aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/nat
diff options
context:
space:
mode:
authorFilip Varga <fivarga@cisco.com>2020-11-09 12:24:03 +0100
committerOle Tr�an <otroan@employees.org>2020-11-13 15:45:23 +0000
commit25fd8ad03e6ef321604437fe8fc56ab2b3858cd7 (patch)
treef362bfad633f80ebad6c811dbf7c98ef5a701ddb /src/plugins/nat
parente655240550f0670279b0ca40942887715b8f514e (diff)
nat: cleanup & reorganization
Fixed compatibility issue between nat ei and nat ed modes. Moved nat syslogging to nat librarry. Deprecating apis that will be integrated in upcoming candidate configuration patch. Type: refactor Change-Id: I334b1b05b81b74667c5c76a05f768442e0dcf7e8 Signed-off-by: Filip Varga <fivarga@cisco.com>
Diffstat (limited to 'src/plugins/nat')
-rw-r--r--src/plugins/nat/CMakeLists.txt6
-rw-r--r--src/plugins/nat/det44/det44.c5
-rw-r--r--src/plugins/nat/det44/det44.h14
-rw-r--r--src/plugins/nat/dslite/dslite_in2out.c2
-rw-r--r--src/plugins/nat/in2out.c2
-rw-r--r--src/plugins/nat/in2out_ed.c2
-rw-r--r--src/plugins/nat/lib/ipfix_logging.c7
-rw-r--r--src/plugins/nat/lib/ipfix_logging.h2
-rw-r--r--src/plugins/nat/lib/lib.h24
-rw-r--r--src/plugins/nat/lib/nat_syslog.c (renamed from src/plugins/nat/nat_syslog.c)4
-rw-r--r--src/plugins/nat/lib/nat_syslog.h (renamed from src/plugins/nat/nat_syslog.h)2
-rw-r--r--src/plugins/nat/nat.c9
-rw-r--r--src/plugins/nat/nat.h12
-rw-r--r--src/plugins/nat/nat44.api36
-rw-r--r--src/plugins/nat/nat44_api.c31
-rw-r--r--src/plugins/nat/nat44_cli.c27
-rw-r--r--src/plugins/nat/nat64/nat64_db.c2
-rw-r--r--src/plugins/nat/nat_inlines.h38
-rw-r--r--src/plugins/nat/nat_types.api18
-rw-r--r--src/plugins/nat/out2in.c2
-rw-r--r--src/plugins/nat/out2in_ed.c2
-rw-r--r--src/plugins/nat/test/test_nat44.py (renamed from src/plugins/nat/test/test_nat.py)0
22 files changed, 122 insertions, 125 deletions
diff --git a/src/plugins/nat/CMakeLists.txt b/src/plugins/nat/CMakeLists.txt
index 054ad687f75..0c28fa31da5 100644
--- a/src/plugins/nat/CMakeLists.txt
+++ b/src/plugins/nat/CMakeLists.txt
@@ -16,10 +16,12 @@ set(CMAKE_VERBOSE_MAKEFILE ON)
add_vpp_library(nat
SOURCES
lib/ipfix_logging.c
+ lib/nat_syslog.c
lib/alloc.c
INSTALL_HEADERS
lib/ipfix_logging.h
+ lib/nat_syslog.h
lib/alloc.h
)
@@ -38,7 +40,6 @@ add_vpp_plugin(nat
nat44_classify.c
nat_affinity.c
nat_format.c
- nat_syslog.c
nat_ha.c
MULTIARCH_SOURCES
@@ -59,7 +60,6 @@ add_vpp_plugin(nat
add_vpp_plugin(dslite
SOURCES
- nat_syslog.c
dslite/dslite_api.c
dslite/dslite_dpo.c
dslite/dslite.c
@@ -83,7 +83,6 @@ add_vpp_plugin(dslite
add_vpp_plugin(nat66
SOURCES
- nat_syslog.c
nat66/nat66.c
nat66/nat66_cli.c
nat66/nat66_api.c
@@ -122,7 +121,6 @@ add_vpp_plugin(det44
add_vpp_plugin(nat64
SOURCES
- nat_syslog.c
nat64/nat64.c
nat64/nat64_db.c
nat64/nat64_cli.c
diff --git a/src/plugins/nat/det44/det44.c b/src/plugins/nat/det44/det44.c
index 886092cea50..582fd20cd5d 100644
--- a/src/plugins/nat/det44/det44.c
+++ b/src/plugins/nat/det44/det44.c
@@ -188,10 +188,7 @@ void
det44_reset_timeouts ()
{
det44_main_t *dm = &det44_main;
- dm->timeouts.udp = 300;
- dm->timeouts.tcp.established = 7440;
- dm->timeouts.tcp.transitory = 240;
- dm->timeouts.icmp = 60;
+ nat_reset_timeouts (&dm->timeouts);
}
int
diff --git a/src/plugins/nat/det44/det44.h b/src/plugins/nat/det44/det44.h
index 83eefc9fe0d..84d570bfd56 100644
--- a/src/plugins/nat/det44/det44.h
+++ b/src/plugins/nat/det44/det44.h
@@ -80,20 +80,6 @@ typedef struct
u32 cached_ip4_address;
} det44_runtime_t;
-typedef struct nat_timeouts_s
-{
- u32 udp;
-
- struct
- {
- u32 transitory;
- u32 established;
- } tcp;
-
- u32 icmp;
-
-} nat_timeouts_t;
-
/* deterministic session outside key */
typedef struct
{
diff --git a/src/plugins/nat/dslite/dslite_in2out.c b/src/plugins/nat/dslite/dslite_in2out.c
index a8204179a58..409c59c218c 100644
--- a/src/plugins/nat/dslite/dslite_in2out.c
+++ b/src/plugins/nat/dslite/dslite_in2out.c
@@ -13,7 +13,7 @@
* limitations under the License.
*/
#include <nat/dslite/dslite.h>
-#include <nat/nat_syslog.h>
+#include <nat/lib/nat_syslog.h>
typedef enum
{
diff --git a/src/plugins/nat/in2out.c b/src/plugins/nat/in2out.c
index 0656b305df7..85df078dfd2 100644
--- a/src/plugins/nat/in2out.c
+++ b/src/plugins/nat/in2out.c
@@ -28,7 +28,7 @@
#include <nat/lib/ipfix_logging.h>
#include <nat/nat_inlines.h>
#include <nat/nat44/inlines.h>
-#include <nat/nat_syslog.h>
+#include <nat/lib/nat_syslog.h>
#include <nat/nat_ha.h>
#include <vppinfra/hash.h>
diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c
index 2af0ba706fe..5973d36ba19 100644
--- a/src/plugins/nat/in2out_ed.c
+++ b/src/plugins/nat/in2out_ed.c
@@ -28,7 +28,7 @@
#include <nat/lib/ipfix_logging.h>
#include <nat/nat_inlines.h>
#include <nat/nat44/inlines.h>
-#include <nat/nat_syslog.h>
+#include <nat/lib/nat_syslog.h>
#include <nat/nat_ha.h>
#include <nat/nat44/ed_inlines.h>
#include <nat/lib/nat_inlines.h>
diff --git a/src/plugins/nat/lib/ipfix_logging.c b/src/plugins/nat/lib/ipfix_logging.c
index 6a944692f47..f66458572d3 100644
--- a/src/plugins/nat/lib/ipfix_logging.c
+++ b/src/plugins/nat/lib/ipfix_logging.c
@@ -1269,6 +1269,13 @@ nat_ipfix_flush (u32 thread_index)
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, do_flush);
}
+int
+nat_ipfix_logging_enabled ()
+{
+ nat_ipfix_logging_main_t *silm = &nat_ipfix_logging_main;
+ return !clib_atomic_fetch_or(&silm->enabled, 0);
+}
+
void
nat_ipfix_flush_from_main (void)
{
diff --git a/src/plugins/nat/lib/ipfix_logging.h b/src/plugins/nat/lib/ipfix_logging.h
index 53aa86b2a38..0b2357a2604 100644
--- a/src/plugins/nat/lib/ipfix_logging.h
+++ b/src/plugins/nat/lib/ipfix_logging.h
@@ -112,6 +112,8 @@ typedef struct {
extern nat_ipfix_logging_main_t nat_ipfix_logging_main;
+int nat_ipfix_logging_enabled ();
+
void nat_ipfix_logging_init (vlib_main_t * vm);
int nat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port);
void nat_ipfix_logging_nat44_ses_create (u32 thread_index, u32 src_ip,
diff --git a/src/plugins/nat/lib/lib.h b/src/plugins/nat/lib/lib.h
index febe829ce56..04bad5c74f7 100644
--- a/src/plugins/nat/lib/lib.h
+++ b/src/plugins/nat/lib/lib.h
@@ -67,12 +67,34 @@ typedef enum
#undef _
} nat_protocol_t;
-/* default session timeouts */
+/* default protocol timeouts */
#define NAT_UDP_TIMEOUT 300
#define NAT_TCP_TRANSITORY_TIMEOUT 240
#define NAT_TCP_ESTABLISHED_TIMEOUT 7440
#define NAT_ICMP_TIMEOUT 60
+typedef struct
+{
+ struct
+ {
+ u32 established;
+ u32 transitory;
+ } tcp;
+
+ u32 udp;
+ u32 icmp;
+
+} nat_timeouts_t;
+
+static_always_inline void
+nat_reset_timeouts (nat_timeouts_t * timeouts)
+{
+ timeouts->udp = NAT_UDP_TIMEOUT;
+ timeouts->tcp.established = NAT_TCP_ESTABLISHED_TIMEOUT;
+ timeouts->tcp.transitory = NAT_TCP_TRANSITORY_TIMEOUT;
+ timeouts->icmp = NAT_ICMP_TIMEOUT;
+}
+
// TODO: move common formating definitions here
#endif /* included_nat_lib_h__ */
diff --git a/src/plugins/nat/nat_syslog.c b/src/plugins/nat/lib/nat_syslog.c
index 0d7053d9ce3..2c395bf7fd8 100644
--- a/src/plugins/nat/nat_syslog.c
+++ b/src/plugins/nat/lib/nat_syslog.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Copyright (c) 2020 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
@@ -20,7 +20,7 @@
#include <vnet/ip/ip.h>
#include <vnet/syslog/syslog.h>
-#include <nat/nat_syslog.h>
+#include <nat/lib/nat_syslog.h>
#include <nat/lib/inlines.h>
#define NAT_FACILITY SYSLOG_FACILITY_LOCAL0
diff --git a/src/plugins/nat/nat_syslog.h b/src/plugins/nat/lib/nat_syslog.h
index 755e344ee67..9721664cf54 100644
--- a/src/plugins/nat/nat_syslog.h
+++ b/src/plugins/nat/lib/nat_syslog.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Copyright (c) 2020 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c
index 39dd1db650a..74adae9ce34 100644
--- a/src/plugins/nat/nat.c
+++ b/src/plugins/nat/nat.c
@@ -22,10 +22,10 @@
#include <nat/nat.h>
#include <nat/nat_dpo.h>
#include <nat/lib/ipfix_logging.h>
+#include <nat/lib/nat_syslog.h>
#include <nat/nat_inlines.h>
#include <nat/nat44/inlines.h>
#include <nat/nat_affinity.h>
-#include <nat/nat_syslog.h>
#include <nat/nat_ha.h>
#include <vnet/fib/fib_table.h>
#include <vnet/fib/ip4_fib.h>
@@ -1379,7 +1379,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port,
uword *bitmap = 0;
if (!sm->endpoint_dependent)
- return VNET_API_ERROR_FEATURE_DISABLED;
+ return VNET_API_ERROR_UNSUPPORTED;
init_nat_k (&kv, e_addr, e_port, 0, proto);
if (clib_bihash_search_8_8 (&sm->static_mapping_by_external, &kv, &value))
@@ -2875,10 +2875,7 @@ nat44_plugin_enable (nat44_config_t c)
sm->alloc_addr_and_port = nat_alloc_addr_and_port_default;
sm->addr_and_port_alloc_alg = NAT_ADDR_AND_PORT_ALLOC_ALG_DEFAULT;
//
- sm->udp_timeout = SNAT_UDP_TIMEOUT;
- sm->icmp_timeout = SNAT_ICMP_TIMEOUT;
- sm->tcp_transitory_timeout = SNAT_TCP_TRANSITORY_TIMEOUT;
- sm->tcp_established_timeout = SNAT_TCP_ESTABLISHED_TIMEOUT;
+ nat_reset_timeouts (&sm->timeouts);
// nat44 feature configuration
sm->endpoint_dependent = c.endpoint_dependent;
diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h
index 9b11736f5ac..710c86fc8d9 100644
--- a/src/plugins/nat/nat.h
+++ b/src/plugins/nat/nat.h
@@ -36,12 +36,6 @@
#include <nat/lib/lib.h>
#include <nat/lib/inlines.h>
-/* default session timeouts */
-#define SNAT_UDP_TIMEOUT 300
-#define SNAT_TCP_TRANSITORY_TIMEOUT 240
-#define SNAT_TCP_ESTABLISHED_TIMEOUT 7440
-#define SNAT_ICMP_TIMEOUT 60
-
/* number of worker handoff frame queue elements */
#define NAT_FQ_NELTS 64
@@ -643,11 +637,7 @@ typedef struct snat_main_s
u32 inside_vrf_id;
u32 inside_fib_index;
- /* values of various timeouts */
- u32 udp_timeout;
- u32 tcp_transitory_timeout;
- u32 tcp_established_timeout;
- u32 icmp_timeout;
+ nat_timeouts_t timeouts;
/* TCP MSS clamping */
u16 mss_clamping;
diff --git a/src/plugins/nat/nat44.api b/src/plugins/nat/nat44.api
index ec8c41640b0..4bbd254f67a 100644
--- a/src/plugins/nat/nat44.api
+++ b/src/plugins/nat/nat44.api
@@ -19,17 +19,13 @@ import "vnet/interface_types.api";
import "plugins/nat/nat_types.api";
/**
- * @file nat.api
+ * @file nat44.api
* @brief VPP control-plane API messages.
*
* This file defines VPP control-plane API messages which are generally
* called through a shared memory interface.
*/
-/*
- * Common NAT plugin APIs
- */
-
enum nat44_config_flags : u8
{
NAT44_IS_ENDPOINT_INDEPENDENT = 0x00,
@@ -250,30 +246,20 @@ define nat44_show_running_config_reply
option in_progress;
u32 context;
i32 retval;
-
u32 inside_vrf;
u32 outside_vrf;
-
u32 users;
u32 sessions;
u32 user_sessions;
-
u32 user_buckets;
u32 translation_buckets;
-
+ bool forwarding_enabled;
+ bool ipfix_logging_enabled;
+ vl_api_nat_timeouts_t timeouts;
+ vl_api_nat_log_level_t log_level;
vl_api_nat44_config_flags_t flags;
};
-enum nat_log_level : u8
-{
- NAT_LOG_NONE = 0x00,
- NAT_LOG_ERROR = 0x01,
- NAT_LOG_WARNING = 0x02,
- NAT_LOG_NOTICE = 0x03,
- NAT_LOG_INFO = 0x04,
- NAT_LOG_DEBUG = 0x05,
-};
-
/** \brief Run nat44 garbage collection
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@@ -303,6 +289,7 @@ autoreply define nat44_set_session_limit {
@param log_level - logging level
*/
autoreply define nat_set_log_level {
+ option deprecated;
u32 client_index;
u32 context;
vl_api_nat_log_level_t log_level;
@@ -349,6 +336,7 @@ define nat_worker_details {
@param enable - true if enable, false if disable
*/
autoreply define nat_ipfix_enable_disable {
+ option deprecated;
u32 client_index;
u32 context;
u32 domain_id;
@@ -365,6 +353,7 @@ autoreply define nat_ipfix_enable_disable {
@param icmp - ICMP timeout (default 60sec)
*/
autoreply define nat_set_timeouts {
+ option deprecated;
u32 client_index;
u32 context;
u32 udp;
@@ -378,6 +367,7 @@ autoreply define nat_set_timeouts {
@param context - sender context, to match reply w/ request
*/
define nat_get_timeouts {
+ option deprecated;
u32 client_index;
u32 context;
};
@@ -391,6 +381,7 @@ define nat_get_timeouts {
@param icmp - ICMP timeout
*/
define nat_get_timeouts_reply {
+ option deprecated;
u32 context;
i32 retval;
u32 udp;
@@ -610,10 +601,6 @@ service {
rpc nat_ha_resync returns nat_ha_resync_reply events nat_ha_resync_completed_event;
};
-/*
- * NAT44 APIs
- */
-
/** \brief Del NAT44 user
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@@ -1164,6 +1151,7 @@ autoreply define nat44_del_session {
@param enable - true for enable, false for disable
*/
autoreply define nat44_forwarding_enable_disable {
+ option deprecated;
u32 client_index;
u32 context;
bool enable;
@@ -1174,6 +1162,7 @@ autoreply define nat44_forwarding_enable_disable {
@param context - sender context, to match reply w/ request
*/
define nat44_forwarding_is_enabled {
+ option deprecated;
u32 client_index;
u32 context;
};
@@ -1183,6 +1172,7 @@ define nat44_forwarding_is_enabled {
@param enabled - true if enabled, false if disabled
*/
define nat44_forwarding_is_enabled_reply {
+ option deprecated;
u32 context;
bool enabled;
};
diff --git a/src/plugins/nat/nat44_api.c b/src/plugins/nat/nat44_api.c
index 2028b3510df..6e282856943 100644
--- a/src/plugins/nat/nat44_api.c
+++ b/src/plugins/nat/nat44_api.c
@@ -129,6 +129,15 @@ vl_api_nat44_show_running_config_t_handler (vl_api_nat44_show_running_config_t
rmp->user_buckets = htonl (sm->user_buckets);
rmp->translation_buckets = htonl (sm->translation_buckets);
+ rmp->timeouts.udp = htonl (sm->timeouts.udp);
+ rmp->timeouts.tcp_established = htonl (sm->timeouts.tcp.established);
+ rmp->timeouts.tcp_transitory = htonl (sm->timeouts.tcp.transitory);
+ rmp->timeouts.icmp = htonl (sm->timeouts.icmp);
+
+ rmp->forwarding_enabled = sm->forwarding_enabled == 1;
+ // consider how to split functionality between subplugins
+ rmp->ipfix_logging_enabled = nat_ipfix_logging_enabled ();
+
if (rc->endpoint_dependent)
rmp->flags |= NAT44_IS_ENDPOINT_DEPENDENT;
else
@@ -300,10 +309,10 @@ vl_api_nat_set_timeouts_t_handler (vl_api_nat_set_timeouts_t * mp)
vl_api_nat_set_timeouts_reply_t *rmp;
int rv = 0;
- sm->udp_timeout = ntohl (mp->udp);
- sm->tcp_established_timeout = ntohl (mp->tcp_established);
- sm->tcp_transitory_timeout = ntohl (mp->tcp_transitory);
- sm->icmp_timeout = ntohl (mp->icmp);
+ sm->timeouts.udp = ntohl (mp->udp);
+ sm->timeouts.tcp.established = ntohl (mp->tcp_established);
+ sm->timeouts.tcp.transitory = ntohl (mp->tcp_transitory);
+ sm->timeouts.icmp = ntohl (mp->icmp);
REPLY_MACRO (VL_API_NAT_SET_TIMEOUTS_REPLY);
}
@@ -318,10 +327,10 @@ vl_api_nat_get_timeouts_t_handler (vl_api_nat_get_timeouts_t * mp)
/* *INDENT-OFF* */
REPLY_MACRO2 (VL_API_NAT_GET_TIMEOUTS_REPLY,
({
- rmp->udp = htonl (sm->udp_timeout);
- rmp->tcp_established = htonl (sm->tcp_established_timeout);
- rmp->tcp_transitory = htonl (sm->tcp_transitory_timeout);
- rmp->icmp = htonl (sm->icmp_timeout);
+ rmp->udp = htonl (sm->timeouts.udp);
+ rmp->tcp_established = htonl (sm->timeouts.tcp.established);
+ rmp->tcp_transitory = htonl (sm->timeouts.tcp.transitory);
+ rmp->icmp = htonl (sm->timeouts.icmp);
}))
/* *INDENT-ON* */
}
@@ -335,6 +344,12 @@ static void
int rv = 0;
u16 port_start, port_end;
+ if (sm->endpoint_dependent)
+ {
+ rv = VNET_API_ERROR_UNSUPPORTED;
+ goto send_reply;
+ }
+
switch (mp->alg)
{
case NAT_ADDR_AND_PORT_ALLOC_ALG_DEFAULT:
diff --git a/src/plugins/nat/nat44_cli.c b/src/plugins/nat/nat44_cli.c
index 695e8cc142e..d9cfe32287d 100644
--- a/src/plugins/nat/nat44_cli.c
+++ b/src/plugins/nat/nat44_cli.c
@@ -342,6 +342,10 @@ nat44_set_alloc_addr_and_port_alg_command_fn (vlib_main_t * vm,
unformat_input_t _line_input, *line_input = &_line_input;
clib_error_t *error = 0;
u32 psid, psid_offset, psid_length, port_start, port_end;
+ snat_main_t *sm = &snat_main;
+
+ if (sm->endpoint_dependent)
+ return clib_error_return (0, UNSUPPORTED_IN_ED_MODE_STR);
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
@@ -1857,19 +1861,14 @@ set_timeout_command_fn (vlib_main_t * vm,
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
- if (unformat (line_input, "udp %u", &sm->udp_timeout));
+ if (unformat (line_input, "udp %u", &sm->timeouts.udp));
else if (unformat (line_input, "tcp-established %u",
- &sm->tcp_established_timeout));
+ &sm->timeouts.tcp.established));
else if (unformat (line_input, "tcp-transitory %u",
- &sm->tcp_transitory_timeout));
- else if (unformat (line_input, "icmp %u", &sm->icmp_timeout));
+ &sm->timeouts.tcp.transitory));
+ else if (unformat (line_input, "icmp %u", &sm->timeouts.icmp));
else if (unformat (line_input, "reset"))
- {
- sm->udp_timeout = SNAT_UDP_TIMEOUT;
- sm->tcp_established_timeout = SNAT_TCP_ESTABLISHED_TIMEOUT;
- sm->tcp_transitory_timeout = SNAT_TCP_TRANSITORY_TIMEOUT;
- sm->icmp_timeout = SNAT_ICMP_TIMEOUT;
- }
+ nat_reset_timeouts (&sm->timeouts);
else
{
error = clib_error_return (0, "unknown input '%U'",
@@ -1889,12 +1888,12 @@ nat_show_timeouts_command_fn (vlib_main_t * vm,
{
snat_main_t *sm = &snat_main;
- vlib_cli_output (vm, "udp timeout: %dsec", sm->udp_timeout);
+ vlib_cli_output (vm, "udp timeout: %dsec", sm->timeouts.udp);
vlib_cli_output (vm, "tcp-established timeout: %dsec",
- sm->tcp_established_timeout);
+ sm->timeouts.tcp.established);
vlib_cli_output (vm, "tcp-transitory timeout: %dsec",
- sm->tcp_transitory_timeout);
- vlib_cli_output (vm, "icmp timeout: %dsec", sm->icmp_timeout);
+ sm->timeouts.tcp.transitory);
+ vlib_cli_output (vm, "icmp timeout: %dsec", sm->timeouts.icmp);
return 0;
}
diff --git a/src/plugins/nat/nat64/nat64_db.c b/src/plugins/nat/nat64/nat64_db.c
index 2c52d3b6ca2..49909fdfeb6 100644
--- a/src/plugins/nat/nat64/nat64_db.c
+++ b/src/plugins/nat/nat64/nat64_db.c
@@ -15,7 +15,7 @@
#include <vnet/fib/fib_table.h>
#include <nat/lib/ipfix_logging.h>
-#include <nat/nat_syslog.h>
+#include <nat/lib/nat_syslog.h>
#include <nat/lib/inlines.h>
#include <nat/nat64/nat64_db.h>
diff --git a/src/plugins/nat/nat_inlines.h b/src/plugins/nat/nat_inlines.h
index 8f9be6f9d5c..3d0f5ba05c4 100644
--- a/src/plugins/nat/nat_inlines.h
+++ b/src/plugins/nat/nat_inlines.h
@@ -227,16 +227,6 @@ is_interface_addr (snat_main_t * sm, vlib_node_runtime_t * node,
return 0;
}
-always_inline u8
-maximum_sessions_exceeded (snat_main_t * sm, u32 thread_index)
-{
- if (pool_elts (sm->per_thread_data[thread_index].sessions) >=
- sm->max_translations_per_thread)
- return 1;
-
- return 0;
-}
-
always_inline void
user_session_increment (snat_main_t * sm, snat_user_t * u, u8 is_static)
{
@@ -339,7 +329,7 @@ nat44_set_tcp_session_state_i2o (snat_main_t * sm, f64 now,
ses->state |= NAT44_SES_O2I_FIN_ACK;
if (nat44_is_ses_closed (ses))
{ // if session is now closed, save the timestamp
- ses->tcp_closed_timestamp = now + sm->tcp_transitory_timeout;
+ ses->tcp_closed_timestamp = now + sm->timeouts.tcp.transitory;
ses->last_lru_update = now;
}
}
@@ -385,7 +375,7 @@ nat44_set_tcp_session_state_o2i (snat_main_t * sm, f64 now,
ses->state |= NAT44_SES_I2O_FIN_ACK;
if (nat44_is_ses_closed (ses))
{ // if session is now closed, save the timestamp
- ses->tcp_closed_timestamp = now + sm->tcp_transitory_timeout;
+ ses->tcp_closed_timestamp = now + sm->timeouts.tcp.transitory;
ses->last_lru_update = now;
}
}
@@ -408,18 +398,18 @@ nat44_session_get_timeout (snat_main_t * sm, snat_session_t * s)
switch (s->nat_proto)
{
case NAT_PROTOCOL_ICMP:
- return sm->icmp_timeout;
+ return sm->timeouts.icmp;
case NAT_PROTOCOL_UDP:
- return sm->udp_timeout;
+ return sm->timeouts.udp;
case NAT_PROTOCOL_TCP:
{
if (s->state)
- return sm->tcp_transitory_timeout;
+ return sm->timeouts.tcp.transitory;
else
- return sm->tcp_established_timeout;
+ return sm->timeouts.tcp.established;
}
default:
- return sm->udp_timeout;
+ return sm->timeouts.udp;
}
return 0;
@@ -495,20 +485,6 @@ ed_value_get_session_index (clib_bihash_kv_16_8_t * value)
}
always_inline void
-split_ed_value (clib_bihash_kv_16_8_t * value, u32 * thread_index,
- u32 * session_index)
-{
- if (thread_index)
- {
- *thread_index = ed_value_get_thread_index (value);
- }
- if (session_index)
- {
- *session_index = ed_value_get_session_index (value);
- }
-}
-
-always_inline void
split_ed_kv (clib_bihash_kv_16_8_t * kv,
ip4_address_t * l_addr, ip4_address_t * r_addr, u8 * proto,
u32 * fib_index, u16 * l_port, u16 * r_port)
diff --git a/src/plugins/nat/nat_types.api b/src/plugins/nat/nat_types.api
index f348e6154a3..ad4ee9faba0 100644
--- a/src/plugins/nat/nat_types.api
+++ b/src/plugins/nat/nat_types.api
@@ -15,6 +15,24 @@
option version = "0.0.1";
+typedef nat_timeouts
+{
+ u32 udp;
+ u32 tcp_established;
+ u32 tcp_transitory;
+ u32 icmp;
+};
+
+enum nat_log_level : u8
+{
+ NAT_LOG_NONE = 0x00,
+ NAT_LOG_ERROR = 0x01,
+ NAT_LOG_WARNING = 0x02,
+ NAT_LOG_NOTICE = 0x03,
+ NAT_LOG_INFO = 0x04,
+ NAT_LOG_DEBUG = 0x05,
+};
+
enum nat_config_flags : u8
{
NAT_IS_NONE = 0x00,
diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c
index dc1d0876d55..c8c4542ab83 100644
--- a/src/plugins/nat/out2in.c
+++ b/src/plugins/nat/out2in.c
@@ -28,7 +28,7 @@
#include <nat/lib/ipfix_logging.h>
#include <nat/nat_inlines.h>
#include <nat/nat44/inlines.h>
-#include <nat/nat_syslog.h>
+#include <nat/lib/nat_syslog.h>
#include <nat/nat_ha.h>
#include <vppinfra/hash.h>
diff --git a/src/plugins/nat/out2in_ed.c b/src/plugins/nat/out2in_ed.c
index 2f515d0f2f4..b0e8892f77a 100644
--- a/src/plugins/nat/out2in_ed.c
+++ b/src/plugins/nat/out2in_ed.c
@@ -28,7 +28,7 @@
#include <nat/lib/ipfix_logging.h>
#include <nat/nat_inlines.h>
#include <nat/nat44/inlines.h>
-#include <nat/nat_syslog.h>
+#include <nat/lib/nat_syslog.h>
#include <nat/nat_ha.h>
#include <nat/nat44/ed_inlines.h>
diff --git a/src/plugins/nat/test/test_nat.py b/src/plugins/nat/test/test_nat44.py
index d635abf9825..d635abf9825 100644
--- a/src/plugins/nat/test/test_nat.py
+++ b/src/plugins/nat/test/test_nat44.py