summaryrefslogtreecommitdiffstats
path: root/src/vnet/session/session_rules_table.h
AgeCommit message (Collapse)AuthorFilesLines
2021-09-21session: implement app_ns deletionNathan Skrzypczak1-0/+1
Type: feature Change-Id: If0edbb21a0283d66c648a9e190d238c8cfa56353 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-02-11session: cleanup application interfaceFlorin Coras1-3/+2
Change-Id: I89d240753b3f3c5e984aa303a7c8fa35fa59bf7f Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-04session: cleanup part 1Florin Coras1-1/+1
Rename core data structures. This will break compatibility for out of tree builtin apps. - stream_session_t to session_t - server_rx/tx_fifo to rx/tx_fifo - stream_session.h to session_types.h - update copyright Change-Id: I414097c6e28bcbea866fbf13b8773c7db3f49325 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-20session/tcp: filtering improvementsFlorin Coras1-2/+2
- make allow action explicit (-3) - add session lookup is_filtered return flag that is set if lookup hit a deny filter - change tcp logic to drop filtered packets when punting is enabled Change-Id: Ic38f294424663a4e108439b7571511f46f8e0be1 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-09session: lookup/rules table improvements and cleanupFlorin Coras1-1/+2
Change-Id: I5217364220023df34d5bee071cb750df1661b093 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-06session: add rule tagsFlorin Coras1-12/+29
Change-Id: Id5ebb410f509ac4c83d60e48efd54e00035e5ce6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-03session: support drop action in rules tableFlorin Coras1-0/+2
Change-Id: Ided2980373ed5329c68f958f61be893428bccd31 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-28session: rules tablesFlorin Coras1-0/+107
This introduces 5-tuple lookup tables that may be used to implement custom session layer actions at connection establishment time (session layer perspective). The rules table build mask-match-action lookup trees that for a given 5-tuple key return the action for the first longest match. If rules overlap, ordering is established by tuple longest match with the following descending priority: remote ip, local ip, remote port, local port. At this time, the only match action supported is to forward packets to the application identified by the action. Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3 Signed-off-by: Florin Coras <fcoras@cisco.com>