aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/snat/in2out.c
AgeCommit message (Collapse)AuthorFilesLines
2017-04-12Handle multiple flows with the same client port in deterministic NATJuraj Sloboda1-12/+16
Handle situation when client tries to connect to multiple hosts/ports from the same client port. Extend matching to include remote host/port when searching for existing session and create session for each flow even when originating from the same client port. Change-Id: I4f54ded930e59e7196843c6bc1d2d2386c57cd3c Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-12CGN: configurable timeoutsMatus Fabian1-10/+10
add API and CLI configuration of deterministic NAT session timeout for TCP, UDP and ICMP protocol Change-Id: I577440452e7eaedcb5d80501a7fd4b76e31e8c9c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-04-12Support ICMP session timeout in deterministic NATJuraj Sloboda1-0/+5
Change-Id: I0306bc0ab87908adb79c594c657d579cb34b3ec1 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-11Add ICMP support for deterministic NATJuraj Sloboda1-9/+205
Change-Id: I9a6bcb7d173a2c13d89784e7ff8a6e42dcee201f Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-10Refactor SNAT codeJuraj Sloboda1-64/+69
Change-Id: I71f34dc64d4ddc5f2ec1164cb3c353d0fe2d95ab Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-10Handle ICMP echo with TTL=1 in deterministic and fast SNAT nodesJuraj Sloboda1-2/+43
Change-Id: Icd25ec2e5faf69898178199aa44f21790ce664e1 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-10Make fixes in SNAT codeJuraj Sloboda1-33/+37
Change-Id: I691d1bfb2923a07c0003485b1d0272aaf9ed27ee Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-06Use thread local storage for thread indexDamjan Marion1-55/+55
This patch deprecates stack-based thread identification, Also removes requirement that thread stacks are adjacent. Finally, possibly annoying for some folks, it renames all occurences of cpu_index and cpu_number with thread index. Using word "cpu" is misleading here as thread can be migrated ti different CPU, and also it is not related to linux cpu index. Change-Id: I68cdaf661e701d2336fc953dcb9978d10a70f7c1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-13Refactor SNAT ICMP codeJuraj Sloboda1-143/+238
Change-Id: I07de08ef111011694638a8ebe7a13c240714ce7e Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-03-08CGN: fix outside port calculation and set buffer error (VPP-623)Matus Fabian1-12/+18
Change-Id: I5143328b2da62ce4d6bb2915e2a51855696d87fc Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-03-07CGN: Deterministic NAT (VPP-623)Matus Fabian1-26/+512
Inside user is statically mapped to a set of outside ports. Support endpoint dependent mapping to deal with overloading of the outside ports. Change-Id: I8014438744597a976f8ae459283e8b91f63b7f72 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-03-07Add setting of tenant VRF id for SNAT addresses (VPP-641)Juraj Sloboda1-2/+4
Change-Id: I9c0bb35ba16e04206ac481495f6638d3763754a1 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-03-07silence -Wmaybe-uninitialized warningGabriel Ganne1-1/+1
It does not look like it actually can be used uninitialized ... but gcc complains, so with Werror this prevents from compiling. sample warning output: In file included from /home/gannega/export/vpp/build-data/../src/vnet/handoff.h:21:0, from /home/gannega/export/vpp/build-data/../src/plugins/snat/in2out.c:19: /home/gannega/export/vpp/build-data/../src/plugins/snat/in2out.c: In function 'snat_in2out_node_fn_inline': /home/gannega/export/vpp/build-data/../src/vnet/ip/ip4_packet.h:244:15: error: 'inner_ip0' may be used uninitialized in this function [-Werror=maybe-uninitialized] i->checksum = 0; ^ /home/gannega/export/vpp/build-data/../src/plugins/snat/in2out.c:433:17: note: 'inner_ip0' was declared here ip4_header_t *inner_ip0; Change-Id: If7c35dfb528861fd4ec6374aa1343b48f0f93057 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-03-02SNAT: user's dump and session dump of a certain snat user.magalik1-0/+1
Change-Id: If75a35dbdcb43c1ce0128b8649f2ca3970d3fff5 Signed-off-by: Martin <magalik@cisco.com>
2017-03-01VPP-598: tcp stack initial commitDave Barach1-13/+13
Change-Id: I49e5ce0aae6e4ff634024387ceaf7dbc432a0351 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-02-16Add handling of ICMP error packets in SNAT (VPP-629)Juraj Sloboda1-26/+171
Change-Id: I8d2022b7cb3ef3da736c085bccbb5b9c057a8d76 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-02-05SNAT: initialize outside and inside FIB index in snat_configMatus Fabian1-14/+0
Change-Id: If26d758997d71792cedad1afae8d6a38cfd364ac Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-02-03SNAT: fix invalid outside FIB indexMatus Fabian1-0/+14
Change-Id: Ia5d3d81cbc2ef85fabf9e19c89a52c589a921d14 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-02-03SNAT: Port allocation per protocolMatus Fabian1-30/+7
Ports are allocated per protocol (UDP, TCP, ICMP) 1:1 NAT with port is configured for specific protocol Change-Id: I37ae5eed3715b223d0620d4fdaed7a482bb7a834 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-01-23SNAT: Multiple inside interfaces (VPP-447)Matus Fabian1-103/+103
NAT only packets aimed at outside interface and in case of hairpinning Change-Id: Ida371380fce664b9434ca5ddd2369c980ff26beb Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-01-18Fix coverity warnings, VPP-608Dave Barach1-2/+6
Change-Id: Ib0144ba3a9a09971d3946c932e8fed6d5c1ad278 Signed-off-by: Dave Barach <dave@barachs.net>
2017-01-14SNAT: IPFIX logging (VPP-445)Matus Fabian1-0/+17
Change-Id: I8450217dd43a1cd9f510e40dfb22274ffc33a4c6 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-01-13SNAT: fixed crash - interface without IP address (VPP-599)Matus Fabian1-5/+20
Change-Id: I7f4d0cbde3d3c4ed6537e6351d5487546daea058 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-01-01Move java,lua api and remaining plugins to src/Damjan Marion1-0/+1597
Change-Id: I1c3b87e886603678368428ae56a6bd3327cbc90d Signed-off-by: Damjan Marion <damarion@cisco.com>