From 1c7104514cd40d2377caca36cf40c13b791bc5aa Mon Sep 17 00:00:00 2001 From: Florin Coras Date: Tue, 17 Oct 2017 00:03:13 -0700 Subject: session: rules tables This introduces 5-tuple lookup tables that may be used to implement custom session layer actions at connection establishment time (session layer perspective). The rules table build mask-match-action lookup trees that for a given 5-tuple key return the action for the first longest match. If rules overlap, ordering is established by tuple longest match with the following descending priority: remote ip, local ip, remote port, local port. At this time, the only match action supported is to forward packets to the application identified by the action. Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3 Signed-off-by: Florin Coras --- src/vnet/session/session.api | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) (limited to 'src/vnet/session/session.api') diff --git a/src/vnet/session/session.api b/src/vnet/session/session.api index fee98c2c8ff..e6f3b02005d 100644 --- a/src/vnet/session/session.api +++ b/src/vnet/session/session.api @@ -359,6 +359,44 @@ autoreply define app_namespace_add_del { u8 namespace_id[64]; }; +/** \brief add/del session rule + @param client_index - opaque cookie to identify the sender + client to vpp direction only + @param context - sender context, to match reply w/ request + @param transport_proto - transport protocol (0 - tcp 1 - udp) + @param is_ip4 - flag to indicate if ip addresses are ip4 or 6 + @param lcl_ip - local ip + @param lcl_plen - local prefix length + @param rmt_ip - remote ip + @param rmt_ple - remote prefix length + @param lcl_port - local port + @param rmt_port - remote port + @param action_index - the only action defined now is forward to + application with index action_index + @param is_add - flag to indicate if add or del + @param appns_index - application namespace where rule is to be applied + to + @param scope - flag that indicates scope of the rule: global or local. + If 0, default is global, 1 is global 2 is local, 3 is + both +*/ +autoreply define session_rule_add_del { + u32 client_index; + u32 context; + u8 transport_proto; + u8 is_ip4; + u8 lcl_ip[16]; + u8 lcl_plen; + u8 rmt_ip[16]; + u8 rmt_plen; + u16 lcl_port; + u16 rmt_port; + u32 action_index; + u8 is_add; + u32 appns_index; + u8 scope; +}; + /* * Local Variables: * eval: (c-set-style "gnu") -- cgit 1.2.3-korg