Age | Commit message (Collapse) | Author | Files | Lines |
|
Recent changes removed the function that was incrementing the
tx counters. Increment them in the esp_encrypt functions.
Change-Id: I446333a23ccf66e34893adb2aa49af562cf35507
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Change-Id: Ida681d299fd57eba66338444b99d2476bdb3c695
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Change-Id: Icdf531b3c688c4da6be732ff178316e3757aebb5
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
The unit and code coverage tests are boring. The rest of the patch
involves test and packet-generator infra cleanups.
Teach the "make test-xxx" family of targets to set the api test plugin
path correctly, to make "binary-api <api-message-name> <args>" debug
CLI commands work correctly in the "make test"
environment. Unfortunately involves both the top-level and test
Makefiles.
Add a minor pg cli feature, a CLI to manually set
s->sw_if_index[VLIB_TX].
Consider the case where one configures an interface with both a
device-input and an output feature. To test the output feature using
the pg, it's necessary to inject packets into the interface output
node with both b->sw_if_index[VLIB_TX] and b->sw_if_index[VLIB_RX] set
correctly. For example:
packet-generator new {
name tx
limit 15
size 128-128
interface local0 # rx: device input feature not configured on local0
tx-interface loop0 # tx: output node requires b->sw_if_index[VLIB_TX]
node loop0-output
data {
hex 0x01005e7ffffa000dead0000008000102030405060708090a0b0c0d0e0f0102030405
}
}
Fix a longstanding bug in the packet generator stream setup. Remove
kludges which set b->sw_if_index[VLIB_TX] to ~0 [in multiple places]
instead of using the stream value s->sw_if_index[VLIB_TX], and setting
THAT datum correctly.
Change-Id: I1097a18e8db73661ded6b822c1d718f7e5cf36ed
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
The function dpdk_ol_flags_extract should return u16
instead of u8.
Change-Id: Id0b08b04c93598818f9a2eee5a88733900320dfa
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
|
|
Change-Id: I092a9f8237a895f907590772f2ea213a86502fb4
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Change-Id: Ib8cb19361c42e38e3f68d7147358378fff161eb1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Default chunk is no longer embedded into the fifo and on free is
returned to its respective chunk list.
Change-Id: Ifc5d214eaa6eca44356eb79dd75650fb8569113f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Example / unit-test in .../src/plugins/unittest/bihash_test.c
Change-Id: I23fd0ba742d65291667a755965aee1a3d3477ca2
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
"make test" fails with invalid instruction on non-AESNI platform,
so do not register the ipsec-mb crypto backend in this case.
Change-Id: I61887e40ce3d39880e7da534b9dee00fd677d8fd
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: I2313932bdc41a4702585aa338f22df3f6e4e23d7
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Change-Id: I9dc746b8c62c3e7ee2f65e34a1a1dca243ed4bd9
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Change-Id: Idc050e469a5b697ca5587ddd4e87ac2d48d15658
Signed-off-by: Faicker Mo <faicker.mo@ucloud.cn>
|
|
Change-Id: Iac0c8218abc8d144d93a955e948a48a732b63107
Signed-off-by: lijianpeng <li.jianpeng@zte.com.cn>
|
|
Change-Id: Ie519683bb90aae6fb95f2a09e251cded1890ed41
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
As opposed to growing, this is not a bulk operation, instead dependent
on how the producer/consumer advance head and tail, the fifo will shrink
in one or multiple steps.
Only once the fifo's nitems and size are reduced to their appropriate
values, equal or larger to what was requested, can the fifo chunks be
collected by the owner. Chunk collection must be done with the segment
heap pushed.
Change-Id: Iae407ccf48d85320aa3c1e0304df56c5972c88c1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
If head/tail are stored as "absolute" values that are normalized to [0,
fifo_size] interval, when fifo is shrunk/grown the consumer and producer
have to independently update to the new fifo size and fix head and tail,
respectively.
If the head and tail are stored as normalized values, under the right
conditions, they don't need to be fixed when fifo size changes.
This reverts one of the changes in gerrit 18223.
Change-Id: I55a908828afe90925cf7c20186a940b25e5805f9
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- Make plugin descriptions more consistent
so the output of "show plugin" can be
used in the wiki.
Change-Id: I4c6feb11e7dcc5a4cf0848eed37f1d3b035c7dda
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Change-Id: Iaa5cd89791b0dfdb56a75009c564581d10696d83
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Ie76c69641c8598164d0d00fd498018037258fd86
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
These were introduced with the switch to unbound tail/head size, so they
only affect master. Added unit tests to avoid future surprises.
Change-Id: I83b6c9efbe31d8092ba59b8e2ed46f4da97f35db
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- nonce construction out of salt and iv is ipsec specific so it should be
handled in ipsec code
- fixes GCM unit tests
- GCM IV is constructed out of simple counter, per RFC4106 section 3.1
Change-Id: Ib7712cc9612830daa737f5171d8384f1d361bb61
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
In endpoint dependent mode, when a session at the head of a user
LRU is reused, if the IP protocol for that session was unknown (any
other than tcp, udp, or icmp), the attempt to delete the session
mapping from the in2out bihash was not using the same key that was
used when the mapping was added. This would cause the deletion of
the mapping to fail. If packets arrive later which match the original
session, the search for the session key would succeed when it should
have failed and the session, which is now associated with a different
pair of endpoints, may end up being updated when it should not be.
Update the key generation when reallocating an existing session to
do the right thing if the session is for an unknown protocol.
Also update format_nat_session() for unknown protocols so that
'vppctl show nat44 session detail' will display the protocol
correctly. In endpoint dependent mode, the IP protocol is stored in
the port field on a session if the protocol is unknown. The value
is stored in host byte order, but the format function was swapping
the bytes before writing the protocol.
Change-Id: I9e8daadd4569cb2610532dab4e4f41d1567cf3d1
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
When you create two identical NAT44 static mappings using interface
name as external address and only local or ext port is different,
VALUE_EXIST will be raised but when-resolved static mapping will
remain.
vpp# nat44 add static mapping tcp local 10.128.0.129 443 external GigabitEthernet0/8/0 8443
vpp# nat44 add static mapping tcp local 10.128.0.129 80 external GigabitEthernet0/8/0 8443
nat44 add static mapping: Mapping already exist.
vpp# show nat44 static mappings
NAT44 static mappings:
tcp local 10.128.0.129:443 external 2.2.2.2:8443 vrf 0
tcp local 10.128.0.129:443 external GigabitEthernet0/8/0:8443 vrf -1
tcp local 10.128.0.129:80 external GigabitEthernet0/8/0:8443 vrf -1
With this commit, when-resolved static mapping is not created if the
translation only differs in local or ext port.
Change-Id: Ifc960b9dc1371caa2a8d3206a80a0ffd10d293e4
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
Change-Id: Ie96706b4d8bcb32d2d5f065bc765f95f4e9369e7
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
"break;" will never be run after "return;"
Change-Id: I4fdfd10406fdf61897078746d28fa1ee32fb0081
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
|
|
... at least for use cases we are interested in
Change-Id: I1156ff354635e8f990ce2664ebc8dcd3786ddca5
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Both firefox and chrome seem happy to browse a hugo-generated site
Change-Id: Id216ad9c781643df42ac4fbce598eb2afa600f4d
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Idc3763c38f5aa638d4f290f4d4730577601d78b8
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
|
|
Change-Id: I984f347fb465c0c405cef668d8690457e81788e2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This reverts commit 7f2d57b69ea031cc6110b3a1f4c1ef1c35b67181.
Change-Id: I23c3b4d2dab6e13cc8fbbf0ac9d0cfd8af3241c1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: If8b2c8942db17a853883360885def47ce50e7ddd
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ie1d34b7e71554516595e0cd228e2cd54a3b8d629
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I58e713661a38cecbfdebd4609292d9d12e880cd2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ide2a9df18db371c8428855d7f12f246006d7c04c
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: If96f661d507305da4b96cac7b1a8f14ba90676ad
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I51e0d4a9ec62514a85bbe4c5f56a48d60ab6f4e4
Signed-off-by: John Lo <loj@cisco.com>
|
|
This allows QUIC & TLS specific logic to be implemented, and meaningfull
IP/port to be returned when connection is overridden.
Change-Id: Id79c59fe4d7b16d36f0e96ad3e281c4026b5fe65
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
|
|
Change-Id: Ia092a93a7ac0cbf9338f9d4a5db8b94b23549a13
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I65e7188c6893acca67455ff37f2dfbd0bedd5c09
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: If23a04623a7138c9f6c98ee9ecfa587396618a60
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ic4e882b784e5773198e55bd97b1bbd3d6dda888a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I50a6bcc127e4b44becc4b694bdd3018ac9bfab5c
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I638facf6e2128334c3d1a5a8494f378505831e1b
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I2492400a67b39a3adbc24ab7cf1ba17a409e95a8
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Change-Id: Icf0cff122dfbd260a2865b6c83531f4a8c726132
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Handle the case where buffer overflows.
Then SOCK_SEQPACKET assumption that multiple API messages
are not returned by recv() is broken. Use SOCK_STREAM for
API exchanges instead.
Add support for running tests over sockets.
make test SOCKET=1
Change-Id: Ibe5fd69b1bf617de4c7ba6cce0a7c2b3f97a2821
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: Ifeaf93c98e4af92da9409fa5a2114b577e8c0937
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This reverts commit bed1421b9f1b3643d93384084972337b596aec73.
/vpp/master3/src/plugins/nat/nat_api.c: In function ‘send_nat_worker_details’:
/vpp/master3/src/vppinfra/clib.h:62:33: error: division ‘sizeof (u8 * {aka unsigned char *}) / sizeof (u8 {aka unsigned char})’ does not compute the number of array elements [-Werror=sizeof-pointer-div]
#define ARRAY_LEN(x) (sizeof (x)/sizeof (x[0]))
^
/vpp/master3/src/plugins/nat/nat_api.c:205:43: note: in expansion of macro ‘ARRAY_LEN’
rmp = vl_msg_api_alloc (sizeof (*rmp) + ARRAY_LEN (w->name) - 1);
^~~~~~~~~
Change-Id: Ie82672c145fb2f6580827f95e535435307bc7a23
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I519d7efc8ee3c86381d96be2e2a46017cd948895
Signed-off-by: Filip Varga <fivarga@cisco.com>
|