to_offset);
+ if (t->mask & PNAT_CLEAR_BYTE)
+ s = format(s, " clear byte@[%d]", t->clear_offset);
+ s = format(s, "}");
+ return s;
+}
u8 *format_pnat_translation(u8 *s, va_list *args) {
u32 index = va_arg(*args, u32);
pnat_translation_t *t = va_arg(*args, pnat_translation_t *);
- s = format(s, "[%d] match: %U rewrite: %U", index, format_pnat_5tuple,
- &t->match, format_pnat_5tuple, &t->rewrite);
+ s = format(s, "[%d] match: %U rewrite: %U", index, format_pnat_match_tuple,
+ &t->match, format_pnat_rewrite_tuple, &t->rewrite);
return s;
}
@@ -88,8 +114,8 @@ static u8 *format_pnat_interface(u8 *s, va_list *args) {
return s;
}
-uword unformat_pnat_5tuple(unformat_input_t *input, va_list *args) {
- pnat_5tuple_t *t = va_arg(*args, pnat_5tuple_t *);
+uword unformat_pnat_match_tuple(unformat_input_t *input, va_list *args) {
+ pnat_match_tuple_t *t = va_arg(*args, pnat_match_tuple_t *);
u32 dport, sport;
while (1) {
if (unformat(input, "src %U", unformat_ip4_address, &t->src))
@@ -114,6 +140,45 @@ uword unformat_pnat_5tuple(unformat_input_t *input, va_list *args) {
return 1;
}
+uword unformat_pnat_rewrite_tuple(unformat_input_t *input, va_list *args) {
+ pnat_rewrite_tuple_t *t = va_arg(*args, pnat_rewrite_tuple_t *);
+ u32 dport, sport;
+ u32 to_offset, from_offset, clear_offset;
+
+ while (1) {
+ if (unformat(input, "src %U", unformat_ip4_address, &t->src))
+ t->mask |= PNAT_SA;
+ else if (unformat(input, "dst %U", unformat_ip4_address, &t->dst))
+ t->mask |= PNAT_DA;
+ else if (unformat(input, "sport %d", &sport)) {
+ if (sport == 0 || sport > 65535)
+ return 0;
+ t->mask |= PNAT_SPORT;
+ t->sport = sport;
+ } else if (unformat(input, "dport %d", &dport)) {
+ if (dport == 0 || dport > 65535)
+ return 0;
+ t->mask |= PNAT_DPORT;
+ t->dport = dport;
+ } else if (unformat(input, "copy-byte-at-offset %d %d", &from_offset,
+ &to_offset)) {
+ if (from_offset == to_offset || to_offset > 255 ||
+ from_offset > 255)
+ return 0;
+ t->mask |= PNAT_COPY_BYTE;
+ t->from_offset = from_offset;
+ t->to_offset = to_offset;
+ } else if (unformat(input, "clear-byte-at-offset %d", &clear_offset)) {
+ if (clear_offset > 255)
+ return 0;
+ t->mask |= PNAT_CLEAR_BYTE;
+ t->clear_offset = clear_offset;
+ } else
+ break;
+ }
+ return 1;
+}
+
static clib_error_t *set_pnat_translation_command_fn(vlib_main_t *vm,
unformat_input_t *input,
vlib_cli_command_t *cmd) {
@@ -123,17 +188,17 @@ static clib_error_t *set_pnat_translation_command_fn(vlib_main_t *vm,
bool match_set = false, rewrite_set = false;
bool add = true;
u32 sw_if_index = ~0;
- pnat_5tuple_t match = {0};
- pnat_5tuple_t rewrite = {0};
+ pnat_match_tuple_t match = {0};
+ pnat_rewrite_tuple_t rewrite = {0};
/* Get a line of input. */
if (!unformat_user(input, unformat_line_input, line_input))
return 0;
while (unformat_check_input(line_input) != UNFORMAT_END_OF_INPUT) {
- if (unformat(line_input, "match %U", unformat_pnat_5tuple, &match))
+ if (unformat(line_input, "match %U", unformat_pnat_match_tuple, &match))
match_set = true;
- else if (unformat(line_input, "rewrite %U", unformat_pnat_5tuple,
+ else if (unformat(line_input, "rewrite %U", unformat_pnat_rewrite_tuple,
&rewrite))
rewrite_set = true;
else if (unformat(line_input, "interface %U",
@@ -228,7 +293,7 @@ done:
VLIB_CLI_COMMAND(set_pnat_translation_command, static) = {
.path = "set pnat translation",
.short_help = "set pnat translation interface <name> match <5-tuple> "
- "rewrite <5-tuple> {in|out} [del]",
+ "rewrite <tuple> {in|out} [del]",
.function = set_pnat_translation_command_fn,
};