diff options
author | Fahad Naeem <fahadnaeemkhan@gmail.com> | 2022-05-10 01:03:52 -0500 |
---|---|---|
committer | Ole Tr�an <otroan@employees.org> | 2022-05-12 07:30:33 +0000 |
commit | 0891b6aa449cca525b61d0cc23759b2efcd158dc (patch) | |
tree | d2010d7871c420fd9631ec3ea57e62eba738e52e /src/plugins/nat | |
parent | e2159bd2d3721592edee90a511647f83ea9a4781 (diff) |
pnat: add support to wildcard IP Protocol field if not specified
- add pnat_binding_add_v2 which explicitly requires match mask to
set to PNAT_PROTO if we want to match on IP Protocol
- fix pnat_binding_add backward compatibility i.e. no need to set
match mast to PNAT_PROTO
Type: improvement
Signed-off-by: Fahad Naeem <fahadnaeemkhan@gmail.com>
Change-Id: I5a23244be55b7d4c10552c555881527a4b2f325f
Diffstat (limited to 'src/plugins/nat')
-rw-r--r-- | src/plugins/nat/pnat/pnat.api | 18 | ||||
-rw-r--r-- | src/plugins/nat/pnat/pnat.c | 4 | ||||
-rw-r--r-- | src/plugins/nat/pnat/pnat_api.c | 15 | ||||
-rw-r--r-- | src/plugins/nat/pnat/pnat_cli.c | 6 |
4 files changed, 39 insertions, 4 deletions
diff --git a/src/plugins/nat/pnat/pnat.api b/src/plugins/nat/pnat/pnat.api index b6632159d7c..de555c41412 100644 --- a/src/plugins/nat/pnat/pnat.api +++ b/src/plugins/nat/pnat/pnat.api @@ -26,6 +26,7 @@ enum pnat_mask PNAT_DPORT = 0x8, PNAT_COPY_BYTE = 0x10, PNAT_CLEAR_BYTE = 0x20, + PNAT_PROTO = 0x40, }; enum pnat_attachment_point @@ -65,6 +66,7 @@ autoendian define pnat_binding_add vl_api_pnat_rewrite_tuple_t rewrite; }; + autoendian define pnat_binding_add_reply { u32 context; @@ -72,6 +74,22 @@ autoendian define pnat_binding_add_reply u32 binding_index; }; +autoendian define pnat_binding_add_v2 +{ + u32 client_index; + u32 context; + vl_api_pnat_match_tuple_t match; + vl_api_pnat_rewrite_tuple_t rewrite; +}; + + +autoendian define pnat_binding_add_v2_reply +{ + u32 context; + i32 retval; + u32 binding_index; +}; + autoendian autoreply define pnat_binding_del { u32 client_index; diff --git a/src/plugins/nat/pnat/pnat.c b/src/plugins/nat/pnat/pnat.c index 547b063f286..2b4a6b49e96 100644 --- a/src/plugins/nat/pnat/pnat.c +++ b/src/plugins/nat/pnat/pnat.c @@ -56,7 +56,9 @@ static pnat_mask_fast_t pnat_mask2fast(pnat_mask_t lookup_mask) { m.as_u64[0] = 0xffffffff00000000; if (lookup_mask & PNAT_DA) m.as_u64[0] |= 0x00000000ffffffff; - m.as_u64[1] = 0xffffffff00000000; + m.as_u64[1] = 0x00ffffff00000000; + if (lookup_mask & PNAT_PROTO) + m.as_u64[1] |= 0xff00000000000000; if (lookup_mask & PNAT_SPORT) m.as_u64[1] |= 0x00000000ffff0000; if (lookup_mask & PNAT_DPORT) diff --git a/src/plugins/nat/pnat/pnat_api.c b/src/plugins/nat/pnat/pnat_api.c index 35a73955b33..02e61219d1e 100644 --- a/src/plugins/nat/pnat/pnat_api.c +++ b/src/plugins/nat/pnat/pnat_api.c @@ -36,12 +36,27 @@ static void vl_api_pnat_binding_add_t_handler(vl_api_pnat_binding_add_t *mp) { pnat_main_t *pm = &pnat_main; vl_api_pnat_binding_add_reply_t *rmp; u32 binding_index; + + // for backward compatibility + if (mp->match.proto == 0) + mp->match.mask |= PNAT_PROTO; + int rv = pnat_binding_add(&mp->match, &mp->rewrite, &binding_index); REPLY_MACRO2_END(VL_API_PNAT_BINDING_ADD_REPLY, ({ rmp->binding_index = binding_index; })); } static void +vl_api_pnat_binding_add_v2_t_handler(vl_api_pnat_binding_add_t *mp) { + pnat_main_t *pm = &pnat_main; + vl_api_pnat_binding_add_reply_t *rmp; + u32 binding_index; + int rv = pnat_binding_add(&mp->match, &mp->rewrite, &binding_index); + REPLY_MACRO2_END(VL_API_PNAT_BINDING_ADD_V2_REPLY, + ({ rmp->binding_index = binding_index; })); +} + +static void vl_api_pnat_binding_attach_t_handler(vl_api_pnat_binding_attach_t *mp) { pnat_main_t *pm = &pnat_main; vl_api_pnat_binding_attach_reply_t *rmp; diff --git a/src/plugins/nat/pnat/pnat_cli.c b/src/plugins/nat/pnat/pnat_cli.c index 082f0778acb..ce9beee540d 100644 --- a/src/plugins/nat/pnat/pnat_cli.c +++ b/src/plugins/nat/pnat/pnat_cli.c @@ -122,6 +122,8 @@ uword unformat_pnat_match_tuple(unformat_input_t *input, va_list *args) { t->mask |= PNAT_SA; else if (unformat(input, "dst %U", unformat_ip4_address, &t->dst)) t->mask |= PNAT_DA; + else if (unformat(input, "proto %U", unformat_ip_protocol, &t->proto)) + t->mask |= PNAT_PROTO; else if (unformat(input, "sport %d", &sport)) { if (sport == 0 || sport > 65535) return 0; @@ -132,9 +134,7 @@ uword unformat_pnat_match_tuple(unformat_input_t *input, va_list *args) { return 0; t->mask |= PNAT_DPORT; t->dport = dport; - } else if (unformat(input, "proto %U", unformat_ip_protocol, &t->proto)) - ; - else + } else break; } return 1; |