aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins
diff options
context:
space:
mode:
authorKlement Sekera <ksekera@cisco.com>2020-04-17 18:04:59 +0000
committerKlement Sekera <ksekera@cisco.com>2020-04-20 11:46:35 +0000
commitb86437b79b82493c2e9728929df417f55b153824 (patch)
tree4d8523d12aafa3a547649d2ffdb869a76fbb73e8 /src/plugins
parent040d47c2cce87255a101f301239192c5599b0db5 (diff)
nat: remove unused code
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: If5c00faa309cf3e1ea8bdf8b23250041f6a499c4
Diffstat (limited to 'src/plugins')
-rw-r--r--src/plugins/nat/nat.h14
-rw-r--r--src/plugins/nat/nat44_hairpinning.c113
-rwxr-xr-xsrc/plugins/nat/nat_ipfix_logging.c310
-rw-r--r--src/plugins/nat/nat_ipfix_logging.h6
-rw-r--r--src/plugins/nat/test/test_nat.py44
5 files changed, 3 insertions, 484 deletions
diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h
index 46f8b44dc11..be82ced4318 100644
--- a/src/plugins/nat/nat.h
+++ b/src/plugins/nat/nat.h
@@ -142,13 +142,6 @@ typedef struct
};
} snat_user_key_t;
-typedef struct
-{
- u32 sw_if_index;
- u32 next_index;
- u8 cached;
-} nat44_reass_trace_t;
-
/* NAT API Configuration flags */
#define foreach_nat_config_flag \
_(0x01, IS_TWICE_NAT) \
@@ -223,8 +216,6 @@ _(BAD_ICMP_TYPE, "unsupported ICMP type") \
_(MAX_SESSIONS_EXCEEDED, "maximum sessions exceeded") \
_(MAX_USER_SESS_EXCEEDED, "max user sessions exceeded") \
_(DROP_FRAGMENT, "drop fragment") \
-_(MAX_REASS, "maximum reassemblies exceeded") \
-_(MAX_FRAG, "maximum fragments per reassembly exceeded")\
_(CANNOT_CREATE_USER, "cannot create NAT user") \
_(NON_SYN, "non-SYN packet try to create session") \
_(TCP_PACKETS, "TCP packets") \
@@ -253,8 +244,6 @@ _(NO_TRANSLATION, "no translation") \
_(MAX_SESSIONS_EXCEEDED, "maximum sessions exceeded") \
_(MAX_USER_SESS_EXCEEDED, "max user sessions exceeded") \
_(DROP_FRAGMENT, "drop fragment") \
-_(MAX_REASS, "maximum reassemblies exceeded") \
-_(MAX_FRAG, "maximum fragments per reassembly exceeded")\
_(CANNOT_CREATE_USER, "cannot create NAT user") \
_(NON_SYN, "non-SYN packet try to create session") \
_(TCP_PACKETS, "TCP packets") \
@@ -1143,9 +1132,6 @@ void nat44_ed_hairpinning_unknown_proto (snat_main_t * sm, vlib_buffer_t * b,
int snat_hairpinning (snat_main_t * sm, vlib_buffer_t * b0,
ip4_header_t * ip0, udp_header_t * udp0,
tcp_header_t * tcp0, u32 proto0, int is_ed);
-void nat44_reass_hairpinning (snat_main_t * sm, vlib_buffer_t * b0,
- ip4_header_t * ip0, u16 sport, u16 dport,
- u32 proto0, int is_ed);
/* Call back functions for clib_bihash_add_or_overwrite_stale */
int nat44_i2o_ed_is_idle_session_cb (clib_bihash_kv_16_8_t * kv, void *arg);
diff --git a/src/plugins/nat/nat44_hairpinning.c b/src/plugins/nat/nat44_hairpinning.c
index 69a19b80645..c0b84127741 100644
--- a/src/plugins/nat/nat44_hairpinning.c
+++ b/src/plugins/nat/nat44_hairpinning.c
@@ -424,119 +424,6 @@ nat44_ed_hairpinning_unknown_proto (snat_main_t * sm,
}
#endif
-#ifndef CLIB_MARCH_VARIANT
-void
-nat44_reass_hairpinning (snat_main_t * sm,
- vlib_buffer_t * b0,
- ip4_header_t * ip0,
- u16 sport, u16 dport, u32 proto0, int is_ed)
-{
- snat_session_key_t key0, sm0;
- snat_session_t *s0;
- clib_bihash_kv_8_8_t kv0, value0;
- ip_csum_t sum0;
- u32 new_dst_addr0 = 0, old_dst_addr0, ti = 0, si;
- u16 new_dst_port0, old_dst_port0;
- udp_header_t *udp0;
- tcp_header_t *tcp0;
- int rv;
-
- key0.addr = ip0->dst_address;
- key0.port = dport;
- key0.protocol = proto0;
- key0.fib_index = sm->outside_fib_index;
- kv0.key = key0.as_u64;
-
- udp0 = ip4_next_header (ip0);
-
- /* Check if destination is static mappings */
- if (!snat_static_mapping_match (sm, key0, &sm0, 1, 0, 0, 0, 0, 0))
- {
- new_dst_addr0 = sm0.addr.as_u32;
- new_dst_port0 = sm0.port;
- vnet_buffer (b0)->sw_if_index[VLIB_TX] = sm0.fib_index;
- }
- /* or active sessions */
- else
- {
- if (sm->num_workers > 1)
- ti =
- (clib_net_to_host_u16 (udp0->dst_port) -
- 1024) / sm->port_per_thread;
- else
- ti = sm->num_workers;
-
- if (is_ed)
- {
- clib_bihash_kv_16_8_t ed_kv, ed_value;
- make_ed_kv (&ed_kv, &ip0->dst_address, &ip0->src_address,
- ip0->protocol, sm->outside_fib_index, udp0->dst_port,
- udp0->src_port);
- rv = clib_bihash_search_16_8 (&sm->per_thread_data[ti].out2in_ed,
- &ed_kv, &ed_value);
- si = ed_value.value;
- }
- else
- {
- rv = clib_bihash_search_8_8 (&sm->per_thread_data[ti].out2in, &kv0,
- &value0);
- si = value0.value;
- }
- if (!rv)
- {
- s0 = pool_elt_at_index (sm->per_thread_data[ti].sessions, si);
- new_dst_addr0 = s0->in2out.addr.as_u32;
- new_dst_port0 = s0->in2out.port;
- vnet_buffer (b0)->sw_if_index[VLIB_TX] = s0->in2out.fib_index;
- }
- }
-
- /* Destination is behind the same NAT, use internal address and port */
- if (new_dst_addr0)
- {
- old_dst_addr0 = ip0->dst_address.as_u32;
- ip0->dst_address.as_u32 = new_dst_addr0;
- sum0 = ip0->checksum;
- sum0 = ip_csum_update (sum0, old_dst_addr0, new_dst_addr0,
- ip4_header_t, dst_address);
- ip0->checksum = ip_csum_fold (sum0);
-
- old_dst_port0 = dport;
- if (PREDICT_TRUE (new_dst_port0 != old_dst_port0 &&
- ip4_is_first_fragment (ip0)))
- {
- if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP))
- {
- tcp0 = ip4_next_header (ip0);
- tcp0->dst = new_dst_port0;
- sum0 = tcp0->checksum;
- sum0 = ip_csum_update (sum0, old_dst_addr0, new_dst_addr0,
- ip4_header_t, dst_address);
- sum0 = ip_csum_update (sum0, old_dst_port0, new_dst_port0,
- ip4_header_t /* cheat */ , length);
- tcp0->checksum = ip_csum_fold (sum0);
- }
- else
- {
- udp0->dst_port = new_dst_port0;
- udp0->checksum = 0;
- }
- }
- else
- {
- if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP))
- {
- tcp0 = ip4_next_header (ip0);
- sum0 = tcp0->checksum;
- sum0 = ip_csum_update (sum0, old_dst_addr0, new_dst_addr0,
- ip4_header_t, dst_address);
- tcp0->checksum = ip_csum_fold (sum0);
- }
- }
- }
-}
-#endif
-
static inline uword
nat44_hairpinning_fn_inline (vlib_main_t * vm,
vlib_node_runtime_t * node,
diff --git a/src/plugins/nat/nat_ipfix_logging.c b/src/plugins/nat/nat_ipfix_logging.c
index c24c2372b54..55f516e640c 100755
--- a/src/plugins/nat/nat_ipfix_logging.c
+++ b/src/plugins/nat/nat_ipfix_logging.c
@@ -219,20 +219,6 @@ snat_template_rewrite (flow_report_main_t * frm,
update_template_id(&silm->max_bibs_template_id,
fr->template_id);
}
- else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY)
- {
- field_count = MAX_FRAGMENTS_FIELD_COUNT;
-
- update_template_id(&silm->max_frags_ip4_template_id,
- fr->template_id);
- }
- else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6)
- {
- field_count = MAX_FRAGMENTS_FIELD_COUNT;
-
- update_template_id(&silm->max_frags_ip6_template_id,
- fr->template_id);
- }
}
/* allocate rewrite space */
@@ -377,36 +363,6 @@ snat_template_rewrite (flow_report_main_t * frm,
f->e_id_length = ipfix_e_id_length (0, maxBIBEntries, 4);
f++;
}
- else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY)
- {
- f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
- 8);
- f++;
- f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
- f++;
- f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
- f++;
- f->e_id_length = ipfix_e_id_length (0, maxFragmentsPendingReassembly,
- 4);
- f++;
- f->e_id_length = ipfix_e_id_length (0, sourceIPv4Address, 4);
- f++;
- }
- else if (quota_event == MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6)
- {
- f->e_id_length = ipfix_e_id_length (0, observationTimeMilliseconds,
- 8);
- f++;
- f->e_id_length = ipfix_e_id_length (0, natEvent, 1);
- f++;
- f->e_id_length = ipfix_e_id_length (0, natQuotaExceededEvent, 4);
- f++;
- f->e_id_length = ipfix_e_id_length (0, maxFragmentsPendingReassembly,
- 4);
- f++;
- f->e_id_length = ipfix_e_id_length (0, sourceIPv6Address, 16);
- f++;
- }
}
/* Back to the template packet... */
@@ -499,34 +455,6 @@ nat_template_rewrite_max_bibs (flow_report_main_t * frm,
}
u8 *
-nat_template_rewrite_max_frags_ip4 (flow_report_main_t * frm,
- flow_report_t * fr,
- ip4_address_t * collector_address,
- ip4_address_t * src_address,
- u16 collector_port,
- ipfix_report_element_t *elts,
- u32 n_elts, u32 *stream_index)
-{
- return snat_template_rewrite (frm, fr, collector_address, src_address,
- collector_port, QUOTA_EXCEEDED,
- MAX_FRAGMENTS_PENDING_REASSEMBLY);
-}
-
-u8 *
-nat_template_rewrite_max_frags_ip6 (flow_report_main_t * frm,
- flow_report_t * fr,
- ip4_address_t * collector_address,
- ip4_address_t * src_address,
- u16 collector_port,
- ipfix_report_element_t *elts,
- u32 n_elts, u32 *stream_index)
-{
- return snat_template_rewrite (frm, fr, collector_address, src_address,
- collector_port, QUOTA_EXCEEDED,
- MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6);
-}
-
-u8 *
nat_template_rewrite_nat64_bib (flow_report_main_t * frm,
flow_report_t * fr,
ip4_address_t * collector_address,
@@ -1100,190 +1028,6 @@ nat_ipfix_logging_max_bib (u32 thread_index, u32 limit, int do_flush)
}
static void
-nat_ipfix_logging_max_frag_ip4 (u32 thread_index,
- u32 limit, u32 src, int do_flush)
-{
- snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
- snat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index];
- flow_report_main_t *frm = &flow_report_main;
- vlib_frame_t *f;
- vlib_buffer_t *b0 = 0;
- u32 bi0 = ~0;
- u32 offset;
- vlib_main_t *vm = frm->vlib_main;
- u64 now;
- u8 nat_event = QUOTA_EXCEEDED;
- u32 quota_event = MAX_FRAGMENTS_PENDING_REASSEMBLY;
- u16 template_id;
-
- now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
- now += silm->milisecond_time_0;
-
- b0 = sitd->max_frags_ip4_buffer;
-
- if (PREDICT_FALSE (b0 == 0))
- {
- if (do_flush)
- return;
-
- if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
- {
- nat_elog_err ("can't allocate buffer for NAT IPFIX event");
- return;
- }
-
- b0 = sitd->max_frags_ip4_buffer = vlib_get_buffer (vm, bi0);
- VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
- offset = 0;
- }
- else
- {
- bi0 = vlib_get_buffer_index (vm, b0);
- offset = sitd->max_frags_ip4_next_record_offset;
- }
-
- f = sitd->max_frags_ip4_frame;
- if (PREDICT_FALSE (f == 0))
- {
- u32 *to_next;
- f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
- sitd->max_frags_ip4_frame = f;
- to_next = vlib_frame_vector_args (f);
- to_next[0] = bi0;
- f->n_vectors = 1;
- }
-
- if (PREDICT_FALSE (offset == 0))
- snat_ipfix_header_create (frm, b0, &offset);
-
- if (PREDICT_TRUE (do_flush == 0))
- {
- u64 time_stamp = clib_host_to_net_u64 (now);
- clib_memcpy_fast (b0->data + offset, &time_stamp, sizeof (time_stamp));
- offset += sizeof (time_stamp);
-
- clib_memcpy_fast (b0->data + offset, &nat_event, sizeof (nat_event));
- offset += sizeof (nat_event);
-
- clib_memcpy_fast (b0->data + offset, &quota_event, sizeof (quota_event));
- offset += sizeof (quota_event);
-
- clib_memcpy_fast (b0->data + offset, &limit, sizeof (limit));
- offset += sizeof (limit);
-
- clib_memcpy_fast (b0->data + offset, &src, sizeof (src));
- offset += sizeof (src);
-
- b0->current_length += MAX_FRAGMENTS_IP4_LEN;
- }
-
- if (PREDICT_FALSE
- (do_flush || (offset + MAX_BIBS_LEN) > frm->path_mtu))
- {
- template_id = clib_atomic_fetch_or (
- &silm->max_frags_ip4_template_id,
- 0);
- snat_ipfix_send (frm, f, b0, template_id);
- sitd->max_frags_ip4_frame = 0;
- sitd->max_frags_ip4_buffer = 0;
- offset = 0;
- }
- sitd->max_frags_ip4_next_record_offset = offset;
-}
-
-static void
-nat_ipfix_logging_max_frag_ip6 (u32 thread_index,
- u32 limit, ip6_address_t * src, int do_flush)
-{
- snat_ipfix_logging_main_t *silm = &snat_ipfix_logging_main;
- snat_ipfix_per_thread_data_t *sitd = &silm->per_thread_data[thread_index];
- flow_report_main_t *frm = &flow_report_main;
- vlib_frame_t *f;
- vlib_buffer_t *b0 = 0;
- u32 bi0 = ~0;
- u32 offset;
- vlib_main_t *vm = frm->vlib_main;
- u64 now;
- u8 nat_event = QUOTA_EXCEEDED;
- u32 quota_event = MAX_FRAGMENTS_PENDING_REASSEMBLY;
- u16 template_id;
-
- now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3);
- now += silm->milisecond_time_0;
-
- b0 = sitd->max_frags_ip6_buffer;
-
- if (PREDICT_FALSE (b0 == 0))
- {
- if (do_flush)
- return;
-
- if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
- {
- nat_elog_err ("can't allocate buffer for NAT IPFIX event");
- return;
- }
-
- b0 = sitd->max_frags_ip6_buffer = vlib_get_buffer (vm, bi0);
- VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
- offset = 0;
- }
- else
- {
- bi0 = vlib_get_buffer_index (vm, b0);
- offset = sitd->max_frags_ip6_next_record_offset;
- }
-
- f = sitd->max_frags_ip6_frame;
- if (PREDICT_FALSE (f == 0))
- {
- u32 *to_next;
- f = vlib_get_frame_to_node (vm, ip4_lookup_node.index);
- sitd->max_frags_ip6_frame = f;
- to_next = vlib_frame_vector_args (f);
- to_next[0] = bi0;
- f->n_vectors = 1;
- }
-
- if (PREDICT_FALSE (offset == 0))
- snat_ipfix_header_create (frm, b0, &offset);
-
- if (PREDICT_TRUE (do_flush == 0))
- {
- u64 time_stamp = clib_host_to_net_u64 (now);
- clib_memcpy_fast (b0->data + offset, &time_stamp, sizeof (time_stamp));
- offset += sizeof (time_stamp);
-
- clib_memcpy_fast (b0->data + offset, &nat_event, sizeof (nat_event));
- offset += sizeof (nat_event);
-
- clib_memcpy_fast (b0->data + offset, &quota_event, sizeof (quota_event));
- offset += sizeof (quota_event);
-
- clib_memcpy_fast (b0->data + offset, &limit, sizeof (limit));
- offset += sizeof (limit);
-
- clib_memcpy_fast (b0->data + offset, src, sizeof (ip6_address_t));
- offset += sizeof (ip6_address_t);
-
- b0->current_length += MAX_FRAGMENTS_IP6_LEN;
- }
-
- if (PREDICT_FALSE
- (do_flush || (offset + MAX_BIBS_LEN) > frm->path_mtu))
- {
- template_id = clib_atomic_fetch_or (
- &silm->max_frags_ip6_template_id,
- 0);
- snat_ipfix_send (frm, f, b0, template_id);
- sitd->max_frags_ip6_frame = 0;
- sitd->max_frags_ip6_buffer = 0;
- offset = 0;
- }
- sitd->max_frags_ip6_next_record_offset = offset;
-}
-
-static void
nat_ipfix_logging_nat64_bibe (u32 thread_index, u8 nat_event,
ip6_address_t * src_ip, u32 nat_src_ip,
u8 proto, u16 src_port, u16 nat_src_port,
@@ -1510,8 +1254,6 @@ snat_ipfix_flush (u32 thread_index)
snat_ipfix_logging_max_entries_per_usr (thread_index, 0, 0, do_flush);
nat_ipfix_logging_max_ses (thread_index, 0, do_flush);
nat_ipfix_logging_max_bib (thread_index, 0, do_flush);
- nat_ipfix_logging_max_frag_ip4 (thread_index, 0, 0, do_flush);
- nat_ipfix_logging_max_frag_ip6 (thread_index, 0, 0, do_flush);
nat_ipfix_logging_nat64_bibe (thread_index,
0, 0, 0, 0, 0, 0, 0, do_flush);
nat_ipfix_logging_nat64_ses (thread_index,
@@ -1677,40 +1419,6 @@ nat_ipfix_logging_max_bibs (u32 thread_index, u32 limit)
}
/**
- * @brief Generate maximum IPv4 fragments pending reassembly exceeded event
- *
- * @param thread_index thread index
- * @param limit configured limit
- * @param src source IPv4 address
- */
-void
-nat_ipfix_logging_max_fragments_ip4 (u32 thread_index,
- u32 limit, ip4_address_t * src)
-{
- //TODO: This event SHOULD be rate limited
- skip_if_disabled ();
-
- nat_ipfix_logging_max_frag_ip4 (thread_index, limit, src->as_u32, 0);
-}
-
-/**
- * @brief Generate maximum IPv6 fragments pending reassembly exceeded event
- *
- * @param thread_index thread index
- * @param limit configured limit
- * @param src source IPv6 address
- */
-void
-nat_ipfix_logging_max_fragments_ip6 (u32 thread_index,
- u32 limit, ip6_address_t * src)
-{
- //TODO: This event SHOULD be rate limited
- skip_if_disabled ();
-
- nat_ipfix_logging_max_frag_ip6 (thread_index, limit, src, 0);
-}
-
-/**
* @brief Generate NAT64 BIB create and delete events
*
* @param thread_index thread index
@@ -1868,24 +1576,6 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
return -1;
}
- a.rewrite_callback = nat_template_rewrite_max_frags_ip4;
-
- rv = vnet_flow_report_add_del (frm, &a, NULL);
- if (rv)
- {
- nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv);
- return -1;
- }
-
- a.rewrite_callback = nat_template_rewrite_max_frags_ip6;
-
- rv = vnet_flow_report_add_del (frm, &a, NULL);
- if (rv)
- {
- nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv);
- return -1;
- }
-
a.rewrite_callback = nat_template_rewrite_nat64_bib;
rv = vnet_flow_report_add_del (frm, &a, NULL);
diff --git a/src/plugins/nat/nat_ipfix_logging.h b/src/plugins/nat/nat_ipfix_logging.h
index a5cdb1a3c1a..7b5049e0545 100644
--- a/src/plugins/nat/nat_ipfix_logging.h
+++ b/src/plugins/nat/nat_ipfix_logging.h
@@ -35,8 +35,6 @@ typedef enum {
MAX_SESSION_ENTRIES = 1,
MAX_BIB_ENTRIES = 2,
MAX_ENTRIES_PER_USER = 3,
- MAX_FRAGMENTS_PENDING_REASSEMBLY = 5,
- MAX_FRAGMENTS_PENDING_REASSEMBLY_IP6,
} quota_exceed_event_t;
typedef struct {
@@ -128,10 +126,6 @@ void snat_ipfix_logging_max_entries_per_user(u32 thread_index,
u32 limit, u32 src_ip);
void nat_ipfix_logging_max_sessions(u32 thread_index, u32 limit);
void nat_ipfix_logging_max_bibs(u32 thread_index, u32 limit);
-void nat_ipfix_logging_max_fragments_ip4(u32 thread_index,
- u32 limit, ip4_address_t * src);
-void nat_ipfix_logging_max_fragments_ip6(u32 thread_index,
- u32 limit, ip6_address_t * src);
void nat_ipfix_logging_nat64_session(u32 thread_index,
ip6_address_t * src_ip,
ip4_address_t * nat_src_ip, u8 proto,
diff --git a/src/plugins/nat/test/test_nat.py b/src/plugins/nat/test/test_nat.py
index e267c4ef2bc..07c0e0c23bc 100644
--- a/src/plugins/nat/test/test_nat.py
+++ b/src/plugins/nat/test/test_nat.py
@@ -929,44 +929,6 @@ class MethodHolder(VppTestCase):
# maxBIBEntries
self.assertEqual(struct.pack("I", limit), record[472])
- def verify_ipfix_max_fragments_ip6(self, data, limit, src_addr):
- """
- Verify IPFIX maximum IPv6 fragments pending reassembly exceeded event
-
- :param data: Decoded IPFIX data records
- :param limit: Number of maximum fragments pending reassembly
- :param src_addr: IPv6 source address
- """
- self.assertEqual(1, len(data))
- record = data[0]
- # natEvent
- self.assertEqual(scapy.compat.orb(record[230]), 13)
- # natQuotaExceededEvent
- self.assertEqual(struct.pack("I", 5), record[466])
- # maxFragmentsPendingReassembly
- self.assertEqual(struct.pack("I", limit), record[475])
- # sourceIPv6Address
- self.assertEqual(src_addr, record[27])
-
- def verify_ipfix_max_fragments_ip4(self, data, limit, src_addr):
- """
- Verify IPFIX maximum IPv4 fragments pending reassembly exceeded event
-
- :param data: Decoded IPFIX data records
- :param limit: Number of maximum fragments pending reassembly
- :param src_addr: IPv4 source address
- """
- self.assertEqual(1, len(data))
- record = data[0]
- # natEvent
- self.assertEqual(scapy.compat.orb(record[230]), 13)
- # natQuotaExceededEvent
- self.assertEqual(struct.pack("I", 5), record[466])
- # maxFragmentsPendingReassembly
- self.assertEqual(struct.pack("I", limit), record[475])
- # sourceIPv4Address
- self.assertEqual(src_addr, record[8])
-
def verify_ipfix_bib(self, data, is_create, src_addr):
"""
Verify IPFIX NAT64 BIB create and delete events
@@ -2703,7 +2665,7 @@ class TestNAT44(MethodHolder):
self.verify_capture_out(capture)
self.nat44_add_address(self.nat_addr, is_add=0)
self.vapi.ipfix_flush()
- capture = self.pg3.get_capture(9)
+ capture = self.pg3.get_capture(7)
ipfix = IPFIXDecoder()
# first load template
for p in capture:
@@ -2748,7 +2710,7 @@ class TestNAT44(MethodHolder):
self.pg1.assert_nothing_captured()
sleep(1)
self.vapi.ipfix_flush()
- capture = self.pg3.get_capture(9)
+ capture = self.pg3.get_capture(7)
ipfix = IPFIXDecoder()
# first load template
for p in capture:
@@ -8907,7 +8869,7 @@ class TestNAT64(MethodHolder):
p = self.pg1.get_capture(1)
self.tcp_port_out = p[0][TCP].sport
self.vapi.ipfix_flush()
- capture = self.pg3.get_capture(10)
+ capture = self.pg3.get_capture(8)
ipfix = IPFIXDecoder()
# first load template
for p in capture: