aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-10-28session: rules tablesFlorin Coras25-16/+2218
This introduces 5-tuple lookup tables that may be used to implement custom session layer actions at connection establishment time (session layer perspective). The rules table build mask-match-action lookup trees that for a given 5-tuple key return the action for the first longest match. If rules overlap, ordering is established by tuple longest match with the following descending priority: remote ip, local ip, remote port, local port. At this time, the only match action supported is to forward packets to the application identified by the action. Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-27Fix for vppctl and interactive commands (VPP-1038)Chris Luke1-3/+7
- Interactive commands like "ping" read extra input from the input stream. - In the case of "ping" it is simply a signal to cease the current operation. - "vppctl", in non-interactive mode, will issue a "quit" immediately after the requested command to queue up closing of the session. - This resulted in "ping" thinking a keypress was seen and returning control to the CLI; the "quit" command however is consumed by the keypress event handler and thus the session does not close. - This patch reworks vppctl slightly to only issue "quit" after the command has completed. In particular it uses the fact that VPP issues NUL bytes as a surrogate prompt between output of commands to signal acknowledgement that the command has completed; vppctl now flags that the quit should be issued after the next such acknowledgement. - Since input it still accepted, the user can still terminate the "ping" early, if desired. Change-Id: I7e3dbe767f32f8e364ccb5f81799759b311585df Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-10-27VCL-LDPRELOAD: Fix CID 178271Dave Wallace0-0/+0
- Pointer to local outside scope Change-Id: I84a7958e10dbc9369ffa5172cbad5dbade9b2bc9 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-27session: instantiate appns lookup table only onceFlorin Coras2-7/+11
Change-Id: I39d634b7691a524e5221c28997a737102298c281 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-27LDPRELOAD: Fix out-of-scope variable coverity errorSteven1-2/+1
>>> CID 178271: Memory - illegal accesses (RETURN_LOCAL) >>> Using "ep", which points to an out-of-scope variable "_ep". Change-Id: Icf21e602bc2718bfedd9480e9da41aff8693048e Signed-off-by: Steven <sluong@cisco.com>
2017-10-27acl-plugin: increase the amount of memory for classifier tables used by ↵Andrew Yourtchenko1-1/+1
MACIP ACLs The classifier tables upper bound of memory was just big enough to cause the unittests pass most of the time but not always. Increase the amount of space and run several hundred iterations of unittests to ensure they always pass. Change-Id: Ieb7876c6ebdde1f8c5273dbb9b090f12f2c38915 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-10-26VCL: refactor session close / disconnect.Dave Wallace1-66/+60
Change-Id: Ib0797faaa3f21c7577330bb8d0e801d43e01110e Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-26VCL-LDPRELOAD: Fix more coverity warningsDave Wallace3-16/+22
vcom.c: CID 178227: Logically dead code in vcom.c vcom_socket.c: CID 178254: Dereference after null check CID 178250: Out-of-bounds access vppcom.c: CID 178252: Unused value Suppress vppcom_session_attr() debug output. Change-Id: I1d47bafb84fc0ad00c642392ae3cb6761fd3fb17 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-26VCL-LDPRELOAD: Fix CID 178251 & CID 178253Dave Wallace2-32/+47
- CID 178251 Dereference after null check in vcom_socket.c - CID 178253 Logically dead code in vppcom.c Change-Id: I2a24cd53727fec76cf1a6d60f90414ff92567818 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-26Consolidate short_help for classify table with memory-sizeHongjun Ni1-0/+1
When creating 32K classify sessions, VPP crashes. Default heap size is 2MB. Need to configure it when requiring large number sessions. Change-Id: I16678ee4a9e0ba61cbd2d3b38c43d10c59325968 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-10-26NAT: delete session API/CLI (VPP-1041)Matus Fabian6-0/+222
Administratively delete NAT44 session for specific inside/outside addresses and port pair. Change-Id: If5ab500ac3592c7153d6d8f2cc0297df7309fbc3 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-26acl-plugin: refactor the "show acl-plugin" CLI, use vlib_cli_output() vs. ↵Andrew Yourtchenko1-181/+194
format() The vppctl was getting upset with large chunks of info generated by repeated format() functions, so convert to use vlib_cli_output instead. Also, refactor the show functionality into smaller functions, separate from the input handling. Change-Id: I5d0db5ac45ce4c1b59cd41526b837412e06b1ce0 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-10-26session: swap appns secret to host byte orderFlorin Coras2-2/+2
Change-Id: I355433e0f07b328c441ed642705b31ca5157fabe Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-26fib test - fix undefined behavior warning found by clangGabriel Ganne3-3/+3
warning: passing an object that undergoes default argument promotion to 'va_start' has undefined behavior [-Wvarargs] Change-Id: Ic9cfd61e38983bd67f30bf92f605e6c87d103ca5 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-10-2617.10 Release NotesFlorin Coras1-0/+251
Change-Id: I0c2a8412c9946e4d18b37db907735ac0b2ea2f6e Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-26VCL: add session namespace support.Dave Wallace7-52/+231
Change-Id: I04f1b63e66260d99c0dd180b0295a55a9b750df7 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-26Allow IPsec interface to have SAs resetMatthew Smith6-1/+177
Make it easier to integrate with external IKE daemon. IPsec interfaces can have one or both SAs replaced after creation. This allows for the possibility of setting a new child SA on an interface when rekeying occurs. It also allows for the possibility of creating an interface ahead of time and updating the SA when parameters that are negotiated during IKE exchange become known. Change-Id: I0a31afdcc2bdff7098a924a51abbc58bdab2bd08 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2017-10-25opensuse support: reworked SUSE DEPS variablesMarco Varlese1-6/+14
Change-Id: I782541719db59daf02f0a7bd2842384dfe42c32a Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-10-25VCL: Return data for recvfrom(MSG_PEEK)Steven1-11/+23
Implement recvfrom(MSG_PEEK) by returning data in the provided buffer without moving the read pointer Change-Id: Idc1b22632d78e8a499cce7d48c15e8bab0b0bf88 Signed-off-by: Steven <sluong@cisco.com>
2017-10-25lldp: protection code to check a valid interface indexSteve Shin1-2/+9
When lldp interface is set, it's better to check valid interface index. Change-Id: I0db0ab6483ad73d28c69893576aa9b719c3b087c Signed-off-by: Steve Shin <jonshin@cisco.com>
2017-10-25VCL-LDPRELOAD: statically link VPP objects into libvcl_ldpreload.soDave Wallace3-16/+18
Change-Id: If8fb5484b64a5b1c04e34573490fedcf63feabc9 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-25VCL: Fix vcl test scripts to check vcl.am instead of uri.amDave Wallace2-2/+2
Change-Id: I34ab79ddf0a612be1f2a4223e46811516e5b317e Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-25vlib: add support for multiple buffer poolsDamjan Marion11-38/+79
Change-Id: Icaf7d7ad47284aea7a56e8006b69f45874d64202 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-10-25Do not include x86intrin.h if unavailableGabriel Ganne1-0/+2
This fixes compilations on arm platforms. The call to the function itself was protected, and used clib_xxhash instead. Only the header protection was missing. Change-Id: I9fac252a5732e1a9808cf7de93fa3d5f07bcebe6 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-10-25VPP-1033: Python API support arbitrary sized input parameters.Ole Troan6-25/+96
Dynamically calculate the required buffer size to pack into based on message definition. Also add input parameter length checking. Change-Id: I7633bec596e4833bb328fbf63a65b866c7985de5 Signed-off-by: Ole Troan <ot@cisco.com>
2017-10-25L3 proxy FIB source for container networkingAndrew Yourtchenko16-10/+513
Change-Id: I4164c4c19c8dbfd73e6ddf94a12056325cc093b9 Signed-off-by: Neale Ranns <nranns@cisco.com> Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-10-25One armed NAT (VPP-1035)Matus Fabian9-35/+429
Use a single physical interface in order to accomplish NAT44/NAT64. Change-Id: I0c8138953a7a4075df306172e125abad771315e4 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-25VCL/LDPRELOAD: Add support for getsockopt, sendto, and recvfromSteven3-34/+194
Add support for getsockopt, sendto, and recvfrom. Not all options for the system calls are supported yet. Only the options used by curl and wget are supported for now. Change-Id: I2e0ed7349a0273616b3831c201e7c117725ca287 Signed-off-by: Steven <sluong@cisco.com>
2017-10-24VCL-LDPRELOAD: Fix coverity warnings.Dave Wallace3-12/+12
- CID 178225: Constant expression result - CID 178220: Logically dead code - CID 178222: Logically dead code - CID 178227: Logically dead code - CID 178223: Same on both sides - CID 178226: Same on both sides Change-Id: Ie0c80edb41390cf2308e54938be85d865e292138 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-24VCL-LDPRELOAD: statically link vppcom into libvcl-ldpreload.soDave Wallace29-424/+157
- Move VCL & VCL-LDPRELOAD source into src/vcl - Statically link vppcom into libvcl-ldpreload.so Change-Id: I778300b37e8b06640d9dbc01caf297edf7a6edb7 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-24Update L2 header offset after VLAN tag rewriteNeale Ranns1-1/+3
Change-Id: I5c1df59bce7c9654101672a12981e5bd62e9adc4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-10-24fix test_lb_ip4_gre6() cleanupGabriel Ganne1-1/+1
missing "del" keyword, and as a result, we were trying to add the as twice. Change-Id: If78ce03f0c71591c05ff6f4748fd9c929d0f861f Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-10-24Add extern to *_main global variable declarations in header files.Dave Wallace65-46/+85
- Global variables declared in header files without the use of the 'extern' keword will result in multiple instances of the variable to be created by the compiler -- one for each different source file in which the the header file is included. This results in wasted memory allocated in the BSS segments as well as potentially introducing bugs in the application. Change-Id: I6ef1790b60a0bd9dd3994f8510723decf258b0cc Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-23af_packet: invalid TCP/UDP offload checksum on RX node recalculationJakub Grajciar6-3/+171
Change-Id: I1075e5d2a1b6dfe3a443b40b41b8458a30505680 Signed-off-by: Jakub Grajciar <Jakub.Grajciar@pantheon.tech> Signed-off-by: Jakub.Grajciar@pantheon.tech <Jakub.Grajciar@pantheon.tech>
2017-10-23VXLAN:small refactor to vxlan inputEyal Bari1-235/+175
Change-Id: I2e7e08e1de20ab57e3f899b080b90a3082219ae5 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-10-21test bfd - DPO_PROTO_IP6 is part of DpoProtoGabriel Ganne1-2/+2
Change-Id: I63d336a1ba366a60a2a8f1124e3f37f742cccb65 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-10-20Thread_index for thread0 in vlib_global_main not initialisedKeith Burns (alagalah)1-0/+1
Change-Id: Ie49ee865b197e8fe7bba170c115a4ccbf1013e5f Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
2017-10-20VCL: Fix converity warning CID 177864Dave Wallace1-2/+2
Change-Id: Id8578321381d14f9de827767ef0acf627f1535e4 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-20VCL-LDPRELOAD: Refactor vcom_socket* and fix crash in vppcom_selectDave Wallace3-174/+190
- filter verbose debug output with VCOM_DEBUG > 2 - clean up nomenclature, renaming vppcom_*() functions to vcom_session_*() - fix vppcom_select crash with NULL maps. Change-Id: I6e416a096d6fd800aa26991c2439e24e8fc38cc5 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-20Add reverse DNS (ip to name) resolutionDave Barach7-38/+402
Change-Id: Ic531d820b1846ff7363e5c396ac0b1176e87b401 Signed-off-by: Dave Barach <dave@barachs.net>
2017-10-20null-terminate some formatted stringGabriel Ganne4-0/+19
Any u8* variable created by format() is NOT null-terminated. Add the null terminating byte with vec_terminate_c_string(). If that variable is used by (at least) hash_get_mem(), then it needs to be null-terminated, as it will go through string_key_sum() which makes a call to strlen. Change-Id: I4e51e1b6668f557e53af3bb897cd281598eedbc0 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-10-20add cuckoo hashKlement Sekera8-1/+2483
Change-Id: I78215041588014e9e5c3599c60471ced610735bb Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-10-19LD_PRELOAD poll implementationshrinivasan ganapathy7-4/+748
- add poll implementation - implementation based on vppcom_poll - implementation based on vppcom_select - currently vppcom_select implementation is picked Change-Id: If6c2862ae72e9969335aca5b8085957c98287dc0 Signed-off-by: shrinivasan ganapathy <shrinivasanganapathy@gmail.com> Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-19VCL: cleanup misc. issues in vppcomDave Wallace1-6/+10
- Fix vppcom_select crash when n_bits == 0 - Enhance debug output - Remove port byte-swapping during accept Change-Id: I6ccd1040ceb82908d924220f558df803ab5eea30 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-19vcl-ldpreload: test script enhancementsDave Wallace4-0/+59
Change-Id: Iff302a35cd5d35bf0671a63e8ba81a0c60a231eb Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-19make test: control sanity via SANITY=yes|no optionKlement Sekera1-2/+11
Allow skipping sanity when using DEBUG=gdb/gdbserver options to speed up development process by supplying SANITY=no option to make test. Change-Id: I6e619229f6866b22bdeb75654b4e750232ae22bd Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-10-19Add GENEVE tunnel maintainer.Marco Varlese1-0/+4
Change-Id: I30bbba4119accee2c157fb5b8202da3c87c59805 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-10-19Remove unused 'not_last' parameter from ip_add_del_routeMarek Gradzki4-17/+2
Vat supports setting value for the parameter, but 'not_last' is ignored by ip_add_del_route handler, so can be removed. This patch - updates ip.api, - removes vat handlers - updates vpp_papi_provider.py (also mpls_route_add_del with unused not_last) Change-Id: Ife15de123db4bc8247103a29b90bce1988e46534 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-10-19VPP-1024: rewrite buffer trajectory tracerDave Barach7-50/+161
Use a proper u16 * vector to capture node indices, since vpp w/ plugins now exceeds 255 graph nodes Change-Id: Ic48cad676fa3a6116413ddf08c083dd9660783f1 Signed-off-by: Dave Barach <dave@barachs.net>
2017-10-19VCL-LDPRELOAD: fix iperf3 socket_test.shDave Wallace3-50/+114
Change-Id: Ib6b52917af717d3341429163fb9ecc903cf717fb Signed-off-by: Dave Wallace <dwallacelf@gmail.com>