aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/snat/snat.c
AgeCommit message (Collapse)AuthorFilesLines
2017-08-08L2 over MPLSNeale Ranns1-1/+1
[support for VPWS/VPLS] - switch to using dpo_proto_t rather than fib_protocol_t in fib_paths so that we can describe L2 paths - VLIB nodes to handle pop/push of MPLS labels to L2 Change-Id: Id050d06a11fd2c9c1c81ce5a0654e6c5ae6afa6e Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-04SNAT: fix address and port allocation for multiple worker threads (VPP-925)Matus Fabian1-10/+27
There is a chance to allocate the same outside address and port. Assign a block of port numbers to each worker. Change-Id: I6ef7dc0aab4834705f4e6097c362940d18d747e8 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-07-25SANT: fib_table unlock (VPP-918)Matus Fabian1-1/+8
Change-Id: Ie0ad3671e3f4b55cd0f14601b6fed9ee2a1cbec0 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-07-21SNAT: in2out translation as an output feature hairpinning (VPP-913)Matus Fabian1-3/+18
Change-Id: I3790739683c6090ffb2aefb4758bd4275856c09a Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-07-20SNAT: in2out translation as an output feature (VPP-903)Matus Fabian1-3/+180
in2out translation as an output feature on the outside interface (postrouting) Change-Id: I32c0311be09bdf102b9a0885b8b89c7588cb558f Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-07-07SNAT: Fallback to 3-tuple key for non TCP/UDP sessions (VPP-884)Matus Fabian1-15/+87
Change-Id: I4868ff6e81c579b29d3ea066976ae145f8b83e9e Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-06-19NAT64: change not supported multi threading behaviourMatus Fabian1-4/+4
Disable CLI/API commands instead of error message on startup. Change-Id: I313ed6e2ea009f573afb5e08b0e85ed1f9091dc3 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-06-09NAT64: ICMP error supportMatus Fabian1-2/+4
Added ICMP error messages translation. Added check for multi thread (not supported yet, so init failed). Added API definition for custom NAT64 refix. Change-Id: Ice2f04631af63e594aecc09087a1cf59f3b676fb Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-06-08NAT64: Add NAT64 support for snat plugin (VPP-699)Matus Fabian1-0/+3
Basic NAT64 feature (no hairpinning, no multi-thread). Change-Id: I392fccbce93e70c117f4a9a7ec7cf08d6c537f2d Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-05-10SNAT: move API code to separate fileMatus Fabian1-1255/+5
Move API source code from snat.c to snat_api.c Change-Id: I1c4439eb5d2e3f43695ecc4d300eccd148105c15 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-04-26CGN: Session dump, test naming for ports fixedMartin Gálik1-1/+68
Change-Id: Ib542b2b3ee023fbe3d0e01ceaf4b4ab7a0ec80dc Signed-off-by: Martin Gálik <magalik@cisco.com>
2017-04-26CGNAT: close session API and CLI commands.Martin Gálik1-1/+242
Change-Id: I9c8636bd2c4b8da2907e8e4a4f2be1a2c3a8e0bb Signed-off-by: Martin Gálik <magalik@cisco.com>
2017-04-19Support ping from outside network in 1:1 NAT (VPP-695)Juraj Sloboda1-1/+6
Change-Id: Iec8fd4c2bd26874bd8bda82172af797e9b92592c Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-12CGN: configurable timeoutsMatus Fabian1-1/+138
add API and CLI configuration of deterministic NAT session timeout for TCP, UDP and ICMP protocol Change-Id: I577440452e7eaedcb5d80501a7fd4b76e31e8c9c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-04-11Add ICMP support for deterministic NATJuraj Sloboda1-0/+2
Change-Id: I9a6bcb7d173a2c13d89784e7ff8a6e42dcee201f Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-03-22vlib: add description field in plugin registrationDamjan Marion1-0/+1
Change-Id: I88b322a5d602f3d6d3310e971479180a89430e0e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-16API:replaced all REPLY_MACRO's with api_helper_macros.hEyal Bari1-1/+1
Change-Id: I08ab1fd0abdd1db4aff11a38c9c0134b01368e11 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-03-15API: define optional base_id for REPLY_MACRO'sEyal Bari1-102/+3
this enables sharing the api_helper_macros.h implementation Change-Id: Ie3fc89f3b4b5a47fcfd4b5776db90e249c55dbc3 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-03-13Refactor SNAT ICMP codeJuraj Sloboda1-0/+8
Change-Id: I07de08ef111011694638a8ebe7a13c240714ce7e Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-03-08SNAT: deterministic map dumpMartin1-1/+51
Change-Id: Iead6dc6a0fe15a0b8e148e780c3aeadd0b378824 Signed-off-by: Martin <magalik@cisco.com>
2017-03-08SNAT: fix coverity warnings (VPP-608)Matus Fabian1-2/+3
Change-Id: Id7879a6a8014fe57c3515a13e7597fb0e3c906ad Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-03-08SNAT: user_session_dump is_ip4 and vat unformating addedMartin1-0/+2
Change-Id: I0ffab147c3218a75b7c3bb829983f538c7b637ee Signed-off-by: Martin <magalik@cisco.com>
2017-03-07CGN: Deterministic NAT (VPP-623)Matus Fabian1-87/+612
Inside user is statically mapped to a set of outside ports. Support endpoint dependent mapping to deal with overloading of the outside ports. Change-Id: I8014438744597a976f8ae459283e8b91f63b7f72 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-03-07Add setting of tenant VRF id for SNAT addresses (VPP-641)Juraj Sloboda1-6/+29
Change-Id: I9c0bb35ba16e04206ac481495f6638d3763754a1 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-03-06SNAT: session dump last heard type fixMartin1-2/+2
Change-Id: I3323f7d4bb5da4bc2b19637964e5467ac92680cd Signed-off-by: Martin <magalik@cisco.com>
2017-03-02SNAT: user's dump and session dump of a certain snat user.magalik1-1/+141
Change-Id: If75a35dbdcb43c1ce0128b8649f2ca3970d3fff5 Signed-off-by: Martin <magalik@cisco.com>
2017-02-22VPP-635: CLI Memory leak with invalid parameterBilly McFall1-43/+96
In the CLI parsing, below is a common pattern: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else return clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); } unformat_free (line_input); The 'else' returns if an unknown string is encountered. There a memory leak because the 'unformat_free(line_input)' is not called. There is a large number of instances of this pattern. Replaced the previous pattern with: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else { error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); goto done: } } /* ...Remaining code... */ done: unformat_free (line_input); return error; } In multiple files, 'unformat_free (line_input);' was never called, so there was a memory leak whether an invalid string was entered or not. Also, there were multiple instance where: error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); used 'input' as the last parameter instead of 'line_input'. The result is that output did not contain the substring in error, instead just an empty string. Fixed all of those as well. There are a lot of file, and very mind numbing work, so tried to keep it to a pattern to avoid mistakes. Change-Id: I8902f0c32a47dd7fb3bb3471a89818571702f1d2 Signed-off-by: Billy McFall <bmcfall@redhat.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-02-15SNAT: add static mappings with unresolved external interface address to ↵Matus Fabian1-1/+62
snat_static_mapping_dump Change-Id: Ib560b397700fe058ad1e2970989d98e3debf54aa Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-02-06SNAT: fix snat_add_static_mapping_command() uninitialized variableMatus Fabian1-4/+8
Change-Id: I7775dd3b90d5a3449650c3102e24bfedd770beb1 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-02-05SNAT: initialize outside and inside FIB index in snat_configMatus Fabian1-22/+5
Change-Id: If26d758997d71792cedad1afae8d6a38cfd364ac Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-02-03Plugin infrastructure improvementsDamjan Marion1-21/+6
This patch replaces requirement for vlib_plugin_register function in the plugin so file and introduces new macro: VLIB_PLUGIN_REGISTER () = { .version = "version string", .version_required = "requred version", .default_disabled = 1, .early_init = "early_init_function_name", }; Plugin will nor be loaded if .default_disabled is set to 1 unless explicitely enabled in startup.conf. If .verstion_required is set, plugin will not be loaded if there is version mismatch between plugin and vpp. This can be bypassed by setting "skip-version-check" for specific plugin. If .early-init string is present, plugin loader will try to resolve this specific symbol in the plugin namespace and make a function call. Following startup.conf configuration is added: plugins { path /path/to/plugin/directory plugin ila_plugin.so { enable skip-version-check } plugin acl_plugin.so { disable } } Change-Id: I706c691dd34d94ffe9e02b59831af8859a95f061 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-02-03SNAT: Port allocation per protocolMatus Fabian1-52/+144
Ports are allocated per protocol (UDP, TCP, ICMP) 1:1 NAT with port is configured for specific protocol Change-Id: I37ae5eed3715b223d0620d4fdaed7a482bb7a834 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-02-02SNAT: changed source for outbound address FIB entry (VPP-613)Matus Fabian1-21/+11
Use FIB_SOURCE_PLUGIN_HI and modify ARP input to use non-source variants for flags and resolving interface get. Change-Id: I3bab76f36e0b1ee86e430a416099f1654e02740a Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-01-31SNAT: Add outbound addresses to FIB (VPP-613)Matus Fabian1-1/+110
Add the external NAT address to the FIB as receive entries. This ensures that VPP will reply to ARP for these addresses and we don't need to enable proxy ARP on the outside interface. Change-Id: I1db153373c43fec4808845449a17085509ca588c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-01-25SNAT: static mappings for dhcp addressed interfaces (VPP-590)Matus Fabian1-82/+117
updated API added test Change-Id: I3f6017ecf09b924cb320c1b5f323cd33f7a37447 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-01-22Add static mapping support for dhcp client interfacesDave Barach1-2/+90
Change-Id: I0412f95b71b9768d41c9c398a24adb1555bde20b Signed-off-by: Dave Barach <dave@barachs.net>
2017-01-14SNAT: IPFIX logging (VPP-445)Matus Fabian1-4/+108
Change-Id: I8450217dd43a1cd9f510e40dfb22274ffc33a4c6 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-01-13SNAT: add API and test for NAT pool address from interfaceMatus Fabian1-6/+116
Change-Id: I2a868f736fae8d37b438c604a9284653ea415541 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-01-11Acquire SNAT pool addresses from specific interfacesDave Barach1-0/+124
Pick up addresses added by DHCP client, or by static configuration Needs to have binary API support added Change-Id: I962ef89e6e5f36cdc5457b92e165c498b08b25a9 Signed-off-by: Dave Barach <dave@barachs.net>
2017-01-01Move java,lua api and remaining plugins to src/Damjan Marion1-0/+1957
Change-Id: I1c3b87e886603678368428ae56a6bd3327cbc90d Signed-off-by: Damjan Marion <damarion@cisco.com>