Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: fix
Replace vec ops with pool ops when iterating over pool of
interfaces in plugin_disable() functions.
With this change plugin disabling function and interface role
disabling functions iterate over identical sets of registered
interfaces, preventing 'interface couldn't be found' errors.
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
Change-Id: I4e191bcc5322ff1f9f7730c6fda5e6af86a8eec9
|
|
Return unsupported error if user calls one
of the configuration functions that can
run only after nat44-ed plugin is
enabled via appropriate api/cli
call.
Type: fix
Change-Id: I0d4ab0684ba5ae23fc2ecc668554a34537c2904a
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Handle case where extra data is present in buffer which is not part of
IP/ICMP headers.
Type: fix
Fixes: 05b5a5b3b4b04823776feed6403b5a99b2e06d76
Change-Id: Icfef811470056d38c60fc45cc302139ed7594385
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Refactoring static mapping configuration
functions based on feature type.
Type: refactor
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: I007d9b0e9717ced613fbcef2b11b6853f479be1e
|
|
Verify that headers are not truncated and that checksums are valid.
Correct checksum computation in translation code.
Type: fix
Change-Id: I6acfcec4661411f83c86b15aafac90cd4538c0b5
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: refactor
Change-Id: Id10cbf52e8f2dd809080a228d8fa282308be84ac
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Fixing nat44-ed identity map in2out communication.
TCP packets would get dropped because of the order
of testing TCP state.
Type: fix
Change-Id: Ib11e7e75c66945224fecc0bb311733672e315c7d
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Refactored & fixed NAT44ED configuration
functions used for handling interfaces and
nodes.
Type: refactor
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: I6fbbb7f0fe35d572675997745d53290152987424
|
|
If ICMP comes from a router on path, source address must not be
rewritten in o2i path to avoid getting wrong checksum.
Fix ICMP checksum computations.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I035debccf966d7dbd63c364cb1e43380d641f708
|
|
TTL was already decremented in ip4-rewrite so it's okay if it's 1.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I587dc343737c15247eb62837a06d5e44c0d11acc
|
|
Type: fix
Currently, is_interface_addr() tests if a given IPv4 address belongs to
an interface by a given sw_if_index. However, there are several issues:
* only the first found address on the interface is actually tested,
* sw_if_index is always cached even if the interface hasn't been
assigned any addresses yet.
With this change, is_interface_addr() tests all IPv4 addresses on an
interface by a given sw_if_index and caches sw_if_index only if there
are addresses present.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: If1acc4a534647a5f0ce8e9b565b867c92a016dc3
|
|
Type: fix
Currently, there might be a crash in NAT ED mode:
* if a session for an unknown proto packet cannot be created in2out,
* if a session for an unknown proto packet cannot be found out2in.
With this change, translate packets only if a session is given in NAT
ED mode.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Iafb332db1ae9a3e76435964ad636037d1b8a51e8
|
|
snat_set_frame_queue_nelts has been replaced with
nat44_ed_set_frame_queue_nelts.
Type: fix
Signed-off-by: Ruslan Babayev <ruslan@babayev.com>
Change-Id: I8d970be71376fdbb2bfd383d4d5824a8def93bb3
|
|
Add extra assertions to debug build.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ib20130365e8f9dbb556fcbb4321dd184c7eff603
|
|
Type: fix
When enabling the endpoint independent NAT44 plugin, user_sessions
determines the maximum number of translations that can be active for
a single inside address. If 0 is passed in, a default value is used
but 0 is still stored in the field that is used to populate reply
messages to nat44_ei_show_running_config,
At the time of enabling the plugin, if user_sessions is 0, update the
field which is used by nat44_ei_show_running_config to contain the
default per-user limit which gets used by the EI nodes.
Change-Id: I6b060d85bcd42d91db879b95a8b07c6844bcd2a5
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Add /nat44-ed/max-cfg-sessions gauge.
Reflects the configured value for configured sessions (per thread).
Type: improvement
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I618c8aa0daab0981399cfe9273d191fa1990ef60
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Mechanical change for patch following this one...
Type: improvement
Change-Id: Iee12f3a8851f35569e6c039494a94fc36e83d20f
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
- Generate copyright year and version
instead of using hard-coded data
Type: refactor
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I6058f5025323b3aa483f5df4a2c4371e27b5914e
|
|
Type: improvement
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I368b0410db2d633d3c52199c840e24d21952c1b4
|
|
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ic38cfbdcab86172bad6ec6cb4c66c83f8deed64f
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Newline get's ignored when parsing configuration file.
Type: fix
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: Ib4f86177150dfe3bc085231a9268cf730490ea81
|
|
Type: fix
Change-Id: I35012bb2f7af1996c954641af40f3223bc7f37e4
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
trajectory trace has been broken for a while because we used to save the
buffer trajectory in a vector pointed to in opaque2. This does not work
well when opaque2 is copied (eg. because of a clone) as 2 buffers end up
sharing the same vector.
This dedicates a full cacheline in the buffer metadata instead when
trajectory is compiled in. No dynamic allocation, no sharing, no tears.
Type: refactor
Change-Id: I6a028ca1b48d38f393a36979e5e452c2dd48ad3f
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
The code for quota exceeded events is a u32 and was being copied
into ipfix packets in host byte order. Same for the limit field.
Swap the order before copying into packet buffer.
This change was applied once before but had to be reverted. This was
because between the time the change was uploaded/reviewed and the
time it was merged, a different patch was merged which activated a
NAT ipfix unit test that had formerly only been run as part of the
extended tests. The test was expecting the values to be in host byte
order so it failed with this patch applied. This time around, that
test has also been updated to expect network byte order.
Change-Id: If5413b1f806d664f6786e56ba13c3eee573c26d2
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Iead167e7497e0779c440f7fb243014a06ae2b452
|
|
Properly select worker from hash table in out2in direction, increase
number of worker threads in MW test to 4 to test these cases.
Type: fix
Change-Id: I76eda5761ff497b85b031dd913a64b7fcb53b33a
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Removing obsolete optional parameters.
Type: fix
Change-Id: I135eb4767979ab81636da16e91752a2ad80e0a45
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
If cache used than we don't print in trace session index.
Type: fix
Change-Id: Ib965cd8632b5217f8b2dd8b6cc6af3286c747582
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Adding test for NAT44-ED subplugin.
Type: test
Change-Id: I10ce3d3ca8cb976ee9879efe77cb600df0102147
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Improve the code by removing another kind of wrappers.
Type: improvement
Change-Id: I5292ef6c1761e3c6c2edd15f2aa625dac26c3732
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Fix ordering of feature nodes so that ACL runs after NAT in in2out
direction so it can properly track stuff like ports after NAT rewrite.
Type: fix
Change-Id: I2c689b64765628e9bc77108914f74c6c801d8ce2
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I4a5d52d54aa2748008e896888bfeabb18a1088bb
|
|
Type: fix
Change-Id: I170f9d8c685f59b7ccf6f9ee7fdc1dcdf2a54fe1
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Use actual thread index from hash table instead of doing calculation.
Calculated index might be different and could lead to crash.
Type: fix
Change-Id: Iede9a67fbe541cb44eccd0d6ddf4e2c51eb35423
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ibbb72e77c751b7e775620cfb160b52ceff2da86b
|
|
Type: fix
Coverity scan issue fix.
Change-Id: I9036fade15fd381da9c1e6b575f250fdcb21f876
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Type: improvement
Adding support for enable&disable calls
(dynamic plugin configuration).
API (nat66_plugin_enable_disable) and
CLI (nat66 plugin enable/nat66 plugin disable) with support for
outside_vrf id configuration.
Change-Id: I5637ff1621d6662adc3b7c6f7f8176d84a4b492b
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Use correct vlib_main() in various code parts. Fix tests.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ia379f3b686599532dedaafad2278c4097a3f03f3
|
|
Type: refactor
Change-Id: I8b273bc3bf16aa360f031f1b2692f766e5fc4613
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: If3da7d4338470912f37ff1794620418d928fb77f
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: I068bfeaf22b9e6cce967c27acdd46d4b8541bdf8
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: fix
Change-Id: I392d348b1a38affac8761b0614b117cd991958d7
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: fix
Change-Id: I84d511c30eb5878a1867f5e9d2207a39d4f0926c
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Avoid erroneous double vnet_feature_next if routing buffer manually.
Type: fix
Change-Id: I3f56c12bf57f59a1e5ddad63a2565fa195934cf6
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
VppTestCase now has vpp_worker_count property set to number of workers.
This can be overriden by child classes. Also overriden by
VPP_WORKER_CONFIG variable for legacy reasons.
Type: improvement
Change-Id: Ic328bacb9003ddf9e92815767653bd362aa7f086
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Make code easier to read and debug.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ib52a4cdd3bcdcc475053aa32af3964c00859e1cd
|
|
Type: feature
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I8e48bdcc4c311717e067bb0a4e0b409a2eb8e83d
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type: refactor
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ifb4a9c52fd2c5dd9f3f5cf41214aa1851f6d7acd
|
|
Type: style
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I66b7ed03f784f3992a910ad6a52ed89116a39297
|
|
Type: test
Change-Id: I37a12e3580c3631582f366944fe30f325b46f366
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|