summaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/pnat/pnat_test_stubs.h
diff options
context:
space:
mode:
authorOle Troan <ot@cisco.com>2021-01-12 21:49:38 +0100
committerNeale Ranns <neale@graphiant.com>2021-02-05 13:27:48 +0000
commit18327be5d458f9f73c12d76e677ee5a068ec6b10 (patch)
treebac6dbc08280e5bd6d5749ea56c862e6cdc38434 /src/plugins/nat/pnat/pnat_test_stubs.h
parent490b92738f3cc1c8d534abd6dee8dba942cb652d (diff)
nat: 1:1 policy NAT
A NAT sub-plugin doing statically configured match/rewrite on IP4 input or output. It's stateless (no connection tracking). Currently it supports rewriting of SA, DA and TCP/UDP ports. It should be simple to add new rewrites if required. API: pnat_binding_add, pnat_binding_del, pnat_bindings_get, pnat_interfaces_get CLI: set pnat translation interface <name> match <5-tuple> rewrite <5-tuple> {in|out} [del] show pnat translations show pnat interfaces Trying a new C based unit testing scheme. Where the graph node is tested in isolation. See pnat/pnat_test.c. Also added new cmake targets to generate coverage directly. E.g.: make test_pnat-ccov-report File '/vpp/sdnat/src/plugins/nat/pnat/pnat.c': Name Regions Miss Cover Lines Miss Cover ------------------------------------------------------------------------------------ pnat_interface_by_sw_if_index 39 8 79.49% 13 0 100.00% pnat_instructions_from_mask 9 0 100.00% 13 0 100.00% pnat_binding_add 64 8 87.50% 31 2 93.55% pnat_flow_lookup 4 4 0.00% 10 10 0.00% pnat_binding_attach 104 75 27.88% 33 6 81.82% pnat_binding_detach 30 5 83.33% 23 2 91.30% pnat_binding_del 97 33 65.98% 17 3 82.35% pnat.c:pnat_calc_key_from_5tuple 9 1 88.89% 14 1 92.86% pnat.c:pnat_interface_check_mask 10 2 80.00% 11 2 81.82% pnat.c:pnat_enable 5 0 100.00% 11 0 100.00% pnat.c:pnat_enable_interface 107 26 75.70% 60 15 75.00% pnat.c:pnat_disable_interface 91 30 67.03% 32 7 78.12% pnat.c:pnat_disable 7 2 71.43% 13 7 46.15% ------------------------------------------------------------------------------------ TOTAL 576 194 66.32% 281 55 80.43% File '/vpp/sdnat/src/plugins/nat/pnat/pnat_node.h': Name Regions Miss Cover Lines Miss Cover ------------------------------------------------------------------------------------ pnat_test.c:pnat_node_inline 67 11 83.58% 115 1 99.13% pnat_test.c:pnat_calc_key 9 2 77.78% 14 2 85.71% pnat_test.c:pnat_rewrite_ip4 55 11 80.00% 60 12 80.00% pnat_test.c:format_pnat_trace 1 1 0.00% 12 12 0.00% pnat_node.c:pnat_node_inline 63 63 0.00% 115 115 0.00% pnat_node.c:pnat_calc_key 9 9 0.00% 14 14 0.00% pnat_node.c:pnat_rewrite_ip4 55 55 0.00% 60 60 0.00% pnat_node.c:format_pnat_trace 5 5 0.00% 12 12 0.00% ------------------------------------------------------------------------------------ TOTAL 264 157 40.53% 402 228 43.28% Type: feature Change-Id: I9c897f833603054a8303e7369ebff6512517c9e0 Signed-off-by: Ole Troan <ot@cisco.com>
Diffstat (limited to 'src/plugins/nat/pnat/pnat_test_stubs.h')
-rw-r--r--src/plugins/nat/pnat/pnat_test_stubs.h214
1 files changed, 214 insertions, 0 deletions
diff --git a/src/plugins/nat/pnat/pnat_test_stubs.h b/src/plugins/nat/pnat/pnat_test_stubs.h
new file mode 100644
index 00000000000..2801398407c
--- /dev/null
+++ b/src/plugins/nat/pnat/pnat_test_stubs.h
@@ -0,0 +1,214 @@
+/*
+ * Copyright (c) 2021 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef included_pnat_test_stubs_h
+#define included_pnat_test_stubs_h
+
+void os_panic(void) {}
+void os_exit(int code) {}
+u32 ip4_fib_table_get_index_for_sw_if_index(u32 sw_if_index) { return 0; }
+#include <vpp/stats/stat_segment.h>
+clib_error_t *stat_segment_register_gauge(u8 *names,
+ stat_segment_update_fn update_fn,
+ u32 index) {
+ return 0;
+};
+#include <vnet/feature/feature.h>
+vnet_feature_main_t feature_main;
+void classify_get_trace_chain(void){};
+
+/* Format an IP4 address. */
+u8 *format_ip4_address(u8 *s, va_list *args) {
+ u8 *a = va_arg(*args, u8 *);
+ return format(s, "%d.%d.%d.%d", a[0], a[1], a[2], a[3]);
+}
+
+u8 *format_pnat_5tuple(u8 *s, va_list *args) { return 0; }
+
+vl_counter_t pnat_error_counters[10];
+
+int ip4_sv_reass_enable_disable_with_refcnt(u32 sw_if_index, int is_enable) {
+ return 0;
+}
+int ip4_sv_reass_output_enable_disable_with_refcnt(u32 sw_if_index,
+ int is_enable) {
+ return 0;
+}
+int vnet_feature_enable_disable(const char *arc_name, const char *node_name,
+ u32 sw_if_index, int enable_disable,
+ void *feature_config,
+ u32 n_feature_config_bytes) {
+ return 0;
+}
+vnet_main_t *vnet_get_main(void) { return 0; }
+
+static struct {
+ vec_header_t h;
+ vlib_main_t *vm;
+} __attribute__((packed)) __bootstrap_vlib_main_vector
+ __attribute__((aligned(CLIB_CACHE_LINE_BYTES))) = {
+ .h.len = 1,
+ .vm = &vlib_global_main,
+};
+
+vlib_main_t **vlib_mains = &__bootstrap_vlib_main_vector.vm;
+
+/* Compute TCP/UDP/ICMP4 checksum in software. */
+u16 ip4_tcp_udp_compute_checksum(vlib_main_t *vm, vlib_buffer_t *p0,
+ ip4_header_t *ip0) {
+ ip_csum_t sum0;
+ u32 ip_header_length, payload_length_host_byte_order;
+
+ /* Initialize checksum with ip header. */
+ ip_header_length = ip4_header_bytes(ip0);
+ payload_length_host_byte_order =
+ clib_net_to_host_u16(ip0->length) - ip_header_length;
+ sum0 = clib_host_to_net_u32(payload_length_host_byte_order +
+ (ip0->protocol << 16));
+
+ if (BITS(uword) == 32) {
+ sum0 = ip_csum_with_carry(sum0,
+ clib_mem_unaligned(&ip0->src_address, u32));
+ sum0 = ip_csum_with_carry(sum0,
+ clib_mem_unaligned(&ip0->dst_address, u32));
+ } else
+ sum0 = ip_csum_with_carry(sum0,
+ clib_mem_unaligned(&ip0->src_address, u64));
+ return ip_calculate_l4_checksum(vm, p0, sum0,
+ payload_length_host_byte_order, (u8 *)ip0,
+ ip_header_length, NULL);
+}
+
+u32 ip4_tcp_udp_validate_checksum(vlib_main_t *vm, vlib_buffer_t *p0) {
+ ip4_header_t *ip0 = vlib_buffer_get_current(p0);
+ udp_header_t *udp0;
+ u16 sum16;
+
+ ASSERT(ip0->protocol == IP_PROTOCOL_TCP ||
+ ip0->protocol == IP_PROTOCOL_UDP);
+
+ udp0 = (void *)(ip0 + 1);
+ if (ip0->protocol == IP_PROTOCOL_UDP && udp0->checksum == 0) {
+ p0->flags |= (VNET_BUFFER_F_L4_CHECKSUM_COMPUTED |
+ VNET_BUFFER_F_L4_CHECKSUM_CORRECT);
+ return p0->flags;
+ }
+
+ sum16 = ip4_tcp_udp_compute_checksum(vm, p0, ip0);
+
+ p0->flags |= (VNET_BUFFER_F_L4_CHECKSUM_COMPUTED |
+ ((sum16 == 0) << VNET_BUFFER_F_LOG2_L4_CHECKSUM_CORRECT));
+
+ return p0->flags;
+}
+u8 *format_tcp_header(u8 *s, va_list *args) {
+ tcp_header_t *tcp = va_arg(*args, tcp_header_t *);
+ u32 max_header_bytes = va_arg(*args, u32);
+ u32 header_bytes;
+ u32 indent;
+
+ /* Nothing to do. */
+ if (max_header_bytes < sizeof(tcp[0]))
+ return format(s, "TCP header truncated");
+
+ indent = format_get_indent(s);
+ indent += 2;
+ header_bytes = tcp_header_bytes(tcp);
+
+ s = format(s, "TCP: %d -> %d", clib_net_to_host_u16(tcp->src),
+ clib_net_to_host_u16(tcp->dst));
+
+ s = format(s, "\n%Useq. 0x%08x ack 0x%08x", format_white_space, indent,
+ clib_net_to_host_u32(tcp->seq_number),
+ clib_net_to_host_u32(tcp->ack_number));
+
+ s = format(s, "\n%Utcp header: %d bytes", format_white_space, indent,
+ tcp->flags, header_bytes);
+
+ s = format(s, "\n%Uwindow %d, checksum 0x%04x", format_white_space, indent,
+ clib_net_to_host_u16(tcp->window),
+ clib_net_to_host_u16(tcp->checksum));
+ return s;
+}
+
+/* Format an IP4 header. */
+u8 *format_ip4_header(u8 *s, va_list *args) {
+ ip4_header_t *ip = va_arg(*args, ip4_header_t *);
+ u32 max_header_bytes = va_arg(*args, u32);
+ u32 ip_version, header_bytes;
+ u32 indent;
+
+ /* Nothing to do. */
+ if (max_header_bytes < sizeof(ip[0]))
+ return format(s, "IP header truncated");
+
+ indent = format_get_indent(s);
+ indent += 2;
+
+ ip_version = (ip->ip_version_and_header_length >> 4);
+ header_bytes = (ip->ip_version_and_header_length & 0xf) * sizeof(u32);
+
+ s = format(s, "%d: %U -> %U", ip->protocol, format_ip4_address,
+ ip->src_address.data, format_ip4_address, ip->dst_address.data);
+
+ /* Show IP version and header length only with unexpected values. */
+ if (ip_version != 4 || header_bytes != sizeof(ip4_header_t))
+ s = format(s, "\n%Uversion %d, header length %d", format_white_space,
+ indent, ip_version, header_bytes);
+
+ s = format(s, "\n%Utos 0x%02x, ttl %d, length %d, checksum 0x%04x",
+ format_white_space, indent, ip->tos, ip->ttl,
+ clib_net_to_host_u16(ip->length),
+ clib_net_to_host_u16(ip->checksum));
+
+ /* Check and report invalid checksums. */
+ {
+ if (!ip4_header_checksum_is_valid(ip))
+ s = format(s, " (should be 0x%04x)",
+ clib_net_to_host_u16(ip4_header_checksum(ip)));
+ }
+
+ {
+ u32 f = clib_net_to_host_u16(ip->flags_and_fragment_offset);
+ u32 o;
+
+ s = format(s, "\n%Ufragment id 0x%04x", format_white_space, indent,
+ clib_net_to_host_u16(ip->fragment_id));
+
+ /* Fragment offset. */
+ o = 8 * (f & 0x1fff);
+ f ^= f & 0x1fff;
+ if (o != 0)
+ s = format(s, " offset %d", o);
+
+ if (f != 0) {
+ s = format(s, ", flags ");
+#define _(l) \
+ if (f & IP4_HEADER_FLAG_##l) \
+ s = format(s, #l);
+ _(MORE_FRAGMENTS);
+ _(DONT_FRAGMENT);
+ _(CONGESTION);
+#undef _
+ }
+ /* Fragment packet but not the first. */
+ if (o != 0)
+ return s;
+ }
+
+ return s;
+}
+
+#endif