Age | Commit message (Collapse) | Author | Files | Lines |
|
This introduces 5-tuple lookup tables that may be used to implement
custom session layer actions at connection establishment time (session
layer perspective).
The rules table build mask-match-action lookup trees that for a given
5-tuple key return the action for the first longest match. If rules
overlap, ordering is established by tuple longest match with the
following descending priority: remote ip, local ip, remote port, local
port.
At this time, the only match action supported is to forward packets to
the application identified by the action.
Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- Interactive commands like "ping" read extra input from the
input stream.
- In the case of "ping" it is simply a signal to cease the current
operation.
- "vppctl", in non-interactive mode, will issue a "quit" immediately
after the requested command to queue up closing of the session.
- This resulted in "ping" thinking a keypress was seen and returning
control to the CLI; the "quit" command however is consumed by the
keypress event handler and thus the session does not close.
- This patch reworks vppctl slightly to only issue "quit" after the
command has completed. In particular it uses the fact that VPP issues
NUL bytes as a surrogate prompt between output of commands to signal
acknowledgement that the command has completed; vppctl now flags
that the quit should be issued after the next such acknowledgement.
- Since input it still accepted, the user can still terminate the
"ping" early, if desired.
Change-Id: I7e3dbe767f32f8e364ccb5f81799759b311585df
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
Change-Id: I39d634b7691a524e5221c28997a737102298c281
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
>>> CID 178271: Memory - illegal accesses (RETURN_LOCAL)
>>> Using "ep", which points to an out-of-scope variable "_ep".
Change-Id: Icf21e602bc2718bfedd9480e9da41aff8693048e
Signed-off-by: Steven <sluong@cisco.com>
|
|
MACIP ACLs
The classifier tables upper bound of memory was just big enough
to cause the unittests pass most of the time but not always.
Increase the amount of space and run several hundred iterations
of unittests to ensure they always pass.
Change-Id: Ieb7876c6ebdde1f8c5273dbb9b090f12f2c38915
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: Ib0797faaa3f21c7577330bb8d0e801d43e01110e
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
vcom.c:
CID 178227: Logically dead code in vcom.c
vcom_socket.c:
CID 178254: Dereference after null check
CID 178250: Out-of-bounds access
vppcom.c:
CID 178252: Unused value
Suppress vppcom_session_attr() debug output.
Change-Id: I1d47bafb84fc0ad00c642392ae3cb6761fd3fb17
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
- CID 178251 Dereference after null check in vcom_socket.c
- CID 178253 Logically dead code in vppcom.c
Change-Id: I2a24cd53727fec76cf1a6d60f90414ff92567818
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
When creating 32K classify sessions, VPP crashes.
Default heap size is 2MB.
Need to configure it when requiring large number sessions.
Change-Id: I16678ee4a9e0ba61cbd2d3b38c43d10c59325968
Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
|
|
Administratively delete NAT44 session for specific inside/outside addresses and port pair.
Change-Id: If5ab500ac3592c7153d6d8f2cc0297df7309fbc3
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
format()
The vppctl was getting upset with large chunks of info generated
by repeated format() functions, so convert to use vlib_cli_output instead.
Also, refactor the show functionality into smaller functions,
separate from the input handling.
Change-Id: I5d0db5ac45ce4c1b59cd41526b837412e06b1ce0
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: I355433e0f07b328c441ed642705b31ca5157fabe
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
warning: passing an object that undergoes default argument promotion
to 'va_start' has undefined behavior [-Wvarargs]
Change-Id: Ic9cfd61e38983bd67f30bf92f605e6c87d103ca5
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
|
|
Change-Id: I04f1b63e66260d99c0dd180b0295a55a9b750df7
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Make it easier to integrate with external IKE daemon.
IPsec interfaces can have one or both SAs replaced after
creation. This allows for the possibility of setting a
new child SA on an interface when rekeying occurs. It also
allows for the possibility of creating an interface ahead
of time and updating the SA when parameters that are
negotiated during IKE exchange become known.
Change-Id: I0a31afdcc2bdff7098a924a51abbc58bdab2bd08
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Implement recvfrom(MSG_PEEK) by returning data in the provided buffer
without moving the read pointer
Change-Id: Idc1b22632d78e8a499cce7d48c15e8bab0b0bf88
Signed-off-by: Steven <sluong@cisco.com>
|
|
When lldp interface is set, it's better to check valid interface index.
Change-Id: I0db0ab6483ad73d28c69893576aa9b719c3b087c
Signed-off-by: Steve Shin <jonshin@cisco.com>
|
|
Change-Id: If8fb5484b64a5b1c04e34573490fedcf63feabc9
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Change-Id: Icaf7d7ad47284aea7a56e8006b69f45874d64202
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This fixes compilations on arm platforms.
The call to the function itself was protected, and used clib_xxhash instead.
Only the header protection was missing.
Change-Id: I9fac252a5732e1a9808cf7de93fa3d5f07bcebe6
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
|
|
Dynamically calculate the required buffer size to pack into based on
message definition. Also add input parameter length checking.
Change-Id: I7633bec596e4833bb328fbf63a65b866c7985de5
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I4164c4c19c8dbfd73e6ddf94a12056325cc093b9
Signed-off-by: Neale Ranns <nranns@cisco.com>
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Use a single physical interface in order to accomplish NAT44/NAT64.
Change-Id: I0c8138953a7a4075df306172e125abad771315e4
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Add support for getsockopt, sendto, and recvfrom. Not all options
for the system calls are supported yet. Only the options used by
curl and wget are supported for now.
Change-Id: I2e0ed7349a0273616b3831c201e7c117725ca287
Signed-off-by: Steven <sluong@cisco.com>
|
|
- CID 178225: Constant expression result
- CID 178220: Logically dead code
- CID 178222: Logically dead code
- CID 178227: Logically dead code
- CID 178223: Same on both sides
- CID 178226: Same on both sides
Change-Id: Ie0c80edb41390cf2308e54938be85d865e292138
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
- Move VCL & VCL-LDPRELOAD source into src/vcl
- Statically link vppcom into libvcl-ldpreload.so
Change-Id: I778300b37e8b06640d9dbc01caf297edf7a6edb7
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Change-Id: I5c1df59bce7c9654101672a12981e5bd62e9adc4
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- Global variables declared in header files without
the use of the 'extern' keword will result in multiple
instances of the variable to be created by the compiler
-- one for each different source file in which the
the header file is included. This results in wasted
memory allocated in the BSS segments as well as
potentially introducing bugs in the application.
Change-Id: I6ef1790b60a0bd9dd3994f8510723decf258b0cc
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Change-Id: I1075e5d2a1b6dfe3a443b40b41b8458a30505680
Signed-off-by: Jakub Grajciar <Jakub.Grajciar@pantheon.tech>
Signed-off-by: Jakub.Grajciar@pantheon.tech <Jakub.Grajciar@pantheon.tech>
|
|
Change-Id: I2e7e08e1de20ab57e3f899b080b90a3082219ae5
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: Ie49ee865b197e8fe7bba170c115a4ccbf1013e5f
Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
|
|
Change-Id: Id8578321381d14f9de827767ef0acf627f1535e4
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
- filter verbose debug output with VCOM_DEBUG > 2
- clean up nomenclature, renaming vppcom_*() functions to
vcom_session_*()
- fix vppcom_select crash with NULL maps.
Change-Id: I6e416a096d6fd800aa26991c2439e24e8fc38cc5
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Change-Id: Ic531d820b1846ff7363e5c396ac0b1176e87b401
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Any u8* variable created by format() is NOT null-terminated.
Add the null terminating byte with vec_terminate_c_string().
If that variable is used by (at least) hash_get_mem(), then it needs to
be null-terminated, as it will go through string_key_sum() which makes a
call to strlen.
Change-Id: I4e51e1b6668f557e53af3bb897cd281598eedbc0
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
|
|
Change-Id: I78215041588014e9e5c3599c60471ced610735bb
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
- Fix vppcom_select crash when n_bits == 0
- Enhance debug output
- Remove port byte-swapping during accept
Change-Id: I6ccd1040ceb82908d924220f558df803ab5eea30
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Vat supports setting value for the parameter, but
'not_last' is ignored by ip_add_del_route handler,
so can be removed.
This patch
- updates ip.api,
- removes vat handlers
- updates vpp_papi_provider.py
(also mpls_route_add_del with unused not_last)
Change-Id: Ife15de123db4bc8247103a29b90bce1988e46534
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
|
|
Use a proper u16 * vector to capture node indices, since vpp w/
plugins now exceeds 255 graph nodes
Change-Id: Ic48cad676fa3a6116413ddf08c083dd9660783f1
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Ib6b52917af717d3341429163fb9ecc903cf717fb
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Change-Id: Ief8c3d3bec116e9f884981fb52af528f98b5f6ff
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
This plugin provides per-ip address to interface punting.
When at least one rule is defined, the plugin receives all packets
which destination is one of VPP's address but which was not processed
by VPP (e.g., a TCP packet on a port that is not open, or a packet
for a protocol which is not attached).
Based on the set of configured rules, the destination address of each
packet is used to send the packet on the associated interface.
This plugin allows multiple containers to use
VPP's TCP stack (or other features provided by VPP) while still
being able to receive additional packets.
Change-Id: I3e69bb7d98183bf5163cb9ecb564cb482de252ce
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
|
|
Change-Id: I0c1671f3eaf2dad084e3ac9fb124c9ed78273f50
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Ubuntu 17.04, gcc version 6.3.0 20170406 (Ubuntu 6.3.0-12ubuntu2),
"make build" fails with the few of the errors below:
error: suggest parentheses around comparison in operand of ‘|’
[-Werror=parentheses]
is_aead = (sa0->crypto_alg == IPSEC_CRYPTO_ALG_AES_GCM_128 |
Solution: use the logical rather than the bitwise or.
Change-Id: Iffcc1ed2e68b14b248159cb117593d32c623c553
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
We need to push/pop the rx pthread's heap without affecting other
thread(s).
Search clib_per_cpu_mheaps, locate an unused slot. Duplicate the main
thread heap pointer in that slot, and set __os_thread_index
appropriately.
Miscellaneous cleanups. Print exec_inband results as a vector, instead
of as a format string. Don't bail out of vpp_api_test with results
pending, e.g. at the end of a vpp_api_test script. Even though vpp
will eventuallly garbage-collect them, We don't want to leave
allocated reply messages lurking in the api message allocation
rings...
Change-Id: I0e8a25d1ff0d3700249dc330d079db16c2fcbc55
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I54ced42749432335183ee3085a9ccc5f95a87ae9
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Change-Id: Ic3a0c51e5408921051deaf2e50372d9654574b27
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I5974e5545d74af53c27938c8cdbae12745c38a54
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|
|
Change-Id: I7794d5a0774017da4c1c15f45783a18754994ac8
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I193832a0cd0557fffc034a1223f67fa64a4d45ae
Signed-off-by: Florin Coras <fcoras@cisco.com>
|