diff options
| author |   Florin Coras <fcoras@cisco.com> | 2017-10-31 01:51:04 -0700 |
|---|---|---|
| committer |   Damjan Marion <dmarion.lists@gmail.com> | 2017-11-01 09:29:25 +0000 |
| commit | 7999e83a41ebad8a3f02cfcb2809cdb3aae919ba (patch) | |
| tree | 58d7c95c87c3bb27bbeb045e22b4c6967defccc3 /src/vnet/session/session_lookup.c | |
| parent | df36f2176d7e90dcd3e895b08ee2d69f42d15426 (diff) | |
session: add support for proxying apps
To enable this, applications set the proxy flag in their attach requests
and pass the transport protocols they want to act as proxies for as part
of the attach options.
When proxy is enabled, session rules that point incoming packets to the
proxy app are addedd to the local and global session tables, if these
scopes are accessible to the app. In particular, in case of the former,
the rule accepts packets from all sources and all ports destined to the
namespace's supporting interface address on any port. While in case of
the latter, a generic any destination and any port rule is addedd.
Change-Id: I791f8c1cc083350f02e26a2ac3bdbbfbfa19ece3
Signed-off-by: Florin Coras <fcoras@cisco.com>
Diffstat (limited to 'src/vnet/session/session_lookup.c')
| -rw-r--r-- | src/vnet/session/session_lookup.c | 40 |
1 files changed, 29 insertions, 11 deletions
diff --git a/src/vnet/session/session_lookup.c b/src/vnet/session/session_lookup.c index 2168c61257c..58af2bc02d0 100644 --- a/src/vnet/session/session_lookup.c +++ b/src/vnet/session/session_lookup.c @@ -340,21 +340,15 @@ session_lookup_del_session (stream_session_t * s) } static stream_session_t * -session_lookup_app_listen_session (u32 app_index) +session_lookup_app_listen_session (u32 app_index, u8 fib_proto, + u8 transport_proto) { application_t *app; app = application_get (app_index); if (!app) return 0; - if (application_n_listeners (app) != 1) - { - clib_warning ("there should be one and only one listener %d", - hash_elts (app->listeners_table)); - return 0; - } - - return application_first_listener (app); + return application_first_listener (app, fib_proto, transport_proto); } stream_session_t * @@ -366,7 +360,8 @@ session_lookup_rules_table4 (session_rules_table_t * srt, u8 proto, action_index = session_rules_table_lookup4 (srt, proto, lcl, rmt, lcl_port, rmt_port); /* Nothing sophisticated for now, action index is app index */ - return session_lookup_app_listen_session (action_index); + return session_lookup_app_listen_session (action_index, FIB_PROTOCOL_IP4, + proto); } stream_session_t * @@ -377,7 +372,8 @@ session_lookup_rules_table6 (session_rules_table_t * srt, u8 proto, u32 action_index; action_index = session_rules_table_lookup6 (srt, proto, lcl, rmt, lcl_port, rmt_port); - return session_lookup_app_listen_session (action_index); + return session_lookup_app_listen_session (action_index, FIB_PROTOCOL_IP6, + proto); } u64 @@ -1290,6 +1286,28 @@ VLIB_CLI_COMMAND (session_rule_command, static) = }; /* *INDENT-ON* */ +void +session_lookup_dump_rules_table (u32 fib_index, u8 fib_proto, + u8 transport_proto) +{ + vlib_main_t *vm = vlib_get_main (); + session_table_t *st; + st = session_table_get_for_fib_index (fib_index, fib_proto); + session_rules_table_cli_dump (vm, &st->session_rules, fib_proto, + transport_proto); +} + +void +session_lookup_dump_local_rules_table (u32 table_index, u8 fib_proto, + u8 transport_proto) +{ + vlib_main_t *vm = vlib_get_main (); + session_table_t *st; + st = session_table_get (table_index); + session_rules_table_cli_dump (vm, &st->session_rules, fib_proto, + transport_proto); +} + static clib_error_t * show_session_rules_command_fn (vlib_main_t * vm, unformat_input_t * input, vlib_cli_command_t * cmd) |