Age | Commit message (Collapse) | Author | Files | Lines |
|
Added ICMP error messages translation.
Added check for multi thread (not supported yet, so init failed).
Added API definition for custom NAT64 refix.
Change-Id: Ice2f04631af63e594aecc09087a1cf59f3b676fb
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Basic NAT64 feature (no hairpinning, no multi-thread).
Change-Id: I392fccbce93e70c117f4a9a7ec7cf08d6c537f2d
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I9d63133bd1db72917571ade868040c4597c896a1
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
The Wmaybe-uninitialized is the new error included with Wall.
This patch addresses the warning and fixes it.
Change-Id: I8fdf9ff2d236c46b717024a14874fbbbad8af303
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|
|
Change-Id: I67839281623721bf42f0a918a53356143d9dc78a
Signed-off-by: Ole Troan <ot@cisco.com>
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: Ifa9582962710a3601fcccbbf388529043fc7f08a
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I82c663bc0866c6c68ba354104b0bb059387f4b9d
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Move API source code from snat.c to snat_api.c
Change-Id: I1c4439eb5d2e3f43695ecc4d300eccd148105c15
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I19a6015fde7342588cfa9c7a4f07016aa339cc72
Signed-off-by: Martin Gálik <magalik@cisco.com>
|
|
Change-Id: Ib542b2b3ee023fbe3d0e01ceaf4b4ab7a0ec80dc
Signed-off-by: Martin Gálik <magalik@cisco.com>
|
|
Change-Id: I9c8636bd2c4b8da2907e8e4a4f2be1a2c3a8e0bb
Signed-off-by: Martin Gálik <magalik@cisco.com>
|
|
Change-Id: I72298aaae7d172082ece3a8edea4217c11b28d79
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
maximum entries per user exceeded event
Change-Id: Ie35d7f40f55001e2ef4a38f934f176594f25b189
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: Iec8fd4c2bd26874bd8bda82172af797e9b92592c
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Handle situation when client tries to connect to multiple hosts/ports
from the same client port. Extend matching to include remote host/port
when searching for existing session and create session for each flow
even when originating from the same client port.
Change-Id: I4f54ded930e59e7196843c6bc1d2d2386c57cd3c
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
add API and CLI configuration of deterministic NAT session timeout for TCP, UDP
and ICMP protocol
Change-Id: I577440452e7eaedcb5d80501a7fd4b76e31e8c9c
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I0306bc0ab87908adb79c594c657d579cb34b3ec1
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Change-Id: I9a6bcb7d173a2c13d89784e7ff8a6e42dcee201f
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Change-Id: I71f34dc64d4ddc5f2ec1164cb3c353d0fe2d95ab
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Change-Id: Icd25ec2e5faf69898178199aa44f21790ce664e1
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Change-Id: I691d1bfb2923a07c0003485b1d0272aaf9ed27ee
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
This patch deprecates stack-based thread identification,
Also removes requirement that thread stacks are adjacent.
Finally, possibly annoying for some folks, it renames
all occurences of cpu_index and cpu_number with thread
index. Using word "cpu" is misleading here as thread can
be migrated ti different CPU, and also it is not related
to linux cpu index.
Change-Id: I68cdaf661e701d2336fc953dcb9978d10a70f7c1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I88b322a5d602f3d6d3310e971479180a89430e0e
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I8187b43129b80fadd90ea493afb922064f79abbe
Signed-off-by: Martin <magalik@cisco.com>
|
|
Change-Id: I08ab1fd0abdd1db4aff11a38c9c0134b01368e11
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
this enables sharing the api_helper_macros.h implementation
Change-Id: Ie3fc89f3b4b5a47fcfd4b5776db90e249c55dbc3
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I07de08ef111011694638a8ebe7a13c240714ce7e
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Change-Id: Iead6dc6a0fe15a0b8e148e780c3aeadd0b378824
Signed-off-by: Martin <magalik@cisco.com>
|
|
Change-Id: Id7879a6a8014fe57c3515a13e7597fb0e3c906ad
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I0ffab147c3218a75b7c3bb829983f538c7b637ee
Signed-off-by: Martin <magalik@cisco.com>
|
|
Change-Id: I5143328b2da62ce4d6bb2915e2a51855696d87fc
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Inside user is statically mapped to a set of outside ports. Support endpoint
dependent mapping to deal with overloading of the outside ports.
Change-Id: I8014438744597a976f8ae459283e8b91f63b7f72
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I9c0bb35ba16e04206ac481495f6638d3763754a1
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
It does not look like it actually can be used uninitialized ... but gcc
complains, so with Werror this prevents from compiling.
sample warning output:
In file included from /home/gannega/export/vpp/build-data/../src/vnet/handoff.h:21:0,
from /home/gannega/export/vpp/build-data/../src/plugins/snat/in2out.c:19:
/home/gannega/export/vpp/build-data/../src/plugins/snat/in2out.c: In function 'snat_in2out_node_fn_inline':
/home/gannega/export/vpp/build-data/../src/vnet/ip/ip4_packet.h:244:15: error: 'inner_ip0' may be used uninitialized in this function [-Werror=maybe-uninitialized]
i->checksum = 0;
^
/home/gannega/export/vpp/build-data/../src/plugins/snat/in2out.c:433:17: note: 'inner_ip0' was declared here
ip4_header_t *inner_ip0;
Change-Id: If7c35dfb528861fd4ec6374aa1343b48f0f93057
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
|
|
Change-Id: I3323f7d4bb5da4bc2b19637964e5467ac92680cd
Signed-off-by: Martin <magalik@cisco.com>
|
|
Changed vat_api_hookup(...) to <plugin-name>_api_hookup, change to
static functions. Fixed the related emacs-lisp plugin skeleton.
Change-Id: Id14f8fc3138751f469d48fecb26175e938f5f028
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: If75a35dbdcb43c1ce0128b8649f2ca3970d3fff5
Signed-off-by: Martin <magalik@cisco.com>
|
|
Change-Id: I49e5ce0aae6e4ff634024387ceaf7dbc432a0351
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
In the CLI parsing, below is a common pattern:
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
return 0;
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (line_input, "x"))
x = 1;
:
else
return clib_error_return (0, "unknown input `%U'",
format_unformat_error, line_input);
}
unformat_free (line_input);
The 'else' returns if an unknown string is encountered. There a memory
leak because the 'unformat_free(line_input)' is not called. There is a
large number of instances of this pattern.
Replaced the previous pattern with:
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
return 0;
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (line_input, "x"))
x = 1;
:
else
{
error = clib_error_return (0, "unknown input `%U'",
format_unformat_error, line_input);
goto done:
}
}
/* ...Remaining code... */
done:
unformat_free (line_input);
return error;
}
In multiple files, 'unformat_free (line_input);' was never called, so
there was a memory leak whether an invalid string was entered or not.
Also, there were multiple instance where:
error = clib_error_return (0, "unknown input `%U'",
format_unformat_error, line_input);
used 'input' as the last parameter instead of 'line_input'. The result
is that output did not contain the substring in error, instead just an
empty string. Fixed all of those as well.
There are a lot of file, and very mind numbing work, so tried to keep
it to a pattern to avoid mistakes.
Change-Id: I8902f0c32a47dd7fb3bb3471a89818571702f1d2
Signed-off-by: Billy McFall <bmcfall@redhat.com>
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Inspection shows that the names of two functions:
api_snat_ipfix_enable_disable()
api_snat_add_del_interface_addr()
don't match their bodies and have been swapped.
Make the world right again by swapping them to match.
Change-Id: Ieefd7f0fdbf52794e8649b0cbbcf6e1403c1b90a
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Change-Id: I322bfb3469b3d0d5b0cac39a6c2dba1c6f83ce3d
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Change-Id: I8d2022b7cb3ef3da736c085bccbb5b9c057a8d76
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
snat_static_mapping_dump
Change-Id: Ib560b397700fe058ad1e2970989d98e3debf54aa
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I7775dd3b90d5a3449650c3102e24bfedd770beb1
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: If26d758997d71792cedad1afae8d6a38cfd364ac
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
This patch replaces requirement for vlib_plugin_register function
in the plugin so file and introduces new macro:
VLIB_PLUGIN_REGISTER () = {
.version = "version string",
.version_required = "requred version",
.default_disabled = 1,
.early_init = "early_init_function_name",
};
Plugin will nor be loaded if .default_disabled is set to 1
unless explicitely enabled in startup.conf.
If .verstion_required is set, plugin will not be loaded if there
is version mismatch between plugin and vpp. This can be bypassed
by setting "skip-version-check" for specific plugin.
If .early-init string is present, plugin loader will try to resolve
this specific symbol in the plugin namespace and make a function call.
Following startup.conf configuration is added:
plugins {
path /path/to/plugin/directory
plugin ila_plugin.so { enable skip-version-check }
plugin acl_plugin.so { disable }
}
Change-Id: I706c691dd34d94ffe9e02b59831af8859a95f061
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ia5d3d81cbc2ef85fabf9e19c89a52c589a921d14
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Ports are allocated per protocol (UDP, TCP, ICMP)
1:1 NAT with port is configured for specific protocol
Change-Id: I37ae5eed3715b223d0620d4fdaed7a482bb7a834
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Now that the M() and S() macros accept a message parameter, there
is no longer a need to introduce a new block structure around the
CONTROL_PING messages just to have a new unbound "mp" variable.
Instead, just use one named "mp_ping" directly.
Change-Id: I6b283562bb6eec25806e3d35c35b977680ecd1dd
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Instead, have them accept and assign a return paramter leaving
the return control flow up to the caller. Clean up otherwise
misleading returns present even after "NOT REACHED" comments.
Change-Id: I0861921f73ab65d55b95eabd27514f0129152723
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|