session: add Source Deny List

With this feature, session enable is now modified to have 3 modes of operation
session enable -- only enable session
session enable rt-backend sdl -- enable session with sdl
session enable rt-backend rule-table -- enable session with rule-table

session rule tables are now created on demand, upon adding first rule
to the rule table.

refactor session table to remove depenency from sesssion rules table. Now
session rules table APIs take srtg_handle and transport
proto instead of srt pointer.

Type: feature

Change-Id: Idde6a9b2f46b29bb931f9039636562575572aa14
Signed-off-by: Steven Luong <sluong@cisco.com>

1 files changed, 15 insertions, 0 deletions

diff --git a/src/vnet/session/session_lookup.h b/src/vnet/session/session_lookup.h
index 95fcca6ff69..9f56af20a87 100644
--- a/src/vnet/session/session_lookup.h
+++ b/src/vnet/session/session_lookup.h
@@ -19,6 +19,8 @@
 #include <vnet/session/session_table.h>
 #include <vnet/session/session_types.h>
 #include <vnet/session/application_namespace.h>
+#include <vnet/fib/fib_table.h>
+#include <vnet/fib/fib_source.h>
 
 #define HALF_OPEN_LOOKUP_INVALID_VALUE ((u64)~0)
 
@@ -115,6 +117,17 @@ typedef enum _session_rule_scope
   SESSION_RULE_SCOPE_LOCAL = 2,
 } session_rule_scope_e;
 
+typedef struct _session_rules_table_add_del_args
+{
+  fib_prefix_t lcl;
+  fib_prefix_t rmt;
+  u16 lcl_port;
+  u16 rmt_port;
+  u32 action_index;
+  u8 *tag;
+  u8 is_add;
+} session_rule_table_add_del_args_t;
+
 typedef struct _session_rule_add_del_args
 {
   /**
@@ -140,6 +153,8 @@ session_error_t vnet_session_rule_add_del (session_rule_add_del_args_t *args);
 void session_lookup_set_tables_appns (app_namespace_t * app_ns);
 
 void session_lookup_init (void);
+session_table_t *session_table_get_for_fib_index (u32 fib_proto,
+						  u32 fib_index);
 
 #endif /* SRC_VNET_SESSION_SESSION_LOOKUP_H_ */