diff options
Diffstat (limited to 'src')
-rwxr-xr-x | src/plugins/nat/in2out.c | 16 | ||||
-rw-r--r-- | src/plugins/nat/in2out_ed.c | 30 | ||||
-rw-r--r-- | src/plugins/nat/nat.api | 23 | ||||
-rwxr-xr-x | src/plugins/nat/nat.c | 64 | ||||
-rw-r--r-- | src/plugins/nat/nat.h | 101 | ||||
-rw-r--r-- | src/plugins/nat/nat44_classify.c | 12 | ||||
-rw-r--r-- | src/plugins/nat/nat44_cli.c | 46 | ||||
-rw-r--r-- | src/plugins/nat/nat64.c | 10 | ||||
-rw-r--r-- | src/plugins/nat/nat66.c | 8 | ||||
-rw-r--r-- | src/plugins/nat/nat_affinity.c | 10 | ||||
-rw-r--r-- | src/plugins/nat/nat_api.c | 28 | ||||
-rw-r--r-- | src/plugins/nat/nat_ha.c | 32 | ||||
-rw-r--r-- | src/plugins/nat/nat_inlines.h | 6 | ||||
-rwxr-xr-x | src/plugins/nat/nat_ipfix_logging.c | 38 | ||||
-rwxr-xr-x | src/plugins/nat/nat_reass.c | 8 | ||||
-rwxr-xr-x | src/plugins/nat/out2in.c | 16 | ||||
-rw-r--r-- | src/plugins/nat/out2in_ed.c | 34 |
17 files changed, 340 insertions, 142 deletions
diff --git a/src/plugins/nat/in2out.c b/src/plugins/nat/in2out.c index 8bdb792442a..c69bc61236b 100755 --- a/src/plugins/nat/in2out.c +++ b/src/plugins/nat/in2out.c @@ -210,7 +210,7 @@ nat44_i2o_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg) { s_kv.key = s->out2in.as_u64; if (clib_bihash_add_del_8_8 (&tsm->out2in, &s_kv, 0)) - nat_log_warn ("out2in key del failed"); + nat_elog_warn ("out2in key del failed"); snat_ipfix_logging_nat44_ses_delete (ctx->thread_index, s->in2out.addr.as_u32, @@ -271,7 +271,7 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0, { b0->error = node->errors[SNAT_IN2OUT_ERROR_MAX_SESSIONS_EXCEEDED]; nat_ipfix_logging_max_sessions (thread_index, sm->max_translations); - nat_log_notice ("maximum sessions exceeded"); + nat_elog_notice ("maximum sessions exceeded"); return SNAT_IN2OUT_NEXT_DROP; } @@ -307,7 +307,7 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0, thread_index); if (!u) { - nat_log_warn ("create NAT user failed"); + nat_elog_warn ("create NAT user failed"); return SNAT_IN2OUT_NEXT_DROP; } @@ -315,7 +315,7 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0, if (!s) { nat44_delete_user_with_no_session (sm, u, thread_index); - nat_log_warn ("create NAT session failed"); + nat_elog_warn ("create NAT session failed"); return SNAT_IN2OUT_NEXT_DROP; } @@ -363,7 +363,7 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0, if (clib_bihash_add_or_overwrite_stale_8_8 (&sm->per_thread_data[thread_index].in2out, &kv0, nat44_i2o_is_idle_session_cb, &ctx0)) - nat_log_notice ("in2out key add failed"); + nat_elog_notice ("in2out key add failed"); kv0.key = s->out2in.as_u64; kv0.value = s - sm->per_thread_data[thread_index].sessions; @@ -371,7 +371,7 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0, if (clib_bihash_add_or_overwrite_stale_8_8 (&sm->per_thread_data[thread_index].out2in, &kv0, nat44_o2i_is_idle_session_cb, &ctx0)) - nat_log_notice ("out2in key add failed"); + nat_elog_notice ("out2in key add failed"); /* log NAT event */ snat_ipfix_logging_nat44_ses_create (thread_index, @@ -1777,7 +1777,7 @@ VLIB_NODE_FN (nat44_in2out_reass_node) (vlib_main_t * vm, { next0 = SNAT_IN2OUT_NEXT_DROP; b0->error = node->errors[SNAT_IN2OUT_ERROR_MAX_REASS]; - nat_log_notice ("maximum reassemblies exceeded"); + nat_elog_notice ("maximum reassemblies exceeded"); goto trace0; } @@ -1844,7 +1844,7 @@ VLIB_NODE_FN (nat44_in2out_reass_node) (vlib_main_t * vm, (thread_index, reass0, bi0, &fragments_to_drop)) { b0->error = node->errors[SNAT_IN2OUT_ERROR_MAX_FRAG]; - nat_log_notice + nat_elog_notice ("maximum fragments per reassembly exceeded"); next0 = SNAT_IN2OUT_NEXT_DROP; goto trace0; diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c index 3bcde10a487..60f820a1099 100644 --- a/src/plugins/nat/in2out_ed.c +++ b/src/plugins/nat/in2out_ed.c @@ -190,7 +190,7 @@ nat44_i2o_ed_is_idle_session_cb (clib_bihash_kv_16_8_t * kv, void *arg) ed_kv.key[0] = ed_key.as_u64[0]; ed_kv.key[1] = ed_key.as_u64[1]; if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &ed_kv, 0)) - nat_log_warn ("out2in_ed key del failed"); + nat_elog_warn ("out2in_ed key del failed"); if (snat_is_unk_proto_session (s)) goto delete; @@ -299,7 +299,7 @@ slow_path_ed (snat_main_t * sm, { b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_SESSIONS_EXCEEDED]; nat_ipfix_logging_max_sessions (thread_index, sm->max_translations); - nat_log_notice ("maximum sessions exceeded"); + nat_elog_notice ("maximum sessions exceeded"); return NAT_IN2OUT_ED_NEXT_DROP; } @@ -318,7 +318,7 @@ slow_path_ed (snat_main_t * sm, sm->port_per_thread, tsm->snat_thread_index)) { - nat_log_notice ("addresses exhausted"); + nat_elog_notice ("addresses exhausted"); b->error = node->errors[NAT_IN2OUT_ED_ERROR_OUT_OF_PORTS]; return NAT_IN2OUT_ED_NEXT_DROP; } @@ -346,7 +346,7 @@ slow_path_ed (snat_main_t * sm, u = nat_user_get_or_create (sm, &key->l_addr, rx_fib_index, thread_index); if (!u) { - nat_log_warn ("create NAT user failed"); + nat_elog_warn ("create NAT user failed"); if (!is_sm) snat_free_outside_address_and_port (sm->addresses, thread_index, &key1); @@ -357,7 +357,7 @@ slow_path_ed (snat_main_t * sm, if (!s) { nat44_delete_user_with_no_session (sm, u, thread_index); - nat_log_warn ("create NAT session failed"); + nat_elog_warn ("create NAT session failed"); if (!is_sm) snat_free_outside_address_and_port (sm->addresses, thread_index, &key1); @@ -409,7 +409,7 @@ slow_path_ed (snat_main_t * sm, if (clib_bihash_add_or_overwrite_stale_16_8 (&tsm->in2out_ed, kv, nat44_i2o_ed_is_idle_session_cb, &ctx)) - nat_log_notice ("in2out-ed key add failed"); + nat_elog_notice ("in2out-ed key add failed"); make_ed_kv (kv, &key1.addr, &key->r_addr, key->proto, s->out2in.fib_index, key1.port, key->r_port); @@ -417,7 +417,7 @@ slow_path_ed (snat_main_t * sm, if (clib_bihash_add_or_overwrite_stale_16_8 (&tsm->out2in_ed, kv, nat44_o2i_ed_is_idle_session_cb, &ctx)) - nat_log_notice ("out2in-ed key add failed"); + nat_elog_notice ("out2in-ed key add failed"); *sessionp = s; @@ -562,8 +562,6 @@ nat44_ed_not_translate_output_feature (snat_main_t * sm, ip4_header_t * ip, s = pool_elt_at_index (tsm->sessions, value.value); if (nat44_is_ses_closed (s)) { - nat_log_debug ("TCP close connection %U", format_snat_session, - &sm->per_thread_data[thread_index], s); nat_free_session_data (sm, s, thread_index, 0); nat44_delete_session (sm, s, thread_index); } @@ -780,7 +778,7 @@ nat44_ed_in2out_unknown_proto (snat_main_t * sm, { b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_SESSIONS_EXCEEDED]; nat_ipfix_logging_max_sessions (thread_index, sm->max_translations); - nat_log_notice ("maximum sessions exceeded"); + nat_elog_notice ("maximum sessions exceeded"); return 0; } @@ -788,7 +786,7 @@ nat44_ed_in2out_unknown_proto (snat_main_t * sm, thread_index); if (!u) { - nat_log_warn ("create NAT user failed"); + nat_elog_warn ("create NAT user failed"); return 0; } @@ -857,7 +855,7 @@ nat44_ed_in2out_unknown_proto (snat_main_t * sm, if (!s) { nat44_delete_user_with_no_session (sm, u, thread_index); - nat_log_warn ("create NAT session failed"); + nat_elog_warn ("create NAT session failed"); return 0; } @@ -878,13 +876,13 @@ nat44_ed_in2out_unknown_proto (snat_main_t * sm, rx_fib_index, 0, 0); s_kv.value = s - tsm->sessions; if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &s_kv, 1)) - nat_log_notice ("in2out key add failed"); + nat_elog_notice ("in2out key add failed"); make_ed_kv (&s_kv, &s->out2in.addr, &ip->dst_address, ip->protocol, outside_fib_index, 0, 0); s_kv.value = s - tsm->sessions; if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &s_kv, 1)) - nat_log_notice ("out2in key add failed"); + nat_elog_notice ("out2in key add failed"); } /* Update IP checksum */ @@ -1860,7 +1858,7 @@ nat44_ed_in2out_reass_node_fn_inline (vlib_main_t * vm, { next0 = NAT_IN2OUT_ED_NEXT_DROP; b0->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_REASS]; - nat_log_notice ("maximum reassemblies exceeded"); + nat_elog_notice ("maximum reassemblies exceeded"); goto trace0; } @@ -1963,7 +1961,7 @@ nat44_ed_in2out_reass_node_fn_inline (vlib_main_t * vm, (thread_index, reass0, bi0, &fragments_to_drop)) { b0->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_FRAG]; - nat_log_notice + nat_elog_notice ("maximum fragments per reassembly exceeded"); next0 = NAT_IN2OUT_ED_NEXT_DROP; goto trace0; diff --git a/src/plugins/nat/nat.api b/src/plugins/nat/nat.api index 4ce1db17c52..b5057ce1d3c 100644 --- a/src/plugins/nat/nat.api +++ b/src/plugins/nat/nat.api @@ -13,7 +13,7 @@ * limitations under the License. */ -option version = "5.0.0"; +option version = "5.1.0"; import "vnet/ip/ip_types.api"; import "vnet/interface_types.api"; @@ -120,6 +120,27 @@ define nat_show_config_reply u32 nat64_st_memory_size; }; +enum nat_log_level : u8 +{ + NAT_LOG_NONE = 0x00, + NAT_LOG_ERROR = 0x01, + NAT_LOG_WARNING = 0x02, + NAT_LOG_NOTICE = 0x03, + NAT_LOG_INFO = 0x04, + NAT_LOG_DEBUG = 0x05, +}; + +/** \brief Set NAT logging level + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request + @param log_level - logging level +*/ +autoreply define nat_set_log_level { + u32 client_index; + u32 context; + vl_api_nat_log_level_t log_level; +}; + /** \brief Set NAT workers @param client_index - opaque cookie to identify the sender @param context - sender context, to match reply w/ request diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c index e6d4ae5a9c6..1f27fb8c788 100755 --- a/src/plugins/nat/nat.c +++ b/src/plugins/nat/nat.c @@ -206,7 +206,7 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index, ed_kv.key[0] = ed_key.as_u64[0]; ed_kv.key[1] = ed_key.as_u64[1]; if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &ed_kv, 0)) - nat_log_warn ("in2out_ed key del failed"); + nat_elog_warn ("in2out_ed key del failed"); return; } @@ -234,7 +234,7 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index, ed_kv.key[0] = ed_key.as_u64[0]; ed_kv.key[1] = ed_key.as_u64[1]; if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &ed_kv, 0)) - nat_log_warn ("out2in_ed key del failed"); + nat_elog_warn ("out2in_ed key del failed"); ed_key.l_addr = s->in2out.addr; ed_key.fib_index = s->in2out.fib_index; if (!snat_is_unk_proto_session (s)) @@ -247,7 +247,7 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index, ed_kv.key[0] = ed_key.as_u64[0]; ed_kv.key[1] = ed_key.as_u64[1]; if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &ed_kv, 0)) - nat_log_warn ("in2out_ed key del failed"); + nat_elog_warn ("in2out_ed key del failed"); if (!is_ha) nat_syslog_nat44_sdel (s->user_index, s->in2out.fib_index, @@ -261,10 +261,10 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index, { kv.key = s->in2out.as_u64; if (clib_bihash_add_del_8_8 (&tsm->in2out, &kv, 0)) - nat_log_warn ("in2out key del failed"); + nat_elog_warn ("in2out key del failed"); kv.key = s->out2in.as_u64; if (clib_bihash_add_del_8_8 (&tsm->out2in, &kv, 0)) - nat_log_warn ("out2in key del failed"); + nat_elog_warn ("out2in key del failed"); if (!is_ha) nat_syslog_nat44_apmdel (s->user_index, s->in2out.fib_index, @@ -343,7 +343,7 @@ nat_user_get_or_create (snat_main_t * sm, ip4_address_t * addr, u32 fib_index, /* add user */ if (clib_bihash_add_del_8_8 (&tsm->user_hash, &kv, 1)) - nat_log_warn ("user_hash keay add failed"); + nat_elog_warn ("user_hash keay add failed"); vlib_set_simple_counter (&sm->total_users, thread_index, 0, pool_elts (tsm->users)); @@ -475,8 +475,8 @@ nat_ed_session_alloc (snat_main_t * sm, snat_user_t * u, u32 thread_index, if ((u->nsessions + u->nstaticsessions) >= sm->max_translations_per_user) { - nat_log_warn ("max translations per user %U", format_ip4_address, - &u->addr); + nat_elog_addr (SNAT_LOG_WARNING, "[warn] max translations per user", + clib_net_to_host_u32 (u->addr.as_u32)); snat_ipfix_logging_max_entries_per_user (thread_index, sm->max_translations_per_user, u->addr.as_u32); return 0; @@ -871,7 +871,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, foreach_snat_protocol #undef _ default: - nat_log_info ("unknown protocol"); + nat_elog_info ("unknown protocol"); return VNET_API_ERROR_INVALID_VALUE_2; } break; @@ -1053,7 +1053,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, foreach_snat_protocol #undef _ default: - nat_log_info ("unknown protocol"); + nat_elog_info ("unknown protocol"); return VNET_API_ERROR_INVALID_VALUE_2; } break; @@ -1234,7 +1234,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, foreach_snat_protocol #undef _ default: - nat_log_info ("unknown protocol"); + nat_elog_info ("unknown protocol"); return VNET_API_ERROR_INVALID_VALUE_2; } break; @@ -1271,7 +1271,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, kv.value = m - sm->static_mappings; if (clib_bihash_add_del_8_8 (&sm->static_mapping_by_external, &kv, 1)) { - nat_log_err ("static_mapping_by_external key add failed"); + nat_elog_err ("static_mapping_by_external key add failed"); return VNET_API_ERROR_UNSPECIFIED; } @@ -1347,7 +1347,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, foreach_snat_protocol #undef _ default: - nat_log_info ("unknown protocol"); + nat_elog_info ("unknown protocol"); return VNET_API_ERROR_INVALID_VALUE_2; } break; @@ -1362,7 +1362,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, kv.key = m_key.as_u64; if (clib_bihash_add_del_8_8 (&sm->static_mapping_by_external, &kv, 0)) { - nat_log_err ("static_mapping_by_external key del failed"); + nat_elog_err ("static_mapping_by_external key del failed"); return VNET_API_ERROR_UNSPECIFIED; } @@ -1379,7 +1379,7 @@ nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, kv.key = m_key.as_u64; if (clib_bihash_add_del_8_8(&sm->static_mapping_by_local, &kv, 0)) { - nat_log_err ("static_mapping_by_local key del failed"); + nat_elog_err ("static_mapping_by_local key del failed"); return VNET_API_ERROR_UNSPECIFIED; } } @@ -1513,7 +1513,7 @@ nat44_lb_static_mapping_add_del_local (ip4_address_t e_addr, u16 e_port, kv.key = m_key.as_u64; kv.value = m - sm->static_mappings; if (clib_bihash_add_del_8_8 (&sm->static_mapping_by_local, &kv, 1)) - nat_log_err ("static_mapping_by_local key add failed"); + nat_elog_err ("static_mapping_by_local key add failed"); } } else @@ -1534,7 +1534,7 @@ nat44_lb_static_mapping_add_del_local (ip4_address_t e_addr, u16 e_port, m_key.fib_index = match_local->fib_index; kv.key = m_key.as_u64; if (clib_bihash_add_del_8_8 (&sm->static_mapping_by_local, &kv, 0)) - nat_log_err ("static_mapping_by_local key del failed"); + nat_elog_err ("static_mapping_by_local key del failed"); } if (sm->num_workers > 1) @@ -1669,7 +1669,7 @@ snat_del_address (snat_main_t * sm, ip4_address_t addr, u8 delete_sm, /* Check if address is used in some static mapping */ if (is_snat_address_used_in_static_mapping (sm, addr)) { - nat_log_notice ("address used in static mapping"); + nat_elog_notice ("address used in static mapping"); return VNET_API_ERROR_UNSPECIFIED; } } @@ -2297,6 +2297,7 @@ snat_init (vlib_main_t * vm) sm->addr_and_port_alloc_alg = NAT_ADDR_AND_PORT_ALLOC_ALG_DEFAULT; sm->forwarding_enabled = 0; sm->log_class = vlib_log_register_class ("nat", 0); + sm->log_level = SNAT_LOG_NONE; sm->mss_clamping = 0; node = vlib_get_node_by_name (vm, (u8 *) "error-drop"); @@ -2463,7 +2464,7 @@ snat_free_outside_address_and_port (snat_address_t * addresses, foreach_snat_protocol #undef _ default: - nat_log_info ("unknown protocol"); + nat_elog_info ("unknown protocol"); return; } } @@ -2496,7 +2497,7 @@ nat_set_outside_address_and_port (snat_address_t * addresses, foreach_snat_protocol #undef _ default: - nat_log_info ("unknown protocol"); + nat_elog_info ("unknown protocol"); return 1; } } @@ -2603,7 +2604,7 @@ snat_static_mapping_match (snat_main_t * sm, match.protocol, match.port, tmp[lo], m->affinity, m->affinity_per_service_list_head_index)) - nat_log_info ("create affinity record failed"); + nat_elog_info ("create affinity record failed"); } vec_free (tmp); } @@ -2709,7 +2710,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses, foreach_snat_protocol #undef _ default: - nat_log_info ("unknown protocol"); + nat_elog_info ("unknown protocol"); return 1; } @@ -2740,7 +2741,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses, foreach_snat_protocol #undef _ default: - nat_log_info ("unknown protocol"); + nat_elog_info ("unknown protocol"); return 1; } } @@ -2790,7 +2791,7 @@ nat_alloc_addr_and_port_mape (snat_address_t * addresses, foreach_snat_protocol #undef _ default: - nat_log_info ("unknown protocol"); + nat_elog_info ("unknown protocol"); return 1; } @@ -2838,7 +2839,7 @@ nat_alloc_addr_and_port_range (snat_address_t * addresses, foreach_snat_protocol #undef _ default: - nat_log_info ("unknown protocol"); + nat_elog_info ("unknown protocol"); return 1; } @@ -3257,7 +3258,7 @@ nat_ha_sadd_cb (ip4_address_t * in_addr, u16 in_port, kv.key = key.as_u64; kv.value = s - tsm->sessions; if (clib_bihash_add_del_8_8 (&tsm->out2in, &kv, 1)) - nat_log_warn ("out2in key add failed"); + nat_elog_warn ("out2in key add failed"); key.addr.as_u32 = in_addr->as_u32; key.port = in_port; @@ -3265,7 +3266,7 @@ nat_ha_sadd_cb (ip4_address_t * in_addr, u16 in_port, s->in2out = key; kv.key = key.as_u64; if (clib_bihash_add_del_8_8 (&tsm->in2out, &kv, 1)) - nat_log_warn ("in2out key add failed"); + nat_elog_warn ("in2out key add failed"); } void @@ -3431,12 +3432,12 @@ nat_ha_sadd_ed_cb (ip4_address_t * in_addr, u16 in_port, snat_proto_to_ip_proto (proto), fib_index, in_port, s->ext_host_nat_port); if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &kv, 1)) - nat_log_warn ("in2out key add failed"); + nat_elog_warn ("in2out key add failed"); make_ed_kv (&kv, out_addr, eh_addr, snat_proto_to_ip_proto (proto), s->out2in.fib_index, out_port, eh_port); if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &kv, 1)) - nat_log_warn ("out2in key add failed"); + nat_elog_warn ("out2in key add failed"); } void @@ -3789,7 +3790,7 @@ match: rp->proto, !is_delete, rp->twice_nat, rp->out2in_only, rp->tag, rp->identity_nat); if (rv) - nat_log_notice ("snat_add_static_mapping returned %d", rv); + nat_elog_notice_X1 ("snat_add_static_mapping returned %d", "i4", rv); } static void @@ -3860,7 +3861,8 @@ match: rp->out2in_only, rp->tag, rp->identity_nat); if (rv) - nat_log_notice ("snat_add_static_mapping returned %d", rv); + nat_elog_notice_X1 ("snat_add_static_mapping returned %d", + "i4", rv); } } return; diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h index 237d945a724..664af39df99 100644 --- a/src/plugins/nat/nat.h +++ b/src/plugins/nat/nat.h @@ -23,6 +23,7 @@ #include <vnet/ethernet/ethernet.h> #include <vnet/ip/icmp46_packet.h> #include <vnet/api_errno.h> +#include <vppinfra/elog.h> #include <vppinfra/bihash_8_8.h> #include <vppinfra/bihash_16_8.h> #include <vppinfra/dlist.h> @@ -585,6 +586,8 @@ typedef struct snat_main_s /* log class */ vlib_log_class_t log_class; + /* logging level */ + u8 log_level; /* convenience */ vlib_main_t *vlib_main; @@ -744,6 +747,104 @@ unformat_function_t unformat_snat_protocol; #define nat_log_debug(...)\ vlib_log(VLIB_LOG_LEVEL_DEBUG, snat_main.log_class, __VA_ARGS__) +/* NAT API Logging Levels */ +#define foreach_nat_log_level \ + _(0x00, LOG_NONE) \ + _(0x01, LOG_ERROR) \ + _(0x02, LOG_WARNING) \ + _(0x03, LOG_NOTICE) \ + _(0x04, LOG_INFO) \ + _(0x05, LOG_DEBUG) + +typedef enum nat_log_level_t_ +{ +#define _(n,f) SNAT_##f = n, + foreach_nat_log_level +#undef _ +} nat_log_level_t; + +#define nat_elog(_level, _str) \ +do \ + { \ + snat_main_t *sm = &snat_main; \ + if (PREDICT_FALSE (sm->log_level >= _level)) \ + { \ + ELOG_TYPE_DECLARE (e) = \ + { \ + .format = "nat-msg" _str, \ + .format_args = "", \ + }; \ + ELOG_DATA (&sm->vlib_main->elog_main, e); \ + } \ + } while (0); + +#define nat_elog_addr(_level, _str, _addr) \ +do \ + { \ + if (PREDICT_FALSE (sm->log_level >= _level)) \ + { \ + ELOG_TYPE_DECLARE (e) = \ + { \ + .format = "nat-msg " _str " %d.%d.%d.%d", \ + .format_args = "i1i1i1i1", \ + }; \ + CLIB_PACKED(struct \ + { \ + u8 oct1; \ + u8 oct2; \ + u8 oct3; \ + u8 oct4; \ + }) *ed; \ + ed = ELOG_DATA (&vlib_global_main.elog_main, e); \ + ed->oct4 = _addr >> 24; \ + ed->oct3 = _addr >> 16; \ + ed->oct2 = _addr >> 8; \ + ed->oct1 = _addr; \ + } \ + } while (0); + +#define nat_elog_X1(_level, _fmt, _arg, _val1) \ +do \ + { \ + snat_main_t *sm = &snat_main; \ + if (PREDICT_FALSE (sm->log_level >= _level)) \ + { \ + ELOG_TYPE_DECLARE (e) = \ + { \ + .format = "nat-msg " _fmt, \ + .format_args = _arg, \ + }; \ + CLIB_PACKED(struct \ + { \ + typeof (_val1) val1; \ + }) *ed; \ + ed = ELOG_DATA (&sm->vlib_main->elog_main, e); \ + ed->val1 = _val1; \ + } \ + } while (0); + +#define nat_elog_notice(nat_elog_str) \ + nat_elog(SNAT_LOG_INFO, "[notice] " nat_elog_str) +#define nat_elog_warn(nat_elog_str) \ + nat_elog(SNAT_LOG_WARNING, "[warning] " nat_elog_str) +#define nat_elog_err(nat_elog_str) \ + nat_elog(SNAT_LOG_ERROR, "[error] " nat_elog_str) +#define nat_elog_debug(nat_elog_str) \ + nat_elog(SNAT_LOG_DEBUG, "[debug] " nat_elog_str) +#define nat_elog_info(nat_elog_str) \ + nat_elog(SNAT_LOG_INFO, "[info] " nat_elog_str) + +#define nat_elog_notice_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) \ + nat_elog_X1(SNAT_LOG_NOTICE, "[notice] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) +#define nat_elog_warn_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) \ + nat_elog_X1(SNAT_LOG_WARNING, "[warning] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) +#define nat_elog_err_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) \ + nat_elog_X1(SNAT_LOG_ERROR, "[error] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) +#define nat_elog_debug_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) \ + nat_elog_X1(SNAT_LOG_DEBUG, "[debug] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) +#define nat_elog_info_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) \ + nat_elog_X1(SNAT_LOG_INFO, "[info] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) + /* ICMP session match functions */ u32 icmp_match_in2out_fast (snat_main_t * sm, vlib_node_runtime_t * node, u32 thread_index, vlib_buffer_t * b0, diff --git a/src/plugins/nat/nat44_classify.c b/src/plugins/nat/nat44_classify.c index 5401b5b70ee..aa2bf73e94c 100644 --- a/src/plugins/nat/nat44_classify.c +++ b/src/plugins/nat/nat44_classify.c @@ -154,7 +154,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm, next0 = NAT44_CLASSIFY_NEXT_DROP; b0->error = node->errors[NAT44_CLASSIFY_ERROR_MAX_REASS]; - nat_log_notice ("maximum reassemblies exceeded"); + nat_elog_notice ("maximum reassemblies exceeded"); goto enqueue0; } if (!clib_bihash_search_16_8 (&tsm->in2out_ed, &ed_kv0, @@ -204,7 +204,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm, next0 = NAT44_CLASSIFY_NEXT_DROP; b0->error = node->errors[NAT44_CLASSIFY_ERROR_MAX_REASS]; - nat_log_notice ("maximum reassemblies exceeded"); + nat_elog_notice ("maximum reassemblies exceeded"); goto enqueue0; } /* check if first fragment has arrived */ @@ -217,7 +217,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm, { b0->error = node->errors[NAT44_CLASSIFY_ERROR_MAX_FRAG]; - nat_log_notice + nat_elog_notice ("maximum fragments per reassembly exceeded"); next0 = NAT44_CLASSIFY_NEXT_DROP; goto enqueue0; @@ -288,7 +288,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm, next0 = NAT44_CLASSIFY_NEXT_DROP; b0->error = node->errors[NAT44_CLASSIFY_ERROR_MAX_REASS]; - nat_log_notice ("maximum reassemblies exceeded"); + nat_elog_notice ("maximum reassemblies exceeded"); goto enqueue0; } /* save classification for future fragments and set past @@ -317,7 +317,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm, next0 = NAT44_CLASSIFY_NEXT_DROP; b0->error = node->errors[NAT44_CLASSIFY_ERROR_MAX_REASS]; - nat_log_notice ("maximum reassemblies exceeded"); + nat_elog_notice ("maximum reassemblies exceeded"); goto enqueue0; } if (reass0->classify_next == NAT_REASS_IP4_CLASSIFY_NONE) @@ -328,7 +328,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm, { b0->error = node->errors[NAT44_CLASSIFY_ERROR_MAX_FRAG]; - nat_log_notice + nat_elog_notice ("maximum fragments per reassembly exceeded"); next0 = NAT44_CLASSIFY_NEXT_DROP; goto enqueue0; diff --git a/src/plugins/nat/nat44_cli.c b/src/plugins/nat/nat44_cli.c index cfa294f2222..4dcfb8d8e57 100644 --- a/src/plugins/nat/nat44_cli.c +++ b/src/plugins/nat/nat44_cli.c @@ -116,6 +116,39 @@ nat_show_workers_commnad_fn (vlib_main_t * vm, unformat_input_t * input, } static clib_error_t * +snat_set_log_level_command_fn (vlib_main_t * vm, + unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + unformat_input_t _line_input, *line_input = &_line_input; + snat_main_t *sm = &snat_main; + u8 log_level = SNAT_LOG_NONE; + clib_error_t *error = 0; + + /* Get a line of input. */ + if (!unformat_user (input, unformat_line_input, line_input)) + return 0; + + if (!unformat (line_input, "level %d", &log_level)) + { + error = clib_error_return (0, "unknown input '%U'", + format_unformat_error, line_input); + goto done; + } + if (log_level > SNAT_LOG_DEBUG) + { + error = clib_error_return (0, "unknown logging level '%d'", log_level); + goto done; + } + sm->log_level = log_level; + +done: + unformat_free (line_input); + + return error; +} + +static clib_error_t * snat_ipfix_logging_enable_disable_command_fn (vlib_main_t * vm, unformat_input_t * input, vlib_cli_command_t * cmd) @@ -1945,6 +1978,19 @@ VLIB_CLI_COMMAND (nat_show_timeouts_command, static) = { /*? * @cliexpar + * @cliexstart{nat set logging level} + * To set NAT logging level use: + * Set nat logging level + * @cliexend +?*/ +VLIB_CLI_COMMAND (snat_set_log_level_command, static) = { + .path = "nat set logging level", + .function = snat_set_log_level_command_fn, + .short_help = "nat set logging level <level>", +}; + +/*? + * @cliexpar * @cliexstart{snat ipfix logging} * To enable NAT IPFIX logging use: * vpp# nat ipfix logging diff --git a/src/plugins/nat/nat64.c b/src/plugins/nat/nat64.c index 748205a1631..0fe29800420 100644 --- a/src/plugins/nat/nat64.c +++ b/src/plugins/nat/nat64.c @@ -306,7 +306,7 @@ nat64_set_hash (u32 bib_buckets, u32 bib_memory_size, u32 st_buckets, { if (nat64_db_init (db, bib_buckets, bib_memory_size, st_buckets, st_memory_size, nat64_free_out_addr_and_port)) - nat_log_err ("NAT64 DB init failed"); + nat_elog_err ("NAT64 DB init failed"); } /* *INDENT-ON* */ } @@ -606,7 +606,7 @@ nat64_free_out_addr_and_port (struct nat64_db_s *db, ip4_address_t * addr, foreach_snat_protocol #undef _ default: - nat_log_notice ("unknown protocol"); + nat_elog_notice ("unknown protocol"); return; } break; @@ -1120,7 +1120,7 @@ nat64_compose_ip6 (ip6_address_t * ip6, ip4_address_t * ip4, u32 fib_index) ip6->as_u32[3] = ip4->as_u32; break; default: - nat_log_notice ("invalid prefix length"); + nat_elog_notice ("invalid prefix length"); break; } } @@ -1193,7 +1193,7 @@ nat64_extract_ip4 (ip6_address_t * ip6, ip4_address_t * ip4, u32 fib_index) ip4->as_u32 = ip6->as_u32[3]; break; default: - nat_log_notice ("invalid prefix length"); + nat_elog_notice ("invalid prefix length"); break; } } @@ -1278,7 +1278,7 @@ nat64_expire_walk_fn (vlib_main_t * vm, vlib_node_runtime_t * rt, case NAT64_CLEANER_RESCHEDULE: break; default: - nat_log_notice ("unknown event %u", event_type); + nat_elog_notice_X1 ("unknown event %d", "i4", event_type); break; } diff --git a/src/plugins/nat/nat66.c b/src/plugins/nat/nat66.c index a6606a458a7..2caefab6480 100644 --- a/src/plugins/nat/nat66.c +++ b/src/plugins/nat/nat66.c @@ -185,7 +185,7 @@ nat66_static_mapping_add_del (ip6_address_t * l_addr, ip6_address_t * e_addr, kv.key[2] = sm_key.as_u64[2]; kv.value = sm - nm->sm; if (clib_bihash_add_del_24_8 (&nm->sm_l, &kv, 1)) - nat_log_warn ("nat66-static-map-by-local add key failed"); + nat_elog_warn ("nat66-static-map-by-local add key failed"); sm_key.addr.as_u64[0] = e_addr->as_u64[0]; sm_key.addr.as_u64[1] = e_addr->as_u64[1]; sm_key.fib_index = 0; @@ -193,7 +193,7 @@ nat66_static_mapping_add_del (ip6_address_t * l_addr, ip6_address_t * e_addr, kv.key[1] = sm_key.as_u64[1]; kv.key[2] = sm_key.as_u64[2]; if (clib_bihash_add_del_24_8 (&nm->sm_e, &kv, 1)) - nat_log_warn ("nat66-static-map-by-external add key failed"); + nat_elog_warn ("nat66-static-map-by-external add key failed"); vlib_validate_combined_counter (&nm->session_counters, kv.value); vlib_zero_combined_counter (&nm->session_counters, kv.value); @@ -205,7 +205,7 @@ nat66_static_mapping_add_del (ip6_address_t * l_addr, ip6_address_t * e_addr, kv.value = sm - nm->sm; if (clib_bihash_add_del_24_8 (&nm->sm_l, &kv, 0)) - nat_log_warn ("nat66-static-map-by-local delete key failed"); + nat_elog_warn ("nat66-static-map-by-local delete key failed"); sm_key.addr.as_u64[0] = e_addr->as_u64[0]; sm_key.addr.as_u64[1] = e_addr->as_u64[1]; sm_key.fib_index = 0; @@ -213,7 +213,7 @@ nat66_static_mapping_add_del (ip6_address_t * l_addr, ip6_address_t * e_addr, kv.key[1] = sm_key.as_u64[1]; kv.key[2] = sm_key.as_u64[2]; if (clib_bihash_add_del_24_8 (&nm->sm_e, &kv, 0)) - nat_log_warn ("nat66-static-map-by-external delete key failed"); + nat_elog_warn ("nat66-static-map-by-external delete key failed"); fib_table_unlock (sm->fib_index, FIB_PROTOCOL_IP6, FIB_SOURCE_PLUGIN_HI); pool_put (nm->sm, sm); diff --git a/src/plugins/nat/nat_affinity.c b/src/plugins/nat/nat_affinity.c index 28c25aecda5..5a6927118aa 100644 --- a/src/plugins/nat/nat_affinity.c +++ b/src/plugins/nat/nat_affinity.c @@ -115,7 +115,7 @@ nat_affinity_flush_service (u32 affinity_per_service_list_head_index) kv.key[1] = a->key.as_u64[1]; pool_put_index (nam->affinity_pool, elt->value); if (clib_bihash_add_del_16_8 (&nam->affinity_hash, &kv, 0)) - nat_log_warn ("affinity key del failed"); + nat_elog_warn ("affinity key del failed"); pool_put_index (nam->list_pool, elt_index); } pool_put_index (nam->list_pool, affinity_per_service_list_head_index); @@ -151,7 +151,7 @@ nat_affinity_find_and_lock (ip4_address_t client_addr, pool_put_index (nam->list_pool, a->per_service_index); pool_put_index (nam->affinity_pool, value.value); if (clib_bihash_add_del_16_8 (&nam->affinity_hash, &kv, 0)) - nat_log_warn ("affinity key del failed"); + nat_elog_warn ("affinity key del failed"); rv = 1; goto unlock; } @@ -179,7 +179,7 @@ affinity_is_expired_cb (clib_bihash_kv_16_8_t * kv, void *arg) pool_put_index (nam->list_pool, a->per_service_index); pool_put_index (nam->affinity_pool, kv->value); if (clib_bihash_add_del_16_8 (&nam->affinity_hash, kv, 0)) - nat_log_warn ("affinity key del failed"); + nat_elog_warn ("affinity key del failed"); return 1; } } @@ -205,7 +205,7 @@ nat_affinity_create_and_lock (ip4_address_t client_addr, if (!clib_bihash_search_16_8 (&nam->affinity_hash, &kv, &value)) { rv = 1; - nat_log_notice ("affinity key already exist"); + nat_elog_notice ("affinity key already exist"); goto unlock; } @@ -216,7 +216,7 @@ nat_affinity_create_and_lock (ip4_address_t client_addr, affinity_is_expired_cb, NULL); if (rv) { - nat_log_notice ("affinity key add failed"); + nat_elog_notice ("affinity key add failed"); pool_put (nam->affinity_pool, a); goto unlock; } diff --git a/src/plugins/nat/nat_api.c b/src/plugins/nat/nat_api.c index 63e1e756515..ff11a82f099 100644 --- a/src/plugins/nat/nat_api.c +++ b/src/plugins/nat/nat_api.c @@ -250,6 +250,33 @@ vl_api_nat_worker_dump_t_print (vl_api_nat_worker_dump_t * mp, void *handle) } static void +vl_api_nat_set_log_level_t_handler (vl_api_nat_set_log_level_t * mp) +{ + snat_main_t *sm = &snat_main; + vl_api_nat_set_log_level_reply_t *rmp; + int rv = 0; + + if (sm->log_level > NAT_LOG_DEBUG) + rv = VNET_API_ERROR_UNSUPPORTED; + else + sm->log_level = mp->log_level; + + REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY); +} + +static void * +vl_api_nat_set_log_level_t_print (vl_api_nat_set_log_level_t * + mp, void *handle) +{ + u8 *s; + + s = format (0, "SCRIPT: nat_set_log_level "); + s = format (s, "log_level %d", mp->log_level); + + FINISH; +} + +static void vl_api_nat_ipfix_enable_disable_t_handler (vl_api_nat_ipfix_enable_disable_t * mp) { @@ -3524,6 +3551,7 @@ _(NAT_CONTROL_PING, nat_control_ping) \ _(NAT_SHOW_CONFIG, nat_show_config) \ _(NAT_SET_WORKERS, nat_set_workers) \ _(NAT_WORKER_DUMP, nat_worker_dump) \ +_(NAT_SET_LOG_LEVEL, nat_set_log_level) \ _(NAT_IPFIX_ENABLE_DISABLE, nat_ipfix_enable_disable) \ _(NAT_SET_REASS, nat_set_reass) \ _(NAT_GET_REASS, nat_get_reass) \ diff --git a/src/plugins/nat/nat_ha.c b/src/plugins/nat/nat_ha.c index e81e916e389..8bf07759f68 100644 --- a/src/plugins/nat/nat_ha.c +++ b/src/plugins/nat/nat_ha.c @@ -176,8 +176,14 @@ nat_ha_resync_fin (void) return; ha->in_resync = 0; - nat_log_info ("resync completed with result %s", - ha->resync_ack_missed ? "FAILED" : "SUCESS"); + if (ha->resync_ack_missed) + { + nat_elog_info ("resync completed with result FAILED"); + } + else + { + nat_elog_info ("resync completed with result SUCCESS"); + } if (ha->event_callback) ha->event_callback (ha->client_index, ha->pid, ha->resync_ack_missed); } @@ -224,7 +230,8 @@ nat_ha_ack_recv (u32 seq, u32 thread_index) } vec_free (td->resend_queue[i].data); vec_del1 (td->resend_queue, i); - nat_log_debug ("ACK for seq %d received", clib_net_to_host_u32 (seq)); + nat_elog_debug_X1 ("ACK for seq %d received", "i4", + clib_net_to_host_u32 (seq)); return; } @@ -251,8 +258,8 @@ nat_ha_resend_scan (f64 now, u32 thread_index) /* maximum retry reached delete cached data */ if (td->resend_queue[i].retry_count >= NAT_HA_RETRIES) { - nat_log_notice ("seq %d missed", - clib_net_to_host_u32 (td->resend_queue[i].seq)); + nat_elog_notice_X1 ("seq %d missed", "i4", + clib_net_to_host_u32 (td->resend_queue[i].seq)); if (td->resend_queue[i].is_resync) { clib_atomic_fetch_add (&ha->resync_ack_missed, 1); @@ -267,14 +274,14 @@ nat_ha_resend_scan (f64 now, u32 thread_index) } /* retry to send non-ACKed data */ - nat_log_debug ("state sync seq %d resend", - clib_net_to_host_u32 (td->resend_queue[i].seq)); + nat_elog_debug_X1 ("state sync seq %d resend", "i4", + clib_net_to_host_u32 (td->resend_queue[i].seq)); td->resend_queue[i].retry_count++; vlib_increment_simple_counter (&ha->counters[NAT_HA_COUNTER_RETRY_COUNT], thread_index, 0, 1); if (vlib_buffer_alloc (vm, &bi, 1) != 1) { - nat_log_warn ("HA NAT state sync can't allocate buffer"); + nat_elog_warn ("HA NAT state sync can't allocate buffer"); return; } b = vlib_get_buffer (vm, bi); @@ -368,7 +375,7 @@ nat_ha_set_listener (ip4_address_t * addr, u16 port, u32 path_mtu) { udp_register_dst_port (ha->vlib_main, port, nat_ha_node.index, 1); } - nat_log_info ("HA listening on port %d for state sync", port); + nat_elog_info_X1 ("HA listening on port %d for state sync", "i4", port); } return 0; @@ -489,7 +496,8 @@ nat_ha_event_process (nat_ha_event_t * event, f64 now, u32 thread_index) nat_ha_recv_refresh (event, now, thread_index); break; default: - nat_log_notice ("Unsupported HA event type %d", event->event_type); + nat_elog_notice_X1 ("Unsupported HA event type %d", "i4", + event->event_type); break; } } @@ -587,7 +595,7 @@ nat_ha_event_add (nat_ha_event_t * event, u8 do_flush, u32 thread_index, if (vlib_buffer_alloc (vm, &bi, 1) != 1) { - nat_log_warn ("HA NAT state sync can't allocate buffer"); + nat_elog_warn ("HA NAT state sync can't allocate buffer"); return; } @@ -783,7 +791,7 @@ nat_ha_process (vlib_main_t * vm, vlib_node_runtime_t * rt, vlib_frame_t * f) vlib_process_wait_for_event (vm); event_type = vlib_process_get_events (vm, &event_data); if (event_type) - nat_log_info ("nat-ha-process: bogus kickoff event received"); + nat_elog_info ("nat-ha-process: bogus kickoff event received"); vec_reset_length (event_data); while (1) diff --git a/src/plugins/nat/nat_inlines.h b/src/plugins/nat/nat_inlines.h index 64b1f25549c..ae8ed7fb165 100644 --- a/src/plugins/nat/nat_inlines.h +++ b/src/plugins/nat/nat_inlines.h @@ -175,8 +175,6 @@ nat44_delete_session (snat_main_t * sm, snat_session_t * ses, snat_user_key_t u_key; snat_user_t *u; - nat_log_debug ("session deleted %U", format_snat_session, tsm, ses); - clib_dlist_remove (tsm->list_pool, ses->per_user_index); pool_put_index (tsm->list_pool, ses->per_user_index); pool_put (tsm->sessions, ses); @@ -227,8 +225,6 @@ nat44_set_tcp_session_state_i2o (snat_main_t * sm, snat_session_t * ses, if (nat44_is_ses_closed (ses) && !(ses->flags & SNAT_SESSION_FLAG_OUTPUT_FEATURE)) { - nat_log_debug ("TCP close connection %U", format_snat_session, - &sm->per_thread_data[thread_index], ses); nat_free_session_data (sm, ses, thread_index, 0); nat44_delete_session (sm, ses, thread_index); return 1; @@ -261,8 +257,6 @@ nat44_set_tcp_session_state_o2i (snat_main_t * sm, snat_session_t * ses, } if (nat44_is_ses_closed (ses)) { - nat_log_debug ("TCP close connection %U", format_snat_session, - &sm->per_thread_data[thread_index], ses); nat_free_session_data (sm, ses, thread_index, 0); nat44_delete_session (sm, ses, thread_index); return 1; diff --git a/src/plugins/nat/nat_ipfix_logging.c b/src/plugins/nat/nat_ipfix_logging.c index 8cca976666e..c24c2372b54 100755 --- a/src/plugins/nat/nat_ipfix_logging.c +++ b/src/plugins/nat/nat_ipfix_logging.c @@ -675,7 +675,7 @@ snat_ipfix_logging_nat44_ses (u32 thread_index, u8 nat_event, u32 src_ip, if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_log_err ("can't allocate buffer for NAT IPFIX event"); + nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -774,7 +774,7 @@ snat_ipfix_logging_addr_exhausted (u32 thread_index, u32 pool_id, int do_flush) if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_log_err ("can't allocate buffer for NAT IPFIX event"); + nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -860,7 +860,7 @@ snat_ipfix_logging_max_entries_per_usr (u32 thread_index, if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_log_err ("can't allocate buffer for NAT IPFIX event"); + nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -951,7 +951,7 @@ nat_ipfix_logging_max_ses (u32 thread_index, u32 limit, int do_flush) if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_log_err ("can't allocate buffer for NAT IPFIX event"); + nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -1039,7 +1039,7 @@ nat_ipfix_logging_max_bib (u32 thread_index, u32 limit, int do_flush) if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_log_err ("can't allocate buffer for NAT IPFIX event"); + nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -1128,7 +1128,7 @@ nat_ipfix_logging_max_frag_ip4 (u32 thread_index, if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_log_err ("can't allocate buffer for NAT IPFIX event"); + nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -1220,7 +1220,7 @@ nat_ipfix_logging_max_frag_ip6 (u32 thread_index, if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_log_err ("can't allocate buffer for NAT IPFIX event"); + nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -1312,7 +1312,7 @@ nat_ipfix_logging_nat64_bibe (u32 thread_index, u8 nat_event, if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_log_err ("can't allocate buffer for NAT IPFIX event"); + nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -1415,7 +1415,7 @@ nat_ipfix_logging_nat64_ses (u32 thread_index, u8 nat_event, if (vlib_buffer_alloc (vm, &bi0, 1) != 1) { - nat_log_err ("can't allocate buffer for NAT IPFIX event"); + nat_elog_err ("can't allocate buffer for NAT IPFIX event"); return; } @@ -1826,7 +1826,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_log_warn ("vnet_flow_report_add_del returned %d", rv); + nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } } @@ -1837,7 +1837,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_log_warn ("vnet_flow_report_add_del returned %d", rv); + nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } @@ -1846,7 +1846,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_log_warn ("vnet_flow_report_add_del returned %d", rv); + nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } @@ -1855,7 +1855,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_log_warn ("vnet_flow_report_add_del returned %d", rv); + nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } @@ -1864,7 +1864,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_log_warn ("vnet_flow_report_add_del returned %d", rv); + nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } @@ -1873,7 +1873,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_log_warn ("vnet_flow_report_add_del returned %d", rv); + nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } @@ -1882,7 +1882,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_log_warn ("vnet_flow_report_add_del returned %d", rv); + nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } @@ -1891,7 +1891,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_log_warn ("vnet_flow_report_add_del returned %d", rv); + nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } @@ -1900,7 +1900,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_log_warn ("vnet_flow_report_add_del returned %d", rv); + nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } @@ -1911,7 +1911,7 @@ snat_ipfix_logging_enable_disable (int enable, u32 domain_id, u16 src_port) rv = vnet_flow_report_add_del (frm, &a, NULL); if (rv) { - nat_log_warn ("vnet_flow_report_add_del returned %d", rv); + nat_elog_warn_X1 ("vnet_flow_report_add_del returned %d", "i4", rv); return -1; } } diff --git a/src/plugins/nat/nat_reass.c b/src/plugins/nat/nat_reass.c index 673acfa1d5a..b518c0cb916 100755 --- a/src/plugins/nat/nat_reass.c +++ b/src/plugins/nat/nat_reass.c @@ -232,7 +232,7 @@ nat_ip4_reass_create (ip4_address_t src, ip4_address_t dst, u16 frag_id, if (srm->ip4_reass_n >= srm->ip4_max_reass) { - nat_log_warn ("no free resassembly slot"); + nat_elog_warn ("no free resassembly slot"); goto unlock; } @@ -263,7 +263,7 @@ nat_ip4_reass_create (ip4_address_t src, ip4_address_t dst, u16 frag_id, reass->flags = 0; reass->classify_next = NAT_REASS_IP4_CLASSIFY_NONE; if (clib_bihash_add_del_16_8 (&srm->ip4_reass_hash, &kv, 1)) - nat_log_warn ("ip4_reass_hash add key failed"); + nat_elog_warn ("ip4_reass_hash add key failed"); unlock: clib_spinlock_unlock_if_init (&srm->ip4_reass_lock); @@ -326,7 +326,7 @@ nat_ip4_reass_find_or_create (ip4_address_t src, ip4_address_t dst, { clib_dlist_addhead (srm->ip4_reass_lru_list_pool, srm->ip4_reass_head_index, oldest_index); - nat_log_warn ("no free resassembly slot"); + nat_elog_warn ("no free resassembly slot"); reass = 0; goto unlock; } @@ -535,7 +535,7 @@ nat_ip6_reass_find_or_create (ip6_address_t src, ip6_address_t dst, { clib_dlist_addhead (srm->ip6_reass_lru_list_pool, srm->ip6_reass_head_index, oldest_index); - nat_log_warn ("no free resassembly slot"); + nat_elog_warn ("no free resassembly slot"); reass = 0; goto unlock; } diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c index 3d045a9dc8b..8c6cb482703 100755 --- a/src/plugins/nat/out2in.c +++ b/src/plugins/nat/out2in.c @@ -129,7 +129,7 @@ nat44_o2i_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg) { s_kv.key = s->in2out.as_u64; if (clib_bihash_add_del_8_8 (&tsm->in2out, &s_kv, 0)) - nat_log_warn ("out2in key del failed"); + nat_elog_warn ("out2in key del failed"); snat_ipfix_logging_nat44_ses_delete (ctx->thread_index, s->in2out.addr.as_u32, @@ -192,7 +192,7 @@ create_session_for_static_mapping (snat_main_t * sm, if (PREDICT_FALSE (maximum_sessions_exceeded (sm, thread_index))) { b0->error = node->errors[SNAT_OUT2IN_ERROR_MAX_SESSIONS_EXCEEDED]; - nat_log_notice ("maximum sessions exceeded"); + nat_elog_notice ("maximum sessions exceeded"); return 0; } @@ -203,7 +203,7 @@ create_session_for_static_mapping (snat_main_t * sm, nat_user_get_or_create (sm, &in2out.addr, in2out.fib_index, thread_index); if (!u) { - nat_log_warn ("create NAT user failed"); + nat_elog_warn ("create NAT user failed"); return 0; } @@ -211,7 +211,7 @@ create_session_for_static_mapping (snat_main_t * sm, if (!s) { nat44_delete_user_with_no_session (sm, u, thread_index); - nat_log_warn ("create NAT session failed"); + nat_elog_warn ("create NAT session failed"); return 0; } @@ -231,14 +231,14 @@ create_session_for_static_mapping (snat_main_t * sm, if (clib_bihash_add_or_overwrite_stale_8_8 (&sm->per_thread_data[thread_index].in2out, &kv0, nat44_i2o_is_idle_session_cb, &ctx0)) - nat_log_notice ("in2out key add failed"); + nat_elog_notice ("in2out key add failed"); kv0.key = s->out2in.as_u64; if (clib_bihash_add_or_overwrite_stale_8_8 (&sm->per_thread_data[thread_index].out2in, &kv0, nat44_o2i_is_idle_session_cb, &ctx0)) - nat_log_notice ("out2in key add failed"); + nat_elog_notice ("out2in key add failed"); /* log NAT event */ snat_ipfix_logging_nat44_ses_create (thread_index, @@ -1443,7 +1443,7 @@ VLIB_NODE_FN (nat44_out2in_reass_node) (vlib_main_t * vm, { next0 = SNAT_OUT2IN_NEXT_DROP; b0->error = node->errors[SNAT_OUT2IN_ERROR_MAX_REASS]; - nat_log_notice ("maximum reassemblies exceeded"); + nat_elog_notice ("maximum reassemblies exceeded"); goto trace0; } @@ -1548,7 +1548,7 @@ VLIB_NODE_FN (nat44_out2in_reass_node) (vlib_main_t * vm, (thread_index, reass0, bi0, &fragments_to_drop)) { b0->error = node->errors[SNAT_OUT2IN_ERROR_MAX_FRAG]; - nat_log_notice + nat_elog_notice ("maximum fragments per reassembly exceeded"); next0 = SNAT_OUT2IN_NEXT_DROP; goto trace0; diff --git a/src/plugins/nat/out2in_ed.c b/src/plugins/nat/out2in_ed.c index 7e984807107..560c23e0079 100644 --- a/src/plugins/nat/out2in_ed.c +++ b/src/plugins/nat/out2in_ed.c @@ -167,7 +167,7 @@ nat44_o2i_ed_is_idle_session_cb (clib_bihash_kv_16_8_t * kv, void *arg) ed_kv.key[0] = ed_key.as_u64[0]; ed_kv.key[1] = ed_key.as_u64[1]; if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &ed_kv, 0)) - nat_log_warn ("in2out_ed key del failed"); + nat_elog_warn ("in2out_ed key del failed"); if (snat_is_unk_proto_session (s)) goto delete; @@ -244,14 +244,14 @@ create_session_for_static_mapping_ed (snat_main_t * sm, if (PREDICT_FALSE (maximum_sessions_exceeded (sm, thread_index))) { b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED]; - nat_log_notice ("maximum sessions exceeded"); + nat_elog_notice ("maximum sessions exceeded"); return 0; } u = nat_user_get_or_create (sm, &l_key.addr, l_key.fib_index, thread_index); if (!u) { - nat_log_warn ("create NAT user failed"); + nat_elog_warn ("create NAT user failed"); return 0; } @@ -259,7 +259,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm, if (!s) { nat44_delete_user_with_no_session (sm, u, thread_index); - nat_log_warn ("create NAT session failed"); + nat_elog_warn ("create NAT session failed"); return 0; } @@ -288,7 +288,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm, if (clib_bihash_add_or_overwrite_stale_16_8 (&tsm->out2in_ed, &kv, nat44_o2i_ed_is_idle_session_cb, &ctx)) - nat_log_notice ("out2in-ed key add failed"); + nat_elog_notice ("out2in-ed key add failed"); if (twice_nat == TWICE_NAT || (twice_nat == TWICE_NAT_SELF && ip->src_address.as_u32 == l_key.addr.as_u32)) @@ -302,7 +302,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm, b->error = node->errors[NAT_OUT2IN_ED_ERROR_OUT_OF_PORTS]; nat44_delete_session (sm, s, thread_index); if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &kv, 0)) - nat_log_notice ("out2in-ed key del failed"); + nat_elog_notice ("out2in-ed key del failed"); return 0; } s->ext_host_nat_addr.as_u32 = eh_key.addr.as_u32; @@ -320,7 +320,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm, if (clib_bihash_add_or_overwrite_stale_16_8 (&tsm->in2out_ed, &kv, nat44_i2o_ed_is_idle_session_cb, &ctx)) - nat_log_notice ("in2out-ed key add failed"); + nat_elog_notice ("in2out-ed key add failed"); snat_ipfix_logging_nat44_ses_create (thread_index, s->in2out.addr.as_u32, @@ -461,7 +461,7 @@ create_bypass_for_fwd (snat_main_t * sm, ip4_header_t * ip, u32 rx_fib_index, thread_index); if (!u) { - nat_log_warn ("create NAT user failed"); + nat_elog_warn ("create NAT user failed"); return; } @@ -469,7 +469,7 @@ create_bypass_for_fwd (snat_main_t * sm, ip4_header_t * ip, u32 rx_fib_index, if (!s) { nat44_delete_user_with_no_session (sm, u, thread_index); - nat_log_warn ("create NAT session failed"); + nat_elog_warn ("create NAT session failed"); return; } @@ -492,7 +492,7 @@ create_bypass_for_fwd (snat_main_t * sm, ip4_header_t * ip, u32 rx_fib_index, kv.value = s - tsm->sessions; if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &kv, 1)) - nat_log_notice ("in2out_ed key add failed"); + nat_elog_notice ("in2out_ed key add failed"); } if (ip->protocol == IP_PROTOCOL_TCP) @@ -674,7 +674,7 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm, if (PREDICT_FALSE (maximum_sessions_exceeded (sm, thread_index))) { b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED]; - nat_log_notice ("maximum sessions exceeded"); + nat_elog_notice ("maximum sessions exceeded"); return 0; } @@ -694,7 +694,7 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm, thread_index); if (!u) { - nat_log_warn ("create NAT user failed"); + nat_elog_warn ("create NAT user failed"); return 0; } @@ -703,7 +703,7 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm, if (!s) { nat44_delete_user_with_no_session (sm, u, thread_index); - nat_log_warn ("create NAT session failed"); + nat_elog_warn ("create NAT session failed"); return 0; } @@ -721,13 +721,13 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm, /* Add to lookup tables */ s_kv.value = s - tsm->sessions; if (clib_bihash_add_del_16_8 (&tsm->out2in_ed, &s_kv, 1)) - nat_log_notice ("out2in key add failed"); + nat_elog_notice ("out2in key add failed"); make_ed_kv (&s_kv, &ip->dst_address, &ip->src_address, ip->protocol, m->fib_index, 0, 0); s_kv.value = s - tsm->sessions; if (clib_bihash_add_del_16_8 (&tsm->in2out_ed, &s_kv, 1)) - nat_log_notice ("in2out key add failed"); + nat_elog_notice ("in2out key add failed"); } /* Update IP checksum */ @@ -1733,7 +1733,7 @@ VLIB_NODE_FN (nat44_ed_out2in_reass_node) (vlib_main_t * vm, { next0 = NAT44_ED_OUT2IN_NEXT_DROP; b0->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_REASS]; - nat_log_notice ("maximum reassemblies exceeded"); + nat_elog_notice ("maximum reassemblies exceeded"); goto trace0; } @@ -1865,7 +1865,7 @@ VLIB_NODE_FN (nat44_ed_out2in_reass_node) (vlib_main_t * vm, (thread_index, reass0, bi0, &fragments_to_drop)) { b0->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_FRAG]; - nat_log_notice + nat_elog_notice ("maximum fragments per reassembly exceeded"); next0 = NAT44_ED_OUT2IN_NEXT_DROP; goto trace0; |