/* * ct6.c - skeleton vpp engine plug-in * * Copyright (c)

* Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include #include #include #include #include #include /* define message IDs */ #include #include #define REPLY_MSG_ID_BASE cmp->msg_id_base #include ct6_main_t ct6_main; /* Action function shared between message handler and debug CLI */ static void ct6_feature_init (ct6_main_t * cmp) { u32 nworkers = vlib_num_workers (); if (cmp->feature_initialized) return; clib_bihash_init_48_8 (&cmp->session_hash, "ct6 session table", cmp->session_hash_buckets, cmp->session_hash_memory); cmp->feature_initialized = 1; vec_validate (cmp->sessions, nworkers); vec_validate_init_empty (cmp->first_index, nworkers, ~0); vec_validate_init_empty (cmp->last_index, nworkers, ~0); } int ct6_in2out_enable_disable (ct6_main_t * cmp, u32 sw_if_index, int enable_disable) { vnet_sw_interface_t *sw; int rv = 0; ct6_feature_init (cmp); /* Utterly wrong? */ if (pool_is_free_index (cmp->vnet_main->interface_main.sw_interfaces, sw_if_index)) return VNET_API_ERROR_INVALID_SW_IF_INDEX; /* Not a physical port? */ sw = vnet_get_sw_interface (cmp->vnet_main, sw_if_index); if (sw->type != VNET_SW_INTERFACE_TYPE_HARDWARE) return VNET_API_ERROR_INVALID_SW_IF_INDEX; vnet_feature_enable_disable ("interface-output", "ct6-in2out", sw_if_index, enable_disable, 0, 0); return rv; } int ct6_out2in_enable_disable (ct6_main_t * cmp, u32 sw_if_index, int enable_disable) { vnet_sw_interface_t *sw; int rv = 0; ct6_feature_init (cmp); /* Utterly wrong? */ if (pool_is_free_index (cmp->vnet_main->interface_main.sw_interfaces, sw_if_index)) return VNET_API_ERROR_INVALID_SW_IF_INDEX; /* Not a physical port? */ sw = vnet_get_sw_interface (cmp->vnet_main, sw_if_index); if (sw->type != VNET_SW_INTERFACE_TYPE_HARDWARE) return VNET_API_ERROR_INVALID_SW_IF_INDEX; vnet_feature_enable_disable ("ip6-unicast", "ct6-out2in", sw_if_index, enable_disable, 0, 0); return rv; } static clib_error_t * set_ct6_enable_disable_command_fn (vlib_main_t * vm, unformat_input_t * input, vlib_cli_command_t * cmd) { ct6_main_t *cmp = &ct6_main; u32 sw_if_index = ~0; int enable_disable = 1; u32 inside = ~0; int rv; while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) { if (unformat (input, "disable")) enable_disable = 0; else if (unformat (input, "%U", unformat_vnet_sw_interface, cmp->vnet_main, &sw_if_index)) ; else if (unformat (input, "inside") || unformat (input, "in")) inside = 1; else if (unformat (input, "outside") || unformat (input, "out")) inside = 0; else break; } if (inside == ~0) return clib_error_return (0, "Please specify inside or outside"); if (sw_if_index == ~0) return clib_error_return (0, "Please specify an interface..."); if (inside == 1) rv = ct6_in2out_enable_disable (cmp, sw_if_index, enable_disable); else rv = ct6_out2in_enable_disable (cmp, sw_if_index, enable_disable); switch (rv) { case 0: break; case VNET_API_ERROR_INVALID_SW_IF_INDEX: return clib_error_return (0, "Invalid interface, only works on physical ports"); break; default: return clib_error_return (0, "ct6_enable_disable returned %d", rv); } return 0; } /* *INDENT-OFF* */ VLIB_CLI_COMMAND (set_ct6_command, static) = { .path = "set ct6", .short_help = "set ct6 [inside|outside] [disable]", .function = set_ct6_enable_disable_command_fn, }; /* *INDENT-ON* */ /* API message handler */ static void vl_api_ct6_enable_disable_t_handler (vl_api_ct6_enable_disable_t * mp) { vl_api_ct6_enable_disable_reply_t *rmp; ct6_main_t *cmp = &ct6_main; int rv; VALIDATE_SW_IF_INDEX (mp); if (mp->is_inside) rv = ct6_in2out_enable_disable (cmp, ntohl (mp->sw_if_index), (int) (mp->enable_disable)); else rv = ct6_out2in_enable_disable (cmp, ntohl (mp->sw_if_index), (int) (mp->enable_disable)); BAD_SW_IF_INDEX_LABEL; REPLY_MACRO (VL_API_CT6_ENABLE_DISABLE_REPLY); } #include static clib_error_t * ct6_init (vlib_main_t * vm) { ct6_main_t *cmp = &ct6_main; clib_error_t *error = 0; cmp->vlib_main = vm; cmp->vnet_main = vnet_get_main (); /* Ask for a correctly-sized block of API message decode slots */ cmp->msg_id_base = setup_message_id_table (); /* * Set default parameters... * 256K sessions * 64K buckets * 2 minute inactivity timer * 10000 concurrent sessions */ cmp->session_hash_memory = 16ULL << 20; cmp->session_hash_buckets = 64 << 10; cmp->session_timeout_interval = 120.0; cmp->max_sessions_per_worker = 10000; /* ... so the packet generator can feed the in2out node ... */ ethernet_setup_node (vm, ct6_in2out_node.index); return error; } VLIB_INIT_FUNCTION (ct6_init); /* *INDENT-OFF* */ VNET_FEATURE_INIT (ct6out2in, static) = { .arc_name = "ip6-unicast", .node_name = "ct6-out2in", .runs_before = VNET_FEATURES ("ip6-lookup"), }; /* *INDENT-ON */ /* *INDENT-OFF* */ VNET_FEATURE_INIT (ct6in2out, static) = { .arc_name = "interface-output", .node_name = "ct6-in2out", .runs_before = VNET_FEATURES ("interface-output-arc-end"), }; /* *INDENT-ON */ /* *INDENT-OFF* */ VLIB_PLUGIN_REGISTER () = { .version = VPP_BUILD_VER, .description = "IPv6 Connection Tracker", }; /* *INDENT-ON* */ u8 * format_ct6_session (u8 * s, va_list * args) { ct6_main_t *cmp = va_arg (*args, ct6_main_t *); int i = va_arg (*args, int); ct6_session_t *s0 = va_arg (*args, ct6_session_t *); int verbose = va_arg (*args, int); clib_bihash_kv_48_8_t kvp0; if (s0 == 0) { s = format (s, "\n%6s%6s%40s%6s%40s%6s", "Sess", "Prot", "Src", "Sport", "Dst", "Dport"); return s; } s = format (s, "\n%6