diff options
| author |   Florin Coras <fcoras@cisco.com> | 2017-10-17 00:03:13 -0700 |
|---|---|---|
| committer |   Dave Barach <openvpp@barachs.net> | 2017-10-28 19:56:39 +0000 |
| commit | 1c7104514cd40d2377caca36cf40c13b791bc5aa (patch) | |
| tree | 2b95bb11dd8658e826ad8cb3fe4d399adbab7e01 /src/vnet/session/session.api | |
| parent | ae5a02f8235b9a243df09b42e932ae5f238e366b (diff) | |
session: rules tables
This introduces 5-tuple lookup tables that may be used to implement
custom session layer actions at connection establishment time (session
layer perspective).
The rules table build mask-match-action lookup trees that for a given
5-tuple key return the action for the first longest match. If rules
overlap, ordering is established by tuple longest match with the
following descending priority: remote ip, local ip, remote port, local
port.
At this time, the only match action supported is to forward packets to
the application identified by the action.
Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3
Signed-off-by: Florin Coras <fcoras@cisco.com>
Diffstat (limited to 'src/vnet/session/session.api')
| -rw-r--r-- | src/vnet/session/session.api | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/src/vnet/session/session.api b/src/vnet/session/session.api index fee98c2c8ff..e6f3b02005d 100644 --- a/src/vnet/session/session.api +++ b/src/vnet/session/session.api @@ -359,6 +359,44 @@ autoreply define app_namespace_add_del { u8 namespace_id[64]; }; +/** \brief add/del session rule + @param client_index - opaque cookie to identify the sender + client to vpp direction only + @param context - sender context, to match reply w/ request + @param transport_proto - transport protocol (0 - tcp 1 - udp) + @param is_ip4 - flag to indicate if ip addresses are ip4 or 6 + @param lcl_ip - local ip + @param lcl_plen - local prefix length + @param rmt_ip - remote ip + @param rmt_ple - remote prefix length + @param lcl_port - local port + @param rmt_port - remote port + @param action_index - the only action defined now is forward to + application with index action_index + @param is_add - flag to indicate if add or del + @param appns_index - application namespace where rule is to be applied + to + @param scope - flag that indicates scope of the rule: global or local. + If 0, default is global, 1 is global 2 is local, 3 is + both +*/ +autoreply define session_rule_add_del { + u32 client_index; + u32 context; + u8 transport_proto; + u8 is_ip4; + u8 lcl_ip[16]; + u8 lcl_plen; + u8 rmt_ip[16]; + u8 rmt_plen; + u16 lcl_port; + u16 rmt_port; + u32 action_index; + u8 is_add; + u32 appns_index; + u8 scope; +}; + /* * Local Variables: * eval: (c-set-style "gnu") |