aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/nat
diff options
context:
space:
mode:
Diffstat (limited to 'src/plugins/nat')
-rw-r--r--src/plugins/nat/nat.api12
-rw-r--r--src/plugins/nat/nat.c20
-rw-r--r--src/plugins/nat/nat.h6
-rw-r--r--src/plugins/nat/nat44_cli.c6
-rw-r--r--src/plugins/nat/nat_api.c34
5 files changed, 62 insertions, 16 deletions
diff --git a/src/plugins/nat/nat.api b/src/plugins/nat/nat.api
index 02c1627b9ce..aff8f1d3818 100644
--- a/src/plugins/nat/nat.api
+++ b/src/plugins/nat/nat.api
@@ -13,7 +13,7 @@
* limitations under the License.
*/
-option version = "2.3.0";
+option version = "2.4.0";
/**
* @file nat.api
@@ -353,6 +353,7 @@ define nat44_interface_output_feature_details {
@param twice_nat - if 1 translate external host address and port, only for
1:1 NAPT (addr_only must be 0)
@param out2in_only - if 1 rule match only out2in direction
+ @param tag - opaque string tag
*/
autoreply define nat44_add_del_static_mapping {
u32 client_index;
@@ -368,6 +369,7 @@ autoreply define nat44_add_del_static_mapping {
u32 vrf_id;
u8 twice_nat;
u8 out2in_only;
+ u8 tag[64];
};
/** \brief Dump NAT44 static mappings
@@ -391,6 +393,7 @@ define nat44_static_mapping_dump {
@param vfr_id - VRF ID
@param twice_nat - if 1 translate external host address and port
@param out2in_only - if 1 rule match only out2in direction
+ @param tag - opaque string tag
*/
define nat44_static_mapping_details {
u32 context;
@@ -404,6 +407,7 @@ define nat44_static_mapping_details {
u32 vrf_id;
u8 twice_nat;
u8 out2in_only;
+ u8 tag[64];
};
/** \brief Add/delete NAT44 identity mapping
@@ -417,6 +421,7 @@ define nat44_static_mapping_details {
@param sw_if_index - interface (if set ip_address is ignored, ~0 means not
used)
@param vfr_id - VRF ID (if ~0 use default VRF)
+ @param tag - opaque string tag
*/
autoreply define nat44_add_del_identity_mapping {
u32 client_index;
@@ -428,6 +433,7 @@ autoreply define nat44_add_del_identity_mapping {
u16 port;
u32 sw_if_index;
u32 vrf_id;
+ u8 tag[64];
};
/** \brief Dump NAT44 identity mappings
@@ -447,6 +453,7 @@ define nat44_identity_mapping_dump {
@param port - port number
@param sw_if_index - interface
@param vfr_id - VRF ID
+ @param tag - opaque string tag
*/
define nat44_identity_mapping_details {
u32 context;
@@ -456,6 +463,7 @@ define nat44_identity_mapping_details {
u16 port;
u32 sw_if_index;
u32 vrf_id;
+ u8 tag[64];
};
/** \brief Add/delete NAT44 pool address from specific interfce
@@ -572,6 +580,7 @@ autoreply manual_endian define nat44_add_del_lb_static_mapping {
u32 vrf_id;
u8 twice_nat;
u8 out2in_only;
+ u8 tag[64];
u8 local_num;
vl_api_nat44_lb_addr_port_t locals[local_num];
};
@@ -589,6 +598,7 @@ manual_endian define nat44_lb_static_mapping_details {
u32 vrf_id;
u8 twice_nat;
u8 out2in_only;
+ u8 tag[64];
u8 local_num;
vl_api_nat44_lb_addr_port_t locals[local_num];
};
diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c
index 5c324f2388a..95004da26d8 100644
--- a/src/plugins/nat/nat.c
+++ b/src/plugins/nat/nat.c
@@ -623,7 +623,8 @@ snat_add_static_mapping_when_resolved (snat_main_t * sm,
u32 vrf_id,
snat_protocol_t proto,
int addr_only,
- int is_add)
+ int is_add,
+ u8 * tag)
{
snat_static_map_resolve_t *rp;
@@ -636,6 +637,7 @@ snat_add_static_mapping_when_resolved (snat_main_t * sm,
rp->proto = proto;
rp->addr_only = addr_only;
rp->is_add = is_add;
+ rp->tag = vec_dup (tag);
}
/**
@@ -653,13 +655,14 @@ snat_add_static_mapping_when_resolved (snat_main_t * sm,
* @param is_add If 0 delete static mapping, otherwise add.
* @param twice_nat If 1 translate external host address and port.
* @param out2in_only If 1 rule match only out2in direction
+ * @param tag - opaque string tag
*
* @returns
*/
int snat_add_static_mapping(ip4_address_t l_addr, ip4_address_t e_addr,
u16 l_port, u16 e_port, u32 vrf_id, int addr_only,
u32 sw_if_index, snat_protocol_t proto, int is_add,
- u8 twice_nat, u8 out2in_only)
+ u8 twice_nat, u8 out2in_only, u8 * tag)
{
snat_main_t * sm = &snat_main;
snat_static_mapping_t *m;
@@ -686,7 +689,7 @@ int snat_add_static_mapping(ip4_address_t l_addr, ip4_address_t e_addr,
{
snat_add_static_mapping_when_resolved
(sm, l_addr, l_port, sw_if_index, e_port, vrf_id, proto,
- addr_only, is_add);
+ addr_only, is_add, tag);
return 0;
}
else
@@ -770,6 +773,7 @@ int snat_add_static_mapping(ip4_address_t l_addr, ip4_address_t e_addr,
pool_get (sm->static_mappings, m);
memset (m, 0, sizeof (*m));
+ m->tag = vec_dup (tag);
m->local_addr = l_addr;
m->external_addr = e_addr;
m->addr_only = addr_only;
@@ -955,6 +959,7 @@ int snat_add_static_mapping(ip4_address_t l_addr, ip4_address_t e_addr,
}
}
+ vec_free (m->tag);
/* Delete static mapping from pool */
pool_put (sm->static_mappings, m);
}
@@ -986,7 +991,7 @@ int snat_add_static_mapping(ip4_address_t l_addr, ip4_address_t e_addr,
int nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port,
snat_protocol_t proto, u32 vrf_id,
nat44_lb_addr_port_t *locals, u8 is_add,
- u8 twice_nat, u8 out2in_only)
+ u8 twice_nat, u8 out2in_only, u8 *tag)
{
snat_main_t * sm = &snat_main;
snat_static_mapping_t *m;
@@ -1064,6 +1069,7 @@ int nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port,
pool_get (sm->static_mappings, m);
memset (m, 0, sizeof (*m));
+ m->tag = vec_dup (tag);
m->external_addr = e_addr;
m->addr_only = 0;
m->vrf_id = vrf_id;
@@ -1243,6 +1249,7 @@ int nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port,
}
}
vec_free(m->locals);
+ vec_free(m->tag);
pool_put (sm->static_mappings, m);
}
@@ -1287,7 +1294,7 @@ snat_del_address (snat_main_t *sm, ip4_address_t addr, u8 delete_sm,
m->local_port, m->external_port,
m->vrf_id, m->addr_only, ~0,
m->proto, 0, m->twice_nat,
- m->out2in_only);
+ m->out2in_only, m->tag);
}));
}
else
@@ -2661,10 +2668,11 @@ match:
~0 /* sw_if_index */,
rp->proto,
rp->is_add,
- 0, 0);
+ 0, 0, rp->tag);
if (rv)
clib_warning ("snat_add_static_mapping returned %d",
rv);
+ vec_free (rp->tag);
vec_add1 (indices_to_delete, j);
}
}
diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h
index bf975a14749..58bf8b340ce 100644
--- a/src/plugins/nat/nat.h
+++ b/src/plugins/nat/nat.h
@@ -222,6 +222,7 @@ typedef struct {
u32 fib_index;
snat_protocol_t proto;
u32 worker_index;
+ u8 *tag;
nat44_lb_addr_port_t *locals;
} snat_static_mapping_t;
@@ -240,6 +241,7 @@ typedef struct {
int addr_only;
int twice_nat;
int is_add;
+ u8 *tag;
} snat_static_map_resolve_t;
typedef struct {
@@ -548,7 +550,7 @@ void nat44_add_del_address_dpo (ip4_address_t addr, u8 is_add);
int snat_add_static_mapping(ip4_address_t l_addr, ip4_address_t e_addr,
u16 l_port, u16 e_port, u32 vrf_id, int addr_only,
u32 sw_if_index, snat_protocol_t proto, int is_add,
- u8 twice_nat, u8 out2in_only);
+ u8 twice_nat, u8 out2in_only, u8 *tag);
clib_error_t * snat_api_init(vlib_main_t * vm, snat_main_t * sm);
int snat_set_workers (uword * bitmap);
int snat_interface_add_del(u32 sw_if_index, u8 is_inside, int is_del);
@@ -561,7 +563,7 @@ u8 * format_snat_protocol(u8 * s, va_list * args);
int nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port,
snat_protocol_t proto, u32 vrf_id,
nat44_lb_addr_port_t *locals, u8 is_add,
- u8 twice_nat, u8 out2in_only);
+ u8 twice_nat, u8 out2in_only, u8 *tag);
int nat44_del_session (snat_main_t *sm, ip4_address_t *addr, u16 port,
snat_protocol_t proto, u32 vrf_id, int is_in);
void nat_free_session_data (snat_main_t * sm, snat_session_t * s,
diff --git a/src/plugins/nat/nat44_cli.c b/src/plugins/nat/nat44_cli.c
index 0aac1c0b6ce..5114615eb57 100644
--- a/src/plugins/nat/nat44_cli.c
+++ b/src/plugins/nat/nat44_cli.c
@@ -543,7 +543,7 @@ add_static_mapping_command_fn (vlib_main_t * vm,
rv = snat_add_static_mapping (l_addr, e_addr, (u16) l_port, (u16) e_port,
vrf_id, addr_only, sw_if_index, proto, is_add,
- twice_nat, out2in_only);
+ twice_nat, out2in_only, 0);
switch (rv)
{
@@ -618,7 +618,7 @@ add_identity_mapping_command_fn (vlib_main_t * vm,
rv = snat_add_static_mapping (addr, addr, (u16) port, (u16) port,
vrf_id, addr_only, sw_if_index, proto, is_add,
- 0, 0);
+ 0, 0, 0);
switch (rv)
{
@@ -715,7 +715,7 @@ add_lb_static_mapping_command_fn (vlib_main_t * vm,
rv = nat44_add_del_lb_static_mapping (e_addr, (u16) e_port, proto, vrf_id,
locals, is_add, twice_nat,
- out2in_only);
+ out2in_only, 0);
switch (rv)
{
diff --git a/src/plugins/nat/nat_api.c b/src/plugins/nat/nat_api.c
index f23efa8d89f..3cb7399558f 100644
--- a/src/plugins/nat/nat_api.c
+++ b/src/plugins/nat/nat_api.c
@@ -696,6 +696,7 @@ static void
u32 vrf_id, external_sw_if_index;
int rv = 0;
snat_protocol_t proto;
+ u8 *tag = 0;
memcpy (&local_addr.as_u8, mp->local_ip_address, 4);
memcpy (&external_addr.as_u8, mp->external_ip_address, 4);
@@ -707,11 +708,16 @@ static void
vrf_id = clib_net_to_host_u32 (mp->vrf_id);
external_sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
proto = ip_proto_to_snat_proto (mp->protocol);
+ mp->tag[sizeof (mp->tag) - 1] = 0;
+ tag = format (0, "%s", mp->tag);
+ vec_terminate_c_string (tag);
rv = snat_add_static_mapping (local_addr, external_addr, local_port,
external_port, vrf_id, mp->addr_only,
external_sw_if_index, proto, mp->is_add,
- mp->twice_nat, mp->out2in_only);
+ mp->twice_nat, mp->out2in_only, tag);
+
+ vec_free (tag);
REPLY_MACRO (VL_API_NAT44_ADD_DEL_STATIC_MAPPING_REPLY);
}
@@ -766,6 +772,8 @@ send_nat44_static_mapping_details (snat_static_mapping_t * m,
rmp->context = context;
rmp->twice_nat = m->twice_nat;
rmp->out2in_only = m->out2in_only;
+ if (m->tag)
+ strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
vl_api_send_msg (reg, (u8 *) rmp);
}
@@ -791,6 +799,8 @@ send_nat44_static_map_resolve_details (snat_static_map_resolve_t * m,
rmp->protocol = snat_proto_to_ip_proto (m->proto);
rmp->context = context;
rmp->twice_nat = m->twice_nat;
+ if (m->tag)
+ strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
vl_api_send_msg (reg, (u8 *) rmp);
}
@@ -847,6 +857,7 @@ static void
u32 vrf_id, sw_if_index;
int rv = 0;
snat_protocol_t proto = ~0;
+ u8 *tag = 0;
if (mp->addr_only == 0)
{
@@ -859,11 +870,15 @@ static void
addr.as_u32 = 0;
else
memcpy (&addr.as_u8, mp->ip_address, 4);
-
+ mp->tag[sizeof (mp->tag) - 1] = 0;
+ tag = format (0, "%s", mp->tag);
+ vec_terminate_c_string (tag);
rv =
snat_add_static_mapping (addr, addr, port, port, vrf_id, mp->addr_only,
- sw_if_index, proto, mp->is_add, 0, 0);
+ sw_if_index, proto, mp->is_add, 0, 0, tag);
+
+ vec_free (tag);
REPLY_MACRO (VL_API_NAT44_ADD_DEL_IDENTITY_MAPPING_REPLY);
}
@@ -908,6 +923,8 @@ send_nat44_identity_mapping_details (snat_static_mapping_t * m,
rmp->vrf_id = htonl (m->vrf_id);
rmp->protocol = snat_proto_to_ip_proto (m->proto);
rmp->context = context;
+ if (m->tag)
+ strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
vl_api_send_msg (reg, (u8 *) rmp);
}
@@ -930,6 +947,8 @@ send_nat44_identity_map_resolve_details (snat_static_map_resolve_t * m,
rmp->vrf_id = htonl (m->vrf_id);
rmp->protocol = snat_proto_to_ip_proto (m->proto);
rmp->context = context;
+ if (m->tag)
+ strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
vl_api_send_msg (reg, (u8 *) rmp);
}
@@ -1238,19 +1257,24 @@ static void
nat44_lb_addr_port_t *locals = 0;
ip4_address_t e_addr;
snat_protocol_t proto;
+ u8 *tag = 0;
locals = unformat_nat44_lb_addr_port (mp->locals, mp->local_num);
clib_memcpy (&e_addr, mp->external_addr, 4);
proto = ip_proto_to_snat_proto (mp->protocol);
+ mp->tag[sizeof (mp->tag) - 1] = 0;
+ tag = format (0, "%s", mp->tag);
+ vec_terminate_c_string (tag);
rv =
nat44_add_del_lb_static_mapping (e_addr,
clib_net_to_host_u16 (mp->external_port),
proto, clib_net_to_host_u32 (mp->vrf_id),
locals, mp->is_add, mp->twice_nat,
- mp->out2in_only);
+ mp->out2in_only, tag);
vec_free (locals);
+ vec_free (tag);
REPLY_MACRO (VL_API_NAT44_ADD_DEL_LB_STATIC_MAPPING_REPLY);
}
@@ -1291,6 +1315,8 @@ send_nat44_lb_static_mapping_details (snat_static_mapping_t * m,
rmp->context = context;
rmp->twice_nat = m->twice_nat;
rmp->out2in_only = m->out2in_only;
+ if (m->tag)
+ strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
locals = (vl_api_nat44_lb_addr_port_t *) rmp->locals;
vec_foreach (ap, m->locals)