summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xsrc/plugins/nat/in2out.c16
-rw-r--r--src/plugins/nat/in2out_ed.c30
-rw-r--r--src/plugins/nat/nat.api23
-rwxr-xr-xsrc/plugins/nat/nat.c64
-rw-r--r--src/plugins/nat/nat.h101
-rw-r--r--src/plugins/nat/nat44_classify.c12
-rw-r--r--src/plugins/nat/nat44_cli.c46
-rw-r--r--src/plugins/nat/nat64.c10
-rw-r--r--src/plugins/nat/nat66.c8
-rw-r--r--src/plugins/nat/nat_affinity.c10
-rw-r--r--src/plugins/nat/nat_api.c28
-rw-r--r--src/plugins/nat/nat_ha.c32
-rw-r--r--src/plugins/nat/nat_inlines.h6
-rwxr-xr-xsrc/plugins/nat/nat_ipfix_logging.c38
-rwxr-xr-xsrc/plugins/nat/nat_reass.c8
-rwxr-xr-xsrc/plugins/nat/out2in.c16
-rw-r--r--src/plugins/nat/out2in_ed.c34
17 files changed, 340 insertions, 142 deletions
diff --git a/src/plugins/nat/in2out.c b/src/plugins/nat/in2out.c
index 8bdb792442a..c69bc61236b 100755
--- a/src/plugins/nat/in2out.c
+++ b/src/plugins/nat/in2out.c
@@ -210,7 +210,7 @@ nat44_i2o_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg)
{
s_kv.key = s->out2in.as_u64;
if (clib_bihash_add_del_8_8 (&tsm->out2in, &s_kv, 0))
- nat_log_warn ("out2in key del failed");
+ nat_elog_warn ("out2in key del failed");
snat_ipfix_logging_nat44_ses_delete (ctx->thread_index,
s->in2out.addr.as_u32,
@@ -271,7 +271,7 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0,
{
b0->error = node->errors[SNAT_IN2OUT_ERROR_MAX_SESSIONS_EXCEEDED];
nat_ipfix_logging_max_sessions (thread_index, sm->max_translations);
- nat_log_notice ("maximum sessions exceeded");
+ nat_elog_notice ("maximum sessions exceeded");
return SNAT_IN2OUT_NEXT_DROP;
}
@@ -307,7 +307,7 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0,
thread_index);
if (!u)
{
- nat_log_warn ("create NAT user failed");
+ nat_elog_warn ("create NAT user failed");
return SNAT_IN2OUT_NEXT_DROP;
}
@@ -315,7 +315,7 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0,
if (!s)
{
nat44_delete_user_with_no_session (sm, u, thread_index);
- nat_log_warn ("create NAT session failed");
+ nat_elog_warn ("create NAT session failed");
return SNAT_IN2OUT_NEXT_DROP;
}
@@ -363,7 +363,7 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0,
if (clib_bihash_add_or_overwrite_stale_8_8
(&sm->per_thread_data[thread_index].in2out, &kv0,
nat44_i2o_is_idle_session_cb, &ctx0))
- nat_log_notice ("in2out key add failed");
+ nat_elog_notice ("in2out key add failed");
kv0.key = s->out2in.as_u64;
kv0.value = s - sm->per_thread_data[thread_index].sessions;
@@ -371,7 +371,7 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0,
if (clib_bihash_add_or_overwrite_stale_8_8
(&sm->per_thread_data[thread_index].out2in, &kv0,
nat44_o2i_is_idle_session_cb, &ctx0))
- nat_log_notice ("out2in key add failed");
+ nat_elog_notice ("out2in key add failed");
/* log NAT event */
snat_ipfix_logging_nat44_ses_create (thread_index,
@@ -1777,7 +1777,7 @@ VLIB_NODE_FN (nat44_in2out_reass_node) (vlib_main_t * vm,
{
next0 = SNAT_IN2OUT_NEXT_DROP;
b0->error = node->errors[SNAT_IN2OUT_ERROR_MAX_REASS];
- nat_log_notice ("maximum reassemblies exceeded");
+ nat_elog_notice ("maximum reassemblies exceeded");
goto trace0;
}
@@ -1844,7 +1844,7 @@ VLIB_NODE_FN (nat44_in2out_reass_node) (vlib_main_t * vm,
(thread_index, reass0, bi0, &fragments_to_drop))
{
b0->error = node->errors[SNAT_IN2OUT_ERROR_MAX_FRAG];
- nat_log_notice
+ nat_elog_notice
("maximum fragments per reassembly exceeded");
next0 = SNAT_IN2OUT_NEXT_DROP;
goto trace0;
diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c
index 3bcde10a487..60f820a1099 100644
--- a/src/plugins/nat/in2out_ed.c
+++ b/src/plugins/nat/in2out_ed.c
@@ -190,7 +190,7 @@ nat44_i2o_ed_is_idle_session_cb (clib_bihash_kv_16_8_t * kv, void *arg)
ed_kv.key[0] = ed_key.as_u64[0];
ed_kv.key[1] = ed_key.as_u64[1];
if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &ed_kv, 0))
- nat_log_warn ("out2in_ed key del failed");
+ nat_elog_warn ("out2in_ed key del failed");
if (snat_is_unk_proto_session (s))
goto delete;
@@ -299,7 +299,7 @@ slow_path_ed (snat_main_t * sm,
{
b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_SESSIONS_EXCEEDED];
nat_ipfix_logging_max_sessions (thread_index, sm->max_translations);
- nat_log_notice ("maximum sessions exceeded");
+ nat_elog_notice ("maximum sessions exceeded");
return NAT_IN2OUT_ED_NEXT_DROP;
}
@@ -318,7 +318,7 @@ slow_path_ed (snat_main_t * sm,
sm->port_per_thread,
tsm->snat_thread_index))
{
- nat_log_notice ("addresses exhausted");
+ nat_elog_notice ("addresses exhausted");
b->error = node->errors[NAT_IN2OUT_ED_ERROR_OUT_OF_PORTS];
return NAT_IN2OUT_ED_NEXT_DROP;
}
@@ -346,7 +346,7 @@ slow_path_ed (snat_main_t * sm,
u = nat_user_get_or_create (sm, &key->l_addr, rx_fib_index, thread_index);
if (!u)
{
- nat_log_warn ("create NAT user failed");
+ nat_elog_warn ("create NAT user failed");
if (!is_sm)
snat_free_outside_address_and_port (sm->addresses,
thread_index, &key1);
@@ -357,7 +357,7 @@ slow_path_ed (snat_main_t * sm,
if (!s)
{
nat44_delete_user_with_no_session (sm, u, thread_index);
- nat_log_warn ("create NAT session failed");
+ nat_elog_warn ("create NAT session failed");
if (!is_sm)
snat_free_outside_address_and_port (sm->addresses,
thread_index, &key1);
@@ -409,7 +409,7 @@ slow_path_ed (snat_main_t * sm,
if (clib_bihash_add_or_overwrite_stale_16_8 (&tsm->in2out_ed, kv,
nat44_i2o_ed_is_idle_session_cb,
&ctx))
- nat_log_notice ("in2out-ed key add failed");
+ nat_elog_notice ("in2out-ed key add failed");
make_ed_kv (kv, &key1.addr, &key->r_addr, key->proto, s->out2in.fib_index,
key1.port, key->r_port);
@@ -417,7 +417,7 @@ slow_path_ed (snat_main_t * sm,
if (clib_bihash_add_or_overwrite_stale_16_8 (&tsm->out2in_ed, kv,
nat44_o2i_ed_is_idle_session_cb,
&ctx))
- nat_log_notice ("out2in-ed key add failed");
+ nat_elog_notice ("out2in-ed key add failed");
*sessionp = s;
@@ -562,8 +562,6 @@ nat44_ed_not_translate_output_feature (snat_main_t * sm, ip4_header_t * ip,
s = pool_elt_at_index (tsm->sessions, value.value);
if (nat44_is_ses_closed (s))
{
- nat_log_debug ("TCP close connection %U", format_snat_session,
- &sm->per_thread_data[thread_index], s);
nat_free_session_data (sm, s, thread_index, 0);
nat44_delete_session (sm, s, thread_index);
}
@@ -780,7 +778,7 @@ nat44_ed_in2out_unknown_proto (snat_main_t * sm,
{
b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_SESSIONS_EXCEEDED];
nat_ipfix_logging_max_sessions (thread_index, sm->max_translations);
- nat_log_notice ("maximum sessions exceeded");
+ nat_elog_notice ("maximum sessions exceeded");
return 0;
}
@@ -788,7 +786,7 @@ nat44_ed_in2out_unknown_proto (snat_main_t * sm,
thread_index);
if (!u)
{
- nat_log_warn ("create NAT user failed");
+ nat_elog_warn ("create NAT user failed");
return 0;
}
@@ -857,7 +855,7 @@ nat44_ed_in2out_unknown_proto (snat_main_t * sm,
if (!s)
{
nat44_delete_user_with_no_session (sm, u, thread_index);
- nat_log_warn ("create NAT session failed");
+ nat_elog_warn ("create NAT session failed");
return 0;
}
@@ -878,13 +876,13 @@ nat44_ed_in2out_unknown_proto (snat_main_t * sm,
rx_fib_index, 0, 0);
s_kv.value = s - tsm->sessions;
if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &s_kv, 1))
- nat_log_notice ("in2out key add failed");
+ nat_elog_notice ("in2out key add failed");
make_ed_kv (&s_kv, &s->out2in.addr, &ip->dst_address, ip->protocol,
outside_fib_index, 0, 0);
s_kv.value = s - tsm->sessions;
if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &s_kv, 1))
- nat_log_notice ("out2in key add failed");
+ nat_elog_notice ("out2in key add failed");
}
/* Update IP checksum */
@@ -1860,7 +1858,7 @@ nat44_ed_in2out_reass_node_fn_inline (vlib_main_t * vm,
{
next0 = NAT_IN2OUT_ED_NEXT_DROP;
b0->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_REASS];
- nat_log_notice ("maximum reassemblies exceeded");
+ nat_elog_notice ("maximum reassemblies exceeded");
goto trace0;
}
@@ -1963,7 +1961,7 @@ nat44_ed_in2out_reass_node_fn_inline (vlib_main_t * vm,
(thread_index, reass0, bi0, &fragments_to_drop))
{
b0->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_FRAG];
- nat_log_notice
+ nat_elog_notice
("maximum fragments per reassembly exceeded");
next0 = NAT_IN2OUT_ED_NEXT_DROP;
goto trace0;
diff --git a/src/plugins/nat/nat.api b/src/plugins/nat/nat.api
index 4ce1db17c52..b5057ce1d3c 100644
--- a/src/plugins/nat/nat.api
+++ b/src/plugins/nat/nat.api
@@ -13,7 +13,7 @@
* limitations under the License.
*/
-option version = "5.0.0";
+option version = "5.1.0";
import "vnet/ip/ip_types.api";
import "vnet/interface_types.api";
@@ -120,6 +120,27 @@ define nat_show_config_reply
u32 nat64_st_memory_size;
};
+enum nat_log_level : u8
+{
+ NAT_LOG_NONE = 0x00,
+ NAT_LOG_ERROR = 0x01,
+ NAT_LOG_WARNING = 0x02,
+ NAT_LOG_NOTICE = 0x03,
+ NAT_LOG_INFO = 0x04,
+ NAT_LOG_DEBUG = 0x05,
+};
+
+/** \brief Set NAT logging level
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param log_level - logging level
+*/
+autoreply define nat_set_log_level {
+ u32 client_index;
+ u32 context;
+ vl_api_nat_log_level_t log_level;
+};
+
/** \brief Set NAT workers
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c
index e6d4ae5a9c6..1f27fb8c788 100755
--- a/src/plugins/nat/nat.c
+++ b/src/plugins/nat/nat.c
@@ -206,7 +206,7 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index,
ed_kv.key[0] = ed_key.as_u64[0];
ed_kv.key[1] = ed_key.as_u64[1];
if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &ed_kv, 0))
- nat_log_warn ("in2out_ed key del failed");
+ nat_elog_warn ("in2out_ed key del failed");
return;
}
@@ -234,7 +234,7 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index,
ed_kv.key[0] = ed_key.as_u64[0];
ed_kv.key[1] = ed_key.as_u64[1];
if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &ed_kv, 0))
- nat_log_warn ("out2in_ed key del failed");
+ nat_elog_warn ("out2in_ed key del failed");
ed_key.l_addr = s->in2out.addr;
ed_key.fib_index = s->in2out.fib_index;
if (!snat_is_unk_proto_session (s))
@@ -247,7 +247,7 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index,
ed_kv.key[0] = ed_key.as_u64[0];
ed_kv.key[1] = ed_key.as_u64[1];
if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &ed_kv, 0))
- nat_log_warn ("in2out_ed key del failed");
+ nat_elog_warn ("in2out_ed key del failed");
if (!is_ha)
nat_syslog_nat44_sdel (s->user_index, s->in2out.fib_index,
@@ -261,10 +261,10 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index,
{
kv.key = s->in2out.as_u64;
if (clib_bihash_add_del_8_8 (&tsm->in2out, &kv, 0))
- nat_log_warn ("in2out key del failed");
+ nat_elog_warn ("in2out key del failed");
kv.key = s->out2in.as_u64;
if (clib_bihash_add_del_8_8 (&tsm->out2in, &kv, 0))
- nat_log_warn ("out2in key del failed");
+ nat_elog_warn ("out2in key del failed");
if (!is_ha)
nat_syslog_nat44_apmdel (s->user_index, s->in2out.fib_index,
@@ -343,7 +343,7 @@ nat_user_get_or_create (snat_main_t * sm, ip4_address_t * addr, u32 fib_index,
/* add user */
if (clib_bihash_add_del_8_8 (&tsm->user_hash, &kv, 1))
- nat_log_warn ("user_hash keay add failed");
+ nat_elog_warn ("user_hash keay add failed");
vlib_set_simple_counter (&sm->total_users, thread_index, 0,
pool_elts (tsm->users));
@@ -475,8 +475,8 @@ nat_ed_session_alloc (snat_main_t * sm, snat_user_t * u, u32 thread_index,
if ((u->nsessions + u->nstaticsessions) >=
sm->max_translations_per_user)
{
- nat_log_warn ("max translations per user %U", format_ip4_address,
- &u->addr);
+ nat_elog_addr (SNAT_LOG_WARNING, "[warn] max translations per user",
+ clib_net_to_host_u32 (u->addr.as_u32));
snat_ipfix_logging_max_entries_per_user
(thread_index, sm->max_translations_per_user, u->addr.as_u32);
return 0;
@@ -871,7 +871,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr,
foreach_snat_protocol
#undef _
default:
- nat_log_info ("unknown protocol");
+ nat_elog_info ("unknown protocol");
return VNET_API_ERROR_INVALID_VALUE_2;
}
break;
@@ -1053,7 +1053,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr,
foreach_snat_protocol
#undef _
default:
- nat_log_info ("unknown protocol");
+ nat_elog_info ("unknown protocol");
return VNET_API_ERROR_INVALID_VALUE_2;
}
break;
@@ -1234,7 +1234,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port,
foreach_snat_protocol
#undef _
default:
- nat_log_info ("unknown protocol");
+ nat_elog_info ("unknown protocol");
return VNET_API_ERROR_INVALID_VALUE_2;
}
break;
@@ -1271,7 +1271,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port,
kv.value = m - sm->static_mappings;
if (clib_bihash_add_del_8_8 (&sm->static_mapping_by_external, &kv, 1))
{
- nat_log_err ("static_mapping_by_external key add failed");
+ nat_elog_err ("static_mapping_by_external key add failed");
return VNET_API_ERROR_UNSPECIFIED;
}
@@ -1347,7 +1347,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port,
foreach_snat_protocol
#undef _
default:
- nat_log_info ("unknown protocol");
+ nat_elog_info ("unknown protocol");
return VNET_API_ERROR_INVALID_VALUE_2;
}
break;
@@ -1362,7 +1362,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port,
kv.key = m_key.as_u64;
if (clib_bihash_add_del_8_8 (&sm->static_mapping_by_external, &kv, 0))
{
- nat_log_err ("static_mapping_by_external key del failed");
+ nat_elog_err ("static_mapping_by_external key del failed");
return VNET_API_ERROR_UNSPECIFIED;
}
@@ -1379,7 +1379,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port,
kv.key = m_key.as_u64;
if (clib_bihash_add_del_8_8(&sm->static_mapping_by_local, &kv, 0))
{
- nat_log_err ("static_mapping_by_local key del failed");
+ nat_elog_err ("static_mapping_by_local key del failed");
return VNET_API_ERROR_UNSPECIFIED;
}
}
@@ -1513,7 +1513,7 @@ nat44_lb_static_mapping_add_del_local (ip4_address_t e_addr, u16 e_port,
kv.key = m_key.as_u64;
kv.value = m - sm->static_mappings;
if (clib_bihash_add_del_8_8 (&sm->static_mapping_by_local, &kv, 1))
- nat_log_err ("static_mapping_by_local key add failed");
+ nat_elog_err ("static_mapping_by_local key add failed");
}
}
else
@@ -1534,7 +1534,7 @@ nat44_lb_static_mapping_add_del_local (ip4_address_t e_addr, u16 e_port,
m_key.fib_index = match_local->fib_index;
kv.key = m_key.as_u64;
if (clib_bihash_add_del_8_8 (&sm->static_mapping_by_local, &kv, 0))
- nat_log_err ("static_mapping_by_local key del failed");
+ nat_elog_err ("static_mapping_by_local key del failed");
}
if (sm->num_workers > 1)
@@ -1669,7 +1669,7 @@ snat_del_address (snat_main_t * sm, ip4_address_t addr, u8 delete_sm,
/* Check if address is used in some static mapping */
if (is_snat_address_used_in_static_mapping (sm, addr))
{
- nat_log_notice ("address used in static mapping");
+ nat_elog_notice ("address used in static mapping");
return VNET_API_ERROR_UNSPECIFIED;
}
}
@@ -2297,6 +2297,7 @@ snat_init (vlib_main_t * vm)
sm->addr_and_port_alloc_alg = NAT_ADDR_AND_PORT_ALLOC_ALG_DEFAULT;
sm->forwarding_enabled = 0;
sm->log_class = vlib_log_register_class ("nat", 0);
+ sm->log_level = SNAT_LOG_NONE;
sm->mss_clamping = 0;
node = vlib_get_node_by_name (vm, (u8 *) "error-drop");
@@ -2463,7 +2464,7 @@ snat_free_outside_address_and_port (snat_address_t * addresses,
foreach_snat_protocol
#undef _
default:
- nat_log_info ("unknown protocol");
+ nat_elog_info ("unknown protocol");
return;
}
}
@@ -2496,7 +2497,7 @@ nat_set_outside_address_and_port (snat_address_t * addresses,
foreach_snat_protocol
#undef _
default:
- nat_log_info ("unknown protocol");
+ nat_elog_info ("unknown protocol");
return 1;
}
}
@@ -2603,7 +2604,7 @@ snat_static_mapping_match (snat_main_t * sm,
match.protocol, match.port,
tmp[lo], m->affinity,
m->affinity_per_service_list_head_index))
- nat_log_info ("create affinity record failed");
+ nat_elog_info ("create affinity record failed");
}
vec_free (tmp);
}
@@ -2709,7 +2710,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses,
foreach_snat_protocol
#undef _
default:
- nat_log_info ("unknown protocol");
+ nat_elog_info ("unknown protocol");
return 1;
}
@@ -2740,7 +2741,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses,
foreach_snat_protocol
#undef _
default:
- nat_log_info ("unknown protocol");
+ nat_elog_info ("unknown protocol");
return 1;
}
}
@@ -2790,7 +2791,7 @@ nat_alloc_addr_and_port_mape (snat_address_t * addresses,
foreach_snat_protocol
#undef _
default:
- nat_log_info ("unknown protocol");
+ nat_elog_info ("unknown protocol");
return 1;
}
@@ -2838,7 +2839,7 @@ nat_alloc_addr_and_port_range (snat_address_t * addresses,
foreach_snat_protocol
#undef _
default:
- nat_log_info ("unknown protocol");
+ nat_elog_info ("unknown protocol");
return 1;
}
@@ -3257,7 +3258,7 @@ nat_ha_sadd_cb (ip4_address_t * in_addr, u16 in_port,
kv.key = key.as_u64;
kv.value = s - tsm->sessions;
if (clib_bihash_add_del_8_8 (&tsm->out2in, &kv, 1))
- nat_log_warn ("out2in key add failed");
+ nat_elog_warn ("out2in key add failed");
key.addr.as_u32 = in_addr->as_u32;
key.port = in_port;
@@ -3265,7 +3266,7 @@ nat_ha_sadd_cb (ip4_address_t * in_addr, u16 in_port,
s->in2out = key;
kv.key = key.as_u64;
if (clib_bihash_add_del_8_8 (&tsm->in2out, &kv, 1))
- nat_log_warn ("in2out key add failed");
+ nat_elog_warn ("in2out key add failed");
}
void
@@ -3431,12 +3432,12 @@ nat_ha_sadd_ed_cb (ip4_address_t * in_addr, u16 in_port,
snat_proto_to_ip_proto (proto), fib_index, in_port,
s->ext_host_nat_port);
if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &kv, 1))
- nat_log_warn ("in2out key add failed");
+ nat_elog_warn ("in2out key add failed");
make_ed_kv (&kv, out_addr, eh_addr, snat_proto_to_ip_proto (proto),
s->out2in.fib_index, out_port, eh_port);
if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &kv, 1))
- nat_log_warn ("out2in key add failed");
+ nat_elog_warn ("out2in key add failed");
}
void
@@ -3789,7 +3790,7 @@ match:
rp->proto, !is_delete, rp->twice_nat,
rp->out2in_only, rp->tag, rp->identity_nat);
if (rv)
- nat_log_notice ("snat_add_static_mapping returned %d", rv);
+ nat_elog_notice_X1 ("snat_add_static_mapping returned %d", "i4", rv);
}
static void
@@ -3860,7 +3861,8 @@ match:
rp->out2in_only, rp->tag,
rp->identity_nat);
if (rv)
- nat_log_notice ("snat_add_static_mapping returned %d", rv);
+ nat_elog_notice_X1 ("snat_add_static_mapping returned %d",
+ "i4", rv);
}
}
return;
diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h
index 237d945a724..664af39df99 100644
--- a/src/plugins/nat/nat.h
+++ b/src/plugins/nat/nat.h
@@ -23,6 +23,7 @@
#include <vnet/ethernet/ethernet.h>
#include <vnet/ip/icmp46_packet.h>
#include <vnet/api_errno.h>
+#include <vppinfra/elog.h>
#include <vppinfra/bihash_8_8.h>
#include <vppinfra/bihash_16_8.h>
#include <vppinfra/dlist.h>
@@ -585,6 +586,8 @@ typedef struct snat_main_s
/* log class */
vlib_log_class_t log_class;
+ /* logging level */
+ u8 log_level;
/* convenience */
vlib_main_t *vlib_main;
@@ -744,6 +747,104 @@ unformat_function_t unformat_snat_protocol;
#define nat_log_debug(...)\
vlib_log(VLIB_LOG_LEVEL_DEBUG, snat_main.log_class, __VA_ARGS__)
+/* NAT API Logging Levels */
+#define foreach_nat_log_level \
+ _(0x00, LOG_NONE) \
+ _(0x01, LOG_ERROR) \
+ _(0x02, LOG_WARNING) \
+ _(0x03, LOG_NOTICE) \
+ _(0x04, LOG_INFO) \
+ _(0x05, LOG_DEBUG)
+
+typedef enum nat_log_level_t_
+{
+#define _(n,f) SNAT_##f = n,
+ foreach_nat_log_level
+#undef _
+} nat_log_level_t;
+
+#define nat_elog(_level, _str) \
+do \
+ { \
+ snat_main_t *sm = &snat_main; \
+ if (PREDICT_FALSE (sm->log_level >= _level)) \
+ { \
+ ELOG_TYPE_DECLARE (e) = \
+ { \
+ .format = "nat-msg" _str, \
+ .format_args = "", \
+ }; \
+ ELOG_DATA (&sm->vlib_main->elog_main, e); \
+ } \
+ } while (0);
+
+#define nat_elog_addr(_level, _str, _addr) \
+do \
+ { \
+ if (PREDICT_FALSE (sm->log_level >= _level)) \
+ { \
+ ELOG_TYPE_DECLARE (e) = \
+ { \
+ .format = "nat-msg " _str " %d.%d.%d.%d", \
+ .format_args = "i1i1i1i1", \
+ }; \
+ CLIB_PACKED(struct \
+ { \
+ u8 oct1; \
+ u8 oct2; \
+ u8 oct3; \
+ u8 oct4; \
+ }) *ed; \
+ ed = ELOG_DATA (&vlib_global_main.elog_main, e); \
+ ed->oct4 = _addr >> 24; \
+ ed->oct3 = _addr >> 16; \
+ ed->oct2 = _addr >> 8; \
+ ed->oct1 = _addr; \
+ } \
+ } while (0);
+
+#define nat_elog_X1(_level, _fmt, _arg, _val1) \
+do \
+ { \
+ snat_main_t *sm = &snat_main; \
+ if (PREDICT_FALSE (sm->log_level >= _level)) \
+ { \
+ ELOG_TYPE_DECLARE (e) = \
+ { \
+ .format = "nat-msg " _fmt, \
+ .format_args = _arg, \
+ }; \
+ CLIB_PACKED(struct \
+ { \
+ typeof (_val1) val1; \
+ }) *ed; \
+ ed = ELOG_DATA (&sm->vlib_main->elog_main, e); \
+ ed->val1 = _val1; \
+ } \
+ } while (0);
+
+#define nat_elog_notice(nat_elog_str) \
+ nat_elog(SNAT_LOG_INFO, "[notice] " nat_elog_str)
+#define nat_elog_warn(nat_elog_str) \
+ nat_elog(SNAT_LOG_WARNING, "[warning] " nat_elog_str)
+#define nat_elog_err(nat_elog_str) \
+ nat_elog(SNAT_LOG_ERROR, "[error] " nat_elog_str)
+#define nat_elog_debug(nat_elog_str) \
+ nat_elog(SNAT_LOG_DEBUG, "[debug] " nat_elog_str)
+#define nat_elog_info(nat_elog_str) \
+ nat_elog(SNAT_LOG_INFO, "[info] " nat_elog_str)
+
+#define nat_elog_notice_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) \
+ nat_elog_X1(SNAT_LOG_NOTICE, "[notice] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1)
+#define nat_elog_warn_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) \
+ nat_elog_X1(SNAT_LOG_WARNING, "[warning] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1)
+#define nat_elog_err_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) \
+ nat_elog_X1(SNAT_LOG_ERROR, "[error] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1)
+#define nat_elog_debug_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) \
+ nat_elog_X1(SNAT_LOG_DEBUG, "[debug] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1)
+#define nat_elog_info_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) \
+ nat_elog_X1(SNAT_LOG_INFO, "[info] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1)
+
/* ICMP session match functions */
u32 icmp_match_in2out_fast (snat_main_t * sm, vlib_node_runtime_t * node,
u32 thread_index, vlib_buffer_t * b0,
diff --git a/src/plugins/nat/nat44_classify.c b/src/plugins/nat/nat44_classify.c
index 5401b5b70ee..aa2bf73e94c 100644
--- a/src/plugins/nat/nat44_classify.c
+++ b/src/plugins/nat/nat44_classify.c
@@ -154,7 +154,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm,
next0 = NAT44_CLASSIFY_NEXT_DROP;
b0->error =
node->errors[NAT44_CLASSIFY_ERROR_MAX_REASS];
- nat_log_notice ("maximum reassemblies exceeded");
+ nat_elog_notice ("maximum reassemblies exceeded");
goto enqueue0;
}
if (!clib_bihash_search_16_8 (&tsm->in2out_ed, &ed_kv0,
@@ -204,7 +204,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm,
next0 = NAT44_CLASSIFY_NEXT_DROP;
b0->error =
node->errors[NAT44_CLASSIFY_ERROR_MAX_REASS];
- nat_log_notice ("maximum reassemblies exceeded");
+ nat_elog_notice ("maximum reassemblies exceeded");
goto enqueue0;
}
/* check if first fragment has arrived */
@@ -217,7 +217,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm,
{
b0->error =
node->errors[NAT44_CLASSIFY_ERROR_MAX_FRAG];
- nat_log_notice
+ nat_elog_notice
("maximum fragments per reassembly exceeded");
next0 = NAT44_CLASSIFY_NEXT_DROP;
goto enqueue0;
@@ -288,7 +288,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm,
next0 = NAT44_CLASSIFY_NEXT_DROP;
b0->error =
node->errors[NAT44_CLASSIFY_ERROR_MAX_REASS];
- nat_log_notice ("maximum reassemblies exceeded");
+ nat_elog_notice ("maximum reassemblies exceeded");
goto enqueue0;
}
/* save classification for future fragments and set past
@@ -317,7 +317,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm,
next0 = NAT44_CLASSIFY_NEXT_DROP;
b0->error =
node->errors[NAT44_CLASSIFY_ERROR_MAX_REASS];
- nat_log_notice ("maximum reassemblies exceeded");
+ nat_elog_notice ("maximum reassemblies exceeded");
goto enqueue0;
}
if (reass0->classify_next == NAT_REASS_IP4_CLASSIFY_NONE)
@@ -328,7 +328,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm,
{
b0->error =
node->errors[NAT44_CLASSIFY_ERROR_MAX_FRAG];
- nat_log_notice
+ nat_elog_notice
("maximum fragments per reassembly exceeded");
next0 = NAT44_CLASSIFY_NEXT_DROP;
goto enqueue0;
diff --git a/src/plugins/nat/nat44_cli.c b/src/plugins/nat/nat44_cli.c
index cfa294f2222..4dcfb8d8e57 100644
--- a/src/plugins/nat/nat44_cli.c
+++ b/src/plugins/nat/nat44_cli.c
@@ -116,6 +116,39 @@ nat_show_workers_commnad_fn (vlib_main_t * vm, unformat_input_t * input,
}
static clib_error_t *
+snat_set_log_level_command_fn (vlib_main_t * vm,
+ unformat_input_t * input,
+ vlib_cli_command_t * cmd)
+{
+ unformat_input_t _line_input, *line_input = &_line_input;
+ snat_main_t *sm = &snat_main;
+ u8 log_level = SNAT_LOG_NONE;
+ clib_error_t *error = 0;
+
+ /* Get a line of input. */
+ if (!unformat_user (input, unformat_line_input, line_input))
+ return 0;
+
+ if (!unformat (line_input, "level %d", &log_level))
+ {
+ error = clib_error_return (0, "unknown input '%U'",
+ format_unformat_error, line_input);
+ goto done;
+ }
+ if (log_level > SNAT_LOG_DEBUG)
+ {
+ error = clib_error_return (0, "unknown logging level '%d'", log_level);
+ goto done;
+ }
+ sm->log_level = log_level;
+
+done:
+ unformat_free (line_input);
+
+ return error;
+}
+
+static clib_error_t *
snat_ipfix_logging_enable_disable_command_fn (vlib_main_t * vm,
unformat_input_t * input,
vlib_cli_command_t * cmd)
@@ -1945,6 +1978,19 @@ VLIB_CLI_COMMAND (nat_show_timeouts_command, static) = {
/*?
* @cliexpar
+ * @cliexstart{nat set logging level}
+ * To set NAT logging level use:
+ * Set nat logging level
+ * @cliexend
+?*/
+VLIB_CLI_COMMAND (snat_set_log_level_command, static) = {
+ .path = "nat set logging level",
+ .function = snat_set_log_level_command_fn,
+ .short_help = "nat set logging level <level>",
+};
+
+/*?
+ * @cliexpar
* @cliexstart{snat ipfix logging}
* To enable NAT IPFIX logging use:
* vpp# nat ipfix logging
diff --git a/src/plugins/nat/nat64.c b/src/plugins/nat/nat64.c
index 748205a1631..0fe29800420 100644
--- a/src/plugins/nat/nat64.c
+++ b/src/plugins/nat/nat64.c
@@ -306,7 +306,7 @@ nat64_set_hash (u32 bib_buckets, u32 bib_memory_size, u32 st_buckets,
{
if (nat64_db_init (db, bib_buckets, bib_memory_size, st_buckets,
st_memory_size, nat64_free_out_addr_and_port))
- nat_log_err ("NAT64 DB init failed");
+ nat_elog_err ("NAT64 DB init failed");
}
/* *INDENT-ON* */
}
@@ -606,7 +606,7 @@ nat64_free_out_addr_and_port (struct nat64_db_s *db, ip4_address_t * addr,
foreach_snat_protocol
#undef _
default:
- nat_log_notice ("unknown protocol");
+ nat_elog_notice ("unknown protocol");
return;
}
break;
@@ -1120,7 +1120,7 @@ nat64_compose_ip6 (ip6_address_t * ip6, ip4_address_t * ip4, u32 fib_index)
ip6->as_u32[3] = ip4->as_u32;
break;
default:
- nat_log_notice ("invalid prefix length");
+ nat_elog_notice ("invalid prefix length");
break;
}
}
@@ -1193,7 +1193,7 @@ nat64_extract_ip4 (ip6_address_t * ip6, ip4_address_t * ip4, u32 fib_index)
ip4->as_u32 = ip6->as_u32[3];
break;
default:
- nat_log_notice ("invalid prefix length");
+ nat_elog_notice ("invalid prefix length");
break;
}
}
@@ -1278,7 +1278,7 @@ nat64_expire_walk_fn (vlib_main_t * vm, vlib_node_runtime_t * rt,
case NAT64_CLEANER_RESCHEDULE:
break;
default:
- nat_log_notice ("unknown event %u", event_type);
+ nat_elog_notice_X1 ("unknown event %d", "i4", event_type);
break;
}
diff --git a/src/plugins/nat/nat66.c b/src/plugins/nat/nat66.c
index a6606a458a7..2caefab6480 100644
--- a/src/plugins/nat/nat66.c
+++ b/src/plugins/nat/nat66.c
@@ -185,7 +185,7 @@ nat66_static_mapping_add_del (ip6_address_t * l_addr, ip6_address_t * e_addr,
kv.key[2] = sm_key.as_u64[2];
kv.value = sm - nm->sm;
if (clib_bihash_add_del_24_8 (&nm->sm_l, &kv, 1))
- nat_log_warn ("nat66-static-map-by-local add key failed");
+ nat_elog_warn ("nat66-static-map-by-local add key failed");
sm_key.addr.as_u64[0] = e_addr->as_u64[0];
sm_key.addr.as_u64[1] = e_addr->as_u64[1];
sm_key.fib_index = 0;
@@ -193,7 +193,7 @@ nat66_static_mapping_add_del (ip6_address_t * l_addr, ip6_address_t * e_addr,
kv.key[1] = sm_key.as_u64[1];
kv.key[2] = sm_key.as_u64[2];
if (clib_bihash_add_del_24_8 (&nm->sm_e, &kv, 1))
- nat_log_warn ("nat66-static-map-by-external add key failed");
+ nat_elog_warn ("nat66-static-map-by-external add key failed");
vlib_validate_combined_counter (&nm->session_counters, kv.value);
vlib_zero_combined_counter (&nm->session_counters, kv.value);
@@ -205,7 +205,7 @@ nat66_static_mapping_add_del (ip6_address_t * l_addr, ip6_address_t * e_addr,
kv.value = sm - nm->sm;
if (clib_bihash_add_del_24_8 (&nm->sm_l, &kv, 0))
- nat_log_warn ("nat66-static-map-by-local delete key failed");
+ nat_elog_warn ("nat66-static-map-by-local delete key failed");
sm_key.addr.as_u64[0] = e_addr->as_u64[0];
sm_key.addr.as_u64[1] = e_addr->as_u64[1];
sm_key.fib_index = 0;
@@ -213,7 +213,7 @@ nat66_static_mapping_add_del (ip6_address_t * l_addr, ip6_address_t * e_addr,
kv.key[1] = sm_key.as_u64[1];
kv.key[2] = sm_key.as_u64[2];
if (clib_bihash_add_del_24_8 (&nm->sm_e, &kv, 0))
- nat_log_warn ("nat66-static-map-by-external delete key failed");
+ nat_elog_warn ("nat66-static-map-by-external delete key failed");
fib_table_unlock (sm->fib_index, FIB_PROTOCOL_IP6,
FIB_SOURCE_PLUGIN_HI);
pool_put (nm->sm, sm);
diff --git a/src/plugins/nat/nat_affinity.c b/src/plugins/nat/nat_affinity.c
index 28c25aecda5..5a6927118aa 100644
--- a/src/plugins/nat/nat_affinity.c
+++ b/src/plugins/nat/nat_affinity.c
@@ -115,7 +115,7 @@ nat_affinity_flush_service (u32 affinity_per_service_list_head_index)
kv.key[1] = a->key.as_u64[1];
pool_put_index (nam->affinity_pool, elt->value);
if (clib_bihash_add_del_16_8 (&nam->affinity_hash, &kv, 0))
- nat_log_warn ("affinity key del failed");
+ nat_elog_warn ("affinity key del failed");
pool_put_index (nam->list_pool, elt_index);
}
pool_put_index (nam->list_pool, affinity_per_service_list_head_index);
@@ -151,7 +151,7 @@ nat_affinity_find_and_lock (ip4_address_t client_addr,
pool_put_index (nam->list_pool, a->per_service_index);
pool_put_index (nam->affinity_pool, value.value);
if (clib_bihash_add_del_16_8 (&nam->affinity_hash, &kv, 0))
- nat_log_warn ("affinity key del failed");
+ nat_elog_warn ("affinity key del failed");
rv = 1;
goto unlock;
}
@@ -179,7 +179,7 @@ affinity_is_expired_cb (clib_bihash_kv_16_8_t * kv, void *arg)
pool_put_index (nam->list_pool, a->per_service_index);
pool_put_index (nam->affinity_pool, kv->value);
if (clib_bihash_add_del_16_8 (&nam->affinity_hash, kv, 0))
- nat_log_warn ("affinity key del failed");
+ nat_elog_warn ("affinity key del failed");
return 1;
}
}
@@ -205,7 +205,7 @@ nat_affinity_create_and_lock (ip4_address_t client_addr,
if (!clib_bihash_search_16_8 (&nam->affinity_hash, &kv, &value))
{
rv = 1;
- nat_log_notice ("affinity key already exist");
+ nat_elog_notice ("affinity key already exist");
goto unlock;
}
@@ -216,7 +216,7 @@ nat_affinity_create_and_lock (ip4_address_t client_addr,
affinity_is_expired_cb, NULL);
if (rv)
{
- nat_log_notice ("affinity key add failed");
+ nat_elog_notice ("affinity key add failed");
pool_put (nam->affinity_pool, a);
goto unlock;
}
diff --git a/src/plugins/nat/nat_api.c b/src/plugins/nat/nat_api.c
index 63e1e756515..ff11a82f099 100644
--- a/src/plugins/nat/nat_api.c
+++ b/src/plugins/nat/nat_api.c
@@ -250,6 +250,33 @@ vl_api_nat_worker_dump_t_print (vl_api_nat_worker_dump_t * mp, void *handle)
}
static void
+vl_api_nat_set_log_level_t_handler (vl_api_nat_set_log_level_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_set_log_level_reply_t *rmp;
+ int rv = 0;
+
+ if (sm->log_level > NAT_LOG_DEBUG)
+ rv = VNET_API_ERROR_UNSUPPORTED;
+ else
+ sm->log_level = mp->log_level;
+
+ REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY);
+}
+
+static void *
+vl_api_nat_set_log_level_t_print (vl_api_nat_set_log_level_t *
+ mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_set_log_level ");
+ s = format (s, "log_level %d", mp->log_level);
+
+ FINISH;
+}
+
+static void
vl_api_nat_ipfix_enable_disable_t_handler (vl_api_nat_ipfix_enable_disable_t *
mp)
{
@@ -3524,6 +3551,7 @@ _(NAT_CONTROL_PING, nat_control_ping) \
_(NAT_SHOW_CONFIG, nat_show_config) \
_(NAT_SET_WORKERS, nat_set_workers) \
_(NAT_WORKER_DUMP, nat_worker_dump) \
+_(NAT_SET_LOG_LEVEL, nat_set_log_level) \
_(NAT_IPFIX_ENABLE_DISABLE, nat_ipfix_enable_disable) \
_(NAT_SET_REASS, nat_set_reass) \
_(NAT_GET_REASS, nat_get_reass) \
diff --git a/src/plugins/nat/nat_ha.c b/src/plugins/nat/nat_ha.c
index e81e916e389..8bf07759f68 100644
--- a/src/plugins/nat/nat_ha.c
+++ b/src/plugins/nat/nat_ha.c
@@ -176,8 +176,14 @@ nat_ha_resync_fin (void)
return;
ha->in_resync = 0;
- nat_log_info ("resync completed with result %s",
- ha->resync_ack_missed ? "FAILED" : "SUCESS");
+ if (ha->resync_ack_missed)
+ {
+ nat_elog_info ("resync completed with result FAILED");
+ }
+ else
+ {
+ nat_elog_info ("resync completed with result SUCCESS");
+ }
if (ha->event_callback)
ha->event_callback (ha->client_index, ha->pid, ha->resync_ack_missed);
}
@@ -224,7 +230,8 @@ nat_ha_ack_recv (u32 seq, u32 thread_index)
}
vec_free (td->resend_queue[i].data);
vec_del1 (td->resend_queue, i);
- nat_log_debug ("ACK for seq %d received", clib_net_to_host_u32 (seq));
+ nat_elog_debug_X1 ("ACK for seq %d received", "i4",
+ clib_net_to_host_u32 (seq));
return;
}
@@ -251,8 +258,8 @@ nat_ha_resend_scan (f64 now, u32 thread_index)
/* maximum retry reached delete cached data */
if (td->resend_queue[i].retry_count >= NAT_HA_RETRIES)
{
- nat_log_notice ("seq %d missed",
- clib_net_to_host_u32 (td->resend_queue[i].seq));
+ nat_elog_notice_X1 ("seq %d missed", "i4",
+ clib_net_to_host_u32 (td->resend_queue[i].seq));
if (td->resend_queue[i].is_resync)
{
clib_atomic_fetch_add (&ha->resync_ack_missed, 1);
@@ -267,14 +274,14 @@ nat_ha_resend_scan (f64 now, u32 thread_index)
}
/* retry to send non-ACKed data */
- nat_log_debug ("state sync seq %d resend",
- clib_net_to_host_u32 (td->resend_queue[i].seq));
+ nat_elog_debug_X1 ("state sync seq %d resend", "i4",
+ clib_net_to_host_u32 (td->resend_queue[i].seq));
td->resend_queue[i].retry_count++;
vlib_increment_simple_counter (&ha->counters[NAT_HA_COUNTER_RETRY_COUNT],
thread_index, 0, 1);
if (vlib_buffer_alloc (vm, &bi, 1) != 1)
{
- nat_log_warn ("HA NAT state sync can't allocate buffer");
+ nat_elog_warn ("HA NAT state sync can't allocate buffer");
return;
}
b = vlib_get_buffer (vm, bi);
@@ -368,7 +375,7 @@ nat_ha_set_listener (ip4_address_t * addr, u16 port, u32 path_mtu)
{
udp_register_dst_port (ha->vlib_main, port, nat_ha_node.index, 1);
}
- nat_log_info ("HA listening on port %d for state sync", port);
+ nat_elog_info_X1 ("HA listening on port %d for state sync", "i4", port);
}
return 0;
@@ -489,7 +496,8 @@ nat_ha_event_process (nat_ha_event_t * event, f64 now, u32 thread_index)
nat_ha_recv_refresh (event, now, thread_index);
break;
default:
- nat_log_notice ("Unsupported HA event type %d", event->event_type);
+ nat_elog_notice_X1 ("Unsupported HA event type %d", "i4",
+ event->event_type);
break;
}
}
@@ -587,7 +595,7 @@ nat_ha_event_add (nat_ha_event_t * event, u8 do_flush, u32 thread_index,
if (vlib_buffer_alloc (vm, &bi, 1) != 1)
{
- nat_log_warn ("HA NAT state sync can't allocate buffer");
+ nat_elog_warn ("HA NAT state sync can't allocate buffer");
return;
}
@@ -783,7 +791,7 @@ nat_ha_process (vlib_main_t * vm, vlib_node_runtime_t * rt, vlib_frame_t * f)
vlib_process_wait_for_event (vm);
event_type = vlib_process_get_events (vm, &event_data);
if (event_type)
- nat_log_info ("nat-ha-process: bogus kickoff event received");
+ nat_elog_info ("nat-ha-process: bogus kickoff event received");
vec_reset_length (event_data);
while (1)
diff --git a/src/plugins/nat/nat_inlines.h b/src/plugins/nat/nat_inlines.h
index 64b1f25549c..ae8ed7fb165 100644
--- a/src/plugins/nat/nat_inlines.h
+++ b/src/plugins/nat/nat_inlines.h
@@ -175,8 +175,6 @@ nat44_delete_session (snat_main_t * sm, snat_session_t * ses,
snat_user_key_t u_key;
snat_user_t *u;
- nat_log_debug ("session deleted %U", format_snat_session, tsm, ses);
-
clib_dlist_remove (tsm->list_pool, ses->per_user_index);
pool_put_index (tsm->list_pool, ses->per_user_index);
pool_put (tsm->sessions, ses);
@@ -227,8 +225,6 @@ nat44_set_tcp_session_state_i2o (snat_main_t * sm, snat_session_t * ses,
if (nat44_is_ses_closed (ses)
&& !(ses->flags & SNAT_SESSION_FLAG_OUTPUT_FEATURE))
{
- nat_log_debug ("TCP close connection %U", format_snat_session,
- &sm->per_thread_data[thread_index], ses);
nat_free_session_data (sm, ses, thread_index, 0);
nat44_delete_session (sm, ses, thread_index);
return 1;
@@ -261,8 +257,6 @@ nat44_set_tcp_session_state_o2i (snat_main_t * sm, snat_session_t * ses,
}
if (nat44_is_ses_closed (ses))
{
- nat_log_debug ("TCP close connection %U", format_snat_session,
- &sm->per_thread_data[thread_index], ses);
nat_free_session_data (sm, ses, thread_index, 0);
nat44_delete_session (sm, ses, thread_index);
return 1;
diff --git a/src/plugins/nat/nat_ipfix_logging.c b/src/plugins/nat/nat_ipfix_logging.c
index 8cca976666e..c24c2372b54 100755
--- a/src/plugins/nat/nat_ipfix_logging.c
+++ b/src/plugins/nat/nat_ipfix_logging.c
@@ -675,7 +675,7 @@ snat_ipfix_logging_nat44_ses (u32 thread_index, u8 nat_event, u32 src_ip,
if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
{
- nat_log_err ("can't allocate buffer for NAT IPFIX event");
+ nat_elog_err ("can't allocate buffer for NAT IPFIX event");
return;
}
@@ -774,7 +774,7 @@ snat_ipfix_logging_addr_exhausted (u32 thread_index, u32 pool_id, int do_flush)
if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
{
- nat_log_err ("can't allocate buffer for NAT IPFIX event");
+ nat_elog_err ("can't allocate buffer for NAT IPFIX event");
return;
}
@@ -860,7 +860,7 @@ snat_ipfix_logging_max_entries_per_usr (u32 thread_index,
if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
{
- nat_log_err ("can't allocate buffer for NAT IPFIX event");
+ nat_elog_err ("can't allocate buffer for NAT IPFIX event");
return;
}
@@ -951,7 +951,7 @@ nat_ipfix_logging_max_ses (u32 thread_index, u32 limit, int do_flush)
if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
{
- nat_log_err ("can't allocate buffer for NAT IPFIX event");
+ nat_elog_err ("can't allocate buffer for NAT IPFIX event");
return;
}
@@ -1039,7 +1039,7 @@ nat_ipfix_logging_max_bib (u32 thread_index, u32 limit, int do_flush)
if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
{
- nat_log_err ("can't allocate buffer for NAT IPFIX event");
+ nat_elog_err ("can't allocate buffer for NAT IPFIX event");
return;
}
@@ -1128,7 +1128,7 @@ nat_ipfix_logging_max_frag_ip4 (u32 thread_index,
if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
{
- nat_log_err ("can't allocate buffer for NAT IPFIX event");
+ nat_elog_err ("can't allocate buffer for NAT IPFIX event");
return;
}
@@ -1220,7 +1220,7 @@ nat_ipfix_logging_max_frag_ip6 (u32 thread_index,
if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
{
- nat_log_err ("can't allocate buffer for NAT IPFIX event");
+ nat_elog_err ("can't allocate buffer for NAT IPFIX event");
return;
}
@@ -1312,7 +1312,7 @@ nat_ipfix_logging_nat64_bibe (u32 thread_index, u8 nat_event,
if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
{
- nat_log_err ("can't allocate buffer for NAT IPFIX event");
+ nat_elog_err ("can't allocate buffer for NAT IPFIX event");
return;
}
@@ -1415,7 +1415,7 @@ nat_ipfix_logging_nat64_ses (u32 thread_index, u8 nat_event,
if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
{
- nat_log_err ("can't allocate buffer for NAT IPFIX event");
+ nat_elog_err ("can't allocate buffer for NAT IPFIX event");
return;
}
@@ -1826,7 +1826,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
rv = vnet_flow_report_add_del (frm, &a, NULL);
if (rv)
{
- nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
+ nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv);
return -1;
}
}
@@ -1837,7 +1837,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
rv = vnet_flow_report_add_del (frm, &a, NULL);
if (rv)
{
- nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
+ nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv);
return -1;
}
@@ -1846,7 +1846,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
rv = vnet_flow_report_add_del (frm, &a, NULL);
if (rv)
{
- nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
+ nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv);
return -1;
}
@@ -1855,7 +1855,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
rv = vnet_flow_report_add_del (frm, &a, NULL);
if (rv)
{
- nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
+ nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv);
return -1;
}
@@ -1864,7 +1864,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
rv = vnet_flow_report_add_del (frm, &a, NULL);
if (rv)
{
- nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
+ nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv);
return -1;
}
@@ -1873,7 +1873,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
rv = vnet_flow_report_add_del (frm, &a, NULL);
if (rv)
{
- nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
+ nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv);
return -1;
}
@@ -1882,7 +1882,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
rv = vnet_flow_report_add_del (frm, &a, NULL);
if (rv)
{
- nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
+ nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv);
return -1;
}
@@ -1891,7 +1891,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
rv = vnet_flow_report_add_del (frm, &a, NULL);
if (rv)
{
- nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
+ nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv);
return -1;
}
@@ -1900,7 +1900,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
rv = vnet_flow_report_add_del (frm, &a, NULL);
if (rv)
{
- nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
+ nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv);
return -1;
}
@@ -1911,7 +1911,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port)
rv = vnet_flow_report_add_del (frm, &a, NULL);
if (rv)
{
- nat_log_warn ("vnet_flow_report_add_del returned %d", rv);
+ nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv);
return -1;
}
}
diff --git a/src/plugins/nat/nat_reass.c b/src/plugins/nat/nat_reass.c
index 673acfa1d5a..b518c0cb916 100755
--- a/src/plugins/nat/nat_reass.c
+++ b/src/plugins/nat/nat_reass.c
@@ -232,7 +232,7 @@ nat_ip4_reass_create (ip4_address_t src, ip4_address_t dst, u16 frag_id,
if (srm->ip4_reass_n >= srm->ip4_max_reass)
{
- nat_log_warn ("no free resassembly slot");
+ nat_elog_warn ("no free resassembly slot");
goto unlock;
}
@@ -263,7 +263,7 @@ nat_ip4_reass_create (ip4_address_t src, ip4_address_t dst, u16 frag_id,
reass->flags = 0;
reass->classify_next = NAT_REASS_IP4_CLASSIFY_NONE;
if (clib_bihash_add_del_16_8 (&srm->ip4_reass_hash, &kv, 1))
- nat_log_warn ("ip4_reass_hash add key failed");
+ nat_elog_warn ("ip4_reass_hash add key failed");
unlock:
clib_spinlock_unlock_if_init (&srm->ip4_reass_lock);
@@ -326,7 +326,7 @@ nat_ip4_reass_find_or_create (ip4_address_t src, ip4_address_t dst,
{
clib_dlist_addhead (srm->ip4_reass_lru_list_pool,
srm->ip4_reass_head_index, oldest_index);
- nat_log_warn ("no free resassembly slot");
+ nat_elog_warn ("no free resassembly slot");
reass = 0;
goto unlock;
}
@@ -535,7 +535,7 @@ nat_ip6_reass_find_or_create (ip6_address_t src, ip6_address_t dst,
{
clib_dlist_addhead (srm->ip6_reass_lru_list_pool,
srm->ip6_reass_head_index, oldest_index);
- nat_log_warn ("no free resassembly slot");
+ nat_elog_warn ("no free resassembly slot");
reass = 0;
goto unlock;
}
diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c
index 3d045a9dc8b..8c6cb482703 100755
--- a/src/plugins/nat/out2in.c
+++ b/src/plugins/nat/out2in.c
@@ -129,7 +129,7 @@ nat44_o2i_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg)
{
s_kv.key = s->in2out.as_u64;
if (clib_bihash_add_del_8_8 (&tsm->in2out, &s_kv, 0))
- nat_log_warn ("out2in key del failed");
+ nat_elog_warn ("out2in key del failed");
snat_ipfix_logging_nat44_ses_delete (ctx->thread_index,
s->in2out.addr.as_u32,
@@ -192,7 +192,7 @@ create_session_for_static_mapping (snat_main_t * sm,
if (PREDICT_FALSE (maximum_sessions_exceeded (sm, thread_index)))
{
b0->error = node->errors[SNAT_OUT2IN_ERROR_MAX_SESSIONS_EXCEEDED];
- nat_log_notice ("maximum sessions exceeded");
+ nat_elog_notice ("maximum sessions exceeded");
return 0;
}
@@ -203,7 +203,7 @@ create_session_for_static_mapping (snat_main_t * sm,
nat_user_get_or_create (sm, &in2out.addr, in2out.fib_index, thread_index);
if (!u)
{
- nat_log_warn ("create NAT user failed");
+ nat_elog_warn ("create NAT user failed");
return 0;
}
@@ -211,7 +211,7 @@ create_session_for_static_mapping (snat_main_t * sm,
if (!s)
{
nat44_delete_user_with_no_session (sm, u, thread_index);
- nat_log_warn ("create NAT session failed");
+ nat_elog_warn ("create NAT session failed");
return 0;
}
@@ -231,14 +231,14 @@ create_session_for_static_mapping (snat_main_t * sm,
if (clib_bihash_add_or_overwrite_stale_8_8
(&sm->per_thread_data[thread_index].in2out, &kv0,
nat44_i2o_is_idle_session_cb, &ctx0))
- nat_log_notice ("in2out key add failed");
+ nat_elog_notice ("in2out key add failed");
kv0.key = s->out2in.as_u64;
if (clib_bihash_add_or_overwrite_stale_8_8
(&sm->per_thread_data[thread_index].out2in, &kv0,
nat44_o2i_is_idle_session_cb, &ctx0))
- nat_log_notice ("out2in key add failed");
+ nat_elog_notice ("out2in key add failed");
/* log NAT event */
snat_ipfix_logging_nat44_ses_create (thread_index,
@@ -1443,7 +1443,7 @@ VLIB_NODE_FN (nat44_out2in_reass_node) (vlib_main_t * vm,
{
next0 = SNAT_OUT2IN_NEXT_DROP;
b0->error = node->errors[SNAT_OUT2IN_ERROR_MAX_REASS];
- nat_log_notice ("maximum reassemblies exceeded");
+ nat_elog_notice ("maximum reassemblies exceeded");
goto trace0;
}
@@ -1548,7 +1548,7 @@ VLIB_NODE_FN (nat44_out2in_reass_node) (vlib_main_t * vm,
(thread_index, reass0, bi0, &fragments_to_drop))
{
b0->error = node->errors[SNAT_OUT2IN_ERROR_MAX_FRAG];
- nat_log_notice
+ nat_elog_notice
("maximum fragments per reassembly exceeded");
next0 = SNAT_OUT2IN_NEXT_DROP;
goto trace0;
diff --git a/src/plugins/nat/out2in_ed.c b/src/plugins/nat/out2in_ed.c
index 7e984807107..560c23e0079 100644
--- a/src/plugins/nat/out2in_ed.c
+++ b/src/plugins/nat/out2in_ed.c
@@ -167,7 +167,7 @@ nat44_o2i_ed_is_idle_session_cb (clib_bihash_kv_16_8_t * kv, void *arg)
ed_kv.key[0] = ed_key.as_u64[0];
ed_kv.key[1] = ed_key.as_u64[1];
if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &ed_kv, 0))
- nat_log_warn ("in2out_ed key del failed");
+ nat_elog_warn ("in2out_ed key del failed");
if (snat_is_unk_proto_session (s))
goto delete;
@@ -244,14 +244,14 @@ create_session_for_static_mapping_ed (snat_main_t * sm,
if (PREDICT_FALSE (maximum_sessions_exceeded (sm, thread_index)))
{
b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED];
- nat_log_notice ("maximum sessions exceeded");
+ nat_elog_notice ("maximum sessions exceeded");
return 0;
}
u = nat_user_get_or_create (sm, &l_key.addr, l_key.fib_index, thread_index);
if (!u)
{
- nat_log_warn ("create NAT user failed");
+ nat_elog_warn ("create NAT user failed");
return 0;
}
@@ -259,7 +259,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm,
if (!s)
{
nat44_delete_user_with_no_session (sm, u, thread_index);
- nat_log_warn ("create NAT session failed");
+ nat_elog_warn ("create NAT session failed");
return 0;
}
@@ -288,7 +288,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm,
if (clib_bihash_add_or_overwrite_stale_16_8 (&tsm->out2in_ed, &kv,
nat44_o2i_ed_is_idle_session_cb,
&ctx))
- nat_log_notice ("out2in-ed key add failed");
+ nat_elog_notice ("out2in-ed key add failed");
if (twice_nat == TWICE_NAT || (twice_nat == TWICE_NAT_SELF &&
ip->src_address.as_u32 == l_key.addr.as_u32))
@@ -302,7 +302,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm,
b->error = node->errors[NAT_OUT2IN_ED_ERROR_OUT_OF_PORTS];
nat44_delete_session (sm, s, thread_index);
if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &kv, 0))
- nat_log_notice ("out2in-ed key del failed");
+ nat_elog_notice ("out2in-ed key del failed");
return 0;
}
s->ext_host_nat_addr.as_u32 = eh_key.addr.as_u32;
@@ -320,7 +320,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm,
if (clib_bihash_add_or_overwrite_stale_16_8 (&tsm->in2out_ed, &kv,
nat44_i2o_ed_is_idle_session_cb,
&ctx))
- nat_log_notice ("in2out-ed key add failed");
+ nat_elog_notice ("in2out-ed key add failed");
snat_ipfix_logging_nat44_ses_create (thread_index,
s->in2out.addr.as_u32,
@@ -461,7 +461,7 @@ create_bypass_for_fwd (snat_main_t * sm, ip4_header_t * ip, u32 rx_fib_index,
thread_index);
if (!u)
{
- nat_log_warn ("create NAT user failed");
+ nat_elog_warn ("create NAT user failed");
return;
}
@@ -469,7 +469,7 @@ create_bypass_for_fwd (snat_main_t * sm, ip4_header_t * ip, u32 rx_fib_index,
if (!s)
{
nat44_delete_user_with_no_session (sm, u, thread_index);
- nat_log_warn ("create NAT session failed");
+ nat_elog_warn ("create NAT session failed");
return;
}
@@ -492,7 +492,7 @@ create_bypass_for_fwd (snat_main_t * sm, ip4_header_t * ip, u32 rx_fib_index,
kv.value = s - tsm->sessions;
if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &kv, 1))
- nat_log_notice ("in2out_ed key add failed");
+ nat_elog_notice ("in2out_ed key add failed");
}
if (ip->protocol == IP_PROTOCOL_TCP)
@@ -674,7 +674,7 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm,
if (PREDICT_FALSE (maximum_sessions_exceeded (sm, thread_index)))
{
b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED];
- nat_log_notice ("maximum sessions exceeded");
+ nat_elog_notice ("maximum sessions exceeded");
return 0;
}
@@ -694,7 +694,7 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm,
thread_index);
if (!u)
{
- nat_log_warn ("create NAT user failed");
+ nat_elog_warn ("create NAT user failed");
return 0;
}
@@ -703,7 +703,7 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm,
if (!s)
{
nat44_delete_user_with_no_session (sm, u, thread_index);
- nat_log_warn ("create NAT session failed");
+ nat_elog_warn ("create NAT session failed");
return 0;
}
@@ -721,13 +721,13 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm,
/* Add to lookup tables */
s_kv.value = s - tsm->sessions;
if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &s_kv, 1))
- nat_log_notice ("out2in key add failed");
+ nat_elog_notice ("out2in key add failed");
make_ed_kv (&s_kv, &ip->dst_address, &ip->src_address, ip->protocol,
m->fib_index, 0, 0);
s_kv.value = s - tsm->sessions;
if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &s_kv, 1))
- nat_log_notice ("in2out key add failed");
+ nat_elog_notice ("in2out key add failed");
}
/* Update IP checksum */
@@ -1733,7 +1733,7 @@ VLIB_NODE_FN (nat44_ed_out2in_reass_node) (vlib_main_t * vm,
{
next0 = NAT44_ED_OUT2IN_NEXT_DROP;
b0->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_REASS];
- nat_log_notice ("maximum reassemblies exceeded");
+ nat_elog_notice ("maximum reassemblies exceeded");
goto trace0;
}
@@ -1865,7 +1865,7 @@ VLIB_NODE_FN (nat44_ed_out2in_reass_node) (vlib_main_t * vm,
(thread_index, reass0, bi0, &fragments_to_drop))
{
b0->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_FRAG];
- nat_log_notice
+ nat_elog_notice
("maximum fragments per reassembly exceeded");
next0 = NAT44_ED_OUT2IN_NEXT_DROP;
goto trace0;