diff options
32 files changed, 401 insertions, 451 deletions
diff --git a/src/plugins/nat/dslite/dslite_ce_decap.c b/src/plugins/nat/dslite/dslite_ce_decap.c index 56af25129f2..f36a87f8bc1 100644 --- a/src/plugins/nat/dslite/dslite_ce_decap.c +++ b/src/plugins/nat/dslite/dslite_ce_decap.c @@ -81,7 +81,7 @@ VLIB_NODE_FN (dslite_ce_decap_node) (vlib_main_t * vm, ip40 = vlib_buffer_get_current (b0) + sizeof (ip6_header_t); proto0 = ip_proto_to_nat_proto (ip40->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { error0 = DSLITE_ERROR_UNSUPPORTED_PROTOCOL; next0 = DSLITE_CE_DECAP_NEXT_DROP; diff --git a/src/plugins/nat/dslite/dslite_ce_encap.c b/src/plugins/nat/dslite/dslite_ce_encap.c index 74b5bc39fbe..d8d0e400919 100644 --- a/src/plugins/nat/dslite/dslite_ce_encap.c +++ b/src/plugins/nat/dslite/dslite_ce_encap.c @@ -67,7 +67,7 @@ VLIB_NODE_FN (dslite_ce_encap_node) (vlib_main_t * vm, ip40 = vlib_buffer_get_current (b0); proto0 = ip_proto_to_nat_proto (ip40->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { error0 = DSLITE_ERROR_UNSUPPORTED_PROTOCOL; next0 = DSLITE_CE_ENCAP_NEXT_DROP; diff --git a/src/plugins/nat/dslite/dslite_in2out.c b/src/plugins/nat/dslite/dslite_in2out.c index 1d00bb2d7fe..a8204179a58 100644 --- a/src/plugins/nat/dslite/dslite_in2out.c +++ b/src/plugins/nat/dslite/dslite_in2out.c @@ -316,7 +316,7 @@ dslite_in2out_node_fn_inline (vlib_main_t * vm, vlib_node_runtime_t * node, ip40 = vlib_buffer_get_current (b0) + sizeof (ip6_header_t); proto0 = ip_proto_to_nat_proto (ip40->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { error0 = DSLITE_ERROR_UNSUPPORTED_PROTOCOL; next0 = DSLITE_IN2OUT_NEXT_DROP; diff --git a/src/plugins/nat/dslite/dslite_out2in.c b/src/plugins/nat/dslite/dslite_out2in.c index 96cf9188cf6..c2fa767bd7d 100644 --- a/src/plugins/nat/dslite/dslite_out2in.c +++ b/src/plugins/nat/dslite/dslite_out2in.c @@ -146,7 +146,7 @@ VLIB_NODE_FN (dslite_out2in_node) (vlib_main_t * vm, ip40 = vlib_buffer_get_current (b0); proto0 = ip_proto_to_nat_proto (ip40->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { error0 = DSLITE_ERROR_UNSUPPORTED_PROTOCOL; next0 = DSLITE_OUT2IN_NEXT_DROP; diff --git a/src/plugins/nat/in2out.c b/src/plugins/nat/in2out.c index 936cd59e1d1..8f92bae0302 100755 --- a/src/plugins/nat/in2out.c +++ b/src/plugins/nat/in2out.c @@ -409,7 +409,7 @@ static_always_inline if (!icmp_type_is_error_message (vnet_buffer (b)->ip.reass.icmp_type_or_tcp_flags)) { - key0.protocol = SNAT_PROTOCOL_ICMP; + key0.protocol = NAT_PROTOCOL_ICMP; key0.addr = ip0->src_address; key0.port = vnet_buffer (b)->ip.reass.l4_src_port; // TODO fixme should this be dst port? } @@ -417,17 +417,17 @@ static_always_inline { inner_ip0 = (ip4_header_t *) (echo0 + 1); l4_header = ip4_next_header (inner_ip0); - key0.protocol = ip_proto_to_snat_proto (inner_ip0->protocol); + key0.protocol = ip_proto_to_nat_proto (inner_ip0->protocol); key0.addr = inner_ip0->dst_address; switch (key0.protocol) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: inner_icmp0 = (icmp46_header_t *) l4_header; inner_echo0 = (icmp_echo_header_t *) (inner_icmp0 + 1); key0.port = inner_echo0->identifier; break; - case SNAT_PROTOCOL_UDP: - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_UDP: + case NAT_PROTOCOL_TCP: key0.port = ((tcp_udp_header_t *) l4_header)->dst_port; break; default: @@ -503,7 +503,7 @@ icmp_match_in2out_slow (snat_main_t * sm, vlib_node_runtime_t * node, else { if (PREDICT_FALSE (snat_not_translate (sm, node, sw_if_index0, - ip0, SNAT_PROTOCOL_ICMP, + ip0, NAT_PROTOCOL_ICMP, rx_fib_index0, thread_index))) { @@ -765,7 +765,7 @@ icmp_in2out (snat_main_t * sm, switch (protocol) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: inner_icmp0 = (icmp46_header_t *) l4_header; inner_echo0 = (icmp_echo_header_t *) (inner_icmp0 + 1); @@ -779,8 +779,8 @@ icmp_in2out (snat_main_t * sm, identifier); icmp0->checksum = ip_csum_fold (sum0); break; - case SNAT_PROTOCOL_UDP: - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_UDP: + case NAT_PROTOCOL_TCP: old_id0 = ((tcp_udp_header_t *) l4_header)->dst_port; new_id0 = sm0.port; ((tcp_udp_header_t *) l4_header)->dst_port = new_id0; @@ -975,12 +975,12 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, goto trace00; } - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); /* Next configured feature, probably ip4-lookup */ if (is_slow_path) { - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { if (nat_in2out_sm_unknown_proto (sm, b0, ip0, rx_fib_index0)) @@ -993,7 +993,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, goto trace00; } - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { next0 = icmp_in2out_slow_path (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, @@ -1004,13 +1004,13 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, } else { - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { next0 = SNAT_IN2OUT_NEXT_SLOW_PATH; goto trace00; } - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { next0 = SNAT_IN2OUT_NEXT_SLOW_PATH; goto trace00; @@ -1046,7 +1046,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - (proto0 == SNAT_PROTOCOL_UDP + (proto0 == NAT_PROTOCOL_UDP && (vnet_buffer (b0)->ip.reass.l4_dst_port == clib_host_to_net_u16 (UDP_DST_PORT_dhcp_to_server)) @@ -1096,7 +1096,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, ip0->checksum = ip_csum_fold (sum0); - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment) { @@ -1183,12 +1183,12 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, goto trace01; } - proto1 = ip_proto_to_snat_proto (ip1->protocol); + proto1 = ip_proto_to_nat_proto (ip1->protocol); /* Next configured feature, probably ip4-lookup */ if (is_slow_path) { - if (PREDICT_FALSE (proto1 == ~0)) + if (PREDICT_FALSE (proto1 == NAT_PROTOCOL_OTHER)) { if (nat_in2out_sm_unknown_proto (sm, b1, ip1, rx_fib_index1)) @@ -1201,7 +1201,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, goto trace01; } - if (PREDICT_FALSE (proto1 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto1 == NAT_PROTOCOL_ICMP)) { next1 = icmp_in2out_slow_path (sm, b1, ip1, icmp1, sw_if_index1, rx_fib_index1, node, @@ -1212,13 +1212,13 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, } else { - if (PREDICT_FALSE (proto1 == ~0)) + if (PREDICT_FALSE (proto1 == NAT_PROTOCOL_OTHER)) { next1 = SNAT_IN2OUT_NEXT_SLOW_PATH; goto trace01; } - if (PREDICT_FALSE (proto1 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto1 == NAT_PROTOCOL_ICMP)) { next1 = SNAT_IN2OUT_NEXT_SLOW_PATH; goto trace01; @@ -1254,7 +1254,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - (proto1 == SNAT_PROTOCOL_UDP + (proto1 == NAT_PROTOCOL_UDP && (vnet_buffer (b1)->ip.reass.l4_dst_port == clib_host_to_net_u16 (UDP_DST_PORT_dhcp_to_server)) @@ -1303,7 +1303,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, src_address /* changed member */ ); ip1->checksum = ip_csum_fold (sum1); - if (PREDICT_TRUE (proto1 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto1 == NAT_PROTOCOL_TCP)) { if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment) { @@ -1426,12 +1426,12 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, goto trace0; } - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); /* Next configured feature, probably ip4-lookup */ if (is_slow_path) { - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { if (nat_in2out_sm_unknown_proto (sm, b0, ip0, rx_fib_index0)) @@ -1444,7 +1444,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, goto trace0; } - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { next0 = icmp_in2out_slow_path (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node, @@ -1455,13 +1455,13 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, } else { - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { next0 = SNAT_IN2OUT_NEXT_SLOW_PATH; goto trace0; } - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { next0 = SNAT_IN2OUT_NEXT_SLOW_PATH; goto trace0; @@ -1495,7 +1495,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - (proto0 == SNAT_PROTOCOL_UDP + (proto0 == NAT_PROTOCOL_UDP && (vnet_buffer (b0)->ip.reass.l4_dst_port == clib_host_to_net_u16 (UDP_DST_PORT_dhcp_to_server)) @@ -1545,7 +1545,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, src_address /* changed member */ ); ip0->checksum = ip_csum_fold (sum0); - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment) { @@ -1832,12 +1832,12 @@ VLIB_NODE_FN (snat_in2out_fast_node) (vlib_main_t * vm, goto trace0; } - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) goto trace0; - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { next0 = icmp_in2out (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node, next0, ~0, 0, 0); @@ -1873,7 +1873,7 @@ VLIB_NODE_FN (snat_in2out_fast_node) (vlib_main_t * vm, old_port0 = udp0->src_port; udp0->src_port = new_port0; - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { sum0 = tcp0->checksum; sum0 = ip_csum_update (sum0, old_addr0, new_addr0, @@ -1899,7 +1899,7 @@ VLIB_NODE_FN (snat_in2out_fast_node) (vlib_main_t * vm, } else { - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { sum0 = tcp0->checksum; sum0 = ip_csum_update (sum0, old_addr0, new_addr0, diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c index 7ad66553fe9..f8682d0f3c2 100644 --- a/src/plugins/nat/in2out_ed.c +++ b/src/plugins/nat/in2out_ed.c @@ -101,7 +101,7 @@ nat44_i2o_ed_is_idle_session_cb (clib_bihash_kv_16_8_t * kv, void *arg) } else { - proto = snat_proto_to_ip_proto (s->in2out.protocol); + proto = nat_proto_to_ip_proto (s->in2out.protocol); l_port = s->out2in.port; r_port = s->ext_host_port; } @@ -197,7 +197,7 @@ snat_random_port (u16 min, u16 max) static int nat_ed_alloc_addr_and_port (snat_main_t * sm, u32 rx_fib_index, - u32 snat_proto, u32 thread_index, + u32 nat_proto, u32 thread_index, ip4_address_t r_addr, u16 r_port, u8 proto, u16 port_per_thread, u32 snat_thread_index, snat_session_t * s, @@ -215,10 +215,10 @@ nat_ed_alloc_addr_and_port (snat_main_t * sm, u32 rx_fib_index, for (i = 0; i < vec_len (sm->addresses); i++) { a = sm->addresses + i; - switch (snat_proto) + switch (nat_proto) { #define _(N, j, n, unused) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ if (a->fib_index == rx_fib_index) \ { \ u16 port = snat_random_port (1, port_per_thread); \ @@ -250,7 +250,7 @@ nat_ed_alloc_addr_and_port (snat_main_t * sm, u32 rx_fib_index, } \ break; - foreach_snat_protocol; + foreach_nat_protocol; default: nat_elog_info ("unknown protocol"); return 1; @@ -262,9 +262,9 @@ nat_ed_alloc_addr_and_port (snat_main_t * sm, u32 rx_fib_index, /* fake fib_index to reuse macro */ rx_fib_index = ~0; a = ga; - switch (snat_proto) + switch (nat_proto) { - foreach_snat_protocol; + foreach_nat_protocol; default: nat_elog_info ("unknown protocol"); return 1; @@ -294,7 +294,7 @@ slow_path_ed (snat_main_t * sm, snat_session_key_t key0, key1; lb_nat_type_t lb = 0; snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index]; - u32 snat_proto = ip_proto_to_snat_proto (proto); + u32 nat_proto = ip_proto_to_nat_proto (proto); nat_outside_fib_t *outside_fib; fib_node_index_t fei = FIB_NODE_INDEX_INVALID; clib_bihash_kv_16_8_t out2in_ed_kv; @@ -308,7 +308,7 @@ slow_path_ed (snat_main_t * sm, }; nat44_is_idle_session_ctx_t ctx; - if (PREDICT_TRUE (snat_proto == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (nat_proto == NAT_PROTOCOL_TCP)) { if (PREDICT_FALSE (!tcp_flags_is_init @@ -334,7 +334,7 @@ slow_path_ed (snat_main_t * sm, key0.addr = l_addr; key0.port = l_port; - key1.protocol = key0.protocol = snat_proto; + key1.protocol = key0.protocol = nat_proto; key0.fib_index = rx_fib_index; key1.fib_index = sm->outside_fib_index; @@ -376,7 +376,7 @@ slow_path_ed (snat_main_t * sm, } /* Try to create dynamic translation */ - if (nat_ed_alloc_addr_and_port (sm, rx_fib_index, snat_proto, + if (nat_ed_alloc_addr_and_port (sm, rx_fib_index, nat_proto, thread_index, r_addr, r_port, proto, sm->port_per_thread, tsm->snat_thread_index, s, @@ -678,7 +678,7 @@ icmp_match_in2out_ed (snat_main_t * sm, vlib_node_runtime_t * node, else { if (PREDICT_FALSE (nat44_ed_not_translate (sm, node, sw_if_index, - ip, SNAT_PROTOCOL_ICMP, + ip, NAT_PROTOCOL_ICMP, rx_fib_index, thread_index))) { @@ -991,9 +991,9 @@ nat44_ed_in2out_fast_path_node_fn_inline (vlib_main_t * vm, udp0 = ip4_next_header (ip0); tcp0 = (tcp_header_t *) udp0; - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { next0 = def_slow; goto trace0; @@ -1006,7 +1006,7 @@ nat44_ed_in2out_fast_path_node_fn_inline (vlib_main_t * vm, goto trace0; } - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { next0 = def_slow; goto trace0; @@ -1073,7 +1073,7 @@ nat44_ed_in2out_fast_path_node_fn_inline (vlib_main_t * vm, old_port0 = vnet_buffer (b0)->ip.reass.l4_src_port; - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment) { @@ -1273,9 +1273,9 @@ nat44_ed_in2out_slow_path_node_fn_inline (vlib_main_t * vm, udp0 = ip4_next_header (ip0); tcp0 = (tcp_header_t *) udp0; icmp0 = (icmp46_header_t *) udp0; - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { s0 = nat44_ed_in2out_unknown_proto (sm, b0, ip0, rx_fib_index0, @@ -1288,7 +1288,7 @@ nat44_ed_in2out_slow_path_node_fn_inline (vlib_main_t * vm, goto trace0; } - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { next0 = icmp_in2out_ed_slow_path (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, @@ -1332,7 +1332,7 @@ nat44_ed_in2out_slow_path_node_fn_inline (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - (proto0 == SNAT_PROTOCOL_UDP + (proto0 == NAT_PROTOCOL_UDP && (vnet_buffer (b0)->ip.reass.l4_dst_port == clib_host_to_net_u16 (UDP_DST_PORT_dhcp_to_server)) && ip0->dst_address.as_u32 == 0xffffffff)) @@ -1380,7 +1380,7 @@ nat44_ed_in2out_slow_path_node_fn_inline (vlib_main_t * vm, old_port0 = vnet_buffer (b0)->ip.reass.l4_src_port; - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment) { diff --git a/src/plugins/nat/lib/inlines.h b/src/plugins/nat/lib/inlines.h index f2bd5e08ce6..107944915cd 100644 --- a/src/plugins/nat/lib/inlines.h +++ b/src/plugins/nat/lib/inlines.h @@ -13,34 +13,40 @@ * limitations under the License. */ /** - * @brief The NAT44 inline functions + * @brief Common NAT inline functions */ #ifndef included_nat_inlines_h__ #define included_nat_inlines_h__ -static_always_inline u32 +always_inline nat_protocol_t ip_proto_to_nat_proto (u8 ip_proto) { - u32 nat_proto = ~0; + static const nat_protocol_t lookup_table[256] = { + [IP_PROTOCOL_TCP] = NAT_PROTOCOL_TCP, + [IP_PROTOCOL_UDP] = NAT_PROTOCOL_UDP, + [IP_PROTOCOL_ICMP] = NAT_PROTOCOL_ICMP, + [IP_PROTOCOL_ICMP6] = NAT_PROTOCOL_ICMP, + }; - nat_proto = (ip_proto == IP_PROTOCOL_UDP) ? NAT_PROTOCOL_UDP : nat_proto; - nat_proto = (ip_proto == IP_PROTOCOL_TCP) ? NAT_PROTOCOL_TCP : nat_proto; - nat_proto = (ip_proto == IP_PROTOCOL_ICMP) ? NAT_PROTOCOL_ICMP : nat_proto; - nat_proto = (ip_proto == IP_PROTOCOL_ICMP6) ? NAT_PROTOCOL_ICMP : nat_proto; - - return nat_proto; + return lookup_table[ip_proto]; } static_always_inline u8 nat_proto_to_ip_proto (nat_protocol_t nat_proto) { - u8 ip_proto = ~0; + ASSERT (nat_proto <= NAT_PROTOCOL_ICMP); + + static const u8 lookup_table[256] = { + [NAT_PROTOCOL_OTHER] = ~0, + [NAT_PROTOCOL_TCP] = IP_PROTOCOL_TCP, + [NAT_PROTOCOL_UDP] = IP_PROTOCOL_UDP, + [NAT_PROTOCOL_ICMP] = IP_PROTOCOL_ICMP, + }; - ip_proto = (nat_proto == NAT_PROTOCOL_UDP) ? IP_PROTOCOL_UDP : ip_proto; - ip_proto = (nat_proto == NAT_PROTOCOL_TCP) ? IP_PROTOCOL_TCP : ip_proto; - ip_proto = (nat_proto == NAT_PROTOCOL_ICMP) ? IP_PROTOCOL_ICMP : ip_proto; + ASSERT (NAT_PROTOCOL_OTHER == nat_proto || NAT_PROTOCOL_TCP == nat_proto + || NAT_PROTOCOL_UDP == nat_proto || NAT_PROTOCOL_ICMP == nat_proto); - return ip_proto; + return lookup_table[nat_proto]; } static_always_inline u8 diff --git a/src/plugins/nat/lib/lib.h b/src/plugins/nat/lib/lib.h index 005db81b4a3..bd1c43338e6 100644 --- a/src/plugins/nat/lib/lib.h +++ b/src/plugins/nat/lib/lib.h @@ -19,16 +19,11 @@ #ifndef included_nat_lib_h__ #define included_nat_lib_h__ -#define foreach_nat_error \ - _(VALUE_EXIST, -1, "Value already exists") \ - _(NO_SUCH_ENTRY, -2, "No such entry") \ - _(UNKNOWN_PROTOCOL, -3, "Unknown protocol") \ - _(OUT_OF_TRANSLATIONS, -4, "Out of translations") - -#define foreach_nat_protocol \ - _(UDP, 0, udp, "udp") \ - _(TCP, 1, tcp, "tcp") \ - _(ICMP, 2, icmp, "icmp") +#define foreach_nat_error \ + _ (VALUE_EXIST, -1, "Value already exists") \ + _ (NO_SUCH_ENTRY, -2, "No such entry") \ + _ (UNKNOWN_PROTOCOL, -3, "Unknown protocol") \ + _ (OUT_OF_TRANSLATIONS, -4, "Out of translations") typedef enum { @@ -37,6 +32,12 @@ typedef enum #undef _ } nat_error_t; +#define foreach_nat_protocol \ + _ (OTHER, 0, other, "other") \ + _ (UDP, 1, udp, "udp") \ + _ (TCP, 2, tcp, "tcp") \ + _ (ICMP, 3, icmp, "icmp") + typedef enum { #define _(N, i, n, s) NAT_PROTOCOL_##N = i, diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c index 125a969313c..1fb3a7ff397 100755 --- a/src/plugins/nat/nat.c +++ b/src/plugins/nat/nat.c @@ -220,7 +220,7 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index, r_port = s->ext_host_port; l_addr = &s->in2out.addr; r_addr = &s->ext_host_addr; - proto = snat_proto_to_ip_proto (s->in2out.protocol); + proto = nat_proto_to_ip_proto (s->in2out.protocol); make_ed_kv (l_addr, r_addr, proto, fib_index, l_port, r_port, ~0ULL, &ed_kv); } @@ -246,7 +246,7 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index, } else { - proto = snat_proto_to_ip_proto (s->in2out.protocol); + proto = nat_proto_to_ip_proto (s->in2out.protocol); l_port = s->out2in.port; r_port = s->ext_host_port; } @@ -370,7 +370,7 @@ nat44_free_session_data (snat_main_t * sm, snat_session_t * s, } else { - proto = snat_proto_to_ip_proto (s->in2out.protocol); + proto = nat_proto_to_ip_proto (s->in2out.protocol); l_port = s->in2out.port; r_port = s->ext_host_port; } @@ -402,7 +402,7 @@ nat44_free_session_data (snat_main_t * sm, snat_session_t * s, } else { - proto = snat_proto_to_ip_proto (s->in2out.protocol); + proto = nat_proto_to_ip_proto (s->in2out.protocol); l_port = s->out2in.port; r_port = s->ext_host_port; } @@ -728,7 +728,7 @@ snat_add_address (snat_main_t * sm, ip4_address_t * addr, u32 vrf_id, ap->busy_##n##_ports = 0; \ ap->busy_##n##_ports_per_thread = 0;\ vec_validate_init_empty (ap->busy_##n##_ports_per_thread, tm->n_vlib_mains - 1, 0); - foreach_snat_protocol + foreach_nat_protocol #undef _ if (twice_nat) return 0; @@ -782,7 +782,7 @@ snat_add_static_mapping_when_resolved (snat_main_t * sm, u32 sw_if_index, u16 e_port, u32 vrf_id, - snat_protocol_t proto, + nat_protocol_t proto, int addr_only, int is_add, u8 * tag, int twice_nat, int out2in_only, int identity_nat) @@ -920,7 +920,7 @@ snat_ed_static_mapping_del_sessions (snat_main_t * sm, int snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, u16 l_port, u16 e_port, u32 vrf_id, int addr_only, - u32 sw_if_index, snat_protocol_t proto, int is_add, + u32 sw_if_index, nat_protocol_t proto, int is_add, twice_nat_type_t twice_nat, u8 out2in_only, u8 * tag, u8 identity_nat) { @@ -1101,7 +1101,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, switch (proto) { #define _(N, j, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ if (a->busy_##n##_port_refcounts[e_port]) \ return VNET_API_ERROR_INVALID_VALUE; \ ++a->busy_##n##_port_refcounts[e_port]; \ @@ -1111,7 +1111,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, a->busy_##n##_ports_per_thread[get_thread_idx_by_port(e_port)]++; \ } \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ default: nat_elog_info ("unknown protocol"); @@ -1285,7 +1285,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, switch (proto) { #define _(N, j, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ --a->busy_##n##_port_refcounts[e_port]; \ if (e_port > 1024) \ { \ @@ -1293,7 +1293,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, a->busy_##n##_ports_per_thread[get_thread_idx_by_port(e_port)]--; \ } \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ default: nat_elog_info ("unknown protocol"); @@ -1382,7 +1382,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, int nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, - snat_protocol_t proto, + nat_protocol_t proto, nat44_lb_addr_port_t * locals, u8 is_add, twice_nat_type_t twice_nat, u8 out2in_only, u8 * tag, u32 affinity) @@ -1432,7 +1432,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, switch (proto) { #define _(N, j, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ if (a->busy_##n##_port_refcounts[e_port]) \ return VNET_API_ERROR_INVALID_VALUE; \ ++a->busy_##n##_port_refcounts[e_port]; \ @@ -1442,7 +1442,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, a->busy_##n##_ports_per_thread[get_thread_idx_by_port(e_port)]++; \ } \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ default: nat_elog_info ("unknown protocol"); @@ -1548,7 +1548,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, switch (proto) { #define _(N, j, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ --a->busy_##n##_port_refcounts[e_port]; \ if (e_port > 1024) \ { \ @@ -1556,7 +1556,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, a->busy_##n##_ports_per_thread[get_thread_idx_by_port(e_port)]--; \ } \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ default: nat_elog_info ("unknown protocol"); @@ -1636,7 +1636,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, int nat44_lb_static_mapping_add_del_local (ip4_address_t e_addr, u16 e_port, ip4_address_t l_addr, u16 l_port, - snat_protocol_t proto, u32 vrf_id, + nat_protocol_t proto, u32 vrf_id, u8 probability, u8 is_add) { snat_main_t *sm = &snat_main; @@ -1883,7 +1883,7 @@ snat_del_address (snat_main_t * sm, ip4_address_t addr, u8 delete_sm, #define _(N, i, n, s) \ vec_free (a->busy_##n##_ports_per_thread); - foreach_snat_protocol + foreach_nat_protocol #undef _ if (twice_nat) { @@ -2746,13 +2746,13 @@ snat_free_outside_address_and_port (snat_address_t * addresses, switch (k->protocol) { #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ ASSERT (a->busy_##n##_port_refcounts[port_host_byte_order] >= 1); \ --a->busy_##n##_port_refcounts[port_host_byte_order]; \ a->busy_##n##_ports--; \ a->busy_##n##_ports_per_thread[thread_index]--; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ default: nat_elog_info ("unknown protocol"); @@ -2778,14 +2778,14 @@ nat_set_outside_address_and_port (snat_address_t * addresses, switch (k->protocol) { #define _(N, j, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ if (a->busy_##n##_port_refcounts[port_host_byte_order]) \ return VNET_API_ERROR_INSTANCE_IN_USE; \ ++a->busy_##n##_port_refcounts[port_host_byte_order]; \ a->busy_##n##_ports_per_thread[thread_index]++; \ a->busy_##n##_ports++; \ return 0; - foreach_snat_protocol + foreach_nat_protocol #undef _ default: nat_elog_info ("unknown protocol"); @@ -2986,7 +2986,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses, switch (k->protocol) { #define _(N, j, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ if (a->busy_##n##_ports_per_thread[thread_index] < port_per_thread) \ { \ if (a->fib_index == fib_index) \ @@ -3012,7 +3012,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses, } \ } \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ default: nat_elog_info ("unknown protocol"); @@ -3027,7 +3027,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses, switch (k->protocol) { #define _(N, j, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ while (1) \ { \ portnum = (port_per_thread * \ @@ -3043,7 +3043,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses, return 0; \ } break; - foreach_snat_protocol + foreach_nat_protocol #undef _ default: nat_elog_info ("unknown protocol"); @@ -3075,7 +3075,7 @@ nat_alloc_addr_and_port_mape (snat_address_t * addresses, switch (k->protocol) { #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ if (a->busy_##n##_ports < ports) \ { \ while (1) \ @@ -3093,7 +3093,7 @@ nat_alloc_addr_and_port_mape (snat_address_t * addresses, } \ } \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ default: nat_elog_info ("unknown protocol"); @@ -3125,7 +3125,7 @@ nat_alloc_addr_and_port_range (snat_address_t * addresses, switch (k->protocol) { #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ if (a->busy_##n##_ports < ports) \ { \ while (1) \ @@ -3141,7 +3141,7 @@ nat_alloc_addr_and_port_range (snat_address_t * addresses, } \ } \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ default: nat_elog_info ("unknown protocol"); @@ -3287,12 +3287,12 @@ snat_get_worker_out2in_cb (vlib_buffer_t * b, ip4_header_t * ip0, } } - proto = ip_proto_to_snat_proto (ip0->protocol); + proto = ip_proto_to_nat_proto (ip0->protocol); udp = ip4_next_header (ip0); port = udp->dst_port; /* unknown protocol */ - if (PREDICT_FALSE (proto == ~0)) + if (PREDICT_FALSE (proto == NAT_PROTOCOL_OTHER)) { /* use current thread */ return vlib_get_thread_index (); @@ -3309,17 +3309,17 @@ snat_get_worker_out2in_cb (vlib_buffer_t * b, ip4_header_t * ip0, { /* if error message, then it's not fragmented and we can access it */ ip4_header_t *inner_ip = (ip4_header_t *) (echo + 1); - proto = ip_proto_to_snat_proto (inner_ip->protocol); + proto = ip_proto_to_nat_proto (inner_ip->protocol); void *l4_header = ip4_next_header (inner_ip); switch (proto) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: icmp = (icmp46_header_t *) l4_header; echo = (icmp_echo_header_t *) (icmp + 1); port = echo->identifier; break; - case SNAT_PROTOCOL_UDP: - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_UDP: + case NAT_PROTOCOL_TCP: port = ((tcp_udp_header_t *) l4_header)->src_port; break; default: @@ -3470,9 +3470,9 @@ nat44_ed_get_worker_out2in_cb (vlib_buffer_t * b, ip4_header_t * ip, snat_static_mapping_t *m; u32 hash; - proto = ip_proto_to_snat_proto (ip->protocol); + proto = ip_proto_to_nat_proto (ip->protocol); - if (PREDICT_TRUE (proto == SNAT_PROTOCOL_UDP || proto == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto == NAT_PROTOCOL_UDP || proto == NAT_PROTOCOL_TCP)) { udp = ip4_next_header (ip); @@ -3496,7 +3496,7 @@ nat44_ed_get_worker_out2in_cb (vlib_buffer_t * b, ip4_header_t * ip, } /* *INDENT-ON* */ } - else if (proto == SNAT_PROTOCOL_ICMP) + else if (proto == NAT_PROTOCOL_ICMP) { if (!get_icmp_o2i_ed_key (b, ip, rx_fib_index, ~0ULL, 0, 0, 0, &kv16)) { @@ -3533,7 +3533,7 @@ nat44_ed_get_worker_out2in_cb (vlib_buffer_t * b, ip4_header_t * ip, } /* unknown protocol */ - if (PREDICT_FALSE (proto == ~0)) + if (PREDICT_FALSE (proto == NAT_PROTOCOL_OTHER)) { /* use current thread */ next_worker_index = vlib_get_thread_index (); @@ -3554,17 +3554,17 @@ nat44_ed_get_worker_out2in_cb (vlib_buffer_t * b, ip4_header_t * ip, { /* if error message, then it's not fragmented and we can access it */ ip4_header_t *inner_ip = (ip4_header_t *) (echo + 1); - proto = ip_proto_to_snat_proto (inner_ip->protocol); + proto = ip_proto_to_nat_proto (inner_ip->protocol); void *l4_header = ip4_next_header (inner_ip); switch (proto) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: icmp = (icmp46_header_t *) l4_header; echo = (icmp_echo_header_t *) (icmp + 1); port = echo->identifier; break; - case SNAT_PROTOCOL_UDP: - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_UDP: + case NAT_PROTOCOL_TCP: port = ((tcp_udp_header_t *) l4_header)->src_port; break; default: @@ -3855,12 +3855,12 @@ nat_ha_sadd_ed_cb (ip4_address_t * in_addr, u16 in_port, s->in2out = key; make_ed_kv (in_addr, &s->ext_host_nat_addr, - snat_proto_to_ip_proto (proto), fib_index, in_port, + nat_proto_to_ip_proto (proto), fib_index, in_port, s->ext_host_nat_port, s - tsm->sessions, &kv); if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &kv, 1)) nat_elog_warn ("in2out key add failed"); - make_ed_kv (out_addr, eh_addr, snat_proto_to_ip_proto (proto), + make_ed_kv (out_addr, eh_addr, nat_proto_to_ip_proto (proto), s->out2in.fib_index, out_port, eh_port, s - tsm->sessions, &kv); if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &kv, 1)) nat_elog_warn ("out2in key add failed"); @@ -4427,7 +4427,7 @@ snat_add_interface_address (snat_main_t * sm, u32 sw_if_index, int is_del, int nat44_del_session (snat_main_t * sm, ip4_address_t * addr, u16 port, - snat_protocol_t proto, u32 vrf_id, int is_in) + nat_protocol_t proto, u32 vrf_id, int is_in) { snat_main_per_thread_data_t *tsm; clib_bihash_kv_8_8_t kv, value; diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h index 33af754fc85..e4f7a06ead8 100644 --- a/src/plugins/nat/nat.h +++ b/src/plugins/nat/nat.h @@ -33,6 +33,8 @@ #include <vlibapi/api.h> #include <vlib/log.h> #include <vppinfra/bihash_16_8.h> +#include <nat/lib/lib.h> +#include <nat/lib/inlines.h> /* default session timeouts */ #define SNAT_UDP_TIMEOUT 300 @@ -141,21 +143,6 @@ typedef enum #undef _ } nat_addr_and_port_alloc_alg_t; - -/* Supported L4 protocols */ -#define foreach_snat_protocol \ - _(UDP, 0, udp, "udp") \ - _(TCP, 1, tcp, "tcp") \ - _(ICMP, 2, icmp, "icmp") - -typedef enum -{ -#define _(N, i, n, s) SNAT_PROTOCOL_##N = i, - foreach_snat_protocol -#undef _ -} snat_protocol_t; - - /* Session state */ #define foreach_snat_session_state \ _(0, UNKNOWN, "unknown") \ @@ -329,7 +316,7 @@ typedef struct u16 busy_##n##_ports; \ u16 * busy_##n##_ports_per_thread; \ u32 busy_##n##_port_refcounts[65535]; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ } snat_address_t; @@ -420,7 +407,7 @@ typedef struct u32 vrf_id; u32 fib_index; /* protocol */ - snat_protocol_t proto; + nat_protocol_t proto; /* 0 = disabled, otherwise client IP affinity sticky time in seconds */ u32 affinity; /* worker threads used by backends/local host */ @@ -448,7 +435,7 @@ typedef struct u16 e_port; u32 sw_if_index; u32 vrf_id; - snat_protocol_t proto; + nat_protocol_t proto; u32 flags; int addr_only; int twice_nat; @@ -723,10 +710,10 @@ format_function_t format_snat_session; format_function_t format_det_map_ses; format_function_t format_snat_key; format_function_t format_static_mapping_key; -format_function_t format_snat_protocol; +format_function_t format_nat_protocol; format_function_t format_nat_addr_and_port_alloc_alg; /* unformat functions */ -unformat_function_t unformat_snat_protocol; +unformat_function_t unformat_nat_protocol; /** \brief Check if SNAT session is created from static mapping. @param s SNAT session @@ -1144,7 +1131,7 @@ void nat44_add_del_address_dpo (ip4_address_t addr, u8 is_add); int snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, u16 l_port, u16 e_port, u32 vrf_id, int addr_only, u32 sw_if_index, - snat_protocol_t proto, int is_add, + nat_protocol_t proto, int is_add, twice_nat_type_t twice_nat, u8 out2in_only, u8 * tag, u8 identity_nat); @@ -1164,14 +1151,14 @@ int snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, * @return 0 on success, non-zero value otherwise */ int nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, - snat_protocol_t proto, + nat_protocol_t proto, nat44_lb_addr_port_t * locals, u8 is_add, twice_nat_type_t twice_nat, u8 out2in_only, u8 * tag, u32 affinity); int nat44_lb_static_mapping_add_del_local (ip4_address_t e_addr, u16 e_port, ip4_address_t l_addr, u16 l_port, - snat_protocol_t proto, u32 vrf_id, + nat_protocol_t proto, u32 vrf_id, u8 probability, u8 is_add); clib_error_t *snat_api_init (vlib_main_t * vm, snat_main_t * sm); @@ -1232,7 +1219,7 @@ int snat_add_interface_address (snat_main_t * sm, u32 sw_if_index, int is_del, * @return 0 on success, non-zero value otherwise */ int nat44_del_session (snat_main_t * sm, ip4_address_t * addr, u16 port, - snat_protocol_t proto, u32 vrf_id, int is_in); + nat_protocol_t proto, u32 vrf_id, int is_in); /** * @brief Delete NAT44 endpoint-dependent session diff --git a/src/plugins/nat/nat44_classify.c b/src/plugins/nat/nat44_classify.c index b4645dc42b9..9adef3ba64a 100644 --- a/src/plugins/nat/nat44_classify.c +++ b/src/plugins/nat/nat44_classify.c @@ -147,7 +147,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm, } m_key0.port = clib_net_to_host_u16 (vnet_buffer (b0)->ip.reass.l4_dst_port); - m_key0.protocol = ip_proto_to_snat_proto (ip0->protocol); + m_key0.protocol = ip_proto_to_nat_proto (ip0->protocol); kv0.key = m_key0.as_u64; if (!clib_bihash_search_8_8 (&sm->static_mapping_by_external, &kv0, &value0)) @@ -407,7 +407,7 @@ nat44_ed_classify_node_fn_inline (vlib_main_t * vm, } m_key0.port = clib_net_to_host_u16 (vnet_buffer (b0)->ip.reass.l4_dst_port); - m_key0.protocol = ip_proto_to_snat_proto (ip0->protocol); + m_key0.protocol = ip_proto_to_nat_proto (ip0->protocol); kv0.key = m_key0.as_u64; if (!clib_bihash_search_8_8 (&sm->static_mapping_by_external, &kv0, &value0)) diff --git a/src/plugins/nat/nat44_cli.c b/src/plugins/nat/nat44_cli.c index f613af0733c..8c800d5c373 100644 --- a/src/plugins/nat/nat44_cli.c +++ b/src/plugins/nat/nat44_cli.c @@ -681,10 +681,10 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input, switch (s->in2out.protocol) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: icmp_sessions++; break; - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_TCP: tcp_sessions++; if (s->state) { @@ -704,7 +704,7 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input, else established++; break; - case SNAT_PROTOCOL_UDP: + case NAT_PROTOCOL_UDP: default: udp_sessions++; break; @@ -727,10 +727,10 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input, switch (s->in2out.protocol) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: icmp_sessions++; break; - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_TCP: tcp_sessions++; if (s->state) { @@ -750,7 +750,7 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input, else established++; break; - case SNAT_PROTOCOL_UDP: + case NAT_PROTOCOL_UDP: default: udp_sessions++; break; @@ -796,7 +796,7 @@ nat44_show_addresses_command_fn (vlib_main_t * vm, unformat_input_t * input, vlib_cli_output (vm, " tenant VRF independent"); #define _(N, i, n, s) \ vlib_cli_output (vm, " %d busy %s ports", ap->busy_##n##_ports, s); - foreach_snat_protocol + foreach_nat_protocol #undef _ } vlib_cli_output (vm, "NAT44 twice-nat pool addresses:"); @@ -810,7 +810,7 @@ nat44_show_addresses_command_fn (vlib_main_t * vm, unformat_input_t * input, vlib_cli_output (vm, " tenant VRF independent"); #define _(N, i, n, s) \ vlib_cli_output (vm, " %d busy %s ports", ap->busy_##n##_ports, s); - foreach_snat_protocol + foreach_nat_protocol #undef _ } /* *INDENT-ON* */ @@ -975,7 +975,7 @@ add_static_mapping_command_fn (vlib_main_t * vm, u32 sw_if_index = ~0; vnet_main_t *vnm = vnet_get_main (); int rv; - snat_protocol_t proto = ~0; + nat_protocol_t proto = NAT_PROTOCOL_OTHER; u8 proto_set = 0; twice_nat_type_t twice_nat = TWICE_NAT_DISABLED; u8 out2in_only = 0; @@ -1011,7 +1011,7 @@ add_static_mapping_command_fn (vlib_main_t * vm, ; else if (unformat (line_input, "vrf %u", &vrf_id)) ; - else if (unformat (line_input, "%U", unformat_snat_protocol, &proto)) + else if (unformat (line_input, "%U", unformat_nat_protocol, &proto)) proto_set = 1; else if (unformat (line_input, "twice-nat")) twice_nat = TWICE_NAT; @@ -1092,7 +1092,7 @@ add_identity_mapping_command_fn (vlib_main_t * vm, u32 sw_if_index = ~0; vnet_main_t *vnm = vnet_get_main (); int rv; - snat_protocol_t proto; + nat_protocol_t proto; if (sm->deterministic) return clib_error_return (0, UNSUPPORTED_IN_DET_MODE_STR); @@ -1112,7 +1112,7 @@ add_identity_mapping_command_fn (vlib_main_t * vm, ; else if (unformat (line_input, "vrf %u", &vrf_id)) ; - else if (unformat (line_input, "%U %u", unformat_snat_protocol, &proto, + else if (unformat (line_input, "%U %u", unformat_nat_protocol, &proto, &port)) addr_only = 0; else if (unformat (line_input, "del")) @@ -1168,7 +1168,7 @@ add_lb_static_mapping_command_fn (vlib_main_t * vm, u32 l_port = 0, e_port = 0, vrf_id = 0, probability = 0, affinity = 0; int is_add = 1; int rv; - snat_protocol_t proto; + nat_protocol_t proto; u8 proto_set = 0; nat44_lb_addr_port_t *locals = 0, local; twice_nat_type_t twice_nat = TWICE_NAT_DISABLED; @@ -1206,7 +1206,7 @@ add_lb_static_mapping_command_fn (vlib_main_t * vm, else if (unformat (line_input, "external %U:%u", unformat_ip4_address, &e_addr, &e_port)) ; - else if (unformat (line_input, "protocol %U", unformat_snat_protocol, + else if (unformat (line_input, "protocol %U", unformat_nat_protocol, &proto)) proto_set = 1; else if (unformat (line_input, "twice-nat")) @@ -1283,7 +1283,7 @@ add_lb_backend_command_fn (vlib_main_t * vm, u32 l_port = 0, e_port = 0, vrf_id = 0, probability = 0; int is_add = 1; int rv; - snat_protocol_t proto; + nat_protocol_t proto; u8 proto_set = 0; if (sm->deterministic) @@ -1305,7 +1305,7 @@ add_lb_backend_command_fn (vlib_main_t * vm, else if (unformat (line_input, "external %U:%u", unformat_ip4_address, &e_addr, &e_port)) ; - else if (unformat (line_input, "protocol %U", unformat_snat_protocol, + else if (unformat (line_input, "protocol %U", unformat_nat_protocol, &proto)) proto_set = 1; else if (unformat (line_input, "del")) @@ -1657,7 +1657,7 @@ nat44_del_session_command_fn (vlib_main_t * vm, clib_error_t *error = 0; ip4_address_t addr, eh_addr; u32 port = 0, eh_port = 0, vrf_id = sm->outside_vrf_id; - snat_protocol_t proto; + nat_protocol_t proto; int rv; if (sm->deterministic) @@ -1671,7 +1671,7 @@ nat44_del_session_command_fn (vlib_main_t * vm, { if (unformat (line_input, "%U:%u %U", unformat_ip4_address, &addr, &port, - unformat_snat_protocol, &proto)) + unformat_nat_protocol, &proto)) ; else if (unformat (line_input, "in")) { @@ -1701,7 +1701,7 @@ nat44_del_session_command_fn (vlib_main_t * vm, if (is_ed) rv = nat44_del_ed_session (sm, &addr, port, &eh_addr, eh_port, - snat_proto_to_ip_proto (proto), vrf_id, is_in); + nat_proto_to_ip_proto (proto), vrf_id, is_in); else rv = nat44_del_session (sm, &addr, port, proto, vrf_id, is_in); diff --git a/src/plugins/nat/nat44_hairpinning.c b/src/plugins/nat/nat44_hairpinning.c index bdf9e3ce813..d109bb88dea 100644 --- a/src/plugins/nat/nat44_hairpinning.c +++ b/src/plugins/nat/nat44_hairpinning.c @@ -161,7 +161,7 @@ snat_hairpinning (snat_main_t * sm, old_dst_port0 = tcp0->dst; if (PREDICT_TRUE (new_dst_port0 != old_dst_port0)) { - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { tcp0->dst = new_dst_port0; sum0 = tcp0->checksum; @@ -179,7 +179,7 @@ snat_hairpinning (snat_main_t * sm, } else { - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { sum0 = tcp0->checksum; sum0 = ip_csum_update (sum0, old_dst_addr0, new_dst_addr0, @@ -218,9 +218,9 @@ snat_icmp_hairpinning (snat_main_t * sm, inner_ip0 = (ip4_header_t *) ((icmp_echo_header_t *) (icmp0 + 1) + 1); l4_header = ip4_next_header (inner_ip0); - u32 protocol = ip_proto_to_snat_proto (inner_ip0->protocol); + u32 protocol = ip_proto_to_nat_proto (inner_ip0->protocol); - if (protocol != SNAT_PROTOCOL_TCP && protocol != SNAT_PROTOCOL_UDP) + if (protocol != NAT_PROTOCOL_TCP && protocol != NAT_PROTOCOL_UDP) return 1; if (is_ed) @@ -298,7 +298,7 @@ snat_icmp_hairpinning (snat_main_t * sm, u16 icmp_id0 = echo0->identifier; key0.addr = ip0->dst_address; key0.port = icmp_id0; - key0.protocol = SNAT_PROTOCOL_ICMP; + key0.protocol = NAT_PROTOCOL_ICMP; key0.fib_index = sm->outside_fib_index; kv0.key = key0.as_u64; if (sm->num_workers > 1) @@ -473,7 +473,7 @@ nat44_hairpinning_fn_inline (vlib_main_t * vm, udp0 = ip4_next_header (ip0); tcp0 = (tcp_header_t *) udp0; - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); vnet_get_config_data (&cm->config_main, &b0->current_config_index, &next0, 0); @@ -584,19 +584,19 @@ snat_hairpin_dst_fn_inline (vlib_main_t * vm, next0 = NAT_HAIRPIN_NEXT_LOOKUP; ip0 = vlib_buffer_get_current (b0); - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); vnet_buffer (b0)->snat.flags = 0; if (PREDICT_FALSE (is_hairpinning (sm, &ip0->dst_address))) { - if (proto0 == SNAT_PROTOCOL_TCP || proto0 == SNAT_PROTOCOL_UDP) + if (proto0 == NAT_PROTOCOL_TCP || proto0 == NAT_PROTOCOL_UDP) { udp_header_t *udp0 = ip4_next_header (ip0); tcp_header_t *tcp0 = (tcp_header_t *) udp0; snat_hairpinning (sm, b0, ip0, udp0, tcp0, proto0, is_ed); } - else if (proto0 == SNAT_PROTOCOL_ICMP) + else if (proto0 == NAT_PROTOCOL_ICMP) { icmp46_header_t *icmp0 = ip4_next_header (ip0); diff --git a/src/plugins/nat/nat64.c b/src/plugins/nat/nat64.c index abf59a341f4..6c5bfc15196 100644 --- a/src/plugins/nat/nat64.c +++ b/src/plugins/nat/nat64.c @@ -133,12 +133,12 @@ nat64_get_worker_out2in (vlib_buffer_t * b, ip4_header_t * ip) u16 port; u32 proto; - proto = ip_proto_to_snat_proto (ip->protocol); + proto = ip_proto_to_nat_proto (ip->protocol); udp = ip4_next_header (ip); port = udp->dst_port; /* unknown protocol */ - if (PREDICT_FALSE (proto == ~0)) + if (PREDICT_FALSE (proto == NAT_PROTOCOL_OTHER)) { nat64_db_t *db; ip46_address_t daddr; @@ -170,17 +170,17 @@ nat64_get_worker_out2in (vlib_buffer_t * b, ip4_header_t * ip) { /* if error message, then it's not fragmented and we can access it */ ip4_header_t *inner_ip = (ip4_header_t *) (echo + 1); - proto = ip_proto_to_snat_proto (inner_ip->protocol); + proto = ip_proto_to_nat_proto (inner_ip->protocol); void *l4_header = ip4_next_header (inner_ip); switch (proto) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: icmp = (icmp46_header_t *) l4_header; echo = (icmp_echo_header_t *) (icmp + 1); port = echo->identifier; break; - case SNAT_PROTOCOL_UDP: - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_UDP: + case NAT_PROTOCOL_TCP: port = ((tcp_udp_header_t *) l4_header)->src_port; break; default: @@ -314,7 +314,7 @@ nat64_add_del_pool_addr (u32 thread_index, clib_memset (a->busy_##n##_port_refcounts, 0, sizeof(a->busy_##n##_port_refcounts)); \ a->busy_##n##_ports = 0; \ vec_validate_init_empty (a->busy_##n##_ports_per_thread, tm->n_vlib_mains - 1, 0); - foreach_snat_protocol + foreach_nat_protocol #undef _ } else @@ -524,7 +524,7 @@ nat64_interfaces_walk (nat64_interface_walk_fn_t fn, void *ctx) } int -nat64_alloc_out_addr_and_port (u32 fib_index, snat_protocol_t proto, +nat64_alloc_out_addr_and_port (u32 fib_index, nat_protocol_t proto, ip4_address_t * addr, u16 * port, u32 thread_index) { @@ -560,7 +560,7 @@ nat64_free_out_addr_and_port (struct nat64_db_s *db, ip4_address_t * addr, int i; snat_address_t *a; u32 thread_index = db - nm->db; - snat_protocol_t proto = ip_proto_to_snat_proto (protocol); + nat_protocol_t proto = ip_proto_to_nat_proto (protocol); u16 port_host_byte_order = clib_net_to_host_u16 (port); for (i = 0; i < vec_len (nm->addr_pool); i++) @@ -571,13 +571,13 @@ nat64_free_out_addr_and_port (struct nat64_db_s *db, ip4_address_t * addr, switch (proto) { #define _(N, j, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ ASSERT (a->busy_##n##_port_refcounts[port_host_byte_order] >= 1); \ --a->busy_##n##_port_refcounts[port_host_byte_order]; \ a->busy_##n##_ports--; \ a->busy_##n##_ports_per_thread[thread_index]--; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ default: nat_elog_notice ("unknown protocol"); @@ -663,7 +663,7 @@ nat64_add_del_static_bib_entry (ip6_address_t * in_addr, nat64_db_bib_entry_t *bibe; u32 fib_index = fib_table_find_or_create_and_lock (FIB_PROTOCOL_IP6, vrf_id, nat_fib_src_hi); - snat_protocol_t p = ip_proto_to_snat_proto (proto); + nat_protocol_t p = ip_proto_to_nat_proto (proto); ip46_address_t addr; int i; snat_address_t *a; @@ -707,7 +707,7 @@ nat64_add_del_static_bib_entry (ip6_address_t * in_addr, switch (p) { #define _(N, j, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ if (a->busy_##n##_port_refcounts[out_port]) \ return VNET_API_ERROR_INVALID_VALUE; \ ++a->busy_##n##_port_refcounts[out_port]; \ @@ -717,7 +717,7 @@ nat64_add_del_static_bib_entry (ip6_address_t * in_addr, a->busy_##n##_ports_per_thread[thread_index]++; \ } \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ default: clib_memset (&addr, 0, sizeof (addr)); @@ -870,12 +870,12 @@ nat64_session_reset_timeout (nat64_db_st_entry_t * ste, vlib_main_t * vm) nat64_main_t *nm = &nat64_main; u32 now = (u32) vlib_time_now (vm); - switch (ip_proto_to_snat_proto (ste->proto)) + switch (ip_proto_to_nat_proto (ste->proto)) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: ste->expire = now + nm->icmp_timeout; return; - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_TCP: { switch (ste->tcp_state) { @@ -894,7 +894,7 @@ nat64_session_reset_timeout (nat64_db_st_entry_t * ste, vlib_main_t * vm) return; } } - case SNAT_PROTOCOL_UDP: + case NAT_PROTOCOL_UDP: ste->expire = now + nm->udp_timeout; return; default: diff --git a/src/plugins/nat/nat64.h b/src/plugins/nat/nat64.h index f13334447b0..7121638b570 100644 --- a/src/plugins/nat/nat64.h +++ b/src/plugins/nat/nat64.h @@ -226,7 +226,7 @@ int nat64_add_del_static_bib_entry (ip6_address_t * in_addr, * * @returns 0 on success, non-zero value otherwise. */ -int nat64_alloc_out_addr_and_port (u32 fib_index, snat_protocol_t proto, +int nat64_alloc_out_addr_and_port (u32 fib_index, nat_protocol_t proto, ip4_address_t * addr, u16 * port, u32 thread_index); diff --git a/src/plugins/nat/nat64_cli.c b/src/plugins/nat/nat64_cli.c index be468df1753..6fc047f56c5 100644 --- a/src/plugins/nat/nat64_cli.c +++ b/src/plugins/nat/nat64_cli.c @@ -119,7 +119,7 @@ nat64_cli_pool_walk (snat_address_t * ap, void *ctx) #define _(N, i, n, s) \ vlib_cli_output (vm, " %d busy %s ports", ap->busy_##n##_ports, s); - foreach_snat_protocol + foreach_nat_protocol #undef _ return 0; } @@ -288,7 +288,7 @@ nat64_add_del_static_bib_command_fn (vlib_main_t * u32 in_port = 0; u32 out_port = 0; u32 vrf_id = 0, protocol; - snat_protocol_t proto = 0; + nat_protocol_t proto = 0; u8 p = 0; int rv; @@ -305,7 +305,7 @@ nat64_add_del_static_bib_command_fn (vlib_main_t * ; else if (unformat (line_input, "vrf %u", &vrf_id)) ; - else if (unformat (line_input, "%U", unformat_snat_protocol, &proto)) + else if (unformat (line_input, "%U", unformat_nat_protocol, &proto)) ; else if (unformat @@ -338,7 +338,7 @@ nat64_add_del_static_bib_command_fn (vlib_main_t * goto done; } - p = snat_proto_to_ip_proto (proto); + p = nat_proto_to_ip_proto (proto); } rv = @@ -394,8 +394,8 @@ nat64_cli_bib_walk (nat64_db_bib_entry_t * bibe, void *ctx) clib_net_to_host_u16 (bibe->in_port), format_ip4_address, &bibe->out_addr, clib_net_to_host_u16 (bibe->out_port), - format_snat_protocol, - ip_proto_to_snat_proto (bibe->proto), fib->ft_table_id, + format_nat_protocol, + ip_proto_to_nat_proto (bibe->proto), fib->ft_table_id, bibe->is_static ? "static" : "dynamic", bibe->ses_num); break; default: @@ -415,15 +415,15 @@ nat64_show_bib_command_fn (vlib_main_t * vm, nat64_main_t *nm = &nat64_main; unformat_input_t _line_input, *line_input = &_line_input; clib_error_t *error = 0; - u32 proto = ~0; + u32 proto = NAT_PROTOCOL_OTHER; u8 p = 255; nat64_db_t *db; if (!unformat_user (input, unformat_line_input, line_input)) return 0; - if (unformat (line_input, "%U", unformat_snat_protocol, &proto)) - p = snat_proto_to_ip_proto (proto); + if (unformat (line_input, "%U", unformat_nat_protocol, &proto)) + p = nat_proto_to_ip_proto (proto); else if (unformat (line_input, "unknown")) p = 0; else if (unformat (line_input, "all")) @@ -438,8 +438,7 @@ nat64_show_bib_command_fn (vlib_main_t * vm, if (p == 255) vlib_cli_output (vm, "NAT64 BIB entries:"); else - vlib_cli_output (vm, "NAT64 %U BIB entries:", format_snat_protocol, - proto); + vlib_cli_output (vm, "NAT64 %U BIB entries:", format_nat_protocol, proto); /* *INDENT-OFF* */ vec_foreach (db, nm->db) @@ -484,8 +483,8 @@ nat64_cli_st_walk (nat64_db_st_entry_t * ste, void *arg) format_ip4_address, &bibe->out_addr, format_ip4_address, &ste->out_r_addr, clib_net_to_host_u16 (bibe->out_port), - format_snat_protocol, - ip_proto_to_snat_proto (bibe->proto), vrf_id); + format_nat_protocol, + ip_proto_to_nat_proto (bibe->proto), vrf_id); else if (ste->proto == IP_PROTOCOL_TCP || ste->proto == IP_PROTOCOL_UDP) vlib_cli_output (vm, " %U %u %U %u %U %u %U %u protcol %U vrf %u", format_ip6_address, &bibe->in_addr, @@ -496,8 +495,8 @@ nat64_cli_st_walk (nat64_db_st_entry_t * ste, void *arg) clib_net_to_host_u16 (bibe->out_port), format_ip4_address, &ste->out_r_addr, clib_net_to_host_u16 (ste->r_port), - format_snat_protocol, - ip_proto_to_snat_proto (bibe->proto), vrf_id); + format_nat_protocol, + ip_proto_to_nat_proto (bibe->proto), vrf_id); else vlib_cli_output (vm, " %U %U %U %U protocol %u vrf %u", format_ip6_address, &bibe->in_addr, @@ -516,7 +515,7 @@ nat64_show_st_command_fn (vlib_main_t * vm, nat64_main_t *nm = &nat64_main; unformat_input_t _line_input, *line_input = &_line_input; clib_error_t *error = 0; - u32 proto = ~0; + u32 proto = NAT_PROTOCOL_OTHER; u8 p = 255; nat64_db_t *db; nat64_cli_st_walk_ctx_t ctx = { @@ -526,8 +525,8 @@ nat64_show_st_command_fn (vlib_main_t * vm, if (!unformat_user (input, unformat_line_input, line_input)) return 0; - if (unformat (line_input, "%U", unformat_snat_protocol, &proto)) - p = snat_proto_to_ip_proto (proto); + if (unformat (line_input, "%U", unformat_nat_protocol, &proto)) + p = nat_proto_to_ip_proto (proto); else if (unformat (line_input, "unknown")) p = 0; else if (unformat (line_input, "all")) @@ -542,7 +541,7 @@ nat64_show_st_command_fn (vlib_main_t * vm, if (p == 255) vlib_cli_output (vm, "NAT64 sessions:"); else - vlib_cli_output (vm, "NAT64 %U sessions:", format_snat_protocol, proto); + vlib_cli_output (vm, "NAT64 %U sessions:", format_nat_protocol, proto); /* *INDENT-OFF* */ vec_foreach (db, nm->db) { diff --git a/src/plugins/nat/nat64_db.c b/src/plugins/nat/nat64_db.c index 8c004f14686..6e4973b249a 100644 --- a/src/plugins/nat/nat64_db.c +++ b/src/plugins/nat/nat64_db.c @@ -69,15 +69,15 @@ nat64_db_bib_entry_create (u32 thread_index, nat64_db_t * db, } /* create pool entry */ - switch (ip_proto_to_snat_proto (proto)) + switch (ip_proto_to_nat_proto (proto)) { /* *INDENT-OFF* */ #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ pool_get (db->bib._##n##_bib, bibe); \ kv.value = bibe - db->bib._##n##_bib; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ default: @@ -136,15 +136,15 @@ nat64_db_bib_entry_free (u32 thread_index, nat64_db_t * db, nat64_db_st_entry_t *st, *ste; fib_table_t *fib; - switch (ip_proto_to_snat_proto (bibe->proto)) + switch (ip_proto_to_nat_proto (bibe->proto)) { /* *INDENT-OFF* */ #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ bib = db->bib._##n##_bib; \ st = db->st._##n##_st; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ default: @@ -214,14 +214,14 @@ nat64_db_bib_entry_find (nat64_db_t * db, ip46_address_t * addr, u16 port, clib_bihash_kv_24_8_t kv, value; nat64_db_bib_entry_t *bib; - switch (ip_proto_to_snat_proto (proto)) + switch (ip_proto_to_nat_proto (proto)) { /* *INDENT-OFF* */ #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ bib = db->bib._##n##_bib; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ default: @@ -262,7 +262,7 @@ nat64_db_bib_walk (nat64_db_t * db, u8 proto, if (fn (bibe, ctx)) \ return; \ })); - foreach_snat_protocol + foreach_nat_protocol #undef _ bib = db->bib._unk_proto_bib; pool_foreach (bibe, bib, ({ @@ -273,14 +273,14 @@ nat64_db_bib_walk (nat64_db_t * db, u8 proto, } else { - switch (ip_proto_to_snat_proto (proto)) + switch (ip_proto_to_nat_proto (proto)) { /* *INDENT-OFF* */ #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ bib = db->bib._##n##_bib; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ default: @@ -303,14 +303,14 @@ nat64_db_bib_entry_by_index (nat64_db_t * db, u8 proto, u32 bibe_index) { nat64_db_bib_entry_t *bib; - switch (ip_proto_to_snat_proto (proto)) + switch (ip_proto_to_nat_proto (proto)) { /* *INDENT-OFF* */ #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ bib = db->bib._##n##_bib; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ default: @@ -336,7 +336,7 @@ nat64_db_st_walk (nat64_db_t * db, u8 proto, if (fn (ste, ctx)) \ return; \ })); - foreach_snat_protocol + foreach_nat_protocol #undef _ st = db->st._unk_proto_st; pool_foreach (ste, st, ({ @@ -347,14 +347,14 @@ nat64_db_st_walk (nat64_db_t * db, u8 proto, } else { - switch (ip_proto_to_snat_proto (proto)) + switch (ip_proto_to_nat_proto (proto)) { /* *INDENT-OFF* */ #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ st = db->st._##n##_st; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ default: @@ -391,16 +391,16 @@ nat64_db_st_entry_create (u32 thread_index, nat64_db_t * db, } /* create pool entry */ - switch (ip_proto_to_snat_proto (bibe->proto)) + switch (ip_proto_to_nat_proto (bibe->proto)) { /* *INDENT-OFF* */ #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ pool_get (db->st._##n##_st, ste); \ kv.value = ste - db->st._##n##_st; \ bib = db->bib._##n##_bib; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ default: @@ -478,15 +478,15 @@ nat64_db_st_entry_free (u32 thread_index, clib_bihash_kv_48_8_t kv; fib_table_t *fib; - switch (ip_proto_to_snat_proto (ste->proto)) + switch (ip_proto_to_nat_proto (ste->proto)) { /* *INDENT-OFF* */ #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ st = db->st._##n##_st; \ bib = db->bib._##n##_bib; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ default: @@ -563,14 +563,14 @@ nat64_db_st_entry_find (nat64_db_t * db, ip46_address_t * l_addr, nat64_db_st_entry_key_t ste_key; clib_bihash_kv_48_8_t kv, value; - switch (ip_proto_to_snat_proto (proto)) + switch (ip_proto_to_nat_proto (proto)) { /* *INDENT-OFF* */ #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ st = db->st._##n##_st; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ default: @@ -606,14 +606,14 @@ nat64_db_st_entry_get_index (nat64_db_t * db, nat64_db_st_entry_t * ste) { nat64_db_st_entry_t *st; - switch (ip_proto_to_snat_proto (ste->proto)) + switch (ip_proto_to_nat_proto (ste->proto)) { /* *INDENT-OFF* */ #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ st = db->st._##n##_st; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ default: @@ -629,14 +629,14 @@ nat64_db_st_entry_by_index (nat64_db_t * db, u8 proto, u32 ste_index) { nat64_db_st_entry_t *st; - switch (ip_proto_to_snat_proto (proto)) + switch (ip_proto_to_nat_proto (proto)) { /* *INDENT-OFF* */ #define _(N, i, n, s) \ - case SNAT_PROTOCOL_##N: \ + case NAT_PROTOCOL_##N: \ st = db->st._##n##_st; \ break; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ default: @@ -657,7 +657,7 @@ nad64_db_st_free_expired (u32 thread_index, nat64_db_t * db, u32 now) #define _(N, i, n, s) \ st = db->st._##n##_st; \ pool_foreach (ste, st, ({\ - if (i == SNAT_PROTOCOL_TCP && !ste->tcp_state) \ + if (i == NAT_PROTOCOL_TCP && !ste->tcp_state) \ continue; \ if (ste->expire < now) \ vec_add1 (ste_to_be_free, ste - st); \ @@ -667,7 +667,7 @@ nad64_db_st_free_expired (u32 thread_index, nat64_db_t * db, u32 now) pool_elt_at_index(st, ste_index[0])); \ vec_free (ste_to_be_free); \ ste_to_be_free = 0; - foreach_snat_protocol + foreach_nat_protocol #undef _ st = db->st._unk_proto_st; pool_foreach (ste, st, ({ @@ -703,7 +703,7 @@ nat64_db_free_out_addr (u32 thread_index, pool_elt_at_index(st, ste_index[0])); \ vec_free (ste_to_be_free); \ ste_to_be_free = 0; - foreach_snat_protocol + foreach_nat_protocol #undef _ st = db->st._unk_proto_st; pool_foreach (ste, st, ({ diff --git a/src/plugins/nat/nat64_db.h b/src/plugins/nat/nat64_db.h index 68f048ca59e..76e00c9227b 100644 --- a/src/plugins/nat/nat64_db.h +++ b/src/plugins/nat/nat64_db.h @@ -60,7 +60,7 @@ typedef struct /* *INDENT-OFF* */ #define _(N, i, n, s) \ nat64_db_bib_entry_t *_##n##_bib; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ nat64_db_bib_entry_t *_unk_proto_bib; @@ -110,7 +110,7 @@ typedef struct /* *INDENT-OFF* */ #define _(N, i, n, s) \ nat64_db_st_entry_t *_##n##_st; - foreach_snat_protocol + foreach_nat_protocol #undef _ /* *INDENT-ON* */ nat64_db_st_entry_t *_unk_proto_st; diff --git a/src/plugins/nat/nat64_in2out.c b/src/plugins/nat/nat64_in2out.c index 8d4b1a89cad..38e98340b8c 100644 --- a/src/plugins/nat/nat64_in2out.c +++ b/src/plugins/nat/nat64_in2out.c @@ -224,7 +224,7 @@ nat64_in2out_tcp_udp (vlib_main_t * vm, vlib_buffer_t * p, u16 l4_offset, u16 out_port; ip4_address_t out_addr; if (nat64_alloc_out_addr_and_port - (fib_index, ip_proto_to_snat_proto (proto), &out_addr, + (fib_index, ip_proto_to_nat_proto (proto), &out_addr, &out_port, ctx->thread_index)) return -1; @@ -335,7 +335,7 @@ nat64_in2out_icmp_set_cb (ip6_header_t * ip6, ip4_header_t * ip4, void *arg) u16 out_id; ip4_address_t out_addr; if (nat64_alloc_out_addr_and_port - (fib_index, SNAT_PROTOCOL_ICMP, &out_addr, &out_id, + (fib_index, NAT_PROTOCOL_ICMP, &out_addr, &out_id, ctx->thread_index)) return -1; @@ -715,7 +715,7 @@ nat64_in2out_tcp_udp_hairpinning (vlib_main_t * vm, vlib_buffer_t * b, u16 out_port; ip4_address_t out_addr; if (nat64_alloc_out_addr_and_port - (fib_index, ip_proto_to_snat_proto (proto), &out_addr, + (fib_index, ip_proto_to_nat_proto (proto), &out_addr, &out_port, thread_index)) return -1; @@ -1112,11 +1112,11 @@ nat64_in2out_node_fn_inline (vlib_main_t * vm, vlib_node_runtime_t * node, goto trace0; } - proto0 = ip_proto_to_snat_proto (l4_protocol0); + proto0 = ip_proto_to_nat_proto (l4_protocol0); if (is_slow_path) { - if (PREDICT_TRUE (proto0 == ~0)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_OTHER)) { other_packets++; if (is_hairpinning (&ip60->dst_address)) @@ -1146,14 +1146,14 @@ nat64_in2out_node_fn_inline (vlib_main_t * vm, vlib_node_runtime_t * node, } else { - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { next0 = NAT64_IN2OUT_NEXT_SLOWPATH; goto trace0; } } - if (proto0 == SNAT_PROTOCOL_ICMP) + if (proto0 == NAT_PROTOCOL_ICMP) { icmp_packets++; if (is_hairpinning (&ip60->dst_address)) @@ -1178,9 +1178,9 @@ nat64_in2out_node_fn_inline (vlib_main_t * vm, vlib_node_runtime_t * node, goto trace0; } } - else if (proto0 == SNAT_PROTOCOL_TCP || proto0 == SNAT_PROTOCOL_UDP) + else if (proto0 == NAT_PROTOCOL_TCP || proto0 == NAT_PROTOCOL_UDP) { - if (proto0 == SNAT_PROTOCOL_TCP) + if (proto0 == NAT_PROTOCOL_TCP) tcp_packets++; else udp_packets++; diff --git a/src/plugins/nat/nat64_out2in.c b/src/plugins/nat/nat64_out2in.c index 6c0075102a1..ef0f8214ddd 100644 --- a/src/plugins/nat/nat64_out2in.c +++ b/src/plugins/nat/nat64_out2in.c @@ -575,9 +575,9 @@ VLIB_NODE_FN (nat64_out2in_node) (vlib_main_t * vm, next0 = NAT64_OUT2IN_NEXT_IP6_LOOKUP; - proto0 = ip_proto_to_snat_proto (ip40->protocol); + proto0 = ip_proto_to_nat_proto (ip40->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { if (nat64_out2in_unk_proto (vm, b0, &ctx0)) { @@ -588,7 +588,7 @@ VLIB_NODE_FN (nat64_out2in_node) (vlib_main_t * vm, goto trace0; } - if (proto0 == SNAT_PROTOCOL_ICMP) + if (proto0 == NAT_PROTOCOL_ICMP) { icmp_packets++; if (icmp_to_icmp6 @@ -602,7 +602,7 @@ VLIB_NODE_FN (nat64_out2in_node) (vlib_main_t * vm, } else { - if (proto0 == SNAT_PROTOCOL_TCP) + if (proto0 == NAT_PROTOCOL_TCP) tcp_packets++; else udp_packets++; @@ -614,7 +614,7 @@ VLIB_NODE_FN (nat64_out2in_node) (vlib_main_t * vm, * Send DHCP packets to the ipv4 stack, or we won't * be able to use dhcp client on the outside interface */ - if ((proto0 == SNAT_PROTOCOL_UDP) + if ((proto0 == NAT_PROTOCOL_UDP) && (udp0->dst_port == clib_host_to_net_u16 (UDP_DST_PORT_dhcp_to_client))) { diff --git a/src/plugins/nat/nat_affinity.c b/src/plugins/nat/nat_affinity.c index 5a6927118aa..2c22ae0e097 100644 --- a/src/plugins/nat/nat_affinity.c +++ b/src/plugins/nat/nat_affinity.c @@ -38,7 +38,7 @@ format_affinity_kvp (u8 * s, va_list * args) format_ip4_address, &k.client_addr, format_ip4_address, &k.service_addr, clib_net_to_host_u16 (k.service_port), - format_snat_protocol, k.proto); + format_nat_protocol, k.proto); return s; } diff --git a/src/plugins/nat/nat_api.c b/src/plugins/nat/nat_api.c index c58e88bd7f0..74f24d85cf8 100644 --- a/src/plugins/nat/nat_api.c +++ b/src/plugins/nat/nat_api.c @@ -1098,7 +1098,7 @@ static void u32 vrf_id, external_sw_if_index; twice_nat_type_t twice_nat = TWICE_NAT_DISABLED; int rv = 0; - snat_protocol_t proto; + nat_protocol_t proto; u8 *tag = 0; if (sm->deterministic) @@ -1118,7 +1118,7 @@ static void vrf_id = clib_net_to_host_u32 (mp->vrf_id); external_sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index); - proto = ip_proto_to_snat_proto (mp->protocol); + proto = ip_proto_to_nat_proto (mp->protocol); if (mp->flags & NAT_API_IS_TWICE_NAT) twice_nat = TWICE_NAT; @@ -1202,7 +1202,7 @@ send_nat44_static_mapping_details (snat_static_mapping_t * m, } else { - rmp->protocol = snat_proto_to_ip_proto (m->proto); + rmp->protocol = nat_proto_to_ip_proto (m->proto); rmp->external_port = htons (m->external_port); rmp->local_port = htons (m->local_port); } @@ -1239,7 +1239,7 @@ send_nat44_static_map_resolve_details (snat_static_map_resolve_t * m, } else { - rmp->protocol = snat_proto_to_ip_proto (m->proto); + rmp->protocol = nat_proto_to_ip_proto (m->proto); rmp->external_port = htons (m->e_port); rmp->local_port = htons (m->l_port); } @@ -1303,7 +1303,7 @@ static void u16 port = 0; u32 vrf_id, sw_if_index; int rv = 0; - snat_protocol_t proto = ~0; + nat_protocol_t proto = NAT_PROTOCOL_OTHER; u8 *tag = 0; if (sm->deterministic) @@ -1315,7 +1315,7 @@ static void if (!(mp->flags & NAT_API_IS_ADDR_ONLY)) { port = clib_net_to_host_u16 (mp->port); - proto = ip_proto_to_snat_proto (mp->protocol); + proto = ip_proto_to_nat_proto (mp->protocol); } vrf_id = clib_net_to_host_u32 (mp->vrf_id); sw_if_index = clib_net_to_host_u32 (mp->sw_if_index); @@ -1379,7 +1379,7 @@ send_nat44_identity_mapping_details (snat_static_mapping_t * m, int index, rmp->port = htons (m->local_port); rmp->sw_if_index = ~0; rmp->vrf_id = htonl (local->vrf_id); - rmp->protocol = snat_proto_to_ip_proto (m->proto); + rmp->protocol = nat_proto_to_ip_proto (m->proto); rmp->context = context; if (m->tag) strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag)); @@ -1406,7 +1406,7 @@ send_nat44_identity_map_resolve_details (snat_static_map_resolve_t * m, rmp->port = htons (m->l_port); rmp->sw_if_index = htonl (m->sw_if_index); rmp->vrf_id = htonl (m->vrf_id); - rmp->protocol = snat_proto_to_ip_proto (m->proto); + rmp->protocol = nat_proto_to_ip_proto (m->proto); rmp->context = context; if (m->tag) strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag)); @@ -1657,7 +1657,7 @@ send_nat44_user_session_details (snat_session_t * s, { rmp->outside_port = s->out2in.port; rmp->inside_port = s->in2out.port; - rmp->protocol = ntohs (snat_proto_to_ip_proto (s->in2out.protocol)); + rmp->protocol = ntohs (nat_proto_to_ip_proto (s->in2out.protocol)); } if (is_ed_session (s) || is_fwd_bypass_session (s)) { @@ -1788,7 +1788,7 @@ static void int rv = 0; nat44_lb_addr_port_t *locals = 0; ip4_address_t e_addr; - snat_protocol_t proto; + nat_protocol_t proto; u8 *tag = 0; if (!sm->endpoint_dependent) @@ -1801,7 +1801,7 @@ static void unformat_nat44_lb_addr_port (mp->locals, clib_net_to_host_u32 (mp->local_num)); clib_memcpy (&e_addr, mp->external_addr, 4); - proto = ip_proto_to_snat_proto (mp->protocol); + proto = ip_proto_to_nat_proto (mp->protocol); if (mp->flags & NAT_API_IS_TWICE_NAT) twice_nat = TWICE_NAT; @@ -1848,7 +1848,7 @@ static void vl_api_nat44_lb_static_mapping_add_del_local_reply_t *rmp; int rv = 0; ip4_address_t e_addr, l_addr; - snat_protocol_t proto; + nat_protocol_t proto; if (!sm->endpoint_dependent) { @@ -1858,7 +1858,7 @@ static void clib_memcpy (&e_addr, mp->external_addr, 4); clib_memcpy (&l_addr, mp->local.addr, 4); - proto = ip_proto_to_snat_proto (mp->protocol); + proto = ip_proto_to_nat_proto (mp->protocol); rv = nat44_lb_static_mapping_add_del_local (e_addr, @@ -1907,7 +1907,7 @@ send_nat44_lb_static_mapping_details (snat_static_mapping_t * m, clib_memcpy (rmp->external_addr, &(m->external_addr), 4); rmp->external_port = ntohs (m->external_port); - rmp->protocol = snat_proto_to_ip_proto (m->proto); + rmp->protocol = nat_proto_to_ip_proto (m->proto); rmp->context = context; if (m->twice_nat == TWICE_NAT) @@ -1980,7 +1980,7 @@ vl_api_nat44_del_session_t_handler (vl_api_nat44_del_session_t * mp) u32 vrf_id; int rv = 0; u8 is_in; - snat_protocol_t proto; + nat_protocol_t proto; if (sm->deterministic) { @@ -1991,7 +1991,7 @@ vl_api_nat44_del_session_t_handler (vl_api_nat44_del_session_t * mp) memcpy (&addr.as_u8, mp->address, 4); port = clib_net_to_host_u16 (mp->port); vrf_id = clib_net_to_host_u32 (mp->vrf_id); - proto = ip_proto_to_snat_proto (mp->protocol); + proto = ip_proto_to_nat_proto (mp->protocol); memcpy (&eh_addr.as_u8, mp->ext_host_address, 4); eh_port = clib_net_to_host_u16 (mp->ext_host_port); diff --git a/src/plugins/nat/nat_det_in2out.c b/src/plugins/nat/nat_det_in2out.c index dc2873ee110..cf50805c1a3 100644 --- a/src/plugins/nat/nat_det_in2out.c +++ b/src/plugins/nat/nat_det_in2out.c @@ -126,7 +126,7 @@ icmp_match_in2out_det (snat_main_t * sm, vlib_node_runtime_t * node, if (!icmp_type_is_error_message (vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags)) { - protocol = SNAT_PROTOCOL_ICMP; + protocol = NAT_PROTOCOL_ICMP; in_addr = ip0->src_address; in_port = vnet_buffer (b0)->ip.reass.l4_src_port; } @@ -135,17 +135,17 @@ icmp_match_in2out_det (snat_main_t * sm, vlib_node_runtime_t * node, /* if error message, then it's not fragmented and we can access it */ inner_ip0 = (ip4_header_t *) (echo0 + 1); l4_header = ip4_next_header (inner_ip0); - protocol = ip_proto_to_snat_proto (inner_ip0->protocol); + protocol = ip_proto_to_nat_proto (inner_ip0->protocol); in_addr = inner_ip0->dst_address; switch (protocol) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: inner_icmp0 = (icmp46_header_t *) l4_header; inner_echo0 = (icmp_echo_header_t *) (inner_icmp0 + 1); in_port = inner_echo0->identifier; break; - case SNAT_PROTOCOL_UDP: - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_UDP: + case NAT_PROTOCOL_TCP: in_port = ((tcp_udp_header_t *) l4_header)->dst_port; break; default: @@ -334,9 +334,9 @@ VLIB_NODE_FN (snat_det_in2out_node) (vlib_main_t * vm, goto trace0; } - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { rx_fib_index0 = ip4_fib_table_get_index_for_sw_if_index (sw_if_index0); @@ -411,7 +411,7 @@ VLIB_NODE_FN (snat_det_in2out_node) (vlib_main_t * vm, src_address /* changed member */ ); ip0->checksum = ip_csum_fold (sum0); - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { if (tcp0->flags & TCP_FLAG_SYN) ses0->state = SNAT_SESSION_TCP_SYN_SENT; @@ -507,9 +507,9 @@ VLIB_NODE_FN (snat_det_in2out_node) (vlib_main_t * vm, goto trace1; } - proto1 = ip_proto_to_snat_proto (ip1->protocol); + proto1 = ip_proto_to_nat_proto (ip1->protocol); - if (PREDICT_FALSE (proto1 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto1 == NAT_PROTOCOL_ICMP)) { rx_fib_index1 = ip4_fib_table_get_index_for_sw_if_index (sw_if_index1); @@ -584,7 +584,7 @@ VLIB_NODE_FN (snat_det_in2out_node) (vlib_main_t * vm, src_address /* changed member */ ); ip1->checksum = ip_csum_fold (sum1); - if (PREDICT_TRUE (proto1 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto1 == NAT_PROTOCOL_TCP)) { if (tcp1->flags & TCP_FLAG_SYN) ses1->state = SNAT_SESSION_TCP_SYN_SENT; @@ -716,9 +716,9 @@ VLIB_NODE_FN (snat_det_in2out_node) (vlib_main_t * vm, goto trace00; } - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { rx_fib_index0 = ip4_fib_table_get_index_for_sw_if_index (sw_if_index0); @@ -793,7 +793,7 @@ VLIB_NODE_FN (snat_det_in2out_node) (vlib_main_t * vm, src_address /* changed member */ ); ip0->checksum = ip_csum_fold (sum0); - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { if (tcp0->flags & TCP_FLAG_SYN) ses0->state = SNAT_SESSION_TCP_SYN_SENT; diff --git a/src/plugins/nat/nat_det_out2in.c b/src/plugins/nat/nat_det_out2in.c index d45df4d2e87..80d9b39b2bb 100644 --- a/src/plugins/nat/nat_det_out2in.c +++ b/src/plugins/nat/nat_det_out2in.c @@ -121,7 +121,7 @@ icmp_match_out2in_det (snat_main_t * sm, vlib_node_runtime_t * node, if (!icmp_type_is_error_message (vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags)) { - protocol = SNAT_PROTOCOL_ICMP; + protocol = NAT_PROTOCOL_ICMP; key0.ext_host_addr = ip0->src_address; key0.ext_host_port = 0; key0.out_port = vnet_buffer (b0)->ip.reass.l4_src_port; @@ -132,19 +132,19 @@ icmp_match_out2in_det (snat_main_t * sm, vlib_node_runtime_t * node, /* if error message, then it's not fragmented and we can access it */ inner_ip0 = (ip4_header_t *) (echo0 + 1); l4_header = ip4_next_header (inner_ip0); - protocol = ip_proto_to_snat_proto (inner_ip0->protocol); + protocol = ip_proto_to_nat_proto (inner_ip0->protocol); key0.ext_host_addr = inner_ip0->dst_address; out_addr = inner_ip0->src_address; switch (protocol) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: inner_icmp0 = (icmp46_header_t *) l4_header; inner_echo0 = (icmp_echo_header_t *) (inner_icmp0 + 1); key0.ext_host_port = 0; key0.out_port = inner_echo0->identifier; break; - case SNAT_PROTOCOL_UDP: - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_UDP: + case NAT_PROTOCOL_TCP: key0.ext_host_port = ((tcp_udp_header_t *) l4_header)->dst_port; key0.out_port = ((tcp_udp_header_t *) l4_header)->src_port; break; @@ -304,9 +304,9 @@ VLIB_NODE_FN (snat_det_out2in_node) (vlib_main_t * vm, goto trace0; } - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { rx_fib_index0 = ip4_fib_table_get_index_for_sw_if_index (sw_if_index0); @@ -361,7 +361,7 @@ VLIB_NODE_FN (snat_det_out2in_node) (vlib_main_t * vm, dst_address /* changed member */ ); ip0->checksum = ip_csum_fold (sum0); - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { if (tcp0->flags & TCP_FLAG_FIN && ses0->state == SNAT_SESSION_TCP_ESTABLISHED) @@ -425,9 +425,9 @@ VLIB_NODE_FN (snat_det_out2in_node) (vlib_main_t * vm, goto trace1; } - proto1 = ip_proto_to_snat_proto (ip1->protocol); + proto1 = ip_proto_to_nat_proto (ip1->protocol); - if (PREDICT_FALSE (proto1 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto1 == NAT_PROTOCOL_ICMP)) { rx_fib_index1 = ip4_fib_table_get_index_for_sw_if_index (sw_if_index1); @@ -482,7 +482,7 @@ VLIB_NODE_FN (snat_det_out2in_node) (vlib_main_t * vm, dst_address /* changed member */ ); ip1->checksum = ip_csum_fold (sum1); - if (PREDICT_TRUE (proto1 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto1 == NAT_PROTOCOL_TCP)) { if (tcp1->flags & TCP_FLAG_FIN && ses1->state == SNAT_SESSION_TCP_ESTABLISHED) @@ -579,9 +579,9 @@ VLIB_NODE_FN (snat_det_out2in_node) (vlib_main_t * vm, goto trace00; } - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { rx_fib_index0 = ip4_fib_table_get_index_for_sw_if_index (sw_if_index0); @@ -636,7 +636,7 @@ VLIB_NODE_FN (snat_det_out2in_node) (vlib_main_t * vm, dst_address /* changed member */ ); ip0->checksum = ip_csum_fold (sum0); - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { if (tcp0->flags & TCP_FLAG_FIN && ses0->state == SNAT_SESSION_TCP_ESTABLISHED) diff --git a/src/plugins/nat/nat_format.c b/src/plugins/nat/nat_format.c index b9241545096..33e9655dc4e 100644 --- a/src/plugins/nat/nat_format.c +++ b/src/plugins/nat/nat_format.c @@ -22,13 +22,13 @@ #include <nat/nat_det.h> uword -unformat_snat_protocol (unformat_input_t * input, va_list * args) +unformat_nat_protocol (unformat_input_t * input, va_list * args) { u32 *r = va_arg (*args, u32 *); if (0); -#define _(N, i, n, s) else if (unformat (input, s)) *r = SNAT_PROTOCOL_##N; - foreach_snat_protocol +#define _(N, i, n, s) else if (unformat (input, s)) *r = NAT_PROTOCOL_##N; + foreach_nat_protocol #undef _ else return 0; @@ -36,15 +36,15 @@ unformat_snat_protocol (unformat_input_t * input, va_list * args) } u8 * -format_snat_protocol (u8 * s, va_list * args) +format_nat_protocol (u8 * s, va_list * args) { u32 i = va_arg (*args, u32); u8 *t = 0; switch (i) { -#define _(N, j, n, str) case SNAT_PROTOCOL_##N: t = (u8 *) str; break; - foreach_snat_protocol +#define _(N, j, n, str) case NAT_PROTOCOL_##N: t = (u8 *) str; break; + foreach_nat_protocol #undef _ default: s = format (s, "unknown"); @@ -80,7 +80,7 @@ format_snat_key (u8 * s, va_list * args) s = format (s, "%U proto %U port %d fib %d", format_ip4_address, &key->addr, - format_snat_protocol, key->protocol, + format_nat_protocol, key->protocol, clib_net_to_host_u16 (key->port), key->fib_index); return s; } @@ -92,7 +92,7 @@ format_static_mapping_key (u8 * s, va_list * args) s = format (s, "%U proto %U port %d fib %d", format_ip4_address, &key->addr, - format_snat_protocol, key->protocol, key->port, key->fib_index); + format_nat_protocol, key->protocol, key->port, key->fib_index); return s; } @@ -226,7 +226,7 @@ format_snat_static_mapping (u8 * s, va_list * args) format_ip4_address, &m->local_addr); else s = format (s, "identity mapping %U %U:%d", - format_snat_protocol, m->proto, + format_nat_protocol, m->proto, format_ip4_address, &m->local_addr, m->local_port); /* *INDENT-OFF* */ @@ -252,7 +252,7 @@ format_snat_static_mapping (u8 * s, va_list * args) if (is_lb_static_mapping (m)) { s = format (s, "%U external %U:%d %s %s", - format_snat_protocol, m->proto, + format_nat_protocol, m->proto, format_ip4_address, &m->external_addr, m->external_port, m->twice_nat == TWICE_NAT ? "twice-nat" : m->twice_nat == TWICE_NAT_SELF ? "self-twice-nat" : "", @@ -270,7 +270,7 @@ format_snat_static_mapping (u8 * s, va_list * args) } else s = format (s, "%U local %U:%d external %U:%d vrf %d %s %s", - format_snat_protocol, m->proto, + format_nat_protocol, m->proto, format_ip4_address, &m->local_addr, m->local_port, format_ip4_address, &m->external_addr, m->external_port, m->vrf_id, @@ -293,7 +293,7 @@ format_snat_static_map_to_resolve (u8 * s, va_list * args) format_vnet_sw_if_index_name, vnm, m->sw_if_index, m->vrf_id); else s = format (s, "%U local %U:%d external %U:%d vrf %d", - format_snat_protocol, m->proto, + format_nat_protocol, m->proto, format_ip4_address, &m->l_addr, m->l_port, format_vnet_sw_if_index_name, vnm, m->sw_if_index, m->e_port, m->vrf_id); diff --git a/src/plugins/nat/nat_inlines.h b/src/plugins/nat/nat_inlines.h index a5fa84dcfa9..e5ac421a6f9 100644 --- a/src/plugins/nat/nat_inlines.h +++ b/src/plugins/nat/nat_inlines.h @@ -146,49 +146,6 @@ nat_pre_node_fn_inline (vlib_main_t * vm, return frame->n_vectors; } -always_inline u32 -ip_proto_to_snat_proto (u8 ip_proto) -{ - u32 snat_proto = ~0; - - snat_proto = (ip_proto == IP_PROTOCOL_UDP) ? SNAT_PROTOCOL_UDP : snat_proto; - snat_proto = (ip_proto == IP_PROTOCOL_TCP) ? SNAT_PROTOCOL_TCP : snat_proto; - snat_proto = - (ip_proto == IP_PROTOCOL_ICMP) ? SNAT_PROTOCOL_ICMP : snat_proto; - snat_proto = - (ip_proto == IP_PROTOCOL_ICMP6) ? SNAT_PROTOCOL_ICMP : snat_proto; - - return snat_proto; -} - -always_inline u8 -snat_proto_to_ip_proto (snat_protocol_t snat_proto) -{ - u8 ip_proto = ~0; - - ip_proto = (snat_proto == SNAT_PROTOCOL_UDP) ? IP_PROTOCOL_UDP : ip_proto; - ip_proto = (snat_proto == SNAT_PROTOCOL_TCP) ? IP_PROTOCOL_TCP : ip_proto; - ip_proto = (snat_proto == SNAT_PROTOCOL_ICMP) ? IP_PROTOCOL_ICMP : ip_proto; - - return ip_proto; -} - -static_always_inline u8 -icmp_type_is_error_message (u8 icmp_type) -{ - switch (icmp_type) - { - case ICMP4_destination_unreachable: - case ICMP4_time_exceeded: - case ICMP4_parameter_problem: - case ICMP4_source_quench: - case ICMP4_redirect: - case ICMP4_alternate_host_address: - return 1; - } - return 0; -} - always_inline u8 is_interface_addr (snat_main_t * sm, vlib_node_runtime_t * node, u32 sw_if_index0, u32 ip4_addr) @@ -418,11 +375,11 @@ nat44_session_get_timeout (snat_main_t * sm, snat_session_t * s) { switch (s->in2out.protocol) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: return sm->icmp_timeout; - case SNAT_PROTOCOL_UDP: + case NAT_PROTOCOL_UDP: return sm->udp_timeout; - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_TCP: { if (s->state) return sm->tcp_transitory_timeout; @@ -529,7 +486,7 @@ make_sm_kv (clib_bihash_kv_8_8_t * kv, ip4_address_t * addr, u8 proto, static_always_inline int get_icmp_i2o_ed_key (vlib_buffer_t * b, ip4_header_t * ip0, u32 rx_fib_index, - u64 value, u8 * snat_proto, u16 * l_port, u16 * r_port, + u64 value, u8 * nat_proto, u16 * l_port, u16 * r_port, clib_bihash_kv_16_8_t * kv) { u8 proto; @@ -561,16 +518,16 @@ get_icmp_i2o_ed_key (vlib_buffer_t * b, ip4_header_t * ip0, u32 rx_fib_index, proto = inner_ip0->protocol; r_addr = &inner_ip0->src_address; l_addr = &inner_ip0->dst_address; - switch (ip_proto_to_snat_proto (inner_ip0->protocol)) + switch (ip_proto_to_nat_proto (inner_ip0->protocol)) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: inner_icmp0 = (icmp46_header_t *) l4_header; inner_echo0 = (icmp_echo_header_t *) (inner_icmp0 + 1); _r_port = 0; _l_port = inner_echo0->identifier; break; - case SNAT_PROTOCOL_UDP: - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_UDP: + case NAT_PROTOCOL_TCP: _l_port = ((tcp_udp_header_t *) l4_header)->dst_port; _r_port = ((tcp_udp_header_t *) l4_header)->src_port; break; @@ -580,9 +537,9 @@ get_icmp_i2o_ed_key (vlib_buffer_t * b, ip4_header_t * ip0, u32 rx_fib_index, } make_ed_kv (l_addr, r_addr, proto, rx_fib_index, _l_port, _r_port, value, kv); - if (snat_proto) + if (nat_proto) { - *snat_proto = ip_proto_to_snat_proto (proto); + *nat_proto = ip_proto_to_nat_proto (proto); } if (l_port) { @@ -598,7 +555,7 @@ get_icmp_i2o_ed_key (vlib_buffer_t * b, ip4_header_t * ip0, u32 rx_fib_index, static_always_inline int get_icmp_o2i_ed_key (vlib_buffer_t * b, ip4_header_t * ip0, u32 rx_fib_index, - u64 value, u8 * snat_proto, u16 * l_port, u16 * r_port, + u64 value, u8 * nat_proto, u16 * l_port, u16 * r_port, clib_bihash_kv_16_8_t * kv) { icmp46_header_t *icmp0; @@ -629,16 +586,16 @@ get_icmp_o2i_ed_key (vlib_buffer_t * b, ip4_header_t * ip0, u32 rx_fib_index, proto = inner_ip0->protocol; l_addr = &inner_ip0->src_address; r_addr = &inner_ip0->dst_address; - switch (ip_proto_to_snat_proto (inner_ip0->protocol)) + switch (ip_proto_to_nat_proto (inner_ip0->protocol)) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: inner_icmp0 = (icmp46_header_t *) l4_header; inner_echo0 = (icmp_echo_header_t *) (inner_icmp0 + 1); _l_port = inner_echo0->identifier; _r_port = 0; break; - case SNAT_PROTOCOL_UDP: - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_UDP: + case NAT_PROTOCOL_TCP: _l_port = ((tcp_udp_header_t *) l4_header)->src_port; _r_port = ((tcp_udp_header_t *) l4_header)->dst_port; break; @@ -648,9 +605,9 @@ get_icmp_o2i_ed_key (vlib_buffer_t * b, ip4_header_t * ip0, u32 rx_fib_index, } make_ed_kv (l_addr, r_addr, proto, rx_fib_index, _l_port, _r_port, value, kv); - if (snat_proto) + if (nat_proto) { - *snat_proto = ip_proto_to_snat_proto (proto); + *nat_proto = ip_proto_to_nat_proto (proto); } if (l_port) { diff --git a/src/plugins/nat/nat_ipfix_logging.c b/src/plugins/nat/nat_ipfix_logging.c index da8e1f28991..764774224a1 100755 --- a/src/plugins/nat/nat_ipfix_logging.c +++ b/src/plugins/nat/nat_ipfix_logging.c @@ -48,7 +48,7 @@ typedef struct u8 nat_event; u32 src_ip; u32 nat_src_ip; - snat_protocol_t snat_proto; + nat_protocol_t nat_proto; u16 src_port; u16 nat_src_port; u32 vrf_id; @@ -573,7 +573,7 @@ snat_ipfix_send (u32 thread_index, flow_report_main_t * frm, static void snat_ipfix_logging_nat44_ses (u32 thread_index, u8 nat_event, u32 src_ip, - u32 nat_src_ip, snat_protocol_t snat_proto, + u32 nat_src_ip, nat_protocol_t nat_proto, u16 src_port, u16 nat_src_port, u32 vrf_id, int do_flush) { @@ -586,10 +586,10 @@ snat_ipfix_logging_nat44_ses (u32 thread_index, u8 nat_event, u32 src_ip, u32 offset; vlib_main_t *vm = vlib_mains[thread_index]; u64 now; - u8 proto = ~0; + u8 proto; u16 template_id; - proto = snat_proto_to_ip_proto (snat_proto); + proto = nat_proto_to_ip_proto (nat_proto); now = (u64) ((vlib_time_now (vm) - silm->vlib_time_0) * 1e3); now += silm->milisecond_time_0; @@ -1299,7 +1299,7 @@ snat_ipfix_flush_from_main (void) * @param thread_index thread index * @param src_ip source IPv4 address * @param nat_src_ip transaltes source IPv4 address - * @param snat_proto NAT transport protocol + * @param nat_proto NAT transport protocol * @param src_port source port * @param nat_src_port translated source port * @param vrf_id VRF ID @@ -1308,14 +1308,14 @@ void snat_ipfix_logging_nat44_ses_create (u32 thread_index, u32 src_ip, u32 nat_src_ip, - snat_protocol_t snat_proto, + nat_protocol_t nat_proto, u16 src_port, u16 nat_src_port, u32 vrf_id) { skip_if_disabled (); snat_ipfix_logging_nat44_ses (thread_index, NAT44_SESSION_CREATE, src_ip, - nat_src_ip, snat_proto, src_port, nat_src_port, + nat_src_ip, nat_proto, src_port, nat_src_port, vrf_id, 0); } @@ -1325,7 +1325,7 @@ snat_ipfix_logging_nat44_ses_create (u32 thread_index, * @param thread_index thread index * @param src_ip source IPv4 address * @param nat_src_ip transaltes source IPv4 address - * @param snat_proto NAT transport protocol + * @param nat_proto NAT transport protocol * @param src_port source port * @param nat_src_port translated source port * @param vrf_id VRF ID @@ -1334,14 +1334,14 @@ void snat_ipfix_logging_nat44_ses_delete (u32 thread_index, u32 src_ip, u32 nat_src_ip, - snat_protocol_t snat_proto, + nat_protocol_t nat_proto, u16 src_port, u16 nat_src_port, u32 vrf_id) { skip_if_disabled (); snat_ipfix_logging_nat44_ses (thread_index, NAT44_SESSION_DELETE, src_ip, - nat_src_ip, snat_proto, src_port, nat_src_port, + nat_src_ip, nat_proto, src_port, nat_src_port, vrf_id, 0); } diff --git a/src/plugins/nat/nat_ipfix_logging.h b/src/plugins/nat/nat_ipfix_logging.h index 7b5049e0545..f8a9b6b5f5b 100644 --- a/src/plugins/nat/nat_ipfix_logging.h +++ b/src/plugins/nat/nat_ipfix_logging.h @@ -113,12 +113,12 @@ void snat_ipfix_logging_init (vlib_main_t * vm); int snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port); void snat_ipfix_logging_nat44_ses_create (u32 thread_index, u32 src_ip, u32 nat_src_ip, - snat_protocol_t snat_proto, + nat_protocol_t nat_proto, u16 src_port, u16 nat_src_port, u32 vrf_id); void snat_ipfix_logging_nat44_ses_delete (u32 thread_index, u32 src_ip, u32 nat_src_ip, - snat_protocol_t snat_proto, + nat_protocol_t nat_proto, u16 src_port, u16 nat_src_port, u32 vrf_id); void snat_ipfix_logging_addresses_exhausted(u32 thread_index, u32 pool_id); diff --git a/src/plugins/nat/nat_test.c b/src/plugins/nat/nat_test.c index 685f85b92e7..46fbfc7c0cd 100644 --- a/src/plugins/nat/nat_test.c +++ b/src/plugins/nat/nat_test.c @@ -299,7 +299,7 @@ static int api_nat44_add_del_static_mapping(vat_main_t * vam) u32 local_port = 0, external_port = 0, vrf_id = ~0; u32 sw_if_index = ~0; u8 sw_if_index_set = 0; - u32 proto = ~0; + u32 proto = NAT_PROTOCOL_OTHER; u8 proto_set = 0; int ret; diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c index 61719c73081..94679fb402c 100755 --- a/src/plugins/nat/out2in.c +++ b/src/plugins/nat/out2in.c @@ -278,7 +278,7 @@ static_always_inline if (!icmp_type_is_error_message (vnet_buffer (b)->ip.reass.icmp_type_or_tcp_flags)) { - key0.protocol = SNAT_PROTOCOL_ICMP; + key0.protocol = NAT_PROTOCOL_ICMP; key0.addr = ip0->dst_address; key0.port = vnet_buffer (b)->ip.reass.l4_src_port; // TODO should this be dst port? } @@ -286,17 +286,17 @@ static_always_inline { inner_ip0 = (ip4_header_t *) (echo0 + 1); l4_header = ip4_next_header (inner_ip0); - key0.protocol = ip_proto_to_snat_proto (inner_ip0->protocol); + key0.protocol = ip_proto_to_nat_proto (inner_ip0->protocol); key0.addr = inner_ip0->src_address; switch (key0.protocol) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: inner_icmp0 = (icmp46_header_t *) l4_header; inner_echo0 = (icmp_echo_header_t *) (inner_icmp0 + 1); key0.port = inner_echo0->identifier; break; - case SNAT_PROTOCOL_UDP: - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_UDP: + case NAT_PROTOCOL_TCP: key0.port = ((tcp_udp_header_t *) l4_header)->src_port; break; default: @@ -624,7 +624,7 @@ icmp_out2in (snat_main_t * sm, switch (protocol) { - case SNAT_PROTOCOL_ICMP: + case NAT_PROTOCOL_ICMP: inner_icmp0 = (icmp46_header_t *) l4_header; inner_echo0 = (icmp_echo_header_t *) (inner_icmp0 + 1); @@ -638,8 +638,8 @@ icmp_out2in (snat_main_t * sm, identifier); icmp0->checksum = ip_csum_fold (sum0); break; - case SNAT_PROTOCOL_UDP: - case SNAT_PROTOCOL_TCP: + case NAT_PROTOCOL_UDP: + case NAT_PROTOCOL_TCP: old_id0 = ((tcp_udp_header_t *) l4_header)->src_port; new_id0 = sm0.port; ((tcp_udp_header_t *) l4_header)->src_port = new_id0; @@ -813,9 +813,9 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, goto trace0; } - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { if (nat_out2in_sm_unknown_proto (sm, b0, ip0, rx_fib_index0)) { @@ -830,7 +830,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, goto trace0; } - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { next0 = icmp_out2in_slow_path (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node, @@ -859,7 +859,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - (proto0 == SNAT_PROTOCOL_UDP + (proto0 == NAT_PROTOCOL_UDP && (vnet_buffer (b0)->ip.reass.l4_dst_port == clib_host_to_net_u16 (UDP_DST_PORT_dhcp_to_client)))) @@ -903,7 +903,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, dst_address /* changed member */ ); ip0->checksum = ip_csum_fold (sum0); - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment) { @@ -985,9 +985,9 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, goto trace1; } - proto1 = ip_proto_to_snat_proto (ip1->protocol); + proto1 = ip_proto_to_nat_proto (ip1->protocol); - if (PREDICT_FALSE (proto1 == ~0)) + if (PREDICT_FALSE (proto1 == NAT_PROTOCOL_OTHER)) { if (nat_out2in_sm_unknown_proto (sm, b1, ip1, rx_fib_index1)) { @@ -1002,7 +1002,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, goto trace1; } - if (PREDICT_FALSE (proto1 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto1 == NAT_PROTOCOL_ICMP)) { next1 = icmp_out2in_slow_path (sm, b1, ip1, icmp1, sw_if_index1, rx_fib_index1, node, @@ -1031,7 +1031,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - (proto1 == SNAT_PROTOCOL_UDP + (proto1 == NAT_PROTOCOL_UDP && (vnet_buffer (b1)->ip.reass.l4_dst_port == clib_host_to_net_u16 (UDP_DST_PORT_dhcp_to_client)))) @@ -1077,7 +1077,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, dst_address /* changed member */ ); ip1->checksum = ip_csum_fold (sum1); - if (PREDICT_TRUE (proto1 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto1 == NAT_PROTOCOL_TCP)) { if (!vnet_buffer (b1)->ip.reass.is_non_first_fragment) { @@ -1190,9 +1190,9 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index, sw_if_index0); - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { if (nat_out2in_sm_unknown_proto (sm, b0, ip0, rx_fib_index0)) { @@ -1217,7 +1217,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, goto trace00; } - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { next0 = icmp_out2in_slow_path (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node, @@ -1246,7 +1246,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - (proto0 == SNAT_PROTOCOL_UDP + (proto0 == NAT_PROTOCOL_UDP && (vnet_buffer (b0)->ip.reass.l4_dst_port == clib_host_to_net_u16 (UDP_DST_PORT_dhcp_to_client)))) @@ -1292,7 +1292,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, dst_address /* changed member */ ); ip0->checksum = ip_csum_fold (sum0); - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment) { @@ -1472,12 +1472,12 @@ VLIB_NODE_FN (snat_out2in_fast_node) (vlib_main_t * vm, goto trace00; } - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) goto trace00; - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { next0 = icmp_out2in (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node, next0, ~0, 0, 0); @@ -1511,7 +1511,7 @@ VLIB_NODE_FN (snat_out2in_fast_node) (vlib_main_t * vm, old_port0 = udp0->dst_port; udp0->dst_port = new_port0; - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { sum0 = tcp0->checksum; sum0 = ip_csum_update (sum0, old_addr0, new_addr0, @@ -1536,7 +1536,7 @@ VLIB_NODE_FN (snat_out2in_fast_node) (vlib_main_t * vm, } else { - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { sum0 = tcp0->checksum; sum0 = ip_csum_update (sum0, old_addr0, new_addr0, diff --git a/src/plugins/nat/out2in_ed.c b/src/plugins/nat/out2in_ed.c index a30ffd972d1..9db82e00ab4 100644 --- a/src/plugins/nat/out2in_ed.c +++ b/src/plugins/nat/out2in_ed.c @@ -122,7 +122,7 @@ nat44_o2i_ed_is_idle_session_cb (clib_bihash_kv_16_8_t * kv, void *arg) } else { - proto = snat_proto_to_ip_proto (s->in2out.protocol); + proto = nat_proto_to_ip_proto (s->in2out.protocol); l_port = s->in2out.port; r_port = s->ext_host_port; } @@ -228,7 +228,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm, udp = ip4_next_header (ip); s->ext_host_addr.as_u32 = ip->src_address.as_u32; - s->ext_host_port = e_key.protocol == SNAT_PROTOCOL_ICMP ? 0 : udp->src_port; + s->ext_host_port = e_key.protocol == NAT_PROTOCOL_ICMP ? 0 : udp->src_port; s->flags |= SNAT_SESSION_FLAG_STATIC_MAPPING; if (lb_nat) s->flags |= SNAT_SESSION_FLAG_LOAD_BALANCING; @@ -376,7 +376,7 @@ create_bypass_for_fwd (snat_main_t * sm, vlib_buffer_t * b, ip4_header_t * ip, return; } - proto = ip_proto_to_snat_proto (ip->protocol); + proto = ip_proto_to_nat_proto (ip->protocol); s->ext_host_addr = ip->src_address; s->ext_host_port = r_port; @@ -384,7 +384,7 @@ create_bypass_for_fwd (snat_main_t * sm, vlib_buffer_t * b, ip4_header_t * ip, s->out2in.addr = ip->dst_address; s->out2in.port = l_port; s->out2in.protocol = proto; - if (proto == ~0) + if (proto == NAT_PROTOCOL_OTHER) { s->flags |= SNAT_SESSION_FLAG_UNKNOWN_PROTO; s->out2in.port = ip->protocol; @@ -456,7 +456,7 @@ icmp_match_out2in_ed (snat_main_t * sm, vlib_node_runtime_t * node, /* Try to match static mapping */ e_key.addr = ip->dst_address; e_key.port = l_port; - e_key.protocol = ip_proto_to_snat_proto (ip->protocol); + e_key.protocol = ip_proto_to_nat_proto (ip->protocol); e_key.fib_index = rx_fib_index; if (snat_static_mapping_match (sm, e_key, &l_key, 1, &is_addr_only, 0, 0, 0, &identity_nat)) @@ -713,15 +713,15 @@ nat44_ed_out2in_fast_path_node_fn_inline (vlib_main_t * vm, udp0 = ip4_next_header (ip0); tcp0 = (tcp_header_t *) udp0; - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { next0 = NAT_NEXT_OUT2IN_ED_SLOW_PATH; goto trace0; } - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { next0 = NAT_NEXT_OUT2IN_ED_SLOW_PATH; goto trace0; @@ -784,7 +784,7 @@ nat44_ed_out2in_fast_path_node_fn_inline (vlib_main_t * vm, old_port0 = vnet_buffer (b0)->ip.reass.l4_dst_port; - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment) { @@ -988,9 +988,9 @@ nat44_ed_out2in_slow_path_node_fn_inline (vlib_main_t * vm, udp0 = ip4_next_header (ip0); tcp0 = (tcp_header_t *) udp0; icmp0 = (icmp46_header_t *) udp0; - proto0 = ip_proto_to_snat_proto (ip0->protocol); + proto0 = ip_proto_to_nat_proto (ip0->protocol); - if (PREDICT_FALSE (proto0 == ~0)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_OTHER)) { s0 = nat44_ed_out2in_unknown_proto (sm, b0, ip0, rx_fib_index0, @@ -1004,7 +1004,7 @@ nat44_ed_out2in_slow_path_node_fn_inline (vlib_main_t * vm, goto trace0; } - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP)) + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_ICMP)) { next0 = icmp_out2in_ed_slow_path (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node, @@ -1049,7 +1049,7 @@ nat44_ed_out2in_slow_path_node_fn_inline (vlib_main_t * vm, * Send DHCP packets to the ipv4 stack, or we won't * be able to use dhcp client on the outside interface */ - if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_UDP + if (PREDICT_FALSE (proto0 == NAT_PROTOCOL_UDP && (vnet_buffer (b0)->ip. reass.l4_dst_port == clib_host_to_net_u16 @@ -1087,7 +1087,7 @@ nat44_ed_out2in_slow_path_node_fn_inline (vlib_main_t * vm, if (PREDICT_FALSE (identity_nat0)) goto trace0; - if ((proto0 == SNAT_PROTOCOL_TCP) + if ((proto0 == NAT_PROTOCOL_TCP) && !tcp_flags_is_init (vnet_buffer (b0)->ip. reass.icmp_type_or_tcp_flags)) { @@ -1125,7 +1125,7 @@ nat44_ed_out2in_slow_path_node_fn_inline (vlib_main_t * vm, old_port0 = vnet_buffer (b0)->ip.reass.l4_dst_port; - if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP)) + if (PREDICT_TRUE (proto0 == NAT_PROTOCOL_TCP)) { if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment) { diff --git a/src/plugins/nat/test/test_nat.py b/src/plugins/nat/test/test_nat.py index 1cddc405f07..a8e2af763d0 100644 --- a/src/plugins/nat/test/test_nat.py +++ b/src/plugins/nat/test/test_nat.py @@ -38,7 +38,7 @@ class Event(Packet): fields_desc = [ByteEnumField("event_type", None, {1: "add", 2: "del", 3: "refresh"}), ByteEnumField("protocol", None, - {0: "udp", 1: "tcp", 2: "icmp"}), + {0: "other", 1: "udp", 2: "tcp", 3: "icmp"}), ShortField("flags", 0), IPField("in_addr", None), IPField("out_addr", None), |