From 1c7104514cd40d2377caca36cf40c13b791bc5aa Mon Sep 17 00:00:00 2001
From: Florin Coras <fcoras@cisco.com>
Date: Tue, 17 Oct 2017 00:03:13 -0700
Subject: session: rules tables

This introduces 5-tuple lookup tables that may be used to implement
custom session layer actions at connection establishment time (session
layer perspective).

The rules table build mask-match-action lookup trees that for a given
5-tuple key return the action for the first longest match. If rules
overlap, ordering is established by tuple longest match with the
following descending priority: remote ip, local ip, remote port, local
port.

At this time, the only match action supported is to forward packets to
the application identified by the action.

Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3
Signed-off-by: Florin Coras <fcoras@cisco.com>
---
 src/vnet/session/session_table.h | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/vnet/session/session_table.h')

diff --git a/src/vnet/session/session_table.h b/src/vnet/session/session_table.h
index 5e0564043f3..6588a43aa14 100644
--- a/src/vnet/session/session_table.h
+++ b/src/vnet/session/session_table.h
@@ -18,6 +18,7 @@
 
 #include <vppinfra/bihash_16_8.h>
 #include <vppinfra/bihash_48_8.h>
+#include <vnet/session/session_rules_table.h>
 
 typedef struct _session_lookup_table
 {
@@ -32,6 +33,11 @@ typedef struct _session_lookup_table
    */
   clib_bihash_16_8_t v4_half_open_hash;
   clib_bihash_48_8_t v6_half_open_hash;
+
+  /**
+   * Per fib proto and transport proto session rules tables
+   */
+  session_rules_table_t session_rules;
 } session_table_t;
 
 #define SESSION_TABLE_INVALID_INDEX ((u32)~0)
-- 
cgit 1.2.3-korg