NAT: Rename snat plugin to nat (VPP-955)
Change-Id: I30a7e3da7a4efc6038a91e27b48045d4b07e2764
Signed-off-by: Matus Fabian <matfabia@cisco.com>
diff --git a/src/configure.ac b/src/configure.ac
index 7a038c2..4c2d3b4 100644
--- a/src/configure.ac
+++ b/src/configure.ac
@@ -169,7 +169,7 @@
PLUGIN_ENABLED(memif)
PLUGIN_ENABLED(pppoe)
PLUGIN_ENABLED(sixrd)
-PLUGIN_ENABLED(snat)
+PLUGIN_ENABLED(nat)
###############################################################################
# Dependency checks
diff --git a/src/examples/sample-plugin/sample_plugin_doc.md b/src/examples/sample-plugin/sample_plugin_doc.md
index 9348094..501a8dc 100644
--- a/src/examples/sample-plugin/sample_plugin_doc.md
+++ b/src/examples/sample-plugin/sample_plugin_doc.md
@@ -29,7 +29,7 @@
...
load_one_plugin:184: Loaded plugin: memif_plugin.so (Packet Memory Interface (experimetal))
load_one_plugin:184: Loaded plugin: sample_plugin.so (Sample of VPP Plugin)
- load_one_plugin:184: Loaded plugin: snat_plugin.so (Network Address Translation)
+ load_one_plugin:184: Loaded plugin: nat_plugin.so (Network Address Translation)
...
DBGvpp#
diff --git a/src/plugins/Makefile.am b/src/plugins/Makefile.am
index 8c7b3fa..205bfe6 100644
--- a/src/plugins/Makefile.am
+++ b/src/plugins/Makefile.am
@@ -74,8 +74,8 @@
include sixrd.am
endif
-if ENABLE_SNAT_PLUGIN
-include snat.am
+if ENABLE_NAT_PLUGIN
+include nat.am
endif
include ../suffix-rules.mk
diff --git a/src/plugins/nat.am b/src/plugins/nat.am
new file mode 100644
index 0000000..b967a71
--- /dev/null
+++ b/src/plugins/nat.am
@@ -0,0 +1,41 @@
+
+# Copyright (c) <current-year> <your-organization>
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+vppapitestplugins_LTLIBRARIES += nat_test_plugin.la
+vppplugins_LTLIBRARIES += nat_plugin.la
+
+nat_plugin_la_SOURCES = nat/nat.c \
+ nat/nat_api.c \
+ nat/in2out.c \
+ nat/out2in.c \
+ nat/nat_plugin.api.h \
+ nat/nat_ipfix_logging.c \
+ nat/nat_det.c \
+ nat/nat64.c \
+ nat/nat64_cli.c \
+ nat/nat64_in2out.c \
+ nat/nat64_out2in.c \
+ nat/nat64_db.c
+
+API_FILES += nat/nat.api
+
+nobase_apiinclude_HEADERS += \
+ nat/nat_all_api_h.h \
+ nat/nat_msg_enum.h \
+ nat/nat.api.h
+
+nat_test_plugin_la_SOURCES = \
+ nat/nat_test.c nat/nat_plugin.api.h
+
+# vi:syntax=automake
diff --git a/src/plugins/snat/in2out.c b/src/plugins/nat/in2out.c
similarity index 97%
rename from src/plugins/snat/in2out.c
rename to src/plugins/nat/in2out.c
index abe0d9d..62a1117 100644
--- a/src/plugins/snat/in2out.c
+++ b/src/plugins/nat/in2out.c
@@ -21,9 +21,9 @@
#include <vnet/ip/ip.h>
#include <vnet/ethernet/ethernet.h>
#include <vnet/fib/ip4_fib.h>
-#include <snat/snat.h>
-#include <snat/snat_ipfix_logging.h>
-#include <snat/snat_det.h>
+#include <nat/nat.h>
+#include <nat/nat_ipfix_logging.h>
+#include <nat/nat_det.h>
#include <vppinfra/hash.h>
#include <vppinfra/error.h>
@@ -49,8 +49,8 @@
snat_in2out_trace_t * t = va_arg (*args, snat_in2out_trace_t *);
char * tag;
- tag = t->is_slow_path ? "SNAT_IN2OUT_SLOW_PATH" : "SNAT_IN2OUT_FAST_PATH";
-
+ tag = t->is_slow_path ? "NAT44_IN2OUT_SLOW_PATH" : "NAT44_IN2OUT_FAST_PATH";
+
s = format (s, "%s: sw_if_index %d, next index %d, session %d", tag,
t->sw_if_index, t->next_index, t->session_index);
@@ -63,7 +63,7 @@
CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
snat_in2out_trace_t * t = va_arg (*args, snat_in2out_trace_t *);
- s = format (s, "SANT_IN2OUT_FAST: sw_if_index %d, next index %d",
+ s = format (s, "NAT44_IN2OUT_FAST: sw_if_index %d, next index %d",
t->sw_if_index, t->next_index);
return s;
@@ -78,7 +78,7 @@
char * m;
m = t->do_handoff ? "next worker" : "same worker";
- s = format (s, "SNAT_IN2OUT_WORKER_HANDOFF: %s %d", m, t->next_worker_index);
+ s = format (s, "NAT44_IN2OUT_WORKER_HANDOFF: %s %d", m, t->next_worker_index);
return s;
}
@@ -102,7 +102,7 @@
_(BAD_OUTSIDE_FIB, "Outside VRF ID not found") \
_(BAD_ICMP_TYPE, "unsupported ICMP type") \
_(NO_TRANSLATION, "No translation")
-
+
typedef enum {
#define _(sym,str) SNAT_IN2OUT_ERROR_##sym,
foreach_snat_in2out_error
@@ -138,11 +138,11 @@
* Packets aimed at outside interface and external addresss with active session
* should be translated.
*
- * @param sm SNAT main
- * @param rt SNAT runtime data
+ * @param sm NAT main
+ * @param rt NAT runtime data
* @param sw_if_index0 index of the inside interface
* @param ip0 IPv4 header
- * @param proto0 SNAT protocol
+ * @param proto0 NAT protocol
* @param rx_fib_index0 RX FIB index
*
* @returns 0 if packet should be translated otherwise 1
@@ -254,7 +254,7 @@
user_key.addr = ip0->src_address;
user_key.fib_index = rx_fib_index0;
kv0.key = user_key.as_u64;
-
+
/* Ever heard of the "user" = src ip4 address before? */
if (clib_bihash_search_8_8 (&sm->user_hash, &kv0, &value0))
{
@@ -387,7 +387,7 @@
/* Create a new session */
pool_get (sm->per_thread_data[thread_index].sessions, s);
memset (s, 0, sizeof (*s));
-
+
s->outside_address_index = address_index;
if (static_mapping)
@@ -418,7 +418,7 @@
per_user_translation_list_elt -
sm->per_thread_data[thread_index].list_pool);
}
-
+
s->in2out = *key0;
s->out2in = key1;
s->out2in.protocol = key0->protocol;
@@ -431,10 +431,10 @@
kv0.value = s - sm->per_thread_data[thread_index].sessions;
if (clib_bihash_add_del_8_8 (&sm->in2out, &kv0, 1 /* is_add */))
clib_warning ("in2out key add failed");
-
+
kv0.key = s->out2in.as_u64;
kv0.value = s - sm->per_thread_data[thread_index].sessions;
-
+
if (clib_bihash_add_del_8_8 (&sm->out2in, &kv0, 1 /* is_add */))
clib_warning ("out2in key add failed");
@@ -502,11 +502,11 @@
}
/**
- * Get address and port values to be used for packet SNAT translation
+ * Get address and port values to be used for ICMP packet translation
* and create session if needed
*
- * @param[in,out] sm SNAT main
- * @param[in,out] node SNAT node runtime
+ * @param[in,out] sm NAT main
+ * @param[in,out] node NAT node runtime
* @param[in] thread_index thread index
* @param[in,out] b0 buffer containing packet to be translated
* @param[out] p_proto protocol used for matching
@@ -601,10 +601,10 @@
}
/**
- * Get address and port values to be used for packet SNAT translation
+ * Get address and port values to be used for ICMP packet translation
*
- * @param[in] sm SNAT main
- * @param[in,out] node SNAT node runtime
+ * @param[in] sm NAT main
+ * @param[in,out] node NAT node runtime
* @param[in] thread_index thread index
* @param[in,out] b0 buffer containing packet to be translated
* @param[out] p_proto protocol used for matching
@@ -732,7 +732,7 @@
sum0 = ip_csum_update (sum0, old_addr0, new_addr0, ip4_header_t,
src_address /* changed member */);
ip0->checksum = ip_csum_fold (sum0);
-
+
if (!icmp_is_error_message (icmp0))
{
new_id0 = sm0.port;
@@ -810,12 +810,12 @@
* communicate even if they only use each other's external IP addresses
* and ports.
*
- * @param sm SNAT main.
+ * @param sm NAT main.
* @param b0 Vlib buffer.
* @param ip0 IP header.
* @param udp0 UDP header.
* @param tcp0 TCP header.
- * @param proto0 SNAT protocol.
+ * @param proto0 NAT protocol.
*/
static inline void
snat_hairpinning (snat_main_t *sm,
@@ -1413,14 +1413,14 @@
snat_session_t * s0 = 0, * s1 = 0;
clib_bihash_kv_8_8_t kv0, value0, kv1, value1;
u32 iph_offset0 = 0, iph_offset1 = 0;
-
+
/* Prefetch next iteration. */
{
vlib_buffer_t * p2, * p3;
-
+
p2 = vlib_get_buffer (vm, from[2]);
p3 = vlib_get_buffer (vm, from[3]);
-
+
vlib_prefetch_buffer_header (p2, LOAD);
vlib_prefetch_buffer_header (p3, LOAD);
@@ -1435,7 +1435,7 @@
to_next += 2;
n_left_from -= 2;
n_left_to_next -= 2;
-
+
b0 = vlib_get_buffer (vm, bi0);
b1 = vlib_get_buffer (vm, bi1);
@@ -1450,7 +1450,7 @@
icmp0 = (icmp46_header_t *) udp0;
sw_if_index0 = vnet_buffer(b0)->sw_if_index[VLIB_RX];
- rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
+ rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
sw_if_index0);
next0 = next1 = SNAT_IN2OUT_NEXT_LOOKUP;
@@ -1479,8 +1479,8 @@
if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP))
{
- next0 = icmp_in2out_slow_path
- (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0,
+ next0 = icmp_in2out_slow_path
+ (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0,
node, next0, now, thread_index, &s0);
goto trace00;
}
@@ -1498,7 +1498,7 @@
key0.port = udp0->src_port;
key0.protocol = proto0;
key0.fib_index = rx_fib_index0;
-
+
kv0.key = key0.as_u64;
if (PREDICT_FALSE (clib_bihash_search_8_8 (&sm->in2out, &kv0, &value0) != 0))
@@ -1577,10 +1577,10 @@
}
trace00:
- if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b0->flags & VLIB_BUFFER_IS_TRACED)))
+ if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b0->flags & VLIB_BUFFER_IS_TRACED)))
{
- snat_in2out_trace_t *t =
+ snat_in2out_trace_t *t =
vlib_add_trace (vm, node, b0, sizeof (*t));
t->is_slow_path = is_slow_path;
t->sw_if_index = sw_if_index0;
@@ -1603,7 +1603,7 @@
icmp1 = (icmp46_header_t *) udp1;
sw_if_index1 = vnet_buffer(b1)->sw_if_index[VLIB_RX];
- rx_fib_index1 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
+ rx_fib_index1 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
sw_if_index1);
if (PREDICT_FALSE(ip1->ttl == 1))
@@ -1630,7 +1630,7 @@
if (PREDICT_FALSE (proto1 == SNAT_PROTOCOL_ICMP))
{
- next1 = icmp_in2out_slow_path
+ next1 = icmp_in2out_slow_path
(sm, b1, ip1, icmp1, sw_if_index1, rx_fib_index1, node,
next1, now, thread_index, &s1);
goto trace01;
@@ -1649,7 +1649,7 @@
key1.port = udp1->src_port;
key1.protocol = proto1;
key1.fib_index = rx_fib_index1;
-
+
kv1.key = key1.as_u64;
if (PREDICT_FALSE(clib_bihash_search_8_8 (&sm->in2out, &kv1, &value1) != 0))
@@ -1728,10 +1728,10 @@
}
trace01:
- if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b1->flags & VLIB_BUFFER_IS_TRACED)))
+ if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b1->flags & VLIB_BUFFER_IS_TRACED)))
{
- snat_in2out_trace_t *t =
+ snat_in2out_trace_t *t =
vlib_add_trace (vm, node, b1, sizeof (*t));
t->sw_if_index = sw_if_index1;
t->next_index = next1;
@@ -1790,7 +1790,7 @@
icmp0 = (icmp46_header_t *) udp0;
sw_if_index0 = vnet_buffer(b0)->sw_if_index[VLIB_RX];
- rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
+ rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
sw_if_index0);
if (PREDICT_FALSE(ip0->ttl == 1))
@@ -1817,7 +1817,7 @@
if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP))
{
- next0 = icmp_in2out_slow_path
+ next0 = icmp_in2out_slow_path
(sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
next0, now, thread_index, &s0);
goto trace0;
@@ -1836,7 +1836,7 @@
key0.port = udp0->src_port;
key0.protocol = proto0;
key0.fib_index = rx_fib_index0;
-
+
kv0.key = key0.as_u64;
if (clib_bihash_search_8_8 (&sm->in2out, &kv0, &value0))
@@ -1916,10 +1916,10 @@
}
trace0:
- if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b0->flags & VLIB_BUFFER_IS_TRACED)))
+ if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b0->flags & VLIB_BUFFER_IS_TRACED)))
{
- snat_in2out_trace_t *t =
+ snat_in2out_trace_t *t =
vlib_add_trace (vm, node, b0, sizeof (*t));
t->is_slow_path = is_slow_path;
t->sw_if_index = sw_if_index0;
@@ -1940,8 +1940,8 @@
vlib_put_next_frame (vm, node, next_index, n_left_to_next);
}
- vlib_node_increment_counter (vm, stats_node_index,
- SNAT_IN2OUT_ERROR_IN2OUT_PACKETS,
+ vlib_node_increment_counter (vm, stats_node_index,
+ SNAT_IN2OUT_ERROR_IN2OUT_PACKETS,
pkts_processed);
return frame->n_vectors;
}
@@ -1956,7 +1956,7 @@
VLIB_REGISTER_NODE (snat_in2out_node) = {
.function = snat_in2out_fast_path_fn,
- .name = "snat-in2out",
+ .name = "nat44-in2out",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -1972,7 +1972,7 @@
.next_nodes = {
[SNAT_IN2OUT_NEXT_DROP] = "error-drop",
[SNAT_IN2OUT_NEXT_LOOKUP] = "ip4-lookup",
- [SNAT_IN2OUT_NEXT_SLOW_PATH] = "snat-in2out-slowpath",
+ [SNAT_IN2OUT_NEXT_SLOW_PATH] = "nat44-in2out-slowpath",
[SNAT_IN2OUT_NEXT_ICMP_ERROR] = "ip4-icmp-error",
},
};
@@ -1989,7 +1989,7 @@
VLIB_REGISTER_NODE (snat_in2out_output_node) = {
.function = snat_in2out_output_fast_path_fn,
- .name = "snat-in2out-output",
+ .name = "nat44-in2out-output",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -2005,7 +2005,7 @@
.next_nodes = {
[SNAT_IN2OUT_NEXT_DROP] = "error-drop",
[SNAT_IN2OUT_NEXT_LOOKUP] = "interface-output",
- [SNAT_IN2OUT_NEXT_SLOW_PATH] = "snat-in2out-output-slowpath",
+ [SNAT_IN2OUT_NEXT_SLOW_PATH] = "nat44-in2out-output-slowpath",
[SNAT_IN2OUT_NEXT_ICMP_ERROR] = "ip4-icmp-error",
},
};
@@ -2023,7 +2023,7 @@
VLIB_REGISTER_NODE (snat_in2out_slowpath_node) = {
.function = snat_in2out_slow_path_fn,
- .name = "snat-in2out-slowpath",
+ .name = "nat44-in2out-slowpath",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -2039,7 +2039,7 @@
.next_nodes = {
[SNAT_IN2OUT_NEXT_DROP] = "error-drop",
[SNAT_IN2OUT_NEXT_LOOKUP] = "ip4-lookup",
- [SNAT_IN2OUT_NEXT_SLOW_PATH] = "snat-in2out-slowpath",
+ [SNAT_IN2OUT_NEXT_SLOW_PATH] = "nat44-in2out-slowpath",
[SNAT_IN2OUT_NEXT_ICMP_ERROR] = "ip4-icmp-error",
},
};
@@ -2057,7 +2057,7 @@
VLIB_REGISTER_NODE (snat_in2out_output_slowpath_node) = {
.function = snat_in2out_output_slow_path_fn,
- .name = "snat-in2out-output-slowpath",
+ .name = "nat44-in2out-output-slowpath",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -2073,7 +2073,7 @@
.next_nodes = {
[SNAT_IN2OUT_NEXT_DROP] = "error-drop",
[SNAT_IN2OUT_NEXT_LOOKUP] = "interface-output",
- [SNAT_IN2OUT_NEXT_SLOW_PATH] = "snat-in2out-output-slowpath",
+ [SNAT_IN2OUT_NEXT_SLOW_PATH] = "nat44-in2out-output-slowpath",
[SNAT_IN2OUT_NEXT_ICMP_ERROR] = "ip4-icmp-error",
},
};
@@ -2658,7 +2658,7 @@
VLIB_REGISTER_NODE (snat_det_in2out_node) = {
.function = snat_det_in2out_node_fn,
- .name = "snat-det-in2out",
+ .name = "nat44-det-in2out",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -2681,11 +2681,11 @@
VLIB_NODE_FUNCTION_MULTIARCH (snat_det_in2out_node, snat_det_in2out_node_fn);
/**
- * Get address and port values to be used for packet SNAT translation
+ * Get address and port values to be used for ICMP packet translation
* and create session if needed
*
- * @param[in,out] sm SNAT main
- * @param[in,out] node SNAT node runtime
+ * @param[in,out] sm NAT main
+ * @param[in,out] node NAT node runtime
* @param[in] thread_index thread index
* @param[in,out] b0 buffer containing packet to be translated
* @param[out] p_proto protocol used for matching
@@ -3009,7 +3009,7 @@
VLIB_REGISTER_NODE (snat_in2out_worker_handoff_node) = {
.function = snat_in2out_worker_handoff_fn,
- .name = "snat-in2out-worker-handoff",
+ .name = "nat44-in2out-worker-handoff",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_worker_handoff_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -3034,7 +3034,7 @@
VLIB_REGISTER_NODE (snat_in2out_output_worker_handoff_node) = {
.function = snat_in2out_output_worker_handoff_fn,
- .name = "snat-in2out-output-worker-handoff",
+ .name = "nat44-in2out-output-worker-handoff",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_worker_handoff_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -3160,7 +3160,7 @@
VLIB_REGISTER_NODE (snat_hairpin_dst_node) = {
.function = snat_hairpin_dst_fn,
- .name = "snat-hairpin-dst",
+ .name = "nat44-hairpin-dst",
.vector_size = sizeof (u32),
.type = VLIB_NODE_TYPE_INTERNAL,
.n_errors = ARRAY_LEN(snat_in2out_error_strings),
@@ -3240,7 +3240,7 @@
VLIB_REGISTER_NODE (snat_hairpin_src_node) = {
.function = snat_hairpin_src_fn,
- .name = "snat-hairpin-src",
+ .name = "nat44-hairpin-src",
.vector_size = sizeof (u32),
.type = VLIB_NODE_TYPE_INTERNAL,
.n_errors = ARRAY_LEN(snat_in2out_error_strings),
@@ -3248,9 +3248,9 @@
.n_next_nodes = SNAT_HAIRPIN_SRC_N_NEXT,
.next_nodes = {
[SNAT_HAIRPIN_SRC_NEXT_DROP] = "error-drop",
- [SNAT_HAIRPIN_SRC_NEXT_SNAT_IN2OUT] = "snat-in2out-output",
+ [SNAT_HAIRPIN_SRC_NEXT_SNAT_IN2OUT] = "nat44-in2out-output",
[SNAT_HAIRPIN_SRC_NEXT_INTERFACE_OUTPUT] = "interface-output",
- [SNAT_HAIRPIN_SRC_NEXT_SNAT_IN2OUT_WH] = "snat-in2out-output-worker-handoff",
+ [SNAT_HAIRPIN_SRC_NEXT_SNAT_IN2OUT_WH] = "nat44-in2out-output-worker-handoff",
},
};
@@ -3430,23 +3430,23 @@
VLIB_REGISTER_NODE (snat_in2out_fast_node) = {
.function = snat_in2out_fast_static_map_fn,
- .name = "snat-in2out-fast",
+ .name = "nat44-in2out-fast",
.vector_size = sizeof (u32),
.format_trace = format_snat_in2out_fast_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
-
+
.n_errors = ARRAY_LEN(snat_in2out_error_strings),
.error_strings = snat_in2out_error_strings,
.runtime_data_bytes = sizeof (snat_runtime_t),
-
+
.n_next_nodes = SNAT_IN2OUT_N_NEXT,
/* edit / add dispositions here */
.next_nodes = {
[SNAT_IN2OUT_NEXT_DROP] = "error-drop",
[SNAT_IN2OUT_NEXT_LOOKUP] = "ip4-lookup",
- [SNAT_IN2OUT_NEXT_SLOW_PATH] = "snat-in2out-slowpath",
+ [SNAT_IN2OUT_NEXT_SLOW_PATH] = "nat44-in2out-slowpath",
[SNAT_IN2OUT_NEXT_ICMP_ERROR] = "ip4-icmp-error",
},
};
diff --git a/src/plugins/nat/nat.api b/src/plugins/nat/nat.api
new file mode 100644
index 0000000..7245cb0
--- /dev/null
+++ b/src/plugins/nat/nat.api
@@ -0,0 +1,1513 @@
+/*
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file nat.api
+ * @brief VPP control-plane API messages.
+ *
+ * This file defines VPP control-plane API messages which are generally
+ * called through a shared memory interface.
+ */
+
+/*
+ * Old "snat" APIs, will be deprecated after 17.10
+ */
+
+/** \brief Add/del NAT44 address range
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param first_ip_address - first IP address
+ @param last_ip_address - last IP address
+ @param vrf_id - VRF id of tenant, ~0 means independent of VRF
+ @param is_add - 1 if add, 0 if delete
+*/
+autoreply define snat_add_address_range {
+ u32 client_index;
+ u32 context;
+ u8 is_ip4;
+ u8 first_ip_address[16];
+ u8 last_ip_address[16];
+ u32 vrf_id;
+ u8 is_add;
+};
+
+/** \brief Dump NAT44 addresses
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define snat_address_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 address details response
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param ip_address - IP address
+ @param vrf_id - VRF id of tenant, ~0 means independent of VRF
+*/
+define snat_address_details {
+ u32 context;
+ u8 is_ip4;
+ u8 ip_address[16];
+ u32 vrf_id;
+};
+
+/** \brief Enable/disable NAT44 feature on the interface
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - software index of the interface
+*/
+autoreply define snat_interface_add_del_feature {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Dump interfaces with NAT44 feature
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define snat_interface_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 interface details response
+ @param context - sender context, to match reply w/ request
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - software index of the interface
+*/
+define snat_interface_details {
+ u32 context;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Enable/disbale NAT44 as an interface output feature (postrouting
+ in2out translation)
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - software index of the interface
+*/
+autoreply define snat_interface_add_del_output_feature {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Dump interfaces with NAT44 output feature
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define snat_interface_output_feature_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 interface with output feature details response
+ @param context - sender context, to match reply w/ request
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - software index of the interface
+*/
+define snat_interface_output_feature_details {
+ u32 context;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Add/delete NAT44 static mapping
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param is_ip4 - 1 if address type is IPv4
+ @param addr_only - 1 if address only mapping
+ @param local_ip_address - local IP address
+ @param external_ip_address - external IP address
+ @param protocol - IP protocol
+ @param local_port - local port number
+ @param external_port - external port number
+ @param external_sw_if_index - external interface (if set
+ external_ip_address is ignored, ~0 means not
+ used)
+ @param vfr_id - VRF ID
+*/
+autoreply define snat_add_static_mapping {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_ip4;
+ u8 addr_only;
+ u8 local_ip_address[16];
+ u8 external_ip_address[16];
+ u8 protocol;
+ u16 local_port;
+ u16 external_port;
+ u32 external_sw_if_index;
+ u32 vrf_id;
+};
+
+/** \brief Dump NAT44 static mappings
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define snat_static_mapping_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 static mapping details response
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param addr_only - 1 if address only mapping
+ @param local_ip_address - local IP address
+ @param external_ip_address - external IP address
+ @param protocol - IP protocol
+ @param local_port - local port number
+ @param external_port - external port number
+ @param external_sw_if_index - external interface
+ @param vfr_id - VRF ID
+*/
+define snat_static_mapping_details {
+ u32 context;
+ u8 is_ip4;
+ u8 addr_only;
+ u8 local_ip_address[16];
+ u8 external_ip_address[16];
+ u8 protocol;
+ u16 local_port;
+ u16 external_port;
+ u32 external_sw_if_index;
+ u32 vrf_id;
+};
+
+/** \brief Control ping from client to api server request
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define snat_control_ping
+{
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Control ping from the client to the server response
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param retval - return code for the request
+ @param vpe_pid - the pid of the vpe, returned by the server
+*/
+define snat_control_ping_reply
+{
+ u32 context;
+ i32 retval;
+ u32 client_index;
+ u32 vpe_pid;
+};
+
+/** \brief Show NAT plugin startup config
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define snat_show_config
+{
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Show NAT plugin startup config reply
+ @param context - sender context, to match reply w/ request
+ @param retval - return code for the request
+ @param static_mapping_only - if 1 dynamic translations disabled
+ @param static_mapping_connection_tracking - if 1 create session data
+ @param deterministic - if 1 deterministic mapping
+ @param translation_buckets - number of translation hash buckets
+ @param translation_memory_size - translation hash memory size
+ @param user_buckets - number of user hash buckets
+ @param user_memory_size - user hash memory size
+ @param max_translations_per_user - maximum number of translations per user
+ @param outside_vrf_id - outside VRF id
+ @param inside_vrf_id - default inside VRF id
+*/
+define snat_show_config_reply
+{
+ u32 context;
+ i32 retval;
+ u8 static_mapping_only;
+ u8 static_mapping_connection_tracking;
+ u8 deterministic;
+ u32 translation_buckets;
+ u32 translation_memory_size;
+ u32 user_buckets;
+ u32 user_memory_size;
+ u32 max_translations_per_user;
+ u32 outside_vrf_id;
+ u32 inside_vrf_id;
+};
+
+/** \brief Set NAT workers
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param worker_mask - NAT workers mask
+*/
+autoreply define snat_set_workers {
+ u32 client_index;
+ u32 context;
+ u64 worker_mask;
+};
+
+/** \brief Dump NAT workers
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define snat_worker_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT workers details response
+ @param context - sender context, to match reply w/ request
+ @param worker_index - worker index
+ @param lcore_id - lcore ID
+ @param name - worker name
+*/
+define snat_worker_details {
+ u32 context;
+ u32 worker_index;
+ u32 lcore_id;
+ u8 name[64];
+};
+
+/** \brief Add/delete NAT44 pool address from specific interfce
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param sw_if_index - software index of the interface
+*/
+autoreply define snat_add_del_interface_addr {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Dump NAT44 pool addresses interfaces
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define snat_interface_addr_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 pool addresses interfaces details response
+ @param context - sender context, to match reply w/ request
+ @param sw_if_index - software index of the interface
+*/
+define snat_interface_addr_details {
+ u32 context;
+ u32 sw_if_index;
+};
+
+/** \brief Enable/disable NAT IPFIX logging
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param domain_id - observation domain ID
+ @param src_port - source port number
+ @param enable - 1 if enable, 0 if disable
+*/
+autoreply define snat_ipfix_enable_disable {
+ u32 client_index;
+ u32 context;
+ u32 domain_id;
+ u16 src_port;
+ u8 enable;
+};
+
+/** \brief Dump NAT44 users
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define snat_user_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 users response
+ @param context - sender context, to match reply w/ request
+ @vrf_id - VRF ID
+ @param is_ip4 - 1 if address type is IPv4
+ @param ip_adress - IP address
+ @param nsessions - number of dynamic sessions
+ @param nstaticsessions - number of static sessions
+*/
+define snat_user_details {
+ u32 context;
+ u32 vrf_id;
+ u8 is_ip4;
+ u8 ip_address[16];
+ u32 nsessions;
+ u32 nstaticsessions;
+};
+
+/** \brief NAT44 user's sessions
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param user_ip - IP address of the user to dump
+ @param vrf_id - VRF_ID
+*/
+define snat_user_session_dump {
+ u32 client_index;
+ u32 context;
+ u8 is_ip4;
+ u8 ip_address[16];
+ u32 vrf_id;
+};
+
+/** \brief NAT44 user's sessions response
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param outside_ip_address - outside IP address
+ @param outside_port - outside port
+ @param inside_ip_address - inside IP address
+ @param inside_port - inside port
+ @param protocol - protocol
+ @param is_static - 1 if session is static
+ @param last_heard - last heard timer
+ @param total_bytes - count of bytes sent through session
+ @param total_pkts - count of pakets sent through session
+*/
+define snat_user_session_details {
+ u32 context;
+ u8 is_ip4;
+ u8 outside_ip_address[16];
+ u16 outside_port;
+ u8 inside_ip_address[16];
+ u16 inside_port;
+ u16 protocol;
+ u8 is_static;
+ u64 last_heard;
+ u64 total_bytes;
+ u32 total_pkts;
+};
+
+/** \brief Add/delete NAT deterministic mapping
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param is_ip4 - 1 if address type is IPv4
+ @param in_addr - inside IP address
+ @param in_plen - inside IP address prefix length
+ @param out_addr - outside IP address
+ @param out_addr - outside IP address prefix length
+*/
+autoreply define snat_add_det_map {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_ip4;
+ u8 addr_only;
+ u8 in_addr[16];
+ u8 in_plen;
+ u8 out_addr[16];
+ u8 out_plen;
+};
+
+/** \brief Get outside address and port range from inside address
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param in_addr - inside IP address
+*/
+define snat_det_forward {
+ u32 client_index;
+ u32 context;
+ u8 is_ip4;
+ u8 in_addr[16];
+};
+
+/** \brief Get outside address and port range from inside address
+ @param context - sender context, to match reply w/ request
+ @param retval - return code
+ @param out_port_lo - outside port range start
+ @param out_port_hi - outside port range end
+ @param is_ip4 - 1 if address type is IPv4
+ @param out_addr - outside IP address
+*/
+define snat_det_forward_reply {
+ u32 context;
+ i32 retval;
+ u16 out_port_lo;
+ u16 out_port_hi;
+ u8 is_ip4;
+ u8 out_addr[16];
+};
+
+/** \brief Get inside address from outside address and port
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param out_port - outside port
+ @param is_ip4 - 1 if address type is IPv4
+ @param out_addr - outside IP address
+*/
+define snat_det_reverse {
+ u32 client_index;
+ u32 context;
+ u16 out_port;
+ u8 is_ip4;
+ u8 out_addr[16];
+};
+
+/** \brief Get inside address from outside address and port reply
+ @param context - sender context, to match reply w/ request
+ @param retval - return code
+ @param is_ip4 - 1 if address type is IPv4
+ @param in_addr - inside IP address
+*/
+define snat_det_reverse_reply {
+ u32 context;
+ i32 retval;
+ u8 is_ip4;
+ u8 in_addr[16];
+};
+
+/** \brief Dump NAT deterministic mappings
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define snat_det_map_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT users response
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param in_addr - inside IP address
+ @param in_plen - inside IP address prefix length
+ @param out_addr - outside IP address
+ @param out_plen - outside IP address prefix length
+ @param sharing_ratio - outside to inside address sharing ratio
+ @param ports_per_host - number of ports available to a host
+ @param ses_num - number of sessions belonging to this mapping
+*/
+define snat_det_map_details {
+ u32 context;
+ u8 is_ip4;
+ u8 in_addr[16];
+ u8 in_plen;
+ u8 out_addr[16];
+ u8 out_plen;
+ u32 sharing_ratio;
+ u16 ports_per_host;
+ u32 ses_num;
+};
+
+/** \brief Set values of timeouts for deterministic NAT (seconds, 0 = default)
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param udp - UDP timeout (default 300sec)
+ @param tcp_established - TCP established timeout (default 7440sec)
+ @param tcp_transitory - TCP transitory timeout (default 240sec)
+ @param icmp - ICMP timeout (default 60sec)
+*/
+autoreply define snat_det_set_timeouts {
+ u32 client_index;
+ u32 context;
+ u32 udp;
+ u32 tcp_established;
+ u32 tcp_transitory;
+ u32 icmp;
+};
+
+/** \brief Get values of timeouts for deterministic NAT (seconds)
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define snat_det_get_timeouts {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Get values of timeouts for deterministic NAT reply
+ @param context - sender context, to match reply w/ request
+ @param retval - return code
+ @param udp - UDP timeout (default 300sec)
+ @param tcp_established - TCP established timeout (default 7440sec)
+ @param tcp_transitory - TCP transitory timeout (default 240sec)
+ @param icmp - ICMP timeout (default 60sec)
+*/
+define snat_det_get_timeouts_reply {
+ u32 context;
+ i32 retval;
+ u32 udp;
+ u32 tcp_established;
+ u32 tcp_transitory;
+ u32 icmp;
+};
+
+/** \brief Close deterministic NAT session by outside address and port
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param out_addr - outside IP address
+ @param out_port - outside port
+ @param ext_addr - external host address
+ @param ext_port - external host port
+*/
+autoreply define snat_det_close_session_out {
+ u32 client_index;
+ u32 context;
+ u8 is_ip4;
+ u8 out_addr[16];
+ u16 out_port;
+ u8 ext_addr[16];
+ u16 ext_port;
+};
+
+/** \brief Close deterministic NAT session by inside address and port
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param in_addr - inside IP address
+ @param in_port - inside port
+ @param ext_addr - external host address
+ @param ext_port - external host port
+*/
+autoreply define snat_det_close_session_in {
+ u32 client_index;
+ u32 context;
+ u8 is_ip4;
+ u8 in_addr[16];
+ u16 in_port;
+ u8 ext_addr[16];
+ u16 ext_port;
+};
+
+/** \brief Dump determinstic NAT sessions
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param user_addr - address of an inside user whose sessions to dump
+*/
+define snat_det_session_dump {
+ u32 client_index;
+ u32 context;
+ u8 is_ip4;
+ u8 user_addr[16];
+};
+
+/** \brief Deterministic NAT sessions reply
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param in_port - inside port
+ @param ext_addr - external host address
+ @param ext_port - external host port
+ @param out_port - outside NAT port
+ @param state - session state
+ @param expire - session expiration timestamp
+*/
+define snat_det_session_details {
+ u32 client_index;
+ u32 context;
+ u8 is_ip4;
+ u16 in_port;
+ u8 ext_addr[16];
+ u16 ext_port;
+ u16 out_port;
+ u8 state;
+ u32 expire;
+};
+
+/*
+ * Common NAT plugin APIs
+ */
+
+/** \brief Control ping from client to api server request
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat_control_ping
+{
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Control ping from the client to the server response
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param retval - return code for the request
+ @param vpe_pid - the pid of the vpe, returned by the server
+*/
+define nat_control_ping_reply
+{
+ u32 context;
+ i32 retval;
+ u32 client_index;
+ u32 vpe_pid;
+};
+
+/** \brief Show NAT plugin startup config
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat_show_config
+{
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Show NAT plugin startup config reply
+ @param context - sender context, to match reply w/ request
+ @param retval - return code for the request
+ @param static_mapping_only - if 1 dynamic translations disabled
+ @param static_mapping_connection_tracking - if 1 create session data
+ @param deterministic - if 1 deterministic mapping
+ @param translation_buckets - number of translation hash buckets
+ @param translation_memory_size - translation hash memory size
+ @param user_buckets - number of user hash buckets
+ @param user_memory_size - user hash memory size
+ @param max_translations_per_user - maximum number of translations per user
+ @param outside_vrf_id - outside VRF id
+ @param inside_vrf_id - default inside VRF id
+*/
+define nat_show_config_reply
+{
+ u32 context;
+ i32 retval;
+ u8 static_mapping_only;
+ u8 static_mapping_connection_tracking;
+ u8 deterministic;
+ u32 translation_buckets;
+ u32 translation_memory_size;
+ u32 user_buckets;
+ u32 user_memory_size;
+ u32 max_translations_per_user;
+ u32 outside_vrf_id;
+ u32 inside_vrf_id;
+};
+
+/** \brief Set NAT workers
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param worker_mask - NAT workers mask
+*/
+autoreply define nat_set_workers {
+ u32 client_index;
+ u32 context;
+ u64 worker_mask;
+};
+
+/** \brief Dump NAT workers
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat_worker_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT workers details response
+ @param context - sender context, to match reply w/ request
+ @param worker_index - worker index
+ @param lcore_id - lcore ID
+ @param name - worker name
+*/
+define nat_worker_details {
+ u32 context;
+ u32 worker_index;
+ u32 lcore_id;
+ u8 name[64];
+};
+
+/** \brief Enable/disable NAT IPFIX logging
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param domain_id - observation domain ID
+ @param src_port - source port number
+ @param enable - 1 if enable, 0 if disable
+*/
+autoreply define nat_ipfix_enable_disable {
+ u32 client_index;
+ u32 context;
+ u32 domain_id;
+ u16 src_port;
+ u8 enable;
+};
+
+/*
+ * NAT44 APIs
+ */
+
+/** \brief Add/del NAT44 address range
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param first_ip_address - first IPv4 address
+ @param last_ip_address - last IPv4 address
+ @param vrf_id - VRF id of tenant, ~0 means independent of VRF
+ @param is_add - 1 if add, 0 if delete
+*/
+autoreply define nat44_add_del_address_range {
+ u32 client_index;
+ u32 context;
+ u8 first_ip_address[4];
+ u8 last_ip_address[4];
+ u32 vrf_id;
+ u8 is_add;
+};
+
+/** \brief Dump NAT44 addresses
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat44_address_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 address details response
+ @param context - sender context, to match reply w/ request
+ @param ip_address - IPv4 address
+ @param vrf_id - VRF id of tenant, ~0 means independent of VRF
+*/
+define nat44_address_details {
+ u32 context;
+ u8 ip_address[4];
+ u32 vrf_id;
+};
+
+/** \brief Enable/disable NAT44 feature on the interface
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - software index of the interface
+*/
+autoreply define nat44_interface_add_del_feature {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Dump interfaces with NAT44 feature
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat44_interface_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 interface details response
+ @param context - sender context, to match reply w/ request
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - software index of the interface
+*/
+define nat44_interface_details {
+ u32 context;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Enable/disbale NAT44 as an interface output feature (postrouting
+ in2out translation)
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - software index of the interface
+*/
+autoreply define nat44_interface_add_del_output_feature {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Dump interfaces with NAT44 output feature
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat44_interface_output_feature_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 interface with output feature details response
+ @param context - sender context, to match reply w/ request
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - software index of the interface
+*/
+define nat44_interface_output_feature_details {
+ u32 context;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Add/delete NAT44 static mapping
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param addr_only - 1 if address only mapping
+ @param local_ip_address - local IPv4 address
+ @param external_ip_address - external IPv4 address
+ @param protocol - IP protocol
+ @param local_port - local port number
+ @param external_port - external port number
+ @param external_sw_if_index - external interface (if set
+ external_ip_address is ignored, ~0 means not
+ used)
+ @param vfr_id - VRF ID
+*/
+autoreply define nat44_add_del_static_mapping {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 addr_only;
+ u8 local_ip_address[4];
+ u8 external_ip_address[4];
+ u8 protocol;
+ u16 local_port;
+ u16 external_port;
+ u32 external_sw_if_index;
+ u32 vrf_id;
+};
+
+/** \brief Dump NAT44 static mappings
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat44_static_mapping_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 static mapping details response
+ @param context - sender context, to match reply w/ request
+ @param addr_only - 1 if address only mapping
+ @param local_ip_address - local IPv4 address
+ @param external_ip_address - external IPv4 address
+ @param protocol - IP protocol
+ @param local_port - local port number
+ @param external_port - external port number
+ @param external_sw_if_index - external interface
+ @param vfr_id - VRF ID
+*/
+define nat44_static_mapping_details {
+ u32 context;
+ u8 addr_only;
+ u8 local_ip_address[4];
+ u8 external_ip_address[4];
+ u8 protocol;
+ u16 local_port;
+ u16 external_port;
+ u32 external_sw_if_index;
+ u32 vrf_id;
+};
+
+/** \brief Add/delete NAT44 pool address from specific interfce
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param sw_if_index - software index of the interface
+*/
+autoreply define nat44_add_del_interface_addr {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Dump NAT44 pool addresses interfaces
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat44_interface_addr_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 pool addresses interfaces details response
+ @param context - sender context, to match reply w/ request
+ @param sw_if_index - software index of the interface
+*/
+define nat44_interface_addr_details {
+ u32 context;
+ u32 sw_if_index;
+};
+
+/** \brief Dump NAT44 users
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat44_user_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 users response
+ @param context - sender context, to match reply w/ request
+ @vrf_id - VRF ID
+ @param ip_adress - IPv4 address
+ @param nsessions - number of dynamic sessions
+ @param nstaticsessions - number of static sessions
+*/
+define nat44_user_details {
+ u32 context;
+ u32 vrf_id;
+ u8 ip_address[4];
+ u32 nsessions;
+ u32 nstaticsessions;
+};
+
+/** \brief NAT44 user's sessions
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_ip4 - 1 if address type is IPv4
+ @param user_ip - IP address of the user to dump
+ @param vrf_id - VRF_ID
+*/
+define nat44_user_session_dump {
+ u32 client_index;
+ u32 context;
+ u8 ip_address[4];
+ u32 vrf_id;
+};
+
+/** \brief NAT44 user's sessions response
+ @param context - sender context, to match reply w/ request
+ @param outside_ip_address - outside IPv4 address
+ @param outside_port - outside port
+ @param inside_ip_address - inside IPv4 address
+ @param inside_port - inside port
+ @param protocol - protocol
+ @param is_static - 1 if session is static
+ @param last_heard - last heard timer
+ @param total_bytes - count of bytes sent through session
+ @param total_pkts - count of pakets sent through session
+*/
+define nat44_user_session_details {
+ u32 context;
+ u8 outside_ip_address[4];
+ u16 outside_port;
+ u8 inside_ip_address[4];
+ u16 inside_port;
+ u16 protocol;
+ u8 is_static;
+ u64 last_heard;
+ u64 total_bytes;
+ u32 total_pkts;
+};
+
+/*
+ * Deterministic NAT (CGN) APIs
+ */
+
+/** \brief Add/delete NAT deterministic mapping
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if add, 0 if delete
+ @param is_nat44 - 1 if NAT44
+ @param in_addr - inside IP address
+ @param in_plen - inside IP address prefix length
+ @param out_addr - outside IPv4 address
+ @param out_addr - outside IPv4 address prefix length
+*/
+autoreply define nat_det_add_del_map {
+ u32 client_index;
+ u32 context;
+ u8 is_add;
+ u8 is_nat44;
+ u8 addr_only;
+ u8 in_addr[16];
+ u8 in_plen;
+ u8 out_addr[4];
+ u8 out_plen;
+};
+
+/** \brief Get outside address and port range from inside address
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_nat44 - 1 if NAT44
+ @param in_addr - inside IP address
+*/
+define nat_det_forward {
+ u32 client_index;
+ u32 context;
+ u8 is_nat44;
+ u8 in_addr[16];
+};
+
+/** \brief Get outside address and port range from inside address
+ @param context - sender context, to match reply w/ request
+ @param retval - return code
+ @param out_port_lo - outside port range start
+ @param out_port_hi - outside port range end
+ @param out_addr - outside IPv4 address
+*/
+define nat_det_forward_reply {
+ u32 context;
+ i32 retval;
+ u16 out_port_lo;
+ u16 out_port_hi;
+ u8 out_addr[4];
+};
+
+/** \brief Get inside address from outside address and port
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param out_port - outside port
+ @param out_addr - outside IPv4 address
+*/
+define nat_det_reverse {
+ u32 client_index;
+ u32 context;
+ u16 out_port;
+ u8 out_addr[4];
+};
+
+/** \brief Get inside address from outside address and port reply
+ @param context - sender context, to match reply w/ request
+ @param retval - return code
+ @param is_nat44 - 1 if NAT44
+ @param in_addr - inside IP address
+*/
+define nat_det_reverse_reply {
+ u32 context;
+ i32 retval;
+ u8 is_nat44;
+ u8 in_addr[16];
+};
+
+/** \brief Dump NAT deterministic mappings
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat_det_map_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT users response
+ @param context - sender context, to match reply w/ request
+ @param is_nat44 - 1 if NAT44
+ @param in_addr - inside IP address
+ @param in_plen - inside IP address prefix length
+ @param out_addr - outside IPv4 address
+ @param out_plen - outside IPv4 address prefix length
+ @param sharing_ratio - outside to inside address sharing ratio
+ @param ports_per_host - number of ports available to a host
+ @param ses_num - number of sessions belonging to this mapping
+*/
+define nat_det_map_details {
+ u32 context;
+ u8 is_nat44;
+ u8 in_addr[16];
+ u8 in_plen;
+ u8 out_addr[4];
+ u8 out_plen;
+ u32 sharing_ratio;
+ u16 ports_per_host;
+ u32 ses_num;
+};
+
+/** \brief Set values of timeouts for deterministic NAT (seconds, 0 = default)
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param udp - UDP timeout (default 300sec)
+ @param tcp_established - TCP established timeout (default 7440sec)
+ @param tcp_transitory - TCP transitory timeout (default 240sec)
+ @param icmp - ICMP timeout (default 60sec)
+*/
+autoreply define nat_det_set_timeouts {
+ u32 client_index;
+ u32 context;
+ u32 udp;
+ u32 tcp_established;
+ u32 tcp_transitory;
+ u32 icmp;
+};
+
+/** \brief Get values of timeouts for deterministic NAT (seconds)
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat_det_get_timeouts {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Get values of timeouts for deterministic NAT reply
+ @param context - sender context, to match reply w/ request
+ @param retval - return code
+ @param udp - UDP timeout (default 300sec)
+ @param tcp_established - TCP established timeout (default 7440sec)
+ @param tcp_transitory - TCP transitory timeout (default 240sec)
+ @param icmp - ICMP timeout (default 60sec)
+*/
+define nat_det_get_timeouts_reply {
+ u32 context;
+ i32 retval;
+ u32 udp;
+ u32 tcp_established;
+ u32 tcp_transitory;
+ u32 icmp;
+};
+
+/** \brief Close deterministic NAT session by outside address and port
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param out_addr - outside IPv4 address
+ @param out_port - outside port
+ @param ext_addr - external host IPv4 address
+ @param ext_port - external host port
+*/
+autoreply define nat_det_close_session_out {
+ u32 client_index;
+ u32 context;
+ u8 out_addr[4];
+ u16 out_port;
+ u8 ext_addr[4];
+ u16 ext_port;
+};
+
+/** \brief Close deterministic NAT session by inside address and port
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_nat44 - 1 if NAT44
+ @param in_addr - inside IP address
+ @param in_port - inside port
+ @param ext_addr - external host IP address
+ @param ext_port - external host port
+*/
+autoreply define nat_det_close_session_in {
+ u32 client_index;
+ u32 context;
+ u8 is_nat44;
+ u8 in_addr[16];
+ u16 in_port;
+ u8 ext_addr[16];
+ u16 ext_port;
+};
+
+/** \brief Dump determinstic NAT sessions
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_nat44 - 1 if NAT44
+ @param user_addr - address of an inside user whose sessions to dump
+*/
+define nat_det_session_dump {
+ u32 client_index;
+ u32 context;
+ u8 is_nat44;
+ u8 user_addr[16];
+};
+
+/** \brief Deterministic NAT sessions reply
+ @param context - sender context, to match reply w/ request
+ @param in_port - inside port
+ @param ext_addr - external host address
+ @param ext_port - external host port
+ @param out_port - outside NAT port
+ @param state - session state
+ @param expire - session expiration timestamp
+*/
+define nat_det_session_details {
+ u32 client_index;
+ u32 context;
+ u16 in_port;
+ u8 ext_addr[4];
+ u16 ext_port;
+ u16 out_port;
+ u8 state;
+ u32 expire;
+};
+
+/*
+ * NAT64 APIs
+ */
+
+/** \brief Add/delete address range to NAT64 pool
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param start_addr - start address of the range
+ @param end_addr - end address of the range
+ @param vrf_id - VRF id of tenant, ~0 means independent of VRF
+ @param is_add - 1 if add, 0 if delete
+*/
+autoreply define nat64_add_del_pool_addr_range {
+ u32 client_index;
+ u32 context;
+ u8 start_addr[4];
+ u8 end_addr[4];
+ u32 vrf_id;
+ u8 is_add;
+};
+
+/** \brief Dump NAT64 pool addresses
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat64_pool_addr_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT64 pool address details response
+ @param context - sender context, to match reply w/ request
+ @param address - IPv4 address
+ @param vfr_id - VRF id of tenant, ~0 means independent of VRF
+*/
+define nat64_pool_addr_details {
+ u32 context;
+ u8 address[4];
+ u32 vrf_id;
+};
+
+/** \brief Enable/disable NAT64 feature on the interface
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param sw_if_index - index of the interface
+ @param is_inside - 1 if inside, 0 if outside
+ @param is_add - 1 if add, 0 if delete
+*/
+autoreply define nat64_add_del_interface {
+ u32 client_index;
+ u32 context;
+ u32 sw_if_index;
+ u8 is_inside;
+ u8 is_add;
+};
+
+/** \brief Dump interfaces with NAT64 feature
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat64_interface_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT64 interface details response
+ @param context - sender context, to match reply w/ request
+ @param is_inside - 1 if inside, 0 if outside
+ @param sw_if_index - index of the interface
+*/
+define nat64_interface_details {
+ u32 context;
+ u8 is_inside;
+ u32 sw_if_index;
+};
+
+/** \brief Add/delete NAT64 static BIB entry
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param i_addr - inside IPv6 address
+ @param o_addr - outside IPv4 address
+ @param i_port - inside port number
+ @param o_port - outside port number
+ @param vrf_id - VRF id of tenant
+ @param proto - protocol number
+ @param is_add - 1 if add, 0 if delete
+*/
+ autoreply define nat64_add_del_static_bib {
+ u32 client_index;
+ u32 context;
+ u8 i_addr[16];
+ u8 o_addr[4];
+ u16 i_port;
+ u16 o_port;
+ u32 vrf_id;
+ u8 proto;
+ u8 is_add;
+};
+
+/** \brief Dump NAT64 BIB
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param proto - protocol of the BIB: 255 - all BIBs
+ 6 - TCP BIB
+ 17 - UDP BIB
+ 1/58 - ICMP BIB
+ otherwise - "unknown" protocol BIB
+*/
+define nat64_bib_dump {
+ u32 client_index;
+ u32 context;
+ u8 proto;
+};
+
+/** \brief NAT64 BIB details response
+ @param context - sender context, to match reply w/ request
+ @param i_addr - inside IPv6 address
+ @param o_addr - outside IPv4 address
+ @param i_port - inside port number
+ @param o_port - outside port number
+ @param vrf_id - VRF id of tenant
+ @param proto - protocol number
+ @param is_static - 1 if static BIB entry, 0 if dynamic
+ @param ses_num - number of sessions associated with the BIB entry
+*/
+define nat64_bib_details {
+ u32 context;
+ u8 i_addr[16];
+ u8 o_addr[4];
+ u16 i_port;
+ u16 o_port;
+ u32 vrf_id;
+ u8 proto;
+ u8 is_static;
+ u32 ses_num;
+};
+
+/** \brief Set values of timeouts for NAT64 (seconds, 0 = default)
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param udp - UDP timeout (default 300sec)
+ @param icmp - ICMP timeout (default 60sec)
+ @param tcp_trans - TCP transitory timeout (default 240sec)
+ @param tcp_est - TCP established timeout (default 7440sec)
+ @param tcp_incoming_syn - TCP incoming SYN timeout (default 6sec)
+*/
+autoreply define nat64_set_timeouts {
+ u32 client_index;
+ u32 context;
+ u32 udp;
+ u32 icmp;
+ u32 tcp_trans;
+ u32 tcp_est;
+ u32 tcp_incoming_syn;
+};
+
+/** \brief Get values of timeouts for NAT64 (seconds)
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat64_get_timeouts {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Get values of timeouts for NAT64 reply
+ @param context - sender context, to match reply w/ request
+ @param retval - return code
+ @param udp - UDP timeout
+ @param icmp - ICMP timeout
+ @param tcp_trans - TCP transitory timeout
+ @param tcp_est - TCP established timeout
+ @param tcp_incoming_syn - TCP incoming SYN timeout
+*/
+define nat64_get_timeouts_reply {
+ u32 context;
+ i32 retval;
+ u32 udp;
+ u32 icmp;
+ u32 tcp_trans;
+ u32 tcp_est;
+ u32 tcp_incoming_syn;
+};
+
+/** \brief Dump NAT64 session table
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param proto - protocol of the session table: 255 - all STs
+ 6 - TCP ST
+ 17 - UDP ST
+ 1/58 - ICMP ST
+ otherwise - "unknown" proto ST
+*/
+define nat64_st_dump {
+ u32 client_index;
+ u32 context;
+ u8 proto;
+};
+
+/** \brief NAT64 session table details response
+ @param context - sender context, to match reply w/ request
+ @param il_addr - inside IPv6 address of the local host
+ @param ol_addr - outside IPv4 address of the local host
+ @param il_port - inside port number id of the local host/inside ICMP id
+ @param ol_port - outside port number of the local host/outside ICMP id
+ @param il_addr - inside IPv6 address of the remote host
+ @param ol_addr - outside IPv4 address of the remote host
+ @param l_port - port number of the remote host (not used for ICMP)
+ @param vrf_id - VRF id of tenant
+ @param proto - protocol number
+*/
+define nat64_st_details {
+ u32 context;
+ u8 il_addr[16];
+ u8 ol_addr[4];
+ u16 il_port;
+ u16 ol_port;
+ u8 ir_addr[16];
+ u8 or_addr[4];
+ u16 r_port;
+ u32 vrf_id;
+ u8 proto;
+};
+
+/** \brief Add/del NAT64 prefix
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param prefix - NAT64 prefix
+ @param prefix - NAT64 prefix length
+ @param vrf_id - VRF id of tenant
+ @param is_add - 1 if add, 0 if delete
+*/
+autoreply define nat64_add_del_prefix {
+ u32 client_index;
+ u32 context;
+ u8 prefix[16];
+ u8 prefix_len;
+ u32 vrf_id;
+ u8 is_add;
+};
+
+/** \brief Dump NAT64 prefix
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat64_prefix_dump {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Dump NAT64 prefix details response
+ @param context - sender context, to match reply w/ request
+ @param prefix - NAT64 prefix
+ @param prefix - NAT64 prefix length
+ @param vrf_id - VRF id of tenant
+*/
+define nat64_prefix_details {
+ u32 context;
+ u8 prefix[16];
+ u8 prefix_len;
+ u32 vrf_id;
+};
diff --git a/src/plugins/snat/snat.c b/src/plugins/nat/nat.c
similarity index 94%
rename from src/plugins/snat/snat.c
rename to src/plugins/nat/nat.c
index 315cec8..ac39be9 100644
--- a/src/plugins/snat/snat.c
+++ b/src/plugins/nat/nat.c
@@ -19,10 +19,10 @@
#include <vnet/ip/ip.h>
#include <vnet/ip/ip4.h>
#include <vnet/plugin/plugin.h>
-#include <snat/snat.h>
-#include <snat/snat_ipfix_logging.h>
-#include <snat/snat_det.h>
-#include <snat/nat64.h>
+#include <nat/nat.h>
+#include <nat/nat_ipfix_logging.h>
+#include <nat/nat_det.h>
+#include <nat/nat64.h>
#include <vnet/fib/fib_table.h>
#include <vnet/fib/ip4_fib.h>
@@ -34,64 +34,64 @@
/* Hook up input features */
VNET_FEATURE_INIT (ip4_snat_in2out, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-in2out",
- .runs_before = VNET_FEATURES ("snat-out2in"),
+ .node_name = "nat44-in2out",
+ .runs_before = VNET_FEATURES ("nat44-out2in"),
};
VNET_FEATURE_INIT (ip4_snat_out2in, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-out2in",
+ .node_name = "nat44-out2in",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
VNET_FEATURE_INIT (ip4_snat_det_in2out, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-det-in2out",
- .runs_before = VNET_FEATURES ("snat-det-out2in"),
+ .node_name = "nat44-det-in2out",
+ .runs_before = VNET_FEATURES ("nat44-det-out2in"),
};
VNET_FEATURE_INIT (ip4_snat_det_out2in, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-det-out2in",
+ .node_name = "nat44-det-out2in",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
VNET_FEATURE_INIT (ip4_snat_in2out_worker_handoff, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-in2out-worker-handoff",
- .runs_before = VNET_FEATURES ("snat-out2in-worker-handoff"),
+ .node_name = "nat44-in2out-worker-handoff",
+ .runs_before = VNET_FEATURES ("nat44-out2in-worker-handoff"),
};
VNET_FEATURE_INIT (ip4_snat_out2in_worker_handoff, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-out2in-worker-handoff",
+ .node_name = "nat44-out2in-worker-handoff",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
VNET_FEATURE_INIT (ip4_snat_in2out_fast, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-in2out-fast",
- .runs_before = VNET_FEATURES ("snat-out2in-fast"),
+ .node_name = "nat44-in2out-fast",
+ .runs_before = VNET_FEATURES ("nat44-out2in-fast"),
};
VNET_FEATURE_INIT (ip4_snat_out2in_fast, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-out2in-fast",
+ .node_name = "nat44-out2in-fast",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
VNET_FEATURE_INIT (ip4_snat_hairpin_dst, static) = {
.arc_name = "ip4-unicast",
- .node_name = "snat-hairpin-dst",
+ .node_name = "nat44-hairpin-dst",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
/* Hook up output features */
VNET_FEATURE_INIT (ip4_snat_in2out_output, static) = {
.arc_name = "ip4-output",
- .node_name = "snat-in2out-output",
+ .node_name = "nat44-in2out-output",
.runs_before = VNET_FEATURES ("interface-output"),
};
VNET_FEATURE_INIT (ip4_snat_in2out_output_worker_handoff, static) = {
.arc_name = "ip4-output",
- .node_name = "snat-in2out-output-worker-handoff",
+ .node_name = "nat44-in2out-output-worker-handoff",
.runs_before = VNET_FEATURES ("interface-output"),
};
VNET_FEATURE_INIT (ip4_snat_hairpin_src, static) = {
.arc_name = "ip4-output",
- .node_name = "snat-hairpin-src",
+ .node_name = "nat44-hairpin-src",
.runs_before = VNET_FEATURES ("interface-output"),
};
@@ -210,20 +210,20 @@
void increment_v4_address (ip4_address_t * a)
{
u32 v;
-
+
v = clib_net_to_host_u32(a->as_u32) + 1;
a->as_u32 = clib_host_to_net_u32(v);
}
-static void
-snat_add_static_mapping_when_resolved (snat_main_t * sm,
- ip4_address_t l_addr,
- u16 l_port,
- u32 sw_if_index,
- u16 e_port,
+static void
+snat_add_static_mapping_when_resolved (snat_main_t * sm,
+ ip4_address_t l_addr,
+ u16 l_port,
+ u32 sw_if_index,
+ u16 e_port,
u32 vrf_id,
snat_protocol_t proto,
- int addr_only,
+ int addr_only,
int is_add)
{
snat_static_map_resolve_t *rp;
@@ -275,13 +275,13 @@
ip4_address_t * first_int_addr;
/* Might be already set... */
- first_int_addr = ip4_interface_first_address
+ first_int_addr = ip4_interface_first_address
(sm->ip4_main, sw_if_index, 0 /* just want the address*/);
/* DHCP resolution required? */
if (first_int_addr == 0)
{
- snat_add_static_mapping_when_resolved
+ snat_add_static_mapping_when_resolved
(sm, l_addr, l_port, sw_if_index, e_port, vrf_id, proto,
addr_only, is_add);
return 0;
@@ -736,15 +736,15 @@
snat_det_map_t * dm;
if (sm->static_mapping_only && !(sm->static_mapping_connection_tracking))
- feature_name = is_inside ? "snat-in2out-fast" : "snat-out2in-fast";
+ feature_name = is_inside ? "nat44-in2out-fast" : "nat44-out2in-fast";
else
{
if (sm->num_workers > 1 && !sm->deterministic)
- feature_name = is_inside ? "snat-in2out-worker-handoff" : "snat-out2in-worker-handoff";
+ feature_name = is_inside ? "nat44-in2out-worker-handoff" : "nat44-out2in-worker-handoff";
else if (sm->deterministic)
- feature_name = is_inside ? "snat-det-in2out" : "snat-det-out2in";
+ feature_name = is_inside ? "nat44-det-in2out" : "nat44-det-out2in";
else
- feature_name = is_inside ? "snat-in2out" : "snat-out2in";
+ feature_name = is_inside ? "nat44-in2out" : "nat44-out2in";
}
vnet_feature_enable_disable ("ip4-unicast", feature_name, sw_if_index,
@@ -815,26 +815,26 @@
if (is_inside)
{
- vnet_feature_enable_disable ("ip4-unicast", "snat-hairpin-dst",
+ vnet_feature_enable_disable ("ip4-unicast", "nat44-hairpin-dst",
sw_if_index, !is_del, 0, 0);
- vnet_feature_enable_disable ("ip4-output", "snat-hairpin-src",
+ vnet_feature_enable_disable ("ip4-output", "nat44-hairpin-src",
sw_if_index, !is_del, 0, 0);
goto fq;
}
if (sm->num_workers > 1)
{
- vnet_feature_enable_disable ("ip4-unicast", "snat-out2in-worker-handoff",
+ vnet_feature_enable_disable ("ip4-unicast", "nat44-out2in-worker-handoff",
sw_if_index, !is_del, 0, 0);
vnet_feature_enable_disable ("ip4-output",
- "snat-in2out-output-worker-handoff",
+ "nat44-in2out-output-worker-handoff",
sw_if_index, !is_del, 0, 0);
}
else
{
- vnet_feature_enable_disable ("ip4-unicast", "snat-out2in", sw_if_index,
+ vnet_feature_enable_disable ("ip4-unicast", "nat44-out2in", sw_if_index,
!is_del, 0, 0);
- vnet_feature_enable_disable ("ip4-output", "snat-in2out-output",
+ vnet_feature_enable_disable ("ip4-output", "nat44-in2out-output",
sw_if_index, !is_del, 0, 0);
}
@@ -997,13 +997,13 @@
VLIB_INIT_FUNCTION (snat_init);
-void snat_free_outside_address_and_port (snat_main_t * sm,
- snat_session_key_t * k,
+void snat_free_outside_address_and_port (snat_main_t * sm,
+ snat_session_key_t * k,
u32 address_index)
{
snat_address_t *a;
u16 port_host_byte_order = clib_net_to_host_u16 (k->port);
-
+
ASSERT (address_index < vec_len (sm->addresses));
a = sm->addresses + address_index;
@@ -1024,12 +1024,12 @@
clib_warning("unknown_protocol");
return;
}
-}
+}
/**
- * @brief Match SNAT static mapping.
+ * @brief Match NAT44 static mapping.
*
- * @param sm SNAT main.
+ * @param sm NAT main.
* @param match Address and port to match.
* @param mapping External or local address and port of the matched mapping.
* @param by_external If 0 match by local address otherwise match by external
@@ -1199,7 +1199,7 @@
start_host_order = clib_host_to_net_u32 (start_addr.as_u32);
end_host_order = clib_host_to_net_u32 (end_addr.as_u32);
-
+
if (end_host_order < start_host_order)
{
error = clib_error_return (0, "end address less than start address");
@@ -1213,7 +1213,7 @@
format_ip4_address, &start_addr,
format_ip4_address, &end_addr,
count);
-
+
this_addr = start_addr;
for (i = 0; i < count; i++)
@@ -1245,8 +1245,8 @@
}
VLIB_CLI_COMMAND (add_address_command, static) = {
- .path = "snat add address",
- .short_help = "snat add addresses <ip4-range-start> [- <ip4-range-end>] "
+ .path = "nat44 add address",
+ .short_help = "nat44 add addresses <ip4-range-start> [- <ip4-range-end>] "
"[tenant-vrf <vrf-id>] [del]",
.function = add_address_command_fn,
};
@@ -1365,9 +1365,9 @@
}
VLIB_CLI_COMMAND (set_interface_snat_command, static) = {
- .path = "set interface snat",
+ .path = "set interface nat44",
.function = snat_feature_command_fn,
- .short_help = "set interface snat in <intfc> out <intfc> [output-feature] "
+ .short_help = "set interface nat44 in <intfc> out <intfc> [output-feature] "
"[del]",
};
@@ -1503,18 +1503,18 @@
* to to the local network host.
* To create static mapping between local host address 10.0.0.3 port 6303 and
* external address 4.4.4.4 port 3606 for TCP protocol use:
- * vpp# snat add static mapping local tcp 10.0.0.3 6303 external 4.4.4.4 3606
- * If not runnig "static mapping only" S-NAT plugin mode use before:
- * vpp# snat add address 4.4.4.4
+ * vpp# nat44 add static mapping local tcp 10.0.0.3 6303 external 4.4.4.4 3606
+ * If not runnig "static mapping only" NAT plugin mode use before:
+ * vpp# nat44 add address 4.4.4.4
* To create static mapping between local and external address use:
- * vpp# snat add static mapping local 10.0.0.3 external 4.4.4.4
+ * vpp# nat44 add static mapping local 10.0.0.3 external 4.4.4.4
* @cliexend
?*/
VLIB_CLI_COMMAND (add_static_mapping_command, static) = {
- .path = "snat add static mapping",
+ .path = "nat44 add static mapping",
.function = add_static_mapping_command_fn,
.short_help =
- "snat add static mapping local tcp|udp|icmp <addr> [<port>] external <addr> [<port>] [vrf <table-id>] [del]",
+ "nat44 add static mapping local tcp|udp|icmp <addr> [<port>] external <addr> [<port>] [vrf <table-id>] [del]",
};
static clib_error_t *
@@ -1575,15 +1575,15 @@
/*?
* @cliexpar
* @cliexstart{set snat workers}
- * Set SNAT workers if 2 or more workers available, use:
+ * Set NAT workers if 2 or more workers available, use:
* vpp# set snat workers 0-2,5
* @cliexend
?*/
VLIB_CLI_COMMAND (set_workers_command, static) = {
- .path = "set snat workers",
+ .path = "set nat workers",
.function = set_workers_command_fn,
.short_help =
- "set snat workers <workers-list>",
+ "set nat workers <workers-list>",
};
static clib_error_t *
@@ -1635,16 +1635,16 @@
/*?
* @cliexpar
* @cliexstart{snat ipfix logging}
- * To enable SNAT IPFIX logging use:
- * vpp# snat ipfix logging
+ * To enable NAT IPFIX logging use:
+ * vpp# nat ipfix logging
* To set IPFIX exporter use:
* vpp# set ipfix exporter collector 10.10.10.3 src 10.10.10.1
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_ipfix_logging_enable_disable_command, static) = {
- .path = "snat ipfix logging",
+ .path = "nat ipfix logging",
.function = snat_ipfix_logging_enable_disable_command_fn,
- .short_help = "snat ipfix logging [domain <domain-id>] [src-port <port>] [disable]",
+ .short_help = "nat ipfix logging [domain <domain-id>] [src-port <port>] [disable]",
};
static u32
@@ -1862,7 +1862,7 @@
return 0;
}
-VLIB_CONFIG_FUNCTION (snat_config, "snat");
+VLIB_CONFIG_FUNCTION (snat_config, "nat");
u8 * format_snat_session_state (u8 * s, va_list * args)
{
@@ -2067,18 +2067,18 @@
if (sm->static_mapping_only)
{
if (sm->static_mapping_connection_tracking)
- vlib_cli_output (vm, "SNAT mode: static mapping only connection "
+ vlib_cli_output (vm, "NAT plugin mode: static mapping only connection "
"tracking");
else
- vlib_cli_output (vm, "SNAT mode: static mapping only");
+ vlib_cli_output (vm, "NAT plugin mode: static mapping only");
}
else if (sm->deterministic)
{
- vlib_cli_output (vm, "SNAT mode: deterministic mapping");
+ vlib_cli_output (vm, "NAT plugin mode: deterministic mapping");
}
else
{
- vlib_cli_output (vm, "SNAT mode: dynamic translations enabled");
+ vlib_cli_output (vm, "NAT plugin mode: dynamic translations enabled");
}
if (verbose > 0)
@@ -2100,7 +2100,7 @@
if (vec_len (sm->auto_add_sw_if_indices))
{
- vlib_cli_output (vm, "SNAT pool addresses interfaces:");
+ vlib_cli_output (vm, "NAT44 pool addresses interfaces:");
vec_foreach (sw_if_index, sm->auto_add_sw_if_indices)
{
vlib_cli_output (vm, "%U", format_vnet_sw_interface_name, vnm,
@@ -2253,8 +2253,8 @@
}
VLIB_CLI_COMMAND (show_snat_command, static) = {
- .path = "show snat",
- .short_help = "show snat",
+ .path = "show nat44",
+ .short_help = "show nat44",
.function = show_snat_command_fn,
};
@@ -2372,7 +2372,7 @@
return 0;
}
}
-
+
if (is_del)
return VNET_API_ERROR_NO_SUCH_ENTRY;
@@ -2437,8 +2437,8 @@
}
VLIB_CLI_COMMAND (snat_add_interface_address_command, static) = {
- .path = "snat add interface address",
- .short_help = "snat add interface address <interface> [del]",
+ .path = "nat44 add interface address",
+ .short_help = "nat44 add interface address <interface> [del]",
.function = snat_add_interface_address_command_fn,
};
@@ -2499,12 +2499,12 @@
* CGN deployments.
* To create deterministic mapping between inside network 10.0.0.0/18 and
* outside network 1.1.1.0/30 use:
- * # vpp# snat deterministic add in 10.0.0.0/18 out 1.1.1.0/30
+ * # vpp# nat44 deterministic add in 10.0.0.0/18 out 1.1.1.0/30
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_map_command, static) = {
- .path = "snat deterministic add",
- .short_help = "snat deterministic add in <addr>/<plen> out <addr>/<plen> [del]",
+ .path = "nat44 deterministic add",
+ .short_help = "nat44 deterministic add in <addr>/<plen> out <addr>/<plen> [del]",
.function = snat_det_map_command_fn,
};
@@ -2560,13 +2560,13 @@
* Return outside address and port range from inside address for deterministic
* NAT.
* To obtain outside address and port of inside host use:
- * vpp# snat deterministic forward 10.0.0.2
+ * vpp# nat44 deterministic forward 10.0.0.2
* 1.1.1.0:<1054-1068>
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_forward_command, static) = {
- .path = "snat deterministic forward",
- .short_help = "snat deterministic forward <addr>",
+ .path = "nat44 deterministic forward",
+ .short_help = "nat44 deterministic forward <addr>",
.function = snat_det_forward_command_fn,
};
@@ -2625,13 +2625,13 @@
* @cliexstart{snat deterministic reverse}
* Return inside address from outside address and port for deterministic NAT.
* To obtain inside host address from outside address and port use:
- * #vpp snat deterministic reverse 1.1.1.1:1276
+ * #vpp nat44 deterministic reverse 1.1.1.1:1276
* 10.0.16.16
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_reverse_command, static) = {
- .path = "snat deterministic reverse",
- .short_help = "snat deterministic reverse <addr>:<port>",
+ .path = "nat44 deterministic reverse",
+ .short_help = "nat44 deterministic reverse <addr>:<port>",
.function = snat_det_reverse_command_fn,
};
@@ -2687,17 +2687,17 @@
* @cliexpar
* @cliexstart{set snat deterministic timeout}
* Set values of timeouts for deterministic NAT (in seconds), use:
- * vpp# set snat deterministic timeout udp 120 tcp-established 7500
+ * vpp# set nat44 deterministic timeout udp 120 tcp-established 7500
* tcp-transitory 250 icmp 90
* To reset default values use:
- * vpp# set snat deterministic timeout reset
+ * vpp# set nat44 deterministic timeout reset
* @cliexend
?*/
VLIB_CLI_COMMAND (set_timeout_command, static) = {
- .path = "set snat deterministic timeout",
+ .path = "set nat44 deterministic timeout",
.function = set_timeout_command_fn,
.short_help =
- "set snat deterministic timeout [udp <sec> | tcp-established <sec> "
+ "set nat44 deterministic timeout [udp <sec> | tcp-established <sec> "
"tcp-transitory <sec> | icmp <sec> | reset]",
};
@@ -2762,12 +2762,12 @@
* @cliexstart{snat deterministic close session out}
* Close session using outside ip address and port
* and external ip address and port, use:
- * vpp# snat deterministic close session out 1.1.1.1:1276 2.2.2.2:2387
+ * vpp# nat44 deterministic close session out 1.1.1.1:1276 2.2.2.2:2387
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_close_sesion_out_command, static) = {
- .path = "snat deterministic close session out",
- .short_help = "snat deterministic close session out "
+ .path = "nat44 deterministic close session out",
+ .short_help = "nat44 deterministic close session out "
"<out_addr>:<out_port> <ext_addr>:<ext_port>",
.function = snat_det_close_session_out_fn,
};
@@ -2831,12 +2831,12 @@
* @cliexstart{snat deterministic close_session_in}
* Close session using inside ip address and port
* and external ip address and port, use:
- * vpp# snat deterministic close session in 3.3.3.3:3487 2.2.2.2:2387
+ * vpp# nat44 deterministic close session in 3.3.3.3:3487 2.2.2.2:2387
* @cliexend
?*/
VLIB_CLI_COMMAND (snat_det_close_session_in_command, static) = {
- .path = "snat deterministic close session in",
- .short_help = "snat deterministic close session in "
+ .path = "nat44 deterministic close session in",
+ .short_help = "nat44 deterministic close session in "
"<in_addr>:<in_port> <ext_addr>:<ext_port>",
.function = snat_det_close_session_in_fn,
};
diff --git a/src/plugins/snat/snat.h b/src/plugins/nat/nat.h
similarity index 98%
rename from src/plugins/snat/snat.h
rename to src/plugins/nat/nat.h
index aa0f82f..04c466d 100644
--- a/src/plugins/snat/snat.h
+++ b/src/plugins/nat/nat.h
@@ -1,6 +1,6 @@
/*
- * snat.h - simple nat definitions
+ * nat.h - NAT plugin definitions
*
* Copyright (c) 2016 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,8 +15,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-#ifndef __included_snat_h__
-#define __included_snat_h__
+#ifndef __included_nat_h__
+#define __included_nat_h__
#include <vnet/vnet.h>
#include <vnet/ip/ip.h>
@@ -41,9 +41,9 @@
/* Key */
typedef struct {
- union
+ union
{
- struct
+ struct
{
ip4_address_t addr;
u16 port;
@@ -156,7 +156,7 @@
f64 last_heard; /* 44-51 */
u64 total_bytes; /* 52-59 */
-
+
u32 total_pkts; /* 60-63 */
/* Outside address */
@@ -418,12 +418,12 @@
*/
#define snat_is_unk_proto_session(s) s->flags & SNAT_SESSION_FLAG_UNKNOWN_PROTO
-/*
+/*
* Why is this here? Because we don't need to touch this layer to
* simply reply to an icmp. We need to change id to a unique
* value to NAT an echo request/reply.
*/
-
+
typedef struct {
u16 identifier;
u16 sequence;
@@ -538,4 +538,4 @@
return 0;
}
-#endif /* __included_snat_h__ */
+#endif /* __included_nat_h__ */
diff --git a/src/plugins/snat/nat64.c b/src/plugins/nat/nat64.c
similarity index 99%
rename from src/plugins/snat/nat64.c
rename to src/plugins/nat/nat64.c
index bd915b5..b04901f 100644
--- a/src/plugins/snat/nat64.c
+++ b/src/plugins/nat/nat64.c
@@ -17,8 +17,8 @@
* @brief NAT64 implementation
*/
-#include <snat/nat64.h>
-#include <snat/nat64_db.h>
+#include <nat/nat64.h>
+#include <nat/nat64_db.h>
#include <vnet/fib/ip4_fib.h>
diff --git a/src/plugins/snat/nat64.h b/src/plugins/nat/nat64.h
similarity index 99%
rename from src/plugins/snat/nat64.h
rename to src/plugins/nat/nat64.h
index 771b907..68224ca 100644
--- a/src/plugins/snat/nat64.h
+++ b/src/plugins/nat/nat64.h
@@ -19,8 +19,8 @@
#ifndef __included_nat64_h__
#define __included_nat64_h__
-#include <snat/snat.h>
-#include <snat/nat64_db.h>
+#include <nat/nat.h>
+#include <nat/nat64_db.h>
#define foreach_nat64_tcp_ses_state \
_(0, CLOSED, "closed") \
diff --git a/src/plugins/snat/nat64_cli.c b/src/plugins/nat/nat64_cli.c
similarity index 99%
rename from src/plugins/snat/nat64_cli.c
rename to src/plugins/nat/nat64_cli.c
index ca60b12..bb62ecf 100644
--- a/src/plugins/snat/nat64_cli.c
+++ b/src/plugins/nat/nat64_cli.c
@@ -17,8 +17,8 @@
* @brief NAT64 CLI
*/
-#include <snat/nat64.h>
-#include <snat/snat.h>
+#include <nat/nat64.h>
+#include <nat/nat.h>
#include <vnet/fib/fib_table.h>
static clib_error_t *
diff --git a/src/plugins/snat/nat64_db.c b/src/plugins/nat/nat64_db.c
similarity index 99%
rename from src/plugins/snat/nat64_db.c
rename to src/plugins/nat/nat64_db.c
index 9584827..da73cee 100644
--- a/src/plugins/snat/nat64_db.c
+++ b/src/plugins/nat/nat64_db.c
@@ -16,7 +16,7 @@
* @file
* @brief NAT64 DB
*/
-#include <snat/nat64_db.h>
+#include <nat/nat64_db.h>
int
nat64_db_init (nat64_db_t * db)
diff --git a/src/plugins/snat/nat64_db.h b/src/plugins/nat/nat64_db.h
similarity index 99%
rename from src/plugins/snat/nat64_db.h
rename to src/plugins/nat/nat64_db.h
index 1e2dcc9..394ca87 100644
--- a/src/plugins/snat/nat64_db.h
+++ b/src/plugins/nat/nat64_db.h
@@ -21,7 +21,7 @@
#include <vppinfra/bihash_24_8.h>
#include <vppinfra/bihash_48_8.h>
-#include <snat/snat.h>
+#include <nat/nat.h>
typedef struct
diff --git a/src/plugins/snat/nat64_doc.md b/src/plugins/nat/nat64_doc.md
similarity index 100%
rename from src/plugins/snat/nat64_doc.md
rename to src/plugins/nat/nat64_doc.md
diff --git a/src/plugins/snat/nat64_in2out.c b/src/plugins/nat/nat64_in2out.c
similarity index 99%
rename from src/plugins/snat/nat64_in2out.c
rename to src/plugins/nat/nat64_in2out.c
index 8c67fec..f78baff 100644
--- a/src/plugins/snat/nat64_in2out.c
+++ b/src/plugins/nat/nat64_in2out.c
@@ -17,7 +17,7 @@
* @brief NAT64 IPv6 to IPv4 translation (inside to outside network)
*/
-#include <snat/nat64.h>
+#include <nat/nat64.h>
#include <vnet/ip/ip6_to_ip4.h>
#include <vnet/fib/fib_table.h>
diff --git a/src/plugins/snat/nat64_out2in.c b/src/plugins/nat/nat64_out2in.c
similarity index 99%
rename from src/plugins/snat/nat64_out2in.c
rename to src/plugins/nat/nat64_out2in.c
index cd5b253..61e88a7 100644
--- a/src/plugins/snat/nat64_out2in.c
+++ b/src/plugins/nat/nat64_out2in.c
@@ -17,7 +17,7 @@
* @brief NAT64 IPv4 to IPv6 translation (otside to inside network)
*/
-#include <snat/nat64.h>
+#include <nat/nat64.h>
#include <vnet/ip/ip4_to_ip6.h>
#include <vnet/fib/ip4_fib.h>
diff --git a/src/plugins/snat/snat_all_api_h.h b/src/plugins/nat/nat_all_api_h.h
similarity index 87%
rename from src/plugins/snat/snat_all_api_h.h
rename to src/plugins/nat/nat_all_api_h.h
index 4901770..acd9ba1 100644
--- a/src/plugins/snat/snat_all_api_h.h
+++ b/src/plugins/nat/nat_all_api_h.h
@@ -1,6 +1,6 @@
/*
- * snat_all_api_h.h - skeleton vpp engine plug-in api #include file
+ * nat_all_api_h.h - skeleton vpp engine plug-in api #include file
*
* Copyright (c) <current-year> <your-organization>
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,4 +16,4 @@
* limitations under the License.
*/
/* Include the generated file, see BUILT_SOURCES in Makefile.am */
-#include <snat/snat.api.h>
+#include <nat/nat.api.h>
diff --git a/src/plugins/nat/nat_api.c b/src/plugins/nat/nat_api.c
new file mode 100644
index 0000000..0a2141f
--- /dev/null
+++ b/src/plugins/nat/nat_api.c
@@ -0,0 +1,3255 @@
+/*
+ * Copyright (c) 2017 Cisco and/or its affiliates.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file
+ * @brief NAT plugin API implementation
+ */
+
+#include <nat/nat.h>
+#include <nat/nat_det.h>
+#include <nat/nat64.h>
+#include <vlibapi/api.h>
+#include <vlibmemory/api.h>
+#include <vlibsocket/api.h>
+#include <nat/nat_msg_enum.h>
+#include <vnet/fib/fib_table.h>
+
+/* define message structures */
+#define vl_typedefs
+#include <nat/nat_all_api_h.h>
+#undef vl_typedefs
+
+/* define generated endian-swappers */
+#define vl_endianfun
+#include <nat/nat_all_api_h.h>
+#undef vl_endianfun
+
+#define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__)
+
+#define REPLY_MSG_ID_BASE sm->msg_id_base
+#include <vlibapi/api_helper_macros.h>
+
+/* Get the API version number */
+#define vl_api_version(n,v) static u32 api_version=(v);
+#include <nat/nat_all_api_h.h>
+#undef vl_api_version
+
+/* Macro to finish up custom dump fns */
+#define FINISH \
+ vec_add1 (s, 0); \
+ vl_print (handle, (char *)s); \
+ vec_free (s); \
+ return handle;
+
+static void
+ vl_api_snat_add_address_range_t_handler
+ (vl_api_snat_add_address_range_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_add_address_range_reply_t *rmp;
+ ip4_address_t this_addr;
+ u32 start_host_order, end_host_order;
+ u32 vrf_id;
+ int i, count;
+ int rv = 0;
+ u32 *tmp;
+
+ if (mp->is_ip4 != 1)
+ {
+ rv = VNET_API_ERROR_UNIMPLEMENTED;
+ goto send_reply;
+ }
+
+ if (sm->static_mapping_only)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto send_reply;
+ }
+
+ tmp = (u32 *) mp->first_ip_address;
+ start_host_order = clib_host_to_net_u32 (tmp[0]);
+ tmp = (u32 *) mp->last_ip_address;
+ end_host_order = clib_host_to_net_u32 (tmp[0]);
+
+ count = (end_host_order - start_host_order) + 1;
+
+ vrf_id = clib_host_to_net_u32 (mp->vrf_id);
+
+ if (count > 1024)
+ clib_warning ("%U - %U, %d addresses...",
+ format_ip4_address, mp->first_ip_address,
+ format_ip4_address, mp->last_ip_address, count);
+
+ memcpy (&this_addr.as_u8, mp->first_ip_address, 4);
+
+ for (i = 0; i < count; i++)
+ {
+ if (mp->is_add)
+ snat_add_address (sm, &this_addr, vrf_id);
+ else
+ rv = snat_del_address (sm, this_addr, 0);
+
+ if (rv)
+ goto send_reply;
+
+ increment_v4_address (&this_addr);
+ }
+
+send_reply:
+ REPLY_MACRO (VL_API_SNAT_ADD_ADDRESS_RANGE_REPLY);
+}
+
+static void *vl_api_snat_add_address_range_t_print
+ (vl_api_snat_add_address_range_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_add_address_range ");
+ s = format (s, "%U ", format_ip4_address, mp->first_ip_address);
+ if (memcmp (mp->first_ip_address, mp->last_ip_address, 4))
+ {
+ s = format (s, " - %U ", format_ip4_address, mp->last_ip_address);
+ }
+ FINISH;
+}
+
+static void
+ send_snat_address_details
+ (snat_address_t * a, unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_snat_address_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_SNAT_ADDRESS_DETAILS + sm->msg_id_base);
+ rmp->is_ip4 = 1;
+ clib_memcpy (rmp->ip_address, &(a->addr), 4);
+ if (a->fib_index != ~0)
+ {
+ fib_table_t *fib = fib_table_get (a->fib_index, FIB_PROTOCOL_IP4);
+ rmp->vrf_id = ntohl (fib->ft_table_id);
+ }
+ else
+ rmp->vrf_id = ~0;
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_snat_address_dump_t_handler (vl_api_snat_address_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_address_t *a;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach (a, sm->addresses)
+ send_snat_address_details (a, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_snat_address_dump_t_print
+ (vl_api_snat_address_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_address_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_snat_interface_add_del_feature_t_handler
+ (vl_api_snat_interface_add_del_feature_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_interface_add_del_feature_reply_t *rmp;
+ u8 is_del = mp->is_add == 0;
+ u32 sw_if_index = ntohl (mp->sw_if_index);
+ int rv = 0;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ rv = snat_interface_add_del (sw_if_index, mp->is_inside, is_del);
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ REPLY_MACRO (VL_API_SNAT_INTERFACE_ADD_DEL_FEATURE_REPLY);
+}
+
+static void *vl_api_snat_interface_add_del_feature_t_print
+ (vl_api_snat_interface_add_del_feature_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_interface_add_del_feature ");
+ s = format (s, "sw_if_index %d %s %s",
+ clib_host_to_net_u32 (mp->sw_if_index),
+ mp->is_inside ? "in" : "out", mp->is_add ? "" : "del");
+
+ FINISH;
+}
+
+static void
+ send_snat_interface_details
+ (snat_interface_t * i, unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_snat_interface_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_SNAT_INTERFACE_DETAILS + sm->msg_id_base);
+ rmp->sw_if_index = ntohl (i->sw_if_index);
+ rmp->is_inside = i->is_inside;
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_snat_interface_dump_t_handler (vl_api_snat_interface_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_interface_t *i;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ pool_foreach (i, sm->interfaces,
+ ({
+ send_snat_interface_details(i, q, mp->context);
+ }));
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_snat_interface_dump_t_print
+ (vl_api_snat_interface_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_interface_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_snat_interface_add_del_output_feature_t_handler
+ (vl_api_snat_interface_add_del_output_feature_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_interface_add_del_output_feature_reply_t *rmp;
+ u8 is_del = mp->is_add == 0;
+ u32 sw_if_index = ntohl (mp->sw_if_index);
+ int rv = 0;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ rv = snat_interface_add_del_output_feature (sw_if_index, mp->is_inside,
+ is_del);
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ REPLY_MACRO (VL_API_SNAT_INTERFACE_ADD_DEL_OUTPUT_FEATURE_REPLY);
+}
+
+static void *vl_api_snat_interface_add_del_output_feature_t_print
+ (vl_api_snat_interface_add_del_output_feature_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_interface_add_del_output_feature ");
+ s = format (s, "sw_if_index %d %s %s",
+ clib_host_to_net_u32 (mp->sw_if_index),
+ mp->is_inside ? "in" : "out", mp->is_add ? "" : "del");
+
+ FINISH;
+}
+
+static void
+send_snat_interface_output_feature_details (snat_interface_t * i,
+ unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_snat_interface_output_feature_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_SNAT_INTERFACE_OUTPUT_FEATURE_DETAILS + sm->msg_id_base);
+ rmp->sw_if_index = ntohl (i->sw_if_index);
+ rmp->context = context;
+ rmp->is_inside = i->is_inside;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+ vl_api_snat_interface_output_feature_dump_t_handler
+ (vl_api_snat_interface_output_feature_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_interface_t *i;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ pool_foreach (i, sm->output_feature_interfaces,
+ ({
+ send_snat_interface_output_feature_details(i, q, mp->context);
+ }));
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_snat_interface_output_feature_dump_t_print
+ (vl_api_snat_interface_output_feature_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_interface_output_feature_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_snat_add_static_mapping_t_handler
+ (vl_api_snat_add_static_mapping_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_add_static_mapping_reply_t *rmp;
+ ip4_address_t local_addr, external_addr;
+ u16 local_port = 0, external_port = 0;
+ u32 vrf_id, external_sw_if_index;
+ int rv = 0;
+ snat_protocol_t proto;
+
+ if (mp->is_ip4 != 1)
+ {
+ rv = VNET_API_ERROR_UNIMPLEMENTED;
+ goto send_reply;
+ }
+
+ memcpy (&local_addr.as_u8, mp->local_ip_address, 4);
+ memcpy (&external_addr.as_u8, mp->external_ip_address, 4);
+ if (mp->addr_only == 0)
+ {
+ local_port = clib_net_to_host_u16 (mp->local_port);
+ external_port = clib_net_to_host_u16 (mp->external_port);
+ }
+ vrf_id = clib_net_to_host_u32 (mp->vrf_id);
+ external_sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
+ proto = ip_proto_to_snat_proto (mp->protocol);
+
+ rv = snat_add_static_mapping (local_addr, external_addr, local_port,
+ external_port, vrf_id, mp->addr_only,
+ external_sw_if_index, proto, mp->is_add);
+
+send_reply:
+ REPLY_MACRO (VL_API_SNAT_ADD_ADDRESS_RANGE_REPLY);
+}
+
+static void *vl_api_snat_add_static_mapping_t_print
+ (vl_api_snat_add_static_mapping_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_add_static_mapping ");
+ s = format (s, "protocol %d local_addr %U external_addr %U ",
+ mp->protocol,
+ format_ip4_address, mp->local_ip_address,
+ format_ip4_address, mp->external_ip_address);
+
+ if (mp->addr_only == 0)
+ s = format (s, "local_port %d external_port %d ",
+ clib_net_to_host_u16 (mp->local_port),
+ clib_net_to_host_u16 (mp->external_port));
+
+ if (mp->vrf_id != ~0)
+ s = format (s, "vrf %d", clib_net_to_host_u32 (mp->vrf_id));
+
+ if (mp->external_sw_if_index != ~0)
+ s = format (s, "external_sw_if_index %d",
+ clib_net_to_host_u32 (mp->external_sw_if_index));
+ FINISH;
+}
+
+static void
+ send_snat_static_mapping_details
+ (snat_static_mapping_t * m, unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_snat_static_mapping_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_SNAT_STATIC_MAPPING_DETAILS + sm->msg_id_base);
+ rmp->is_ip4 = 1;
+ rmp->addr_only = m->addr_only;
+ clib_memcpy (rmp->local_ip_address, &(m->local_addr), 4);
+ clib_memcpy (rmp->external_ip_address, &(m->external_addr), 4);
+ rmp->local_port = htons (m->local_port);
+ rmp->external_port = htons (m->external_port);
+ rmp->external_sw_if_index = ~0;
+ rmp->vrf_id = htonl (m->vrf_id);
+ rmp->protocol = snat_proto_to_ip_proto (m->proto);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+ send_snat_static_map_resolve_details
+ (snat_static_map_resolve_t * m, unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_snat_static_mapping_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_SNAT_STATIC_MAPPING_DETAILS + sm->msg_id_base);
+ rmp->is_ip4 = 1;
+ rmp->addr_only = m->addr_only;
+ clib_memcpy (rmp->local_ip_address, &(m->l_addr), 4);
+ rmp->local_port = htons (m->l_port);
+ rmp->external_port = htons (m->e_port);
+ rmp->external_sw_if_index = htonl (m->sw_if_index);
+ rmp->vrf_id = htonl (m->vrf_id);
+ rmp->protocol = snat_proto_to_ip_proto (m->proto);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+ vl_api_snat_static_mapping_dump_t_handler
+ (vl_api_snat_static_mapping_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_static_mapping_t *m;
+ snat_static_map_resolve_t *rp;
+ int j;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ pool_foreach (m, sm->static_mappings,
+ ({
+ send_snat_static_mapping_details (m, q, mp->context);
+ }));
+ /* *INDENT-ON* */
+
+ for (j = 0; j < vec_len (sm->to_resolve); j++)
+ {
+ rp = sm->to_resolve + j;
+ send_snat_static_map_resolve_details (rp, q, mp->context);
+ }
+}
+
+static void *vl_api_snat_static_mapping_dump_t_print
+ (vl_api_snat_static_mapping_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_static_mapping_dump ");
+
+ FINISH;
+}
+
+static void
+vl_api_snat_control_ping_t_handler (vl_api_snat_control_ping_t * mp)
+{
+ vl_api_snat_control_ping_reply_t *rmp;
+ snat_main_t *sm = &snat_main;
+ int rv = 0;
+
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_SNAT_CONTROL_PING_REPLY,
+ ({
+ rmp->vpe_pid = ntohl (getpid ());
+ }));
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_snat_control_ping_t_print
+ (vl_api_snat_control_ping_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_control_ping ");
+
+ FINISH;
+}
+
+static void
+vl_api_snat_show_config_t_handler (vl_api_snat_show_config_t * mp)
+{
+ vl_api_snat_show_config_reply_t *rmp;
+ snat_main_t *sm = &snat_main;
+ int rv = 0;
+
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_SNAT_SHOW_CONFIG_REPLY,
+ ({
+ rmp->translation_buckets = htonl (sm->translation_buckets);
+ rmp->translation_memory_size = htonl (sm->translation_memory_size);
+ rmp->user_buckets = htonl (sm->user_buckets);
+ rmp->user_memory_size = htonl (sm->user_memory_size);
+ rmp->max_translations_per_user = htonl (sm->max_translations_per_user);
+ rmp->outside_vrf_id = htonl (sm->outside_vrf_id);
+ rmp->inside_vrf_id = htonl (sm->inside_vrf_id);
+ rmp->static_mapping_only = sm->static_mapping_only;
+ rmp->static_mapping_connection_tracking =
+ sm->static_mapping_connection_tracking;
+ rmp->deterministic = sm->deterministic;
+ }));
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_snat_show_config_t_print
+ (vl_api_snat_show_config_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_show_config ");
+
+ FINISH;
+}
+
+static void
+vl_api_snat_set_workers_t_handler (vl_api_snat_set_workers_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_set_workers_reply_t *rmp;
+ int rv = 0;
+ uword *bitmap = 0;
+ u64 mask = clib_net_to_host_u64 (mp->worker_mask);
+
+ if (sm->num_workers < 2)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto send_reply;
+ }
+
+ bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask));
+ rv = snat_set_workers (bitmap);
+ clib_bitmap_free (bitmap);
+
+send_reply:
+ REPLY_MACRO (VL_API_SNAT_SET_WORKERS_REPLY);
+}
+
+static void *vl_api_snat_set_workers_t_print
+ (vl_api_snat_set_workers_t * mp, void *handle)
+{
+ u8 *s;
+ uword *bitmap = 0;
+ u8 first = 1;
+ int i;
+ u64 mask = clib_net_to_host_u64 (mp->worker_mask);
+
+ s = format (0, "SCRIPT: snat_set_workers ");
+ bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask));
+ /* *INDENT-OFF* */
+ clib_bitmap_foreach (i, bitmap,
+ ({
+ if (first)
+ s = format (s, "%d", i);
+ else
+ s = format (s, ",%d", i);
+ first = 0;
+ }));
+ /* *INDENT-ON* */
+ clib_bitmap_free (bitmap);
+ FINISH;
+}
+
+static void
+ send_snat_worker_details
+ (u32 worker_index, unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_snat_worker_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+ vlib_worker_thread_t *w =
+ vlib_worker_threads + worker_index + sm->first_worker_index;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_SNAT_WORKER_DETAILS + sm->msg_id_base);
+ rmp->context = context;
+ rmp->worker_index = htonl (worker_index);
+ rmp->lcore_id = htonl (w->lcore_id);
+ strncpy ((char *) rmp->name, (char *) w->name, ARRAY_LEN (rmp->name) - 1);
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_snat_worker_dump_t_handler (vl_api_snat_worker_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ u32 *worker_index;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach (worker_index, sm->workers)
+ send_snat_worker_details(*worker_index, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_snat_worker_dump_t_print
+ (vl_api_snat_worker_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_worker_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_snat_add_del_interface_addr_t_handler
+ (vl_api_snat_add_del_interface_addr_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_add_del_interface_addr_reply_t *rmp;
+ u8 is_del = mp->is_add == 0;
+ u32 sw_if_index = ntohl (mp->sw_if_index);
+ int rv = 0;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ rv = snat_add_interface_address (sm, sw_if_index, is_del);
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ REPLY_MACRO (VL_API_SNAT_ADD_DEL_INTERFACE_ADDR_REPLY);
+}
+
+static void *vl_api_snat_add_del_interface_addr_t_print
+ (vl_api_snat_add_del_interface_addr_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_add_del_interface_addr ");
+ s = format (s, "sw_if_index %d %s",
+ clib_host_to_net_u32 (mp->sw_if_index),
+ mp->is_add ? "" : "del");
+
+ FINISH;
+}
+
+static void
+ send_snat_interface_addr_details
+ (u32 sw_if_index, unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_snat_interface_addr_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_SNAT_INTERFACE_ADDR_DETAILS + sm->msg_id_base);
+ rmp->sw_if_index = ntohl (sw_if_index);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+ vl_api_snat_interface_addr_dump_t_handler
+ (vl_api_snat_interface_addr_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ u32 *i;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach (i, sm->auto_add_sw_if_indices)
+ send_snat_interface_addr_details(*i, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_snat_interface_addr_dump_t_print
+ (vl_api_snat_interface_addr_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_interface_addr_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_snat_ipfix_enable_disable_t_handler
+ (vl_api_snat_ipfix_enable_disable_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_ipfix_enable_disable_reply_t *rmp;
+ int rv = 0;
+
+ rv = snat_ipfix_logging_enable_disable (mp->enable,
+ clib_host_to_net_u32
+ (mp->domain_id),
+ clib_host_to_net_u16
+ (mp->src_port));
+
+ REPLY_MACRO (VL_API_SNAT_IPFIX_ENABLE_DISABLE_REPLY);
+}
+
+static void *vl_api_snat_ipfix_enable_disable_t_print
+ (vl_api_snat_ipfix_enable_disable_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_ipfix_enable_disable ");
+ if (mp->domain_id)
+ s = format (s, "domain %d ", clib_net_to_host_u32 (mp->domain_id));
+ if (mp->src_port)
+ s = format (s, "src_port %d ", clib_net_to_host_u16 (mp->src_port));
+ if (!mp->enable)
+ s = format (s, "disable ");
+
+ FINISH;
+}
+
+static void
+ send_snat_user_details
+ (snat_user_t * u, unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_snat_user_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+ fib_table_t *fib = fib_table_get (u->fib_index, FIB_PROTOCOL_IP4);
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_SNAT_USER_DETAILS + sm->msg_id_base);
+
+ rmp->vrf_id = ntohl (fib->ft_table_id);
+
+ rmp->is_ip4 = 1;
+ clib_memcpy (rmp->ip_address, &(u->addr), 4);
+ rmp->nsessions = ntohl (u->nsessions);
+ rmp->nstaticsessions = ntohl (u->nstaticsessions);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_snat_user_dump_t_handler (vl_api_snat_user_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_main_per_thread_data_t *tsm;
+ snat_user_t *u;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach (tsm, sm->per_thread_data)
+ vec_foreach (u, tsm->users)
+ send_snat_user_details (u, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_snat_user_dump_t_print
+ (vl_api_snat_user_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_user_dump ");
+
+ FINISH;
+}
+
+static void
+ send_snat_user_session_details
+ (snat_session_t * s, unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_snat_user_session_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_SNAT_USER_SESSION_DETAILS + sm->msg_id_base);
+ rmp->is_ip4 = 1;
+ clib_memcpy (rmp->outside_ip_address, (&s->out2in.addr), 4);
+ clib_memcpy (rmp->inside_ip_address, (&s->in2out.addr), 4);
+ rmp->is_static = s->flags & SNAT_SESSION_FLAG_STATIC_MAPPING ? 1 : 0;
+ rmp->last_heard = clib_host_to_net_u64 ((u64) s->last_heard);
+ rmp->total_bytes = clib_host_to_net_u64 (s->total_bytes);
+ rmp->total_pkts = ntohl (s->total_pkts);
+ rmp->context = context;
+ if (snat_is_unk_proto_session (s))
+ {
+ rmp->outside_port = 0;
+ rmp->inside_port = 0;
+ rmp->protocol = ntohs (s->in2out.port);
+ }
+ else
+ {
+ rmp->outside_port = s->out2in.port;
+ rmp->inside_port = s->in2out.port;
+ rmp->protocol = ntohs (snat_proto_to_ip_proto (s->in2out.protocol));
+ }
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+ vl_api_snat_user_session_dump_t_handler
+ (vl_api_snat_user_session_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_main_per_thread_data_t *tsm;
+ snat_session_t *s;
+ clib_bihash_kv_8_8_t key, value;
+ snat_user_key_t ukey;
+ snat_user_t *u;
+ u32 session_index, head_index, elt_index;
+ dlist_elt_t *head, *elt;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+ if (!mp->is_ip4)
+ return;
+
+ clib_memcpy (&ukey.addr, mp->ip_address, 4);
+ ukey.fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->vrf_id));
+ key.key = ukey.as_u64;
+ if (!clib_bihash_search_8_8 (&sm->worker_by_in, &key, &value))
+ tsm = vec_elt_at_index (sm->per_thread_data, value.value);
+ else
+ tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
+ if (clib_bihash_search_8_8 (&sm->user_hash, &key, &value))
+ return;
+ u = pool_elt_at_index (tsm->users, value.value);
+ if (!u->nsessions && !u->nstaticsessions)
+ return;
+
+ head_index = u->sessions_per_user_list_head_index;
+ head = pool_elt_at_index (tsm->list_pool, head_index);
+ elt_index = head->next;
+ elt = pool_elt_at_index (tsm->list_pool, elt_index);
+ session_index = elt->value;
+ while (session_index != ~0)
+ {
+ s = pool_elt_at_index (tsm->sessions, session_index);
+
+ send_snat_user_session_details (s, q, mp->context);
+
+ elt_index = elt->next;
+ elt = pool_elt_at_index (tsm->list_pool, elt_index);
+ session_index = elt->value;
+ }
+}
+
+static void *vl_api_snat_user_session_dump_t_print
+ (vl_api_snat_user_session_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_user_session_dump ");
+ s = format (s, "ip_address %U vrf_id %d\n",
+ format_ip4_address, mp->ip_address,
+ clib_net_to_host_u32 (mp->vrf_id));
+
+ FINISH;
+}
+
+/******************************************************************/
+/*** detrministic NAT/CGN (old, will be deprecated after 17.10) ***/
+/******************************************************************/
+
+static void
+vl_api_snat_add_det_map_t_handler (vl_api_snat_add_det_map_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_add_det_map_reply_t *rmp;
+ int rv = 0;
+ ip4_address_t in_addr, out_addr;
+
+ clib_memcpy (&in_addr, mp->in_addr, 4);
+ clib_memcpy (&out_addr, mp->out_addr, 4);
+ rv = snat_det_add_map (sm, &in_addr, mp->in_plen, &out_addr,
+ mp->out_plen, mp->is_add);
+
+ REPLY_MACRO (VL_API_SNAT_ADD_DET_MAP_REPLY);
+}
+
+static void *vl_api_snat_add_det_map_t_print
+ (vl_api_snat_add_det_map_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_add_det_map ");
+ s = format (s, "inside address %U/%d outside address %U/%d\n",
+ format_ip4_address, mp->in_addr, mp->in_plen,
+ format_ip4_address, mp->out_addr, mp->out_plen);
+
+ FINISH;
+}
+
+static void
+vl_api_snat_det_forward_t_handler (vl_api_snat_det_forward_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_det_forward_reply_t *rmp;
+ int rv = 0;
+ u16 lo_port = 0, hi_port = 0;
+ snat_det_map_t *dm;
+ ip4_address_t in_addr, out_addr;
+
+ out_addr.as_u32 = 0;
+ clib_memcpy (&in_addr, mp->in_addr, 4);
+ dm = snat_det_map_by_user (sm, &in_addr);
+ if (!dm)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+
+ snat_det_forward (dm, &in_addr, &out_addr, &lo_port);
+ hi_port = lo_port + dm->ports_per_host - 1;
+
+send_reply:
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_SNAT_DET_FORWARD_REPLY,
+ ({
+ rmp->out_port_lo = ntohs (lo_port);
+ rmp->out_port_hi = ntohs (hi_port);
+ rmp->is_ip4 = 1;
+ memset (rmp->out_addr, 0, 16);
+ clib_memcpy (rmp->out_addr, &out_addr, 4);
+ }))
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_snat_det_forward_t_print
+ (vl_api_snat_det_forward_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: smat_det_forward_t");
+ s = format (s, "inside ip address %U\n", format_ip4_address, mp->in_addr);
+
+ FINISH;
+}
+
+static void
+vl_api_snat_det_reverse_t_handler (vl_api_snat_det_reverse_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_det_reverse_reply_t *rmp;
+ int rv = 0;
+ ip4_address_t out_addr, in_addr;
+ snat_det_map_t *dm;
+
+ in_addr.as_u32 = 0;
+ clib_memcpy (&out_addr, mp->out_addr, 4);
+ dm = snat_det_map_by_out (sm, &out_addr);
+ if (!dm)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+
+ snat_det_reverse (dm, &out_addr, htons (mp->out_port), &in_addr);
+
+send_reply:
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_SNAT_DET_REVERSE_REPLY,
+ ({
+ rmp->is_ip4 = 1;
+ memset (rmp->in_addr, 0, 16);
+ clib_memcpy (rmp->in_addr, &in_addr, 4);
+ }))
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_snat_det_reverse_t_print
+ (vl_api_snat_det_reverse_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: smat_det_reverse_t");
+ s = format (s, "outside ip address %U outside port %d",
+ format_ip4_address, mp->out_addr, ntohs (mp->out_port));
+
+ FINISH;
+}
+
+static void
+ sent_snat_det_map_details
+ (snat_det_map_t * m, unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_snat_det_map_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_SNAT_DET_MAP_DETAILS + sm->msg_id_base);
+ rmp->is_ip4 = 1;
+ clib_memcpy (rmp->in_addr, &m->in_addr, 4);
+ rmp->in_plen = m->in_plen;
+ clib_memcpy (rmp->out_addr, &m->out_addr, 4);
+ rmp->out_plen = m->out_plen;
+ rmp->sharing_ratio = htonl (m->sharing_ratio);
+ rmp->ports_per_host = htons (m->ports_per_host);
+ rmp->ses_num = htonl (m->ses_num);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_snat_det_map_dump_t_handler (vl_api_snat_det_map_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_det_map_t *m;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach(m, sm->det_maps)
+ sent_snat_det_map_details(m, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_snat_det_map_dump_t_print
+ (vl_api_snat_det_map_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_det_map_dump ");
+
+ FINISH;
+}
+
+static void
+vl_api_snat_det_set_timeouts_t_handler (vl_api_snat_det_set_timeouts_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_det_set_timeouts_reply_t *rmp;
+ int rv = 0;
+
+ sm->udp_timeout = ntohl (mp->udp);
+ sm->tcp_established_timeout = ntohl (mp->tcp_established);
+ sm->tcp_transitory_timeout = ntohl (mp->tcp_transitory);
+ sm->icmp_timeout = ntohl (mp->icmp);
+
+ REPLY_MACRO (VL_API_SNAT_DET_SET_TIMEOUTS_REPLY);
+}
+
+static void *vl_api_snat_det_set_timeouts_t_print
+ (vl_api_snat_det_set_timeouts_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_det_set_timeouts ");
+ s = format (s, "udp %d tcp_established %d tcp_transitory %d icmp %d\n",
+ ntohl (mp->udp),
+ ntohl (mp->tcp_established),
+ ntohl (mp->tcp_transitory), ntohl (mp->icmp));
+
+ FINISH;
+}
+
+static void
+vl_api_snat_det_get_timeouts_t_handler (vl_api_snat_det_get_timeouts_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_det_get_timeouts_reply_t *rmp;
+ int rv = 0;
+
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_SNAT_DET_GET_TIMEOUTS_REPLY,
+ ({
+ rmp->udp = htonl (sm->udp_timeout);
+ rmp->tcp_established = htonl (sm->tcp_established_timeout);
+ rmp->tcp_transitory = htonl (sm->tcp_transitory_timeout);
+ rmp->icmp = htonl (sm->icmp_timeout);
+ }))
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_snat_det_get_timeouts_t_print
+ (vl_api_snat_det_get_timeouts_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_det_get_timeouts");
+
+ FINISH;
+}
+
+static void
+ vl_api_snat_det_close_session_out_t_handler
+ (vl_api_snat_det_close_session_out_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_det_close_session_out_reply_t *rmp;
+ ip4_address_t out_addr, ext_addr, in_addr;
+ snat_det_out_key_t key;
+ snat_det_map_t *dm;
+ snat_det_session_t *ses;
+ int rv = 0;
+
+ clib_memcpy (&out_addr, mp->out_addr, 4);
+ clib_memcpy (&ext_addr, mp->ext_addr, 4);
+
+ dm = snat_det_map_by_out (sm, &out_addr);
+ if (!dm)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+ snat_det_reverse (dm, &ext_addr, ntohs (mp->out_port), &in_addr);
+ key.ext_host_addr = ext_addr;
+ key.ext_host_port = mp->ext_port;
+ key.out_port = mp->out_port;
+ ses = snat_det_get_ses_by_out (dm, &in_addr, key.as_u64);
+ if (!ses)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+ snat_det_ses_close (dm, ses);
+
+send_reply:
+ REPLY_MACRO (VL_API_SNAT_DET_CLOSE_SESSION_OUT_REPLY);
+}
+
+static void *vl_api_snat_det_close_session_out_t_print
+ (vl_api_snat_det_close_session_out_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_det_close_session_out ");
+ s = format (s, "out_addr %U out_port %d "
+ "ext_addr %U ext_port %d\n",
+ format_ip4_address, mp->out_addr, ntohs (mp->out_port),
+ format_ip4_address, mp->ext_addr, ntohs (mp->ext_port));
+
+ FINISH;
+}
+
+static void
+ vl_api_snat_det_close_session_in_t_handler
+ (vl_api_snat_det_close_session_in_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_det_close_session_in_reply_t *rmp;
+ ip4_address_t in_addr, ext_addr;
+ snat_det_out_key_t key;
+ snat_det_map_t *dm;
+ snat_det_session_t *ses;
+ int rv = 0;
+
+ clib_memcpy (&in_addr, mp->in_addr, 4);
+ clib_memcpy (&ext_addr, mp->ext_addr, 4);
+
+ dm = snat_det_map_by_user (sm, &in_addr);
+ if (!dm)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+ key.ext_host_addr = ext_addr;
+ key.ext_host_port = mp->ext_port;
+ ses = snat_det_find_ses_by_in (dm, &in_addr, mp->in_port, key);
+ if (!ses)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+ snat_det_ses_close (dm, ses);
+
+send_reply:
+ REPLY_MACRO (VL_API_SNAT_DET_CLOSE_SESSION_OUT_REPLY);
+}
+
+static void *vl_api_snat_det_close_session_in_t_print
+ (vl_api_snat_det_close_session_in_t * mp, void *handle)
+{
+ u8 *s;
+ s = format (0, "SCRIPT: snat_det_close_session_in ");
+ s = format (s, "in_addr %U in_port %d "
+ "ext_addr %U ext_port %d\n",
+ format_ip4_address, mp->in_addr, ntohs (mp->in_port),
+ format_ip4_address, mp->ext_addr, ntohs (mp->ext_port));
+
+ FINISH;
+}
+
+static void
+ send_snat_det_session_details
+ (snat_det_session_t * s, unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_snat_det_session_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_SNAT_DET_SESSION_DETAILS + sm->msg_id_base);
+ rmp->is_ip4 = 1;
+ rmp->in_port = s->in_port;
+ clib_memcpy (rmp->ext_addr, &s->out.ext_host_addr, 4);
+ rmp->ext_port = s->out.ext_host_port;
+ rmp->out_port = s->out.out_port;
+ rmp->state = s->state;
+ rmp->expire = ntohl (s->expire);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_snat_det_session_dump_t_handler (vl_api_snat_det_session_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ ip4_address_t user_addr;
+ snat_det_map_t *dm;
+ snat_det_session_t *s, empty_ses;
+ u16 i;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+ if (!mp->is_ip4)
+ return;
+
+ memset (&empty_ses, 0, sizeof (empty_ses));
+ clib_memcpy (&user_addr, mp->user_addr, 4);
+ dm = snat_det_map_by_user (sm, &user_addr);
+ if (!dm)
+ return;
+
+ s = dm->sessions + snat_det_user_ses_offset (&user_addr, dm->in_plen);
+ for (i = 0; i < SNAT_DET_SES_PER_USER; i++)
+ {
+ if (s->out.as_u64)
+ send_snat_det_session_details (s, q, mp->context);
+ s++;
+ }
+}
+
+static void *vl_api_snat_det_session_dump_t_print
+ (vl_api_snat_det_session_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_det_session_dump ");
+ s = format (s, "user_addr %U\n", format_ip4_address, mp->user_addr);
+
+ FINISH;
+}
+
+/******************************/
+/*** Common NAT plugin APIs ***/
+/******************************/
+
+static void
+vl_api_nat_control_ping_t_handler (vl_api_nat_control_ping_t * mp)
+{
+ vl_api_nat_control_ping_reply_t *rmp;
+ snat_main_t *sm = &snat_main;
+ int rv = 0;
+
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_NAT_CONTROL_PING_REPLY,
+ ({
+ rmp->vpe_pid = ntohl (getpid ());
+ }));
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_control_ping_t_print (vl_api_nat_control_ping_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_control_ping ");
+
+ FINISH;
+}
+
+static void
+vl_api_nat_show_config_t_handler (vl_api_nat_show_config_t * mp)
+{
+ vl_api_nat_show_config_reply_t *rmp;
+ snat_main_t *sm = &snat_main;
+ int rv = 0;
+
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_NAT_SHOW_CONFIG_REPLY,
+ ({
+ rmp->translation_buckets = htonl (sm->translation_buckets);
+ rmp->translation_memory_size = htonl (sm->translation_memory_size);
+ rmp->user_buckets = htonl (sm->user_buckets);
+ rmp->user_memory_size = htonl (sm->user_memory_size);
+ rmp->max_translations_per_user = htonl (sm->max_translations_per_user);
+ rmp->outside_vrf_id = htonl (sm->outside_vrf_id);
+ rmp->inside_vrf_id = htonl (sm->inside_vrf_id);
+ rmp->static_mapping_only = sm->static_mapping_only;
+ rmp->static_mapping_connection_tracking =
+ sm->static_mapping_connection_tracking;
+ rmp->deterministic = sm->deterministic;
+ }));
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_show_config_t_print (vl_api_nat_show_config_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_show_config ");
+
+ FINISH;
+}
+
+static void
+vl_api_nat_set_workers_t_handler (vl_api_nat_set_workers_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_snat_set_workers_reply_t *rmp;
+ int rv = 0;
+ uword *bitmap = 0;
+ u64 mask = clib_net_to_host_u64 (mp->worker_mask);
+
+ if (sm->num_workers < 2)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto send_reply;
+ }
+
+ bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask));
+ rv = snat_set_workers (bitmap);
+ clib_bitmap_free (bitmap);
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT_SET_WORKERS_REPLY);
+}
+
+static void *
+vl_api_nat_set_workers_t_print (vl_api_nat_set_workers_t * mp, void *handle)
+{
+ u8 *s;
+ uword *bitmap = 0;
+ u8 first = 1;
+ int i;
+ u64 mask = clib_net_to_host_u64 (mp->worker_mask);
+
+ s = format (0, "SCRIPT: nat_set_workers ");
+ bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask));
+ /* *INDENT-OFF* */
+ clib_bitmap_foreach (i, bitmap,
+ ({
+ if (first)
+ s = format (s, "%d", i);
+ else
+ s = format (s, ",%d", i);
+ first = 0;
+ }));
+ /* *INDENT-ON* */
+ clib_bitmap_free (bitmap);
+ FINISH;
+}
+
+static void
+send_nat_worker_details (u32 worker_index, unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat_worker_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+ vlib_worker_thread_t *w =
+ vlib_worker_threads + worker_index + sm->first_worker_index;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT_WORKER_DETAILS + sm->msg_id_base);
+ rmp->context = context;
+ rmp->worker_index = htonl (worker_index);
+ rmp->lcore_id = htonl (w->lcore_id);
+ strncpy ((char *) rmp->name, (char *) w->name, ARRAY_LEN (rmp->name) - 1);
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat_worker_dump_t_handler (vl_api_nat_worker_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ u32 *worker_index;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach (worker_index, sm->workers)
+ send_nat_worker_details(*worker_index, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_worker_dump_t_print (vl_api_nat_worker_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_worker_dump ");
+
+ FINISH;
+}
+
+static void
+vl_api_nat_ipfix_enable_disable_t_handler (vl_api_nat_ipfix_enable_disable_t *
+ mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_ipfix_enable_disable_reply_t *rmp;
+ int rv = 0;
+
+ rv = snat_ipfix_logging_enable_disable (mp->enable,
+ clib_host_to_net_u32
+ (mp->domain_id),
+ clib_host_to_net_u16
+ (mp->src_port));
+
+ REPLY_MACRO (VL_API_NAT_IPFIX_ENABLE_DISABLE_REPLY);
+}
+
+static void *
+vl_api_nat_ipfix_enable_disable_t_print (vl_api_nat_ipfix_enable_disable_t *
+ mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_ipfix_enable_disable ");
+ if (mp->domain_id)
+ s = format (s, "domain %d ", clib_net_to_host_u32 (mp->domain_id));
+ if (mp->src_port)
+ s = format (s, "src_port %d ", clib_net_to_host_u16 (mp->src_port));
+ if (!mp->enable)
+ s = format (s, "disable ");
+
+ FINISH;
+}
+
+/*************/
+/*** NAT44 ***/
+/*************/
+static void
+ vl_api_nat44_add_del_address_range_t_handler
+ (vl_api_nat44_add_del_address_range_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat44_add_del_address_range_reply_t *rmp;
+ ip4_address_t this_addr;
+ u32 start_host_order, end_host_order;
+ u32 vrf_id;
+ int i, count;
+ int rv = 0;
+ u32 *tmp;
+
+ if (sm->static_mapping_only)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto send_reply;
+ }
+
+ tmp = (u32 *) mp->first_ip_address;
+ start_host_order = clib_host_to_net_u32 (tmp[0]);
+ tmp = (u32 *) mp->last_ip_address;
+ end_host_order = clib_host_to_net_u32 (tmp[0]);
+
+ count = (end_host_order - start_host_order) + 1;
+
+ vrf_id = clib_host_to_net_u32 (mp->vrf_id);
+
+ if (count > 1024)
+ clib_warning ("%U - %U, %d addresses...",
+ format_ip4_address, mp->first_ip_address,
+ format_ip4_address, mp->last_ip_address, count);
+
+ memcpy (&this_addr.as_u8, mp->first_ip_address, 4);
+
+ for (i = 0; i < count; i++)
+ {
+ if (mp->is_add)
+ snat_add_address (sm, &this_addr, vrf_id);
+ else
+ rv = snat_del_address (sm, this_addr, 0);
+
+ if (rv)
+ goto send_reply;
+
+ increment_v4_address (&this_addr);
+ }
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT44_ADD_DEL_ADDRESS_RANGE_REPLY);
+}
+
+static void *vl_api_nat44_add_del_address_range_t_print
+ (vl_api_nat44_add_del_address_range_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_add_address_range ");
+ s = format (s, "%U ", format_ip4_address, mp->first_ip_address);
+ if (memcmp (mp->first_ip_address, mp->last_ip_address, 4))
+ {
+ s = format (s, " - %U ", format_ip4_address, mp->last_ip_address);
+ }
+ FINISH;
+}
+
+static void
+send_nat44_address_details (snat_address_t * a,
+ unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_nat44_address_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT44_ADDRESS_DETAILS + sm->msg_id_base);
+ clib_memcpy (rmp->ip_address, &(a->addr), 4);
+ if (a->fib_index != ~0)
+ {
+ fib_table_t *fib = fib_table_get (a->fib_index, FIB_PROTOCOL_IP4);
+ rmp->vrf_id = ntohl (fib->ft_table_id);
+ }
+ else
+ rmp->vrf_id = ~0;
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat44_address_dump_t_handler (vl_api_nat44_address_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_address_t *a;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach (a, sm->addresses)
+ send_nat44_address_details (a, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat44_address_dump_t_print (vl_api_nat44_address_dump_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_address_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_nat44_interface_add_del_feature_t_handler
+ (vl_api_nat44_interface_add_del_feature_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat44_interface_add_del_feature_reply_t *rmp;
+ u8 is_del = mp->is_add == 0;
+ u32 sw_if_index = ntohl (mp->sw_if_index);
+ int rv = 0;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ rv = snat_interface_add_del (sw_if_index, mp->is_inside, is_del);
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_FEATURE_REPLY);
+}
+
+static void *vl_api_nat44_interface_add_del_feature_t_print
+ (vl_api_nat44_interface_add_del_feature_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_interface_add_del_feature ");
+ s = format (s, "sw_if_index %d %s %s",
+ clib_host_to_net_u32 (mp->sw_if_index),
+ mp->is_inside ? "in" : "out", mp->is_add ? "" : "del");
+
+ FINISH;
+}
+
+static void
+send_nat44_interface_details (snat_interface_t * i,
+ unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_nat44_interface_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT44_INTERFACE_DETAILS + sm->msg_id_base);
+ rmp->sw_if_index = ntohl (i->sw_if_index);
+ rmp->is_inside = i->is_inside;
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat44_interface_dump_t_handler (vl_api_nat44_interface_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_interface_t *i;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ pool_foreach (i, sm->interfaces,
+ ({
+ send_nat44_interface_details(i, q, mp->context);
+ }));
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat44_interface_dump_t_print (vl_api_nat44_interface_dump_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_interface_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_nat44_interface_add_del_output_feature_t_handler
+ (vl_api_nat44_interface_add_del_output_feature_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat44_interface_add_del_output_feature_reply_t *rmp;
+ u8 is_del = mp->is_add == 0;
+ u32 sw_if_index = ntohl (mp->sw_if_index);
+ int rv = 0;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ rv = snat_interface_add_del_output_feature (sw_if_index, mp->is_inside,
+ is_del);
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ REPLY_MACRO (VL_API_NAT44_INTERFACE_ADD_DEL_OUTPUT_FEATURE_REPLY);
+}
+
+static void *vl_api_nat44_interface_add_del_output_feature_t_print
+ (vl_api_nat44_interface_add_del_output_feature_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_interface_add_del_output_feature ");
+ s = format (s, "sw_if_index %d %s %s",
+ clib_host_to_net_u32 (mp->sw_if_index),
+ mp->is_inside ? "in" : "out", mp->is_add ? "" : "del");
+
+ FINISH;
+}
+
+static void
+send_nat44_interface_output_feature_details (snat_interface_t * i,
+ unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat44_interface_output_feature_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_NAT44_INTERFACE_OUTPUT_FEATURE_DETAILS + sm->msg_id_base);
+ rmp->sw_if_index = ntohl (i->sw_if_index);
+ rmp->context = context;
+ rmp->is_inside = i->is_inside;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+ vl_api_nat44_interface_output_feature_dump_t_handler
+ (vl_api_nat44_interface_output_feature_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_interface_t *i;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ pool_foreach (i, sm->output_feature_interfaces,
+ ({
+ send_nat44_interface_output_feature_details(i, q, mp->context);
+ }));
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_nat44_interface_output_feature_dump_t_print
+ (vl_api_nat44_interface_output_feature_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_interface_output_feature_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_nat44_add_del_static_mapping_t_handler
+ (vl_api_nat44_add_del_static_mapping_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat44_add_del_static_mapping_reply_t *rmp;
+ ip4_address_t local_addr, external_addr;
+ u16 local_port = 0, external_port = 0;
+ u32 vrf_id, external_sw_if_index;
+ int rv = 0;
+ snat_protocol_t proto;
+
+ memcpy (&local_addr.as_u8, mp->local_ip_address, 4);
+ memcpy (&external_addr.as_u8, mp->external_ip_address, 4);
+ if (mp->addr_only == 0)
+ {
+ local_port = clib_net_to_host_u16 (mp->local_port);
+ external_port = clib_net_to_host_u16 (mp->external_port);
+ }
+ vrf_id = clib_net_to_host_u32 (mp->vrf_id);
+ external_sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
+ proto = ip_proto_to_snat_proto (mp->protocol);
+
+ rv = snat_add_static_mapping (local_addr, external_addr, local_port,
+ external_port, vrf_id, mp->addr_only,
+ external_sw_if_index, proto, mp->is_add);
+
+ REPLY_MACRO (VL_API_NAT44_ADD_DEL_STATIC_MAPPING_REPLY);
+}
+
+static void *vl_api_nat44_add_del_static_mapping_t_print
+ (vl_api_nat44_add_del_static_mapping_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_add_del_static_mapping ");
+ s = format (s, "protocol %d local_addr %U external_addr %U ",
+ mp->protocol,
+ format_ip4_address, mp->local_ip_address,
+ format_ip4_address, mp->external_ip_address);
+
+ if (mp->addr_only == 0)
+ s = format (s, "local_port %d external_port %d ",
+ clib_net_to_host_u16 (mp->local_port),
+ clib_net_to_host_u16 (mp->external_port));
+
+ if (mp->vrf_id != ~0)
+ s = format (s, "vrf %d", clib_net_to_host_u32 (mp->vrf_id));
+
+ if (mp->external_sw_if_index != ~0)
+ s = format (s, "external_sw_if_index %d",
+ clib_net_to_host_u32 (mp->external_sw_if_index));
+ FINISH;
+}
+
+static void
+send_nat44_static_mapping_details (snat_static_mapping_t * m,
+ unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat44_static_mapping_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
+ rmp->addr_only = m->addr_only;
+ clib_memcpy (rmp->local_ip_address, &(m->local_addr), 4);
+ clib_memcpy (rmp->external_ip_address, &(m->external_addr), 4);
+ rmp->local_port = htons (m->local_port);
+ rmp->external_port = htons (m->external_port);
+ rmp->external_sw_if_index = ~0;
+ rmp->vrf_id = htonl (m->vrf_id);
+ rmp->protocol = snat_proto_to_ip_proto (m->proto);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+send_nat44_static_map_resolve_details (snat_static_map_resolve_t * m,
+ unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat44_static_mapping_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
+ rmp->addr_only = m->addr_only;
+ clib_memcpy (rmp->local_ip_address, &(m->l_addr), 4);
+ rmp->local_port = htons (m->l_port);
+ rmp->external_port = htons (m->e_port);
+ rmp->external_sw_if_index = htonl (m->sw_if_index);
+ rmp->vrf_id = htonl (m->vrf_id);
+ rmp->protocol = snat_proto_to_ip_proto (m->proto);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat44_static_mapping_dump_t_handler (vl_api_nat44_static_mapping_dump_t
+ * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_static_mapping_t *m;
+ snat_static_map_resolve_t *rp;
+ int j;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ pool_foreach (m, sm->static_mappings,
+ ({
+ send_nat44_static_mapping_details (m, q, mp->context);
+ }));
+ /* *INDENT-ON* */
+
+ for (j = 0; j < vec_len (sm->to_resolve); j++)
+ {
+ rp = sm->to_resolve + j;
+ send_nat44_static_map_resolve_details (rp, q, mp->context);
+ }
+}
+
+static void *
+vl_api_nat44_static_mapping_dump_t_print (vl_api_nat44_static_mapping_dump_t *
+ mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_static_mapping_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_nat44_add_del_interface_addr_t_handler
+ (vl_api_nat44_add_del_interface_addr_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat44_add_del_interface_addr_reply_t *rmp;
+ u8 is_del = mp->is_add == 0;
+ u32 sw_if_index = ntohl (mp->sw_if_index);
+ int rv = 0;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ rv = snat_add_interface_address (sm, sw_if_index, is_del);
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ REPLY_MACRO (VL_API_NAT44_ADD_DEL_INTERFACE_ADDR_REPLY);
+}
+
+static void *vl_api_nat44_add_del_interface_addr_t_print
+ (vl_api_nat44_add_del_interface_addr_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_add_del_interface_addr ");
+ s = format (s, "sw_if_index %d %s",
+ clib_host_to_net_u32 (mp->sw_if_index),
+ mp->is_add ? "" : "del");
+
+ FINISH;
+}
+
+static void
+send_nat44_interface_addr_details (u32 sw_if_index,
+ unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat44_interface_addr_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_NAT44_INTERFACE_ADDR_DETAILS + sm->msg_id_base);
+ rmp->sw_if_index = ntohl (sw_if_index);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat44_interface_addr_dump_t_handler (vl_api_nat44_interface_addr_dump_t
+ * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ u32 *i;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach (i, sm->auto_add_sw_if_indices)
+ send_nat44_interface_addr_details(*i, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat44_interface_addr_dump_t_print (vl_api_nat44_interface_addr_dump_t *
+ mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_interface_addr_dump ");
+
+ FINISH;
+}
+
+static void
+send_nat44_user_details (snat_user_t * u, unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat44_user_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+ fib_table_t *fib = fib_table_get (u->fib_index, FIB_PROTOCOL_IP4);
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT44_USER_DETAILS + sm->msg_id_base);
+
+ rmp->vrf_id = ntohl (fib->ft_table_id);
+
+ clib_memcpy (rmp->ip_address, &(u->addr), 4);
+ rmp->nsessions = ntohl (u->nsessions);
+ rmp->nstaticsessions = ntohl (u->nstaticsessions);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat44_user_dump_t_handler (vl_api_nat44_user_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_main_per_thread_data_t *tsm;
+ snat_user_t *u;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach (tsm, sm->per_thread_data)
+ vec_foreach (u, tsm->users)
+ send_nat44_user_details (u, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat44_user_dump_t_print (vl_api_nat44_user_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_user_dump ");
+
+ FINISH;
+}
+
+static void
+send_nat44_user_session_details (snat_session_t * s,
+ unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_nat44_user_session_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id =
+ ntohs (VL_API_NAT44_USER_SESSION_DETAILS + sm->msg_id_base);
+ clib_memcpy (rmp->outside_ip_address, (&s->out2in.addr), 4);
+ clib_memcpy (rmp->inside_ip_address, (&s->in2out.addr), 4);
+ rmp->is_static = s->flags & SNAT_SESSION_FLAG_STATIC_MAPPING ? 1 : 0;
+ rmp->last_heard = clib_host_to_net_u64 ((u64) s->last_heard);
+ rmp->total_bytes = clib_host_to_net_u64 (s->total_bytes);
+ rmp->total_pkts = ntohl (s->total_pkts);
+ rmp->context = context;
+ if (snat_is_unk_proto_session (s))
+ {
+ rmp->outside_port = 0;
+ rmp->inside_port = 0;
+ rmp->protocol = ntohs (s->in2out.port);
+ }
+ else
+ {
+ rmp->outside_port = s->out2in.port;
+ rmp->inside_port = s->in2out.port;
+ rmp->protocol = ntohs (snat_proto_to_ip_proto (s->in2out.protocol));
+ }
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat44_user_session_dump_t_handler (vl_api_nat44_user_session_dump_t *
+ mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_main_per_thread_data_t *tsm;
+ snat_session_t *s;
+ clib_bihash_kv_8_8_t key, value;
+ snat_user_key_t ukey;
+ snat_user_t *u;
+ u32 session_index, head_index, elt_index;
+ dlist_elt_t *head, *elt;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ clib_memcpy (&ukey.addr, mp->ip_address, 4);
+ ukey.fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->vrf_id));
+ key.key = ukey.as_u64;
+ if (!clib_bihash_search_8_8 (&sm->worker_by_in, &key, &value))
+ tsm = vec_elt_at_index (sm->per_thread_data, value.value);
+ else
+ tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
+ if (clib_bihash_search_8_8 (&sm->user_hash, &key, &value))
+ return;
+ u = pool_elt_at_index (tsm->users, value.value);
+ if (!u->nsessions && !u->nstaticsessions)
+ return;
+
+ head_index = u->sessions_per_user_list_head_index;
+ head = pool_elt_at_index (tsm->list_pool, head_index);
+ elt_index = head->next;
+ elt = pool_elt_at_index (tsm->list_pool, elt_index);
+ session_index = elt->value;
+ while (session_index != ~0)
+ {
+ s = pool_elt_at_index (tsm->sessions, session_index);
+
+ send_nat44_user_session_details (s, q, mp->context);
+
+ elt_index = elt->next;
+ elt = pool_elt_at_index (tsm->list_pool, elt_index);
+ session_index = elt->value;
+ }
+}
+
+static void *
+vl_api_nat44_user_session_dump_t_print (vl_api_nat44_user_session_dump_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat44_user_session_dump ");
+ s = format (s, "ip_address %U vrf_id %d\n",
+ format_ip4_address, mp->ip_address,
+ clib_net_to_host_u32 (mp->vrf_id));
+
+ FINISH;
+}
+
+/*******************************/
+/*** Deterministic NAT (CGN) ***/
+/*******************************/
+
+static void
+vl_api_nat_det_add_del_map_t_handler (vl_api_nat_det_add_del_map_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_add_del_map_reply_t *rmp;
+ int rv = 0;
+ ip4_address_t in_addr, out_addr;
+
+ if (!mp->is_nat44)
+ {
+ rv = VNET_API_ERROR_UNIMPLEMENTED;
+ goto send_reply;
+ }
+
+ clib_memcpy (&in_addr, mp->in_addr, 4);
+ clib_memcpy (&out_addr, mp->out_addr, 4);
+ rv = snat_det_add_map (sm, &in_addr, mp->in_plen, &out_addr,
+ mp->out_plen, mp->is_add);
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT_DET_ADD_DEL_MAP_REPLY);
+}
+
+static void *
+vl_api_nat_det_add_del_map_t_print (vl_api_nat_det_add_del_map_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_add_del_map ");
+ s = format (s, "inside address %U/%d outside address %U/%d\n",
+ format_ip4_address, mp->in_addr, mp->in_plen,
+ format_ip4_address, mp->out_addr, mp->out_plen);
+
+ FINISH;
+}
+
+static void
+vl_api_nat_det_forward_t_handler (vl_api_nat_det_forward_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_forward_reply_t *rmp;
+ int rv = 0;
+ u16 lo_port = 0, hi_port = 0;
+ snat_det_map_t *dm;
+ ip4_address_t in_addr, out_addr;
+
+ if (!mp->is_nat44)
+ {
+ out_addr.as_u32 = 0;
+ rv = VNET_API_ERROR_UNIMPLEMENTED;
+ goto send_reply;
+ }
+
+ out_addr.as_u32 = 0;
+ clib_memcpy (&in_addr, mp->in_addr, 4);
+ dm = snat_det_map_by_user (sm, &in_addr);
+ if (!dm)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+
+ snat_det_forward (dm, &in_addr, &out_addr, &lo_port);
+ hi_port = lo_port + dm->ports_per_host - 1;
+
+send_reply:
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_NAT_DET_FORWARD_REPLY,
+ ({
+ rmp->out_port_lo = ntohs (lo_port);
+ rmp->out_port_hi = ntohs (hi_port);
+ clib_memcpy (rmp->out_addr, &out_addr, 4);
+ }))
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_det_forward_t_print (vl_api_nat_det_forward_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_forward");
+ s = format (s, "inside ip address %U\n", format_ip4_address, mp->in_addr);
+
+ FINISH;
+}
+
+static void
+vl_api_nat_det_reverse_t_handler (vl_api_nat_det_reverse_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_reverse_reply_t *rmp;
+ int rv = 0;
+ ip4_address_t out_addr, in_addr;
+ snat_det_map_t *dm;
+
+ in_addr.as_u32 = 0;
+ clib_memcpy (&out_addr, mp->out_addr, 4);
+ dm = snat_det_map_by_out (sm, &out_addr);
+ if (!dm)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+
+ snat_det_reverse (dm, &out_addr, htons (mp->out_port), &in_addr);
+
+send_reply:
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_NAT_DET_REVERSE_REPLY,
+ ({
+ rmp->is_nat44 = 1;
+ memset (rmp->in_addr, 0, 16);
+ clib_memcpy (rmp->in_addr, &in_addr, 4);
+ }))
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_det_reverse_t_print (vl_api_nat_det_reverse_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_reverse");
+ s = format (s, "outside ip address %U outside port %d",
+ format_ip4_address, mp->out_addr, ntohs (mp->out_port));
+
+ FINISH;
+}
+
+static void
+sent_nat_det_map_details (snat_det_map_t * m, unix_shared_memory_queue_t * q,
+ u32 context)
+{
+ vl_api_nat_det_map_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT_DET_MAP_DETAILS + sm->msg_id_base);
+ rmp->is_nat44 = 1;
+ clib_memcpy (rmp->in_addr, &m->in_addr, 4);
+ rmp->in_plen = m->in_plen;
+ clib_memcpy (rmp->out_addr, &m->out_addr, 4);
+ rmp->out_plen = m->out_plen;
+ rmp->sharing_ratio = htonl (m->sharing_ratio);
+ rmp->ports_per_host = htons (m->ports_per_host);
+ rmp->ses_num = htonl (m->ses_num);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat_det_map_dump_t_handler (vl_api_nat_det_map_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ snat_det_map_t *m;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ /* *INDENT-OFF* */
+ vec_foreach(m, sm->det_maps)
+ sent_nat_det_map_details(m, q, mp->context);
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_det_map_dump_t_print (vl_api_nat_det_map_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_map_dump ");
+
+ FINISH;
+}
+
+static void
+vl_api_nat_det_set_timeouts_t_handler (vl_api_nat_det_set_timeouts_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_set_timeouts_reply_t *rmp;
+ int rv = 0;
+
+ sm->udp_timeout = ntohl (mp->udp);
+ sm->tcp_established_timeout = ntohl (mp->tcp_established);
+ sm->tcp_transitory_timeout = ntohl (mp->tcp_transitory);
+ sm->icmp_timeout = ntohl (mp->icmp);
+
+ REPLY_MACRO (VL_API_NAT_DET_SET_TIMEOUTS_REPLY);
+}
+
+static void *
+vl_api_nat_det_set_timeouts_t_print (vl_api_nat_det_set_timeouts_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_set_timeouts ");
+ s = format (s, "udp %d tcp_established %d tcp_transitory %d icmp %d\n",
+ ntohl (mp->udp),
+ ntohl (mp->tcp_established),
+ ntohl (mp->tcp_transitory), ntohl (mp->icmp));
+
+ FINISH;
+}
+
+static void
+vl_api_nat_det_get_timeouts_t_handler (vl_api_nat_det_get_timeouts_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_get_timeouts_reply_t *rmp;
+ int rv = 0;
+
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_NAT_DET_GET_TIMEOUTS_REPLY,
+ ({
+ rmp->udp = htonl (sm->udp_timeout);
+ rmp->tcp_established = htonl (sm->tcp_established_timeout);
+ rmp->tcp_transitory = htonl (sm->tcp_transitory_timeout);
+ rmp->icmp = htonl (sm->icmp_timeout);
+ }))
+ /* *INDENT-ON* */
+}
+
+static void *
+vl_api_nat_det_get_timeouts_t_print (vl_api_nat_det_get_timeouts_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_get_timeouts");
+
+ FINISH;
+}
+
+static void
+vl_api_nat_det_close_session_out_t_handler (vl_api_nat_det_close_session_out_t
+ * mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_close_session_out_reply_t *rmp;
+ ip4_address_t out_addr, ext_addr, in_addr;
+ snat_det_out_key_t key;
+ snat_det_map_t *dm;
+ snat_det_session_t *ses;
+ int rv = 0;
+
+ clib_memcpy (&out_addr, mp->out_addr, 4);
+ clib_memcpy (&ext_addr, mp->ext_addr, 4);
+
+ dm = snat_det_map_by_out (sm, &out_addr);
+ if (!dm)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+ snat_det_reverse (dm, &ext_addr, ntohs (mp->out_port), &in_addr);
+ key.ext_host_addr = ext_addr;
+ key.ext_host_port = mp->ext_port;
+ key.out_port = mp->out_port;
+ ses = snat_det_get_ses_by_out (dm, &in_addr, key.as_u64);
+ if (!ses)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+ snat_det_ses_close (dm, ses);
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT_DET_CLOSE_SESSION_OUT_REPLY);
+}
+
+static void *
+vl_api_nat_det_close_session_out_t_print (vl_api_nat_det_close_session_out_t *
+ mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_close_session_out ");
+ s = format (s, "out_addr %U out_port %d "
+ "ext_addr %U ext_port %d\n",
+ format_ip4_address, mp->out_addr, ntohs (mp->out_port),
+ format_ip4_address, mp->ext_addr, ntohs (mp->ext_port));
+
+ FINISH;
+}
+
+static void
+vl_api_nat_det_close_session_in_t_handler (vl_api_nat_det_close_session_in_t *
+ mp)
+{
+ snat_main_t *sm = &snat_main;
+ vl_api_nat_det_close_session_in_reply_t *rmp;
+ ip4_address_t in_addr, ext_addr;
+ snat_det_out_key_t key;
+ snat_det_map_t *dm;
+ snat_det_session_t *ses;
+ int rv = 0;
+
+ if (!mp->is_nat44)
+ {
+ rv = VNET_API_ERROR_UNIMPLEMENTED;
+ goto send_reply;
+ }
+
+ clib_memcpy (&in_addr, mp->in_addr, 4);
+ clib_memcpy (&ext_addr, mp->ext_addr, 4);
+
+ dm = snat_det_map_by_user (sm, &in_addr);
+ if (!dm)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+ key.ext_host_addr = ext_addr;
+ key.ext_host_port = mp->ext_port;
+ ses = snat_det_find_ses_by_in (dm, &in_addr, mp->in_port, key);
+ if (!ses)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+ goto send_reply;
+ }
+ snat_det_ses_close (dm, ses);
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT_DET_CLOSE_SESSION_OUT_REPLY);
+}
+
+static void *
+vl_api_nat_det_close_session_in_t_print (vl_api_nat_det_close_session_in_t *
+ mp, void *handle)
+{
+ u8 *s;
+ s = format (0, "SCRIPT: nat_det_close_session_in ");
+ s = format (s, "in_addr %U in_port %d ext_addr %U ext_port %d\n",
+ format_ip4_address, mp->in_addr, ntohs (mp->in_port),
+ format_ip4_address, mp->ext_addr, ntohs (mp->ext_port));
+
+ FINISH;
+}
+
+static void
+send_nat_det_session_details (snat_det_session_t * s,
+ unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_nat_det_session_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT_DET_SESSION_DETAILS + sm->msg_id_base);
+ rmp->in_port = s->in_port;
+ clib_memcpy (rmp->ext_addr, &s->out.ext_host_addr, 4);
+ rmp->ext_port = s->out.ext_host_port;
+ rmp->out_port = s->out.out_port;
+ rmp->state = s->state;
+ rmp->expire = ntohl (s->expire);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_nat_det_session_dump_t_handler (vl_api_nat_det_session_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ snat_main_t *sm = &snat_main;
+ ip4_address_t user_addr;
+ snat_det_map_t *dm;
+ snat_det_session_t *s, empty_ses;
+ u16 i;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+ if (!mp->is_nat44)
+ return;
+
+ memset (&empty_ses, 0, sizeof (empty_ses));
+ clib_memcpy (&user_addr, mp->user_addr, 4);
+ dm = snat_det_map_by_user (sm, &user_addr);
+ if (!dm)
+ return;
+
+ s = dm->sessions + snat_det_user_ses_offset (&user_addr, dm->in_plen);
+ for (i = 0; i < SNAT_DET_SES_PER_USER; i++)
+ {
+ if (s->out.as_u64)
+ send_nat_det_session_details (s, q, mp->context);
+ s++;
+ }
+}
+
+static void *
+vl_api_nat_det_session_dump_t_print (vl_api_nat_det_session_dump_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat_det_session_dump ");
+ s = format (s, "user_addr %U\n", format_ip4_address, mp->user_addr);
+
+ FINISH;
+}
+
+/*************/
+/*** NAT64 ***/
+/*************/
+
+static void
+ vl_api_nat64_add_del_pool_addr_range_t_handler
+ (vl_api_nat64_add_del_pool_addr_range_t * mp)
+{
+ vl_api_nat64_add_del_pool_addr_range_reply_t *rmp;
+ snat_main_t *sm = &snat_main;
+ nat64_main_t *nm = &nat64_main;
+ int rv = 0;
+ ip4_address_t this_addr;
+ u32 start_host_order, end_host_order;
+ u32 vrf_id;
+ int i, count;
+ u32 *tmp;
+
+ if (nm->is_disabled)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto send_reply;
+ }
+
+ tmp = (u32 *) mp->start_addr;
+ start_host_order = clib_host_to_net_u32 (tmp[0]);
+ tmp = (u32 *) mp->end_addr;
+ end_host_order = clib_host_to_net_u32 (tmp[0]);
+
+ count = (end_host_order - start_host_order) + 1;
+
+ vrf_id = clib_host_to_net_u32 (mp->vrf_id);
+
+ memcpy (&this_addr.as_u8, mp->start_addr, 4);
+
+ for (i = 0; i < count; i++)
+ {
+ if ((rv = nat64_add_del_pool_addr (&this_addr, vrf_id, mp->is_add)))
+ goto send_reply;
+
+ increment_v4_address (&this_addr);
+ }
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT64_ADD_DEL_POOL_ADDR_RANGE_REPLY);
+}
+
+static void *vl_api_nat64_add_del_pool_addr_range_t_print
+ (vl_api_nat64_add_del_pool_addr_range_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat64_add_del_pool_addr_range ");
+ s = format (s, "%U - %U vrf_id %u %s\n",
+ format_ip4_address, mp->start_addr,
+ format_ip4_address, mp->end_addr,
+ ntohl (mp->vrf_id), mp->is_add ? "" : "del");
+
+ FINISH;
+}
+
+typedef struct nat64_api_walk_ctx_t_
+{
+ unix_shared_memory_queue_t *q;
+ u32 context;
+} nat64_api_walk_ctx_t;
+
+static int
+nat64_api_pool_walk (snat_address_t * a, void *arg)
+{
+ vl_api_nat64_pool_addr_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+ nat64_api_walk_ctx_t *ctx = arg;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT64_POOL_ADDR_DETAILS + sm->msg_id_base);
+ clib_memcpy (rmp->address, &(a->addr), 4);
+ if (a->fib_index != ~0)
+ {
+ fib_table_t *fib = fib_table_get (a->fib_index, FIB_PROTOCOL_IP6);
+ if (!fib)
+ return -1;
+ rmp->vrf_id = ntohl (fib->ft_table_id);
+ }
+ else
+ rmp->vrf_id = ~0;
+ rmp->context = ctx->context;
+
+ vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp);
+
+ return 0;
+}
+
+static void
+vl_api_nat64_pool_addr_dump_t_handler (vl_api_nat64_pool_addr_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ nat64_main_t *nm = &nat64_main;
+
+ if (nm->is_disabled)
+ return;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ nat64_api_walk_ctx_t ctx = {
+ .q = q,
+ .context = mp->context,
+ };
+
+ nat64_pool_addr_walk (nat64_api_pool_walk, &ctx);
+}
+
+static void *
+vl_api_nat64_pool_addr_dump_t_print (vl_api_nat64_pool_addr_dump_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat64_pool_addr_dump\n");
+
+ FINISH;
+}
+
+static void
+vl_api_nat64_add_del_interface_t_handler (vl_api_nat64_add_del_interface_t *
+ mp)
+{
+ snat_main_t *sm = &snat_main;
+ nat64_main_t *nm = &nat64_main;
+ vl_api_nat64_add_del_interface_reply_t *rmp;
+ int rv = 0;
+
+ if (nm->is_disabled)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto send_reply;
+ }
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ rv =
+ nat64_add_del_interface (ntohl (mp->sw_if_index), mp->is_inside,
+ mp->is_add);
+
+ BAD_SW_IF_INDEX_LABEL;
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT64_ADD_DEL_INTERFACE_REPLY);
+}
+
+static void *
+vl_api_nat64_add_del_interface_t_print (vl_api_nat64_add_del_interface_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat64_add_del_interface ");
+ s = format (s, "sw_if_index %d %s %s",
+ clib_host_to_net_u32 (mp->sw_if_index),
+ mp->is_inside ? "in" : "out", mp->is_add ? "" : "del");
+
+ FINISH;
+}
+
+static int
+nat64_api_interface_walk (snat_interface_t * i, void *arg)
+{
+ vl_api_nat64_interface_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+ nat64_api_walk_ctx_t *ctx = arg;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT64_INTERFACE_DETAILS + sm->msg_id_base);
+ rmp->sw_if_index = ntohl (i->sw_if_index);
+ rmp->is_inside = i->is_inside;
+ rmp->context = ctx->context;
+
+ vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp);
+
+ return 0;
+}
+
+static void
+vl_api_nat64_interface_dump_t_handler (vl_api_nat64_interface_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ nat64_main_t *nm = &nat64_main;
+
+ if (nm->is_disabled)
+ return;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ nat64_api_walk_ctx_t ctx = {
+ .q = q,
+ .context = mp->context,
+ };
+
+ nat64_interfaces_walk (nat64_api_interface_walk, &ctx);
+}
+
+static void *
+vl_api_nat64_interface_dump_t_print (vl_api_nat64_interface_dump_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_interface_dump ");
+
+ FINISH;
+}
+
+static void
+ vl_api_nat64_add_del_static_bib_t_handler
+ (vl_api_nat64_add_del_static_bib_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ nat64_main_t *nm = &nat64_main;
+ vl_api_nat64_add_del_static_bib_reply_t *rmp;
+ ip6_address_t in_addr;
+ ip4_address_t out_addr;
+ int rv = 0;
+
+ if (nm->is_disabled)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto send_reply;
+ }
+
+ memcpy (&in_addr.as_u8, mp->i_addr, 16);
+ memcpy (&out_addr.as_u8, mp->o_addr, 4);
+
+ rv =
+ nat64_add_del_static_bib_entry (&in_addr, &out_addr,
+ clib_net_to_host_u16 (mp->i_port),
+ clib_net_to_host_u16 (mp->o_port),
+ mp->proto,
+ clib_net_to_host_u32 (mp->vrf_id),
+ mp->is_add);
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT64_ADD_DEL_STATIC_BIB_REPLY);
+}
+
+static void *vl_api_nat64_add_del_static_bib_t_print
+ (vl_api_nat64_add_del_static_bib_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat64_add_del_static_bib ");
+ s = format (s, "protocol %d i_addr %U o_addr %U ",
+ mp->proto,
+ format_ip6_address, mp->i_addr, format_ip4_address, mp->o_addr);
+
+ if (mp->vrf_id != ~0)
+ s = format (s, "vrf %d", clib_net_to_host_u32 (mp->vrf_id));
+
+ FINISH;
+}
+
+static int
+nat64_api_bib_walk (nat64_db_bib_entry_t * bibe, void *arg)
+{
+ vl_api_nat64_bib_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+ nat64_api_walk_ctx_t *ctx = arg;
+ fib_table_t *fib;
+
+ fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6);
+ if (!fib)
+ return -1;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT64_BIB_DETAILS + sm->msg_id_base);
+ rmp->context = ctx->context;
+ clib_memcpy (rmp->i_addr, &(bibe->in_addr), 16);
+ clib_memcpy (rmp->o_addr, &(bibe->out_addr), 4);
+ rmp->i_port = bibe->in_port;
+ rmp->o_port = bibe->out_port;
+ rmp->vrf_id = ntohl (fib->ft_table_id);
+ rmp->proto = bibe->proto;
+ rmp->is_static = bibe->is_static;
+ rmp->ses_num = ntohl (bibe->ses_num);
+
+ vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp);
+
+ return 0;
+}
+
+static void
+vl_api_nat64_bib_dump_t_handler (vl_api_nat64_bib_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ nat64_main_t *nm = &nat64_main;
+
+ if (nm->is_disabled)
+ return;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ nat64_api_walk_ctx_t ctx = {
+ .q = q,
+ .context = mp->context,
+ };
+
+ nat64_db_bib_walk (&nm->db, mp->proto, nat64_api_bib_walk, &ctx);
+}
+
+static void *
+vl_api_nat64_bib_dump_t_print (vl_api_nat64_bib_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_bib_dump protocol %d", mp->proto);
+
+ FINISH;
+}
+
+static void
+vl_api_nat64_set_timeouts_t_handler (vl_api_nat64_set_timeouts_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ nat64_main_t *nm = &nat64_main;
+ vl_api_nat64_set_timeouts_reply_t *rmp;
+ int rv = 0;
+
+ if (nm->is_disabled)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto send_reply;
+ }
+
+ rv = nat64_set_icmp_timeout (ntohl (mp->icmp));
+ if (rv)
+ goto send_reply;
+ rv = nat64_set_udp_timeout (ntohl (mp->udp));
+ if (rv)
+ goto send_reply;
+ rv =
+ nat64_set_tcp_timeouts (ntohl (mp->tcp_trans), ntohl (mp->tcp_est),
+ ntohl (mp->tcp_incoming_syn));
+
+send_reply:
+ REPLY_MACRO (VL_API_NAT64_SET_TIMEOUTS_REPLY);
+}
+
+static void *vl_api_nat64_set_timeouts_t_print
+ (vl_api_nat64_set_timeouts_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat64_set_timeouts ");
+ s =
+ format (s,
+ "udp %d icmp %d, tcp_trans %d, tcp_est %d, tcp_incoming_syn %d\n",
+ ntohl (mp->udp), ntohl (mp->icmp), ntohl (mp->tcp_trans),
+ ntohl (mp->tcp_est), ntohl (mp->tcp_incoming_syn));
+
+ FINISH;
+}
+
+static void
+vl_api_nat64_get_timeouts_t_handler (vl_api_nat64_get_timeouts_t * mp)
+{
+ snat_main_t *sm = &snat_main;
+ nat64_main_t *nm = &nat64_main;
+ vl_api_nat64_get_timeouts_reply_t *rmp;
+ int rv = 0;
+
+ if (nm->is_disabled)
+ return;
+
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_NAT64_GET_TIMEOUTS_REPLY,
+ ({
+ rmp->udp = htonl (nat64_get_udp_timeout());
+ rmp->icmp = htonl (nat64_get_icmp_timeout());
+ rmp->tcp_trans = htonl (nat64_get_tcp_trans_timeout());
+ rmp->tcp_est = htonl (nat64_get_tcp_est_timeout());
+ rmp->tcp_incoming_syn = htonl (nat64_get_tcp_incoming_syn_timeout());
+ }))
+ /* *INDENT-ON* */
+}
+
+static void *vl_api_nat64_get_timeouts_t_print
+ (vl_api_nat64_get_timeouts_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat64_get_timeouts");
+
+ FINISH;
+}
+
+static int
+nat64_api_st_walk (nat64_db_st_entry_t * ste, void *arg)
+{
+ vl_api_nat64_st_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+ nat64_api_walk_ctx_t *ctx = arg;
+ nat64_main_t *nm = &nat64_main;
+ nat64_db_bib_entry_t *bibe;
+ fib_table_t *fib;
+
+ bibe = nat64_db_bib_entry_by_index (&nm->db, ste->proto, ste->bibe_index);
+ if (!bibe)
+ return -1;
+
+ fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6);
+ if (!fib)
+ return -1;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT64_ST_DETAILS + sm->msg_id_base);
+ rmp->context = ctx->context;
+ clib_memcpy (rmp->il_addr, &(bibe->in_addr), 16);
+ clib_memcpy (rmp->ol_addr, &(bibe->out_addr), 4);
+ rmp->il_port = bibe->in_port;
+ rmp->ol_port = bibe->out_port;
+ clib_memcpy (rmp->ir_addr, &(ste->in_r_addr), 16);
+ clib_memcpy (rmp->or_addr, &(ste->out_r_addr), 4);
+ rmp->il_port = ste->r_port;
+ rmp->vrf_id = ntohl (fib->ft_table_id);
+ rmp->proto = ste->proto;
+
+ vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp);
+
+ return 0;
+}
+
+static void
+vl_api_nat64_st_dump_t_handler (vl_api_nat64_st_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ nat64_main_t *nm = &nat64_main;
+
+ if (nm->is_disabled)
+ return;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ nat64_api_walk_ctx_t ctx = {
+ .q = q,
+ .context = mp->context,
+ };
+
+ nat64_db_st_walk (&nm->db, mp->proto, nat64_api_st_walk, &ctx);
+}
+
+static void *
+vl_api_nat64_st_dump_t_print (vl_api_nat64_st_dump_t * mp, void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: snat_st_dump protocol %d", mp->proto);
+
+ FINISH;
+}
+
+static void
+vl_api_nat64_add_del_prefix_t_handler (vl_api_nat64_add_del_prefix_t * mp)
+{
+ vl_api_nat64_add_del_prefix_reply_t *rmp;
+ snat_main_t *sm = &snat_main;
+ nat64_main_t *nm = &nat64_main;
+ ip6_address_t prefix;
+ int rv = 0;
+
+ if (nm->is_disabled)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto send_reply;
+ }
+
+ memcpy (&prefix.as_u8, mp->prefix, 16);
+
+ rv =
+ nat64_add_del_prefix (&prefix, mp->prefix_len,
+ clib_net_to_host_u32 (mp->vrf_id), mp->is_add);
+send_reply:
+ REPLY_MACRO (VL_API_NAT64_ADD_DEL_PREFIX_REPLY);
+}
+
+static void *
+vl_api_nat64_add_del_prefix_t_print (vl_api_nat64_add_del_prefix_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat64_add_del_prefix %U/%u vrf_id %u %s\n",
+ format_ip6_address, mp->prefix, mp->prefix_len,
+ ntohl (mp->vrf_id), mp->is_add ? "" : "del");
+
+ FINISH;
+}
+
+static int
+nat64_api_prefix_walk (nat64_prefix_t * p, void *arg)
+{
+ vl_api_nat64_prefix_details_t *rmp;
+ snat_main_t *sm = &snat_main;
+ nat64_api_walk_ctx_t *ctx = arg;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_NAT64_PREFIX_DETAILS + sm->msg_id_base);
+ clib_memcpy (rmp->prefix, &(p->prefix), 16);
+ rmp->prefix_len = p->plen;
+ rmp->vrf_id = ntohl (p->vrf_id);
+ rmp->context = ctx->context;
+
+ vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp);
+
+ return 0;
+}
+
+static void
+vl_api_nat64_prefix_dump_t_handler (vl_api_nat64_prefix_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ nat64_main_t *nm = &nat64_main;
+
+ if (nm->is_disabled)
+ return;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ return;
+
+ nat64_api_walk_ctx_t ctx = {
+ .q = q,
+ .context = mp->context,
+ };
+
+ nat64_prefix_walk (nat64_api_prefix_walk, &ctx);
+}
+
+static void *
+vl_api_nat64_prefix_dump_t_print (vl_api_nat64_prefix_dump_t * mp,
+ void *handle)
+{
+ u8 *s;
+
+ s = format (0, "SCRIPT: nat64_prefix_dump\n");
+
+ FINISH;
+}
+
+/* List of message types that this plugin understands */
+#define foreach_snat_plugin_api_msg \
+_(SNAT_ADD_ADDRESS_RANGE, snat_add_address_range) \
+_(SNAT_INTERFACE_ADD_DEL_FEATURE, snat_interface_add_del_feature) \
+_(SNAT_ADD_STATIC_MAPPING, snat_add_static_mapping) \
+_(SNAT_CONTROL_PING, snat_control_ping) \
+_(SNAT_STATIC_MAPPING_DUMP, snat_static_mapping_dump) \
+_(SNAT_SHOW_CONFIG, snat_show_config) \
+_(SNAT_ADDRESS_DUMP, snat_address_dump) \
+_(SNAT_INTERFACE_DUMP, snat_interface_dump) \
+_(SNAT_SET_WORKERS, snat_set_workers) \
+_(SNAT_WORKER_DUMP, snat_worker_dump) \
+_(SNAT_ADD_DEL_INTERFACE_ADDR, snat_add_del_interface_addr) \
+_(SNAT_INTERFACE_ADDR_DUMP, snat_interface_addr_dump) \
+_(SNAT_IPFIX_ENABLE_DISABLE, snat_ipfix_enable_disable) \
+_(SNAT_USER_DUMP, snat_user_dump) \
+_(SNAT_USER_SESSION_DUMP, snat_user_session_dump) \
+_(SNAT_INTERFACE_ADD_DEL_OUTPUT_FEATURE, \
+ snat_interface_add_del_output_feature) \
+_(SNAT_INTERFACE_OUTPUT_FEATURE_DUMP, \
+ snat_interface_output_feature_dump) \
+_(SNAT_ADD_DET_MAP, snat_add_det_map) \
+_(SNAT_DET_FORWARD, snat_det_forward) \
+_(SNAT_DET_REVERSE, snat_det_reverse) \
+_(SNAT_DET_MAP_DUMP, snat_det_map_dump) \
+_(SNAT_DET_SET_TIMEOUTS, snat_det_set_timeouts) \
+_(SNAT_DET_GET_TIMEOUTS, snat_det_get_timeouts) \
+_(SNAT_DET_CLOSE_SESSION_OUT, snat_det_close_session_out) \
+_(SNAT_DET_CLOSE_SESSION_IN, snat_det_close_session_in) \
+_(SNAT_DET_SESSION_DUMP, snat_det_session_dump) \
+_(NAT_CONTROL_PING, nat_control_ping) \
+_(NAT_SHOW_CONFIG, nat_show_config) \
+_(NAT_SET_WORKERS, nat_set_workers) \
+_(NAT_WORKER_DUMP, nat_worker_dump) \
+_(NAT_IPFIX_ENABLE_DISABLE, nat_ipfix_enable_disable) \
+_(NAT44_ADD_DEL_ADDRESS_RANGE, nat44_add_del_address_range) \
+_(NAT44_INTERFACE_ADD_DEL_FEATURE, nat44_interface_add_del_feature) \
+_(NAT44_ADD_DEL_STATIC_MAPPING, nat44_add_del_static_mapping) \
+_(NAT44_STATIC_MAPPING_DUMP, nat44_static_mapping_dump) \
+_(NAT44_ADDRESS_DUMP, nat44_address_dump) \
+_(NAT44_INTERFACE_DUMP, nat44_interface_dump) \
+_(NAT44_ADD_DEL_INTERFACE_ADDR, nat44_add_del_interface_addr) \
+_(NAT44_INTERFACE_ADDR_DUMP, nat44_interface_addr_dump) \
+_(NAT44_USER_DUMP, nat44_user_dump) \
+_(NAT44_USER_SESSION_DUMP, nat44_user_session_dump) \
+_(NAT44_INTERFACE_ADD_DEL_OUTPUT_FEATURE, \
+ nat44_interface_add_del_output_feature) \
+_(NAT44_INTERFACE_OUTPUT_FEATURE_DUMP, \
+ nat44_interface_output_feature_dump) \
+_(NAT_DET_ADD_DEL_MAP, nat_det_add_del_map) \
+_(NAT_DET_FORWARD, nat_det_forward) \
+_(NAT_DET_REVERSE, nat_det_reverse) \
+_(NAT_DET_MAP_DUMP, nat_det_map_dump) \
+_(NAT_DET_SET_TIMEOUTS, nat_det_set_timeouts) \
+_(NAT_DET_GET_TIMEOUTS, nat_det_get_timeouts) \
+_(NAT_DET_CLOSE_SESSION_OUT, nat_det_close_session_out) \
+_(NAT_DET_CLOSE_SESSION_IN, nat_det_close_session_in) \
+_(NAT_DET_SESSION_DUMP, nat_det_session_dump) \
+_(NAT64_ADD_DEL_POOL_ADDR_RANGE, nat64_add_del_pool_addr_range) \
+_(NAT64_POOL_ADDR_DUMP, nat64_pool_addr_dump) \
+_(NAT64_ADD_DEL_INTERFACE, nat64_add_del_interface) \
+_(NAT64_INTERFACE_DUMP, nat64_interface_dump) \
+_(NAT64_ADD_DEL_STATIC_BIB, nat64_add_del_static_bib) \
+_(NAT64_BIB_DUMP, nat64_bib_dump) \
+_(NAT64_SET_TIMEOUTS, nat64_set_timeouts) \
+_(NAT64_GET_TIMEOUTS, nat64_get_timeouts) \
+_(NAT64_ST_DUMP, nat64_st_dump) \
+_(NAT64_ADD_DEL_PREFIX, nat64_add_del_prefix) \
+_(NAT64_PREFIX_DUMP, nat64_prefix_dump)
+
+/* Set up the API message handling tables */
+static clib_error_t *
+snat_plugin_api_hookup (vlib_main_t * vm)
+{
+ snat_main_t *sm __attribute__ ((unused)) = &snat_main;
+#define _(N,n) \
+ vl_msg_api_set_handlers((VL_API_##N + sm->msg_id_base), \
+ #n, \
+ vl_api_##n##_t_handler, \
+ vl_noop_handler, \
+ vl_api_##n##_t_endian, \
+ vl_api_##n##_t_print, \
+ sizeof(vl_api_##n##_t), 1);
+ foreach_snat_plugin_api_msg;
+#undef _
+
+ return 0;
+}
+
+#define vl_msg_name_crc_list
+#include <nat/nat_all_api_h.h>
+#undef vl_msg_name_crc_list
+
+static void
+setup_message_id_table (snat_main_t * sm, api_main_t * am)
+{
+#define _(id,n,crc) \
+ vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id + sm->msg_id_base);
+ foreach_vl_msg_name_crc_nat;
+#undef _
+}
+
+static void
+plugin_custom_dump_configure (snat_main_t * sm)
+{
+#define _(n,f) sm->api_main->msg_print_handlers \
+ [VL_API_##n + sm->msg_id_base] \
+ = (void *) vl_api_##f##_t_print;
+ foreach_snat_plugin_api_msg;
+#undef _
+}
+
+clib_error_t *
+snat_api_init (vlib_main_t * vm, snat_main_t * sm)
+{
+ u8 *name;
+ clib_error_t *error = 0;
+
+ name = format (0, "snat_%08x%c", api_version, 0);
+
+ /* Ask for a correctly-sized block of API message decode slots */
+ sm->msg_id_base =
+ vl_msg_api_get_msg_ids ((char *) name, VL_MSG_FIRST_AVAILABLE);
+
+ error = snat_plugin_api_hookup (vm);
+
+ /* Add our API messages to the global name_crc hash table */
+ setup_message_id_table (sm, sm->api_main);
+
+ plugin_custom_dump_configure (sm);
+
+ vec_free (name);
+
+ return error;
+}
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/plugins/snat/snat_det.c b/src/plugins/nat/nat_det.c
similarity index 97%
rename from src/plugins/snat/snat_det.c
rename to src/plugins/nat/nat_det.c
index 2d6fce8..3af6698 100644
--- a/src/plugins/snat/snat_det.c
+++ b/src/plugins/nat/nat_det.c
@@ -19,7 +19,7 @@
* @brief deterministic NAT
*/
-#include <snat/snat_det.h>
+#include <nat/nat_det.h>
/**
@@ -105,7 +105,7 @@
}
/**
- * @brief The 'snat-det-expire-walk' process's main loop.
+ * @brief The 'nat-det-expire-walk' process's main loop.
*
* Check expire time for active sessions.
*/
@@ -145,7 +145,7 @@
.function = snat_det_expire_walk_fn,
.type = VLIB_NODE_TYPE_PROCESS,
.name =
- "snat-det-expire-walk",
+ "nat-det-expire-walk",
};
/* *INDENT-ON* */
diff --git a/src/plugins/snat/snat_det.h b/src/plugins/nat/nat_det.h
similarity index 95%
rename from src/plugins/snat/snat_det.h
rename to src/plugins/nat/nat_det.h
index f4fdb25..2ab7f27 100644
--- a/src/plugins/snat/snat_det.h
+++ b/src/plugins/nat/nat_det.h
@@ -1,5 +1,5 @@
/*
- * snat_det.h - deterministic nat definitions
+ * snat_det.h - deterministic NAT definitions
*
* Copyright (c) 2017 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,12 +19,12 @@
* @brief deterministic NAT definitions
*/
-#ifndef __included_snat_det_h__
-#define __included_snat_det_h__
+#ifndef __included_nat_det_h__
+#define __included_nat_det_h__
#include <vnet/ip/ip.h>
-#include <snat/snat.h>
-#include <snat/snat_ipfix_logging.h>
+#include <nat/nat.h>
+#include <nat/nat_ipfix_logging.h>
#define SNAT_DET_SES_PER_USER 1000
@@ -185,7 +185,7 @@
}
}
-#endif /* __included_snat_det_h__ */
+#endif /* __included_nat_det_h__ */
/*
* fd.io coding-style-patch-verification: ON
diff --git a/src/plugins/snat/snat_ipfix_logging.c b/src/plugins/nat/nat_ipfix_logging.c
similarity index 98%
rename from src/plugins/snat/snat_ipfix_logging.c
rename to src/plugins/nat/nat_ipfix_logging.c
index c68dc54..0cc0f82 100644
--- a/src/plugins/snat/snat_ipfix_logging.c
+++ b/src/plugins/nat/nat_ipfix_logging.c
@@ -1,5 +1,5 @@
/*
- * snat_ipfix_logging.c - NAT Events IPFIX logging
+ * nat_ipfix_logging.c - NAT Events IPFIX logging
*
* Copyright (c) 2016 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,8 +17,8 @@
#include <vnet/flow/flow_report.h>
#include <vlibmemory/api.h>
-#include <snat/snat.h>
-#include <snat/snat_ipfix_logging.h>
+#include <nat/nat.h>
+#include <nat/nat_ipfix_logging.h>
snat_ipfix_logging_main_t snat_ipfix_logging_main;
@@ -610,7 +610,7 @@
*
* @param src_ip source IPv4 address
* @param nat_src_ip transaltes source IPv4 address
- * @param snat_proto SNAT transport protocol
+ * @param snat_proto NAT transport protocol
* @param src_port source port
* @param nat_src_port translated source port
* @param vrf_id VRF ID
@@ -642,7 +642,7 @@
*
* @param src_ip source IPv4 address
* @param nat_src_ip transaltes source IPv4 address
- * @param snat_proto SNAT transport protocol
+ * @param snat_proto NAT transport protocol
* @param src_port source port
* @param nat_src_port translated source port
* @param vrf_id VRF ID
@@ -751,7 +751,7 @@
}
/**
- * @brief Enable/disable SNAT IPFIX logging
+ * @brief Enable/disable NAT plugin IPFIX logging
*
* @param enable 1 if enable, 0 if disable
* @param domain_id observation domain ID
@@ -818,7 +818,7 @@
}
/**
- * @brief Initialize SNAT IPFIX logging
+ * @brief Initialize NAT plugin IPFIX logging
*
* @param vm vlib main
*/
diff --git a/src/plugins/snat/snat_ipfix_logging.h b/src/plugins/nat/nat_ipfix_logging.h
similarity index 91%
rename from src/plugins/snat/snat_ipfix_logging.h
rename to src/plugins/nat/nat_ipfix_logging.h
index 45c1a7b..6dbf662 100644
--- a/src/plugins/snat/snat_ipfix_logging.h
+++ b/src/plugins/nat/nat_ipfix_logging.h
@@ -1,5 +1,5 @@
/*
- * snat_ipfix_logging.h - NAT Events IPFIX logging
+ * nat_ipfix_logging.h - NAT Events IPFIX logging
*
* Copyright (c) 2016 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-#ifndef __included_snat_ipfix_logging_h__
-#define __included_snat_ipfix_logging_h__
+#ifndef __included_nat_ipfix_logging_h__
+#define __included_nat_ipfix_logging_h__
typedef enum {
NAT_ADDRESSES_EXHAUTED = 3,
@@ -30,7 +30,7 @@
} quota_exceed_event_t;
typedef struct {
- /** S-NAT IPFIX logging enabled */
+ /** NAT plugin IPFIX logging enabled */
u8 enabled;
/** ipfix buffers under construction */
@@ -76,4 +76,4 @@
void snat_ipfix_logging_addresses_exhausted(u32 pool_id);
void snat_ipfix_logging_max_entries_per_user(u32 src_ip);
-#endif /* __included_snat_ipfix_logging_h__ */
+#endif /* __included_nat_ipfix_logging_h__ */
diff --git a/src/plugins/snat/snat_msg_enum.h b/src/plugins/nat/nat_msg_enum.h
similarity index 79%
rename from src/plugins/snat/snat_msg_enum.h
rename to src/plugins/nat/nat_msg_enum.h
index 2c76fd5..710b631 100644
--- a/src/plugins/snat/snat_msg_enum.h
+++ b/src/plugins/nat/nat_msg_enum.h
@@ -1,6 +1,6 @@
/*
- * snat_msg_enum.h - skeleton vpp engine plug-in message enumeration
+ * nat_msg_enum.h - skeleton vpp engine plug-in message enumeration
*
* Copyright (c) <current-year> <your-organization>
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,17 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-#ifndef included_snat_msg_enum_h
-#define included_snat_msg_enum_h
+#ifndef included_nat_msg_enum_h
+#define included_nat_msg_enum_h
#include <vppinfra/byte_order.h>
#define vl_msg_id(n,h) n,
typedef enum {
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
/* We'll want to know how many messages IDs we need... */
VL_MSG_FIRST_AVAILABLE,
} vl_msg_id_t;
#undef vl_msg_id
-#endif /* included_snat_msg_enum_h */
+#endif /* included_nat_msg_enum_h */
diff --git a/src/plugins/snat/snat_test.c b/src/plugins/nat/nat_test.c
similarity index 98%
rename from src/plugins/snat/snat_test.c
rename to src/plugins/nat/nat_test.c
index 905b8fa..b653b77 100644
--- a/src/plugins/snat/snat_test.c
+++ b/src/plugins/nat/nat_test.c
@@ -1,6 +1,6 @@
/*
- * snat.c - skeleton vpp-api-test plug-in
+ * nat.c - skeleton vpp-api-test plug-in
*
* Copyright (c) <current-year> <your-organization>
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,7 +21,7 @@
#include <vlibsocket/api.h>
#include <vppinfra/error.h>
#include <vnet/ip/ip.h>
-#include <snat/snat.h>
+#include <nat/nat.h>
#define __plugin_msg_base snat_test_main.msg_id_base
#include <vlibapi/vat_helper_macros.h>
@@ -29,28 +29,28 @@
uword unformat_sw_if_index (unformat_input_t * input, va_list * args);
/* Declare message IDs */
-#include <snat/snat_msg_enum.h>
+#include <nat/nat_msg_enum.h>
/* define message structures */
#define vl_typedefs
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_typedefs
/* declare message handlers for each api */
#define vl_endianfun /* define message structures */
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_endianfun
/* instantiate all the print functions we know about */
#define vl_print(handle, ...)
#define vl_printfun
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_printfun
/* Get the API version number. */
#define vl_api_version(n,v) static u32 api_version=(v);
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_api_version
typedef struct {
diff --git a/src/plugins/snat/out2in.c b/src/plugins/nat/out2in.c
similarity index 97%
rename from src/plugins/snat/out2in.c
rename to src/plugins/nat/out2in.c
index 329d67d..6795006 100644
--- a/src/plugins/snat/out2in.c
+++ b/src/plugins/nat/out2in.c
@@ -22,9 +22,9 @@
#include <vnet/udp/udp.h>
#include <vnet/ethernet/ethernet.h>
#include <vnet/fib/ip4_fib.h>
-#include <snat/snat.h>
-#include <snat/snat_ipfix_logging.h>
-#include <snat/snat_det.h>
+#include <nat/nat.h>
+#include <nat/nat_ipfix_logging.h>
+#include <nat/nat_det.h>
#include <vppinfra/hash.h>
#include <vppinfra/error.h>
@@ -47,8 +47,8 @@
CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
snat_out2in_trace_t * t = va_arg (*args, snat_out2in_trace_t *);
-
- s = format (s, "SNAT_OUT2IN: sw_if_index %d, next index %d, session index %d",
+
+ s = format (s, "NAT44_OUT2IN: sw_if_index %d, next index %d, session index %d",
t->sw_if_index, t->next_index, t->session_index);
return s;
}
@@ -58,8 +58,8 @@
CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
snat_out2in_trace_t * t = va_arg (*args, snat_out2in_trace_t *);
-
- s = format (s, "SNAT_OUT2IN_FAST: sw_if_index %d, next index %d",
+
+ s = format (s, "NAT44_OUT2IN_FAST: sw_if_index %d, next index %d",
t->sw_if_index, t->next_index);
return s;
}
@@ -73,7 +73,7 @@
char * m;
m = t->do_handoff ? "next worker" : "same worker";
- s = format (s, "SNAT_OUT2IN_WORKER_HANDOFF: %s %d", m, t->next_worker_index);
+ s = format (s, "NAT44_OUT2IN_WORKER_HANDOFF: %s %d", m, t->next_worker_index);
return s;
}
@@ -88,7 +88,7 @@
_(OUT2IN_PACKETS, "Good out2in packets processed") \
_(BAD_ICMP_TYPE, "unsupported ICMP type") \
_(NO_TRANSLATION, "No translation")
-
+
typedef enum {
#define _(sym,str) SNAT_OUT2IN_ERROR_##sym,
foreach_snat_out2in_error
@@ -115,10 +115,10 @@
* Create NAT session initiated by host from external network with static
* mapping.
*
- * @param sm SNAT main.
+ * @param sm NAT main.
* @param b0 Vlib buffer.
- * @param in2out In2out SNAT session key.
- * @param out2in Out2in SNAT session key.
+ * @param in2out In2out NAT44 session key.
+ * @param out2in Out2in NAT44 session key.
* @param node Vlib node.
*
* @returns SNAT session if successfully created otherwise 0.
@@ -276,11 +276,11 @@
}
/**
- * Get address and port values to be used for packet SNAT translation
+ * Get address and port values to be used for ICMP packet translation
* and create session if needed
*
- * @param[in,out] sm SNAT main
- * @param[in,out] node SNAT node runtime
+ * @param[in,out] sm NAT main
+ * @param[in,out] node NAT node runtime
* @param[in] thread_index thread index
* @param[in,out] b0 buffer containing packet to be translated
* @param[out] p_proto protocol used for matching
@@ -387,10 +387,10 @@
}
/**
- * Get address and port values to be used for packet SNAT translation
+ * Get address and port values to be used for ICMP packet translation
*
- * @param[in] sm SNAT main
- * @param[in,out] node SNAT node runtime
+ * @param[in] sm NAT main
+ * @param[in,out] node NAT node runtime
* @param[in] thread_index thread index
* @param[in,out] b0 buffer containing packet to be translated
* @param[out] p_proto protocol used for matching
@@ -793,14 +793,14 @@
u32 proto0, proto1;
snat_session_t * s0 = 0, * s1 = 0;
clib_bihash_kv_8_8_t kv0, kv1, value0, value1;
-
+
/* Prefetch next iteration. */
{
vlib_buffer_t * p2, * p3;
-
+
p2 = vlib_get_buffer (vm, from[2]);
p3 = vlib_get_buffer (vm, from[3]);
-
+
vlib_prefetch_buffer_header (p2, LOAD);
vlib_prefetch_buffer_header (p3, LOAD);
@@ -828,7 +828,7 @@
icmp0 = (icmp46_header_t *) udp0;
sw_if_index0 = vnet_buffer(b0)->sw_if_index[VLIB_RX];
- rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
+ rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
sw_if_index0);
if (PREDICT_FALSE(ip0->ttl == 1))
@@ -852,8 +852,8 @@
if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP))
{
- next0 = icmp_out2in_slow_path
- (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
+ next0 = icmp_out2in_slow_path
+ (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
next0, now, thread_index, &s0);
goto trace0;
}
@@ -862,7 +862,7 @@
key0.port = udp0->dst_port;
key0.protocol = proto0;
key0.fib_index = rx_fib_index0;
-
+
kv0.key = key0.as_u64;
if (clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0))
@@ -872,12 +872,12 @@
if (snat_static_mapping_match(sm, key0, &sm0, 1, 0))
{
b0->error = node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
- /*
+ /*
* Send DHCP packets to the ipv4 stack, or we won't
* be able to use dhcp client on the outside interface
*/
- if (proto0 != SNAT_PROTOCOL_UDP
- || (udp0->dst_port
+ if (proto0 != SNAT_PROTOCOL_UDP
+ || (udp0->dst_port
!= clib_host_to_net_u16(UDP_DST_PORT_dhcp_to_client)))
next0 = SNAT_OUT2IN_NEXT_DROP;
goto trace0;
@@ -946,10 +946,10 @@
}
trace0:
- if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b0->flags & VLIB_BUFFER_IS_TRACED)))
+ if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b0->flags & VLIB_BUFFER_IS_TRACED)))
{
- snat_out2in_trace_t *t =
+ snat_out2in_trace_t *t =
vlib_add_trace (vm, node, b0, sizeof (*t));
t->sw_if_index = sw_if_index0;
t->next_index = next0;
@@ -967,7 +967,7 @@
icmp1 = (icmp46_header_t *) udp1;
sw_if_index1 = vnet_buffer(b1)->sw_if_index[VLIB_RX];
- rx_fib_index1 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
+ rx_fib_index1 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
sw_if_index1);
if (PREDICT_FALSE(ip1->ttl == 1))
@@ -991,8 +991,8 @@
if (PREDICT_FALSE (proto1 == SNAT_PROTOCOL_ICMP))
{
- next1 = icmp_out2in_slow_path
- (sm, b1, ip1, icmp1, sw_if_index1, rx_fib_index1, node,
+ next1 = icmp_out2in_slow_path
+ (sm, b1, ip1, icmp1, sw_if_index1, rx_fib_index1, node,
next1, now, thread_index, &s1);
goto trace1;
}
@@ -1001,7 +1001,7 @@
key1.port = udp1->dst_port;
key1.protocol = proto1;
key1.fib_index = rx_fib_index1;
-
+
kv1.key = key1.as_u64;
if (clib_bihash_search_8_8 (&sm->out2in, &kv1, &value1))
@@ -1011,12 +1011,12 @@
if (snat_static_mapping_match(sm, key1, &sm1, 1, 0))
{
b1->error = node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
- /*
+ /*
* Send DHCP packets to the ipv4 stack, or we won't
* be able to use dhcp client on the outside interface
*/
- if (proto1 != SNAT_PROTOCOL_UDP
- || (udp1->dst_port
+ if (proto1 != SNAT_PROTOCOL_UDP
+ || (udp1->dst_port
!= clib_host_to_net_u16(UDP_DST_PORT_dhcp_to_client)))
next1 = SNAT_OUT2IN_NEXT_DROP;
goto trace1;
@@ -1085,10 +1085,10 @@
}
trace1:
- if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b1->flags & VLIB_BUFFER_IS_TRACED)))
+ if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b1->flags & VLIB_BUFFER_IS_TRACED)))
{
- snat_out2in_trace_t *t =
+ snat_out2in_trace_t *t =
vlib_add_trace (vm, node, b1, sizeof (*t));
t->sw_if_index = sw_if_index1;
t->next_index = next1;
@@ -1123,7 +1123,7 @@
u32 proto0;
snat_session_t * s0 = 0;
clib_bihash_kv_8_8_t kv0, value0;
-
+
/* speculatively enqueue b0 to the current next frame */
bi0 = from[0];
to_next[0] = bi0;
@@ -1142,7 +1142,7 @@
icmp0 = (icmp46_header_t *) udp0;
sw_if_index0 = vnet_buffer(b0)->sw_if_index[VLIB_RX];
- rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
+ rx_fib_index0 = vec_elt (sm->ip4_main->fib_index_by_sw_if_index,
sw_if_index0);
proto0 = ip_proto_to_snat_proto (ip0->protocol);
@@ -1166,8 +1166,8 @@
if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP))
{
- next0 = icmp_out2in_slow_path
- (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
+ next0 = icmp_out2in_slow_path
+ (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
next0, now, thread_index, &s0);
goto trace00;
}
@@ -1176,7 +1176,7 @@
key0.port = udp0->dst_port;
key0.protocol = proto0;
key0.fib_index = rx_fib_index0;
-
+
kv0.key = key0.as_u64;
if (clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0))
@@ -1186,12 +1186,12 @@
if (snat_static_mapping_match(sm, key0, &sm0, 1, 0))
{
b0->error = node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
- /*
+ /*
* Send DHCP packets to the ipv4 stack, or we won't
* be able to use dhcp client on the outside interface
*/
- if (proto0 != SNAT_PROTOCOL_UDP
- || (udp0->dst_port
+ if (proto0 != SNAT_PROTOCOL_UDP
+ || (udp0->dst_port
!= clib_host_to_net_u16(UDP_DST_PORT_dhcp_to_client)))
next0 = SNAT_OUT2IN_NEXT_DROP;
@@ -1261,10 +1261,10 @@
}
trace00:
- if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
- && (b0->flags & VLIB_BUFFER_IS_TRACED)))
+ if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b0->flags & VLIB_BUFFER_IS_TRACED)))
{
- snat_out2in_trace_t *t =
+ snat_out2in_trace_t *t =
vlib_add_trace (vm, node, b0, sizeof (*t));
t->sw_if_index = sw_if_index0;
t->next_index = next0;
@@ -1284,24 +1284,24 @@
vlib_put_next_frame (vm, node, next_index, n_left_to_next);
}
- vlib_node_increment_counter (vm, snat_out2in_node.index,
- SNAT_OUT2IN_ERROR_OUT2IN_PACKETS,
+ vlib_node_increment_counter (vm, snat_out2in_node.index,
+ SNAT_OUT2IN_ERROR_OUT2IN_PACKETS,
pkts_processed);
return frame->n_vectors;
}
VLIB_REGISTER_NODE (snat_out2in_node) = {
.function = snat_out2in_node_fn,
- .name = "snat-out2in",
+ .name = "nat44-out2in",
.vector_size = sizeof (u32),
.format_trace = format_snat_out2in_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
-
+
.n_errors = ARRAY_LEN(snat_out2in_error_strings),
.error_strings = snat_out2in_error_strings,
.runtime_data_bytes = sizeof (snat_runtime_t),
-
+
.n_next_nodes = SNAT_OUT2IN_N_NEXT,
/* edit / add dispositions here */
@@ -1779,7 +1779,7 @@
VLIB_REGISTER_NODE (snat_det_out2in_node) = {
.function = snat_det_out2in_node_fn,
- .name = "snat-det-out2in",
+ .name = "nat44-det-out2in",
.vector_size = sizeof (u32),
.format_trace = format_snat_out2in_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
@@ -1801,11 +1801,11 @@
VLIB_NODE_FUNCTION_MULTIARCH (snat_det_out2in_node, snat_det_out2in_node_fn);
/**
- * Get address and port values to be used for packet SNAT translation
+ * Get address and port values to be used for ICMP packet translation
* and create session if needed
*
- * @param[in,out] sm SNAT main
- * @param[in,out] node SNAT node runtime
+ * @param[in,out] sm NAT main
+ * @param[in,out] node NAT node runtime
* @param[in] thread_index thread index
* @param[in,out] b0 buffer containing packet to be translated
* @param[out] p_proto protocol used for matching
@@ -2089,11 +2089,11 @@
VLIB_REGISTER_NODE (snat_out2in_worker_handoff_node) = {
.function = snat_out2in_worker_handoff_fn,
- .name = "snat-out2in-worker-handoff",
+ .name = "nat44-out2in-worker-handoff",
.vector_size = sizeof (u32),
.format_trace = format_snat_out2in_worker_handoff_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
-
+
.n_next_nodes = 1,
.next_nodes = {
@@ -2105,7 +2105,7 @@
static uword
snat_out2in_fast_node_fn (vlib_main_t * vm,
- vlib_node_runtime_t * node,
+ vlib_node_runtime_t * node,
vlib_frame_t * frame)
{
u32 n_left_from, * from, * to_next;
@@ -2272,16 +2272,16 @@
VLIB_REGISTER_NODE (snat_out2in_fast_node) = {
.function = snat_out2in_fast_node_fn,
- .name = "snat-out2in-fast",
+ .name = "nat44-out2in-fast",
.vector_size = sizeof (u32),
.format_trace = format_snat_out2in_fast_trace,
.type = VLIB_NODE_TYPE_INTERNAL,
-
+
.n_errors = ARRAY_LEN(snat_out2in_error_strings),
.error_strings = snat_out2in_error_strings,
.runtime_data_bytes = sizeof (snat_runtime_t),
-
+
.n_next_nodes = SNAT_OUT2IN_N_NEXT,
/* edit / add dispositions here */
diff --git a/src/plugins/snat.am b/src/plugins/snat.am
deleted file mode 100644
index 6b75f3d..0000000
--- a/src/plugins/snat.am
+++ /dev/null
@@ -1,41 +0,0 @@
-
-# Copyright (c) <current-year> <your-organization>
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at:
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-vppapitestplugins_LTLIBRARIES += snat_test_plugin.la
-vppplugins_LTLIBRARIES += snat_plugin.la
-
-snat_plugin_la_SOURCES = snat/snat.c \
- snat/snat_api.c \
- snat/in2out.c \
- snat/out2in.c \
- snat/snat_plugin.api.h \
- snat/snat_ipfix_logging.c \
- snat/snat_det.c \
- snat/nat64.c \
- snat/nat64_cli.c \
- snat/nat64_in2out.c \
- snat/nat64_out2in.c \
- snat/nat64_db.c
-
-API_FILES += snat/snat.api
-
-nobase_apiinclude_HEADERS += \
- snat/snat_all_api_h.h \
- snat/snat_msg_enum.h \
- snat/snat.api.h
-
-snat_test_plugin_la_SOURCES = \
- snat/snat_test.c snat/snat_plugin.api.h
-
-# vi:syntax=automake
diff --git a/src/plugins/snat/snat.api b/src/plugins/snat/snat.api
deleted file mode 100644
index 3c493dd..0000000
--- a/src/plugins/snat/snat.api
+++ /dev/null
@@ -1,897 +0,0 @@
-/*
- * Copyright (c) 2016 Cisco and/or its affiliates.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file snat.api
- * @brief VPP control-plane API messages.
- *
- * This file defines VPP control-plane API messages which are generally
- * called through a shared memory interface.
- */
-
-/** \brief Add/del S-NAT address range
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_ip4 - 1 if address type is IPv4
- @param first_ip_address - first IP address
- @param last_ip_address - last IP address
- @param vrf_id - VRF id of tenant, ~0 means independent of VRF
- @param is_add - 1 if add, 0 if delete
-*/
-autoreply define snat_add_address_range {
- u32 client_index;
- u32 context;
- u8 is_ip4;
- u8 first_ip_address[16];
- u8 last_ip_address[16];
- u32 vrf_id;
- u8 is_add;
-};
-
-/** \brief Dump S-NAT addresses
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define snat_address_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief S-NAT address details response
- @param context - sender context, to match reply w/ request
- @param is_ip4 - 1 if address type is IPv4
- @param ip_address - IP address
- @param vrf_id - VRF id of tenant, ~0 means independent of VRF
-*/
-define snat_address_details {
- u32 context;
- u8 is_ip4;
- u8 ip_address[16];
- u32 vrf_id;
-};
-
-/** \brief Enable/disable S-NAT feature on the interface
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_add - 1 if add, 0 if delete
- @param is_inside - 1 if inside, 0 if outside
- @param sw_if_index - software index of the interface
-*/
-autoreply define snat_interface_add_del_feature {
- u32 client_index;
- u32 context;
- u8 is_add;
- u8 is_inside;
- u32 sw_if_index;
-};
-
-/** \brief Dump interfaces with S-NAT feature
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define snat_interface_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief S-NAT interface details response
- @param context - sender context, to match reply w/ request
- @param is_inside - 1 if inside, 0 if outside
- @param sw_if_index - software index of the interface
-*/
-define snat_interface_details {
- u32 context;
- u8 is_inside;
- u32 sw_if_index;
-};
-
-/** \brief Enable/disbale S-NAT as an interface output feature (postrouting
- in2out translation)
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_add - 1 if add, 0 if delete
- @param is_inside - 1 if inside, 0 if outside
- @param sw_if_index - software index of the interface
-*/
-autoreply define snat_interface_add_del_output_feature {
- u32 client_index;
- u32 context;
- u8 is_add;
- u8 is_inside;
- u32 sw_if_index;
-};
-
-/** \brief Dump interfaces with S-NAT output feature
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define snat_interface_output_feature_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief S-NAT interface with output feature details response
- @param context - sender context, to match reply w/ request
- @param is_inside - 1 if inside, 0 if outside
- @param sw_if_index - software index of the interface
-*/
-define snat_interface_output_feature_details {
- u32 context;
- u8 is_inside;
- u32 sw_if_index;
-};
-
-/** \brief Add/delete S-NAT static mapping
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_add - 1 if add, 0 if delete
- @param is_ip4 - 1 if address type is IPv4
- @param addr_only - 1 if address only mapping
- @param local_ip_address - local IP address
- @param external_ip_address - external IP address
- @param protocol - IP protocol
- @param local_port - local port number
- @param external_port - external port number
- @param external_sw_if_index - external interface (if set
- external_ip_address is ignored, ~0 means not
- used)
- @param vfr_id - VRF ID
-*/
-autoreply define snat_add_static_mapping {
- u32 client_index;
- u32 context;
- u8 is_add;
- u8 is_ip4;
- u8 addr_only;
- u8 local_ip_address[16];
- u8 external_ip_address[16];
- u8 protocol;
- u16 local_port;
- u16 external_port;
- u32 external_sw_if_index;
- u32 vrf_id;
-};
-
-/** \brief Dump S-NAT static mappings
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define snat_static_mapping_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief S-NAT static mapping details response
- @param context - sender context, to match reply w/ request
- @param is_ip4 - 1 if address type is IPv4
- @param addr_only - 1 if address only mapping
- @param local_ip_address - local IP address
- @param external_ip_address - external IP address
- @param protocol - IP protocol
- @param local_port - local port number
- @param external_port - external port number
- @param external_sw_if_index - external interface
- @param vfr_id - VRF ID
-*/
-define snat_static_mapping_details {
- u32 context;
- u8 is_ip4;
- u8 addr_only;
- u8 local_ip_address[16];
- u8 external_ip_address[16];
- u8 protocol;
- u16 local_port;
- u16 external_port;
- u32 external_sw_if_index;
- u32 vrf_id;
-};
-
-/** \brief Control ping from client to api server request
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define snat_control_ping
-{
- u32 client_index;
- u32 context;
-};
-
-/** \brief Control ping from the client to the server response
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param retval - return code for the request
- @param vpe_pid - the pid of the vpe, returned by the server
-*/
-define snat_control_ping_reply
-{
- u32 context;
- i32 retval;
- u32 client_index;
- u32 vpe_pid;
-};
-
-/** \brief Show S-NAT plugin startup config
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define snat_show_config
-{
- u32 client_index;
- u32 context;
-};
-
-/** \brief Show S-NAT plugin startup config reply
- @param context - sender context, to match reply w/ request
- @param retval - return code for the request
- @param static_mapping_only - if 1 dynamic translations disabled
- @param static_mapping_connection_tracking - if 1 create session data
- @param deterministic - if 1 deterministic mapping
- @param translation_buckets - number of translation hash buckets
- @param translation_memory_size - translation hash memory size
- @param user_buckets - number of user hash buckets
- @param user_memory_size - user hash memory size
- @param max_translations_per_user - maximum number of translations per user
- @param outside_vrf_id - outside VRF id
- @param inside_vrf_id - default inside VRF id
-*/
-define snat_show_config_reply
-{
- u32 context;
- i32 retval;
- u8 static_mapping_only;
- u8 static_mapping_connection_tracking;
- u8 deterministic;
- u32 translation_buckets;
- u32 translation_memory_size;
- u32 user_buckets;
- u32 user_memory_size;
- u32 max_translations_per_user;
- u32 outside_vrf_id;
- u32 inside_vrf_id;
-};
-
-/** \brief Set S-NAT workers
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param worker_mask - S-NAT workers mask
-*/
-autoreply define snat_set_workers {
- u32 client_index;
- u32 context;
- u64 worker_mask;
-};
-
-/** \brief Dump S-NAT workers
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define snat_worker_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief S-NAT workers details response
- @param context - sender context, to match reply w/ request
- @param worker_index - worker index
- @param lcore_id - lcore ID
- @param name - worker name
-*/
-define snat_worker_details {
- u32 context;
- u32 worker_index;
- u32 lcore_id;
- u8 name[64];
-};
-
-/** \brief Add/delete S-NAT pool address from specific interfce
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_add - 1 if add, 0 if delete
- @param sw_if_index - software index of the interface
-*/
-autoreply define snat_add_del_interface_addr {
- u32 client_index;
- u32 context;
- u8 is_add;
- u8 is_inside;
- u32 sw_if_index;
-};
-
-/** \brief Dump S-NAT pool addresses interfaces
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define snat_interface_addr_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief S-NAT pool addresses interfaces details response
- @param context - sender context, to match reply w/ request
- @param sw_if_index - software index of the interface
-*/
-define snat_interface_addr_details {
- u32 context;
- u32 sw_if_index;
-};
-
-/** \brief Enable/disable S-NAT IPFIX logging
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param domain_id - observation domain ID
- @param src_port - source port number
- @param enable - 1 if enable, 0 if disable
-*/
-autoreply define snat_ipfix_enable_disable {
- u32 client_index;
- u32 context;
- u32 domain_id;
- u16 src_port;
- u8 enable;
-};
-
-/** \brief Dump S-NAT users
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define snat_user_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief S-NAT users response
- @param context - sender context, to match reply w/ request
- @vrf_id - VRF ID
- @param is_ip4 - 1 if address type is IPv4
- @param ip_adress - IP address
- @param nsessions - number of dynamic sessions
- @param nstaticsessions - number of static sessions
-*/
-define snat_user_details {
- u32 context;
- u32 vrf_id;
- u8 is_ip4;
- u8 ip_address[16];
- u32 nsessions;
- u32 nstaticsessions;
-};
-
-/** \brief S-NAT user's sessions
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_ip4 - 1 if address type is IPv4
- @param user_ip - IP address of the user to dump
- @param vrf_id - VRF_ID
-*/
-define snat_user_session_dump {
- u32 client_index;
- u32 context;
- u8 is_ip4;
- u8 ip_address[16];
- u32 vrf_id;
-};
-
-/** \brief S-NAT user's sessions response
- @param context - sender context, to match reply w/ request
- @param is_ip4 - 1 if address type is IPv4
- @param outside_ip_address - outside IP address
- @param outside_port - outside port
- @param inside_ip_address - inside IP address
- @param inside_port - inside port
- @param protocol - protocol
- @param is_static - 1 if session is static
- @param last_heard - last heard timer
- @param total_bytes - count of bytes sent through session
- @param total_pkts - count of pakets sent through session
-*/
-define snat_user_session_details {
- u32 context;
- u8 is_ip4;
- u8 outside_ip_address[16];
- u16 outside_port;
- u8 inside_ip_address[16];
- u16 inside_port;
- u16 protocol;
- u8 is_static;
- u64 last_heard;
- u64 total_bytes;
- u32 total_pkts;
-};
-
-/** \brief Add/delete S-NAT deterministic mapping
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_add - 1 if add, 0 if delete
- @param is_ip4 - 1 if address type is IPv4
- @param in_addr - inside IP address
- @param in_plen - inside IP address prefix length
- @param out_addr - outside IP address
- @param out_addr - outside IP address prefix length
-*/
-autoreply define snat_add_det_map {
- u32 client_index;
- u32 context;
- u8 is_add;
- u8 is_ip4;
- u8 addr_only;
- u8 in_addr[16];
- u8 in_plen;
- u8 out_addr[16];
- u8 out_plen;
-};
-
-/** \brief Get outside address and port range from inside address
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_ip4 - 1 if address type is IPv4
- @param in_addr - inside IP address
-*/
-define snat_det_forward {
- u32 client_index;
- u32 context;
- u8 is_ip4;
- u8 in_addr[16];
-};
-
-/** \brief Get outside address and port range from inside address
- @param context - sender context, to match reply w/ request
- @param retval - return code
- @param out_port_lo - outside port range start
- @param out_port_hi - outside port range end
- @param is_ip4 - 1 if address type is IPv4
- @param out_addr - outside IP address
-*/
-define snat_det_forward_reply {
- u32 context;
- i32 retval;
- u16 out_port_lo;
- u16 out_port_hi;
- u8 is_ip4;
- u8 out_addr[16];
-};
-
-/** \brief Get inside address from outside address and port
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param out_port - outside port
- @param is_ip4 - 1 if address type is IPv4
- @param out_addr - outside IP address
-*/
-define snat_det_reverse {
- u32 client_index;
- u32 context;
- u16 out_port;
- u8 is_ip4;
- u8 out_addr[16];
-};
-
-/** \brief Get inside address from outside address and port reply
- @param context - sender context, to match reply w/ request
- @param retval - return code
- @param is_ip4 - 1 if address type is IPv4
- @param in_addr - inside IP address
-*/
-define snat_det_reverse_reply {
- u32 context;
- i32 retval;
- u8 is_ip4;
- u8 in_addr[16];
-};
-
-/** \brief Dump S-NAT deterministic mappings
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define snat_det_map_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief S-NAT users response
- @param context - sender context, to match reply w/ request
- @param is_ip4 - 1 if address type is IPv4
- @param in_addr - inside IP address
- @param in_plen - inside IP address prefix length
- @param out_addr - outside IP address
- @param out_plen - outside IP address prefix length
- @param sharing_ratio - outside to inside address sharing ratio
- @param ports_per_host - number of ports available to a host
- @param ses_num - number of sessions belonging to this mapping
-*/
-define snat_det_map_details {
- u32 context;
- u8 is_ip4;
- u8 in_addr[16];
- u8 in_plen;
- u8 out_addr[16];
- u8 out_plen;
- u32 sharing_ratio;
- u16 ports_per_host;
- u32 ses_num;
-};
-
-/** \brief Set values of timeouts for deterministic NAT (seconds, 0 = default)
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param udp - UDP timeout (default 300sec)
- @param tcp_established - TCP established timeout (default 7440sec)
- @param tcp_transitory - TCP transitory timeout (default 240sec)
- @param icmp - ICMP timeout (default 60sec)
-*/
-autoreply define snat_det_set_timeouts {
- u32 client_index;
- u32 context;
- u32 udp;
- u32 tcp_established;
- u32 tcp_transitory;
- u32 icmp;
-};
-
-/** \brief Get values of timeouts for deterministic NAT (seconds)
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define snat_det_get_timeouts {
- u32 client_index;
- u32 context;
-};
-
-/** \brief Get values of timeouts for deterministic NAT reply
- @param context - sender context, to match reply w/ request
- @param retval - return code
- @param udp - UDP timeout (default 300sec)
- @param tcp_established - TCP established timeout (default 7440sec)
- @param tcp_transitory - TCP transitory timeout (default 240sec)
- @param icmp - ICMP timeout (default 60sec)
-*/
-define snat_det_get_timeouts_reply {
- u32 context;
- i32 retval;
- u32 udp;
- u32 tcp_established;
- u32 tcp_transitory;
- u32 icmp;
-};
-
-/** \brief Close CGNAT session by outside address and port
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_ip4 - 1 if address type is IPv4
- @param out_addr - outside IP address
- @param out_port - outside port
- @param ext_addr - external host address
- @param ext_port - external host port
-*/
-autoreply define snat_det_close_session_out {
- u32 client_index;
- u32 context;
- u8 is_ip4;
- u8 out_addr[16];
- u16 out_port;
- u8 ext_addr[16];
- u16 ext_port;
-};
-
-/** \brief Close CGNAT session by inside address and port
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_ip4 - 1 if address type is IPv4
- @param in_addr - inside IP address
- @param in_port - inside port
- @param ext_addr - external host address
- @param ext_port - external host port
-*/
-autoreply define snat_det_close_session_in {
- u32 client_index;
- u32 context;
- u8 is_ip4;
- u8 in_addr[16];
- u16 in_port;
- u8 ext_addr[16];
- u16 ext_port;
-};
-
-/** \brief Dump S-NAT deterministic sessions
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_ip4 - 1 if address type is IPv4
- @param user_addr - address of an inside user whose sessions to dump
-*/
-define snat_det_session_dump {
- u32 client_index;
- u32 context;
- u8 is_ip4;
- u8 user_addr[16];
-};
-
-/** \brief S-NAT deterministic sessions reply
- @param context - sender context, to match reply w/ request
- @param is_ip4 - 1 if address type is IPv4
- @param in_port - inside port
- @param ext_addr - external host address
- @param ext_port - external host port
- @param out_port - outside NAT port
- @param state - session state
- @param expire - session expiration timestamp
-*/
-define snat_det_session_details {
- u32 client_index;
- u32 context;
- u8 is_ip4;
- u16 in_port;
- u8 ext_addr[16];
- u16 ext_port;
- u16 out_port;
- u8 state;
- u32 expire;
-};
-
-/** \brief Add/delete address range to NAT64 pool
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param start_addr - start address of the range
- @param end_addr - end address of the range
- @param vrf_id - VRF id of tenant, ~0 means independent of VRF
- @param is_add - 1 if add, 0 if delete
-*/
-autoreply define nat64_add_del_pool_addr_range {
- u32 client_index;
- u32 context;
- u8 start_addr[4];
- u8 end_addr[4];
- u32 vrf_id;
- u8 is_add;
-};
-
-/** \brief Dump NAT64 pool addresses
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define nat64_pool_addr_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief NAT64 pool address details response
- @param context - sender context, to match reply w/ request
- @param address - IPv4 address
- @param vfr_id - VRF id of tenant, ~0 means independent of VRF
-*/
-define nat64_pool_addr_details {
- u32 context;
- u8 address[4];
- u32 vrf_id;
-};
-
-/** \brief Enable/disable NAT64 feature on the interface
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param sw_if_index - index of the interface
- @param is_inside - 1 if inside, 0 if outside
- @param is_add - 1 if add, 0 if delete
-*/
-autoreply define nat64_add_del_interface {
- u32 client_index;
- u32 context;
- u32 sw_if_index;
- u8 is_inside;
- u8 is_add;
-};
-
-/** \brief Dump interfaces with NAT64 feature
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define nat64_interface_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief NAT64 interface details response
- @param context - sender context, to match reply w/ request
- @param is_inside - 1 if inside, 0 if outside
- @param sw_if_index - index of the interface
-*/
-define nat64_interface_details {
- u32 context;
- u8 is_inside;
- u32 sw_if_index;
-};
-
-/** \brief Add/delete NAT64 static BIB entry
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param i_addr - inside IPv6 address
- @param o_addr - outside IPv4 address
- @param i_port - inside port number
- @param o_port - outside port number
- @param vrf_id - VRF id of tenant
- @param proto - protocol number
- @param is_add - 1 if add, 0 if delete
-*/
- autoreply define nat64_add_del_static_bib {
- u32 client_index;
- u32 context;
- u8 i_addr[16];
- u8 o_addr[4];
- u16 i_port;
- u16 o_port;
- u32 vrf_id;
- u8 proto;
- u8 is_add;
-};
-
-/** \brief Dump NAT64 BIB
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param proto - protocol of the BIB: 255 - all BIBs
- 6 - TCP BIB
- 17 - UDP BIB
- 1/58 - ICMP BIB
- otherwise - "unknown" protocol BIB
-*/
-define nat64_bib_dump {
- u32 client_index;
- u32 context;
- u8 proto;
-};
-
-/** \brief NAT64 BIB details response
- @param context - sender context, to match reply w/ request
- @param i_addr - inside IPv6 address
- @param o_addr - outside IPv4 address
- @param i_port - inside port number
- @param o_port - outside port number
- @param vrf_id - VRF id of tenant
- @param proto - protocol number
- @param is_static - 1 if static BIB entry, 0 if dynamic
- @param ses_num - number of sessions associated with the BIB entry
-*/
-define nat64_bib_details {
- u32 context;
- u8 i_addr[16];
- u8 o_addr[4];
- u16 i_port;
- u16 o_port;
- u32 vrf_id;
- u8 proto;
- u8 is_static;
- u32 ses_num;
-};
-
-/** \brief Set values of timeouts for NAT64 (seconds, 0 = default)
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param udp - UDP timeout (default 300sec)
- @param icmp - ICMP timeout (default 60sec)
- @param tcp_trans - TCP transitory timeout (default 240sec)
- @param tcp_est - TCP established timeout (default 7440sec)
- @param tcp_incoming_syn - TCP incoming SYN timeout (default 6sec)
-*/
-autoreply define nat64_set_timeouts {
- u32 client_index;
- u32 context;
- u32 udp;
- u32 icmp;
- u32 tcp_trans;
- u32 tcp_est;
- u32 tcp_incoming_syn;
-};
-
-/** \brief Get values of timeouts for NAT64 (seconds)
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define nat64_get_timeouts {
- u32 client_index;
- u32 context;
-};
-
-/** \brief Get values of timeouts for NAT64 reply
- @param context - sender context, to match reply w/ request
- @param retval - return code
- @param udp - UDP timeout
- @param icmp - ICMP timeout
- @param tcp_trans - TCP transitory timeout
- @param tcp_est - TCP established timeout
- @param tcp_incoming_syn - TCP incoming SYN timeout
-*/
-define nat64_get_timeouts_reply {
- u32 context;
- i32 retval;
- u32 udp;
- u32 icmp;
- u32 tcp_trans;
- u32 tcp_est;
- u32 tcp_incoming_syn;
-};
-
-/** \brief Dump NAT64 session table
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param proto - protocol of the session table: 255 - all STs
- 6 - TCP ST
- 17 - UDP ST
- 1/58 - ICMP ST
- otherwise - "unknown" proto ST
-*/
-define nat64_st_dump {
- u32 client_index;
- u32 context;
- u8 proto;
-};
-
-/** \brief NAT64 session table details response
- @param context - sender context, to match reply w/ request
- @param il_addr - inside IPv6 address of the local host
- @param ol_addr - outside IPv4 address of the local host
- @param il_port - inside port number id of the local host/inside ICMP id
- @param ol_port - outside port number of the local host/outside ICMP id
- @param il_addr - inside IPv6 address of the remote host
- @param ol_addr - outside IPv4 address of the remote host
- @param l_port - port number of the remote host (not used for ICMP)
- @param vrf_id - VRF id of tenant
- @param proto - protocol number
-*/
-define nat64_st_details {
- u32 context;
- u8 il_addr[16];
- u8 ol_addr[4];
- u16 il_port;
- u16 ol_port;
- u8 ir_addr[16];
- u8 or_addr[4];
- u16 r_port;
- u32 vrf_id;
- u8 proto;
-};
-
-/** \brief Add/del NAT64 prefix
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param prefix - NAT64 prefix
- @param prefix - NAT64 prefix length
- @param vrf_id - VRF id of tenant
- @param is_add - 1 if add, 0 if delete
-*/
-autoreply define nat64_add_del_prefix {
- u32 client_index;
- u32 context;
- u8 prefix[16];
- u8 prefix_len;
- u32 vrf_id;
- u8 is_add;
-};
-
-/** \brief Dump NAT64 prefix
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define nat64_prefix_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief Dump NAT64 prefix details response
- @param context - sender context, to match reply w/ request
- @param prefix - NAT64 prefix
- @param prefix - NAT64 prefix length
- @param vrf_id - VRF id of tenant
-*/
-define nat64_prefix_details {
- u32 context;
- u8 prefix[16];
- u8 prefix_len;
- u32 vrf_id;
-};
diff --git a/src/plugins/snat/snat_api.c b/src/plugins/snat/snat_api.c
deleted file mode 100644
index 227074f..0000000
--- a/src/plugins/snat/snat_api.c
+++ /dev/null
@@ -1,1970 +0,0 @@
-/*
- * Copyright (c) 2017 Cisco and/or its affiliates.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file
- * @brief SNAT plugin API implementation
- */
-
-#include <snat/snat.h>
-#include <snat/snat_det.h>
-#include <snat/nat64.h>
-#include <vlibapi/api.h>
-#include <vlibmemory/api.h>
-#include <vlibsocket/api.h>
-#include <snat/snat_msg_enum.h>
-#include <vnet/fib/fib_table.h>
-
-/* define message structures */
-#define vl_typedefs
-#include <snat/snat_all_api_h.h>
-#undef vl_typedefs
-
-/* define generated endian-swappers */
-#define vl_endianfun
-#include <snat/snat_all_api_h.h>
-#undef vl_endianfun
-
-#define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__)
-
-#define REPLY_MSG_ID_BASE sm->msg_id_base
-#include <vlibapi/api_helper_macros.h>
-
-/* Get the API version number */
-#define vl_api_version(n,v) static u32 api_version=(v);
-#include <snat/snat_all_api_h.h>
-#undef vl_api_version
-
-/* Macro to finish up custom dump fns */
-#define FINISH \
- vec_add1 (s, 0); \
- vl_print (handle, (char *)s); \
- vec_free (s); \
- return handle;
-
-static void
- vl_api_snat_add_address_range_t_handler
- (vl_api_snat_add_address_range_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_add_address_range_reply_t *rmp;
- ip4_address_t this_addr;
- u32 start_host_order, end_host_order;
- u32 vrf_id;
- int i, count;
- int rv = 0;
- u32 *tmp;
-
- if (mp->is_ip4 != 1)
- {
- rv = VNET_API_ERROR_UNIMPLEMENTED;
- goto send_reply;
- }
-
- if (sm->static_mapping_only)
- {
- rv = VNET_API_ERROR_FEATURE_DISABLED;
- goto send_reply;
- }
-
- tmp = (u32 *) mp->first_ip_address;
- start_host_order = clib_host_to_net_u32 (tmp[0]);
- tmp = (u32 *) mp->last_ip_address;
- end_host_order = clib_host_to_net_u32 (tmp[0]);
-
- count = (end_host_order - start_host_order) + 1;
-
- vrf_id = clib_host_to_net_u32 (mp->vrf_id);
-
- if (count > 1024)
- clib_warning ("%U - %U, %d addresses...",
- format_ip4_address, mp->first_ip_address,
- format_ip4_address, mp->last_ip_address, count);
-
- memcpy (&this_addr.as_u8, mp->first_ip_address, 4);
-
- for (i = 0; i < count; i++)
- {
- if (mp->is_add)
- snat_add_address (sm, &this_addr, vrf_id);
- else
- rv = snat_del_address (sm, this_addr, 0);
-
- if (rv)
- goto send_reply;
-
- increment_v4_address (&this_addr);
- }
-
-send_reply:
- REPLY_MACRO (VL_API_SNAT_ADD_ADDRESS_RANGE_REPLY);
-}
-
-static void *vl_api_snat_add_address_range_t_print
- (vl_api_snat_add_address_range_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_add_address_range ");
- s = format (s, "%U ", format_ip4_address, mp->first_ip_address);
- if (memcmp (mp->first_ip_address, mp->last_ip_address, 4))
- {
- s = format (s, " - %U ", format_ip4_address, mp->last_ip_address);
- }
- FINISH;
-}
-
-static void
- send_snat_address_details
- (snat_address_t * a, unix_shared_memory_queue_t * q, u32 context)
-{
- vl_api_snat_address_details_t *rmp;
- snat_main_t *sm = &snat_main;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id = ntohs (VL_API_SNAT_ADDRESS_DETAILS + sm->msg_id_base);
- rmp->is_ip4 = 1;
- clib_memcpy (rmp->ip_address, &(a->addr), 4);
- if (a->fib_index != ~0)
- {
- fib_table_t *fib = fib_table_get (a->fib_index, FIB_PROTOCOL_IP4);
- rmp->vrf_id = ntohl (fib->ft_table_id);
- }
- else
- rmp->vrf_id = ~0;
- rmp->context = context;
-
- vl_msg_api_send_shmem (q, (u8 *) & rmp);
-}
-
-static void
-vl_api_snat_address_dump_t_handler (vl_api_snat_address_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- snat_main_t *sm = &snat_main;
- snat_address_t *a;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- /* *INDENT-OFF* */
- vec_foreach (a, sm->addresses)
- send_snat_address_details (a, q, mp->context);
- /* *INDENT-ON* */
-}
-
-static void *vl_api_snat_address_dump_t_print
- (vl_api_snat_address_dump_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_address_dump ");
-
- FINISH;
-}
-
-static void
- vl_api_snat_interface_add_del_feature_t_handler
- (vl_api_snat_interface_add_del_feature_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_interface_add_del_feature_reply_t *rmp;
- u8 is_del = mp->is_add == 0;
- u32 sw_if_index = ntohl (mp->sw_if_index);
- int rv = 0;
-
- VALIDATE_SW_IF_INDEX (mp);
-
- rv = snat_interface_add_del (sw_if_index, mp->is_inside, is_del);
-
- BAD_SW_IF_INDEX_LABEL;
-
- REPLY_MACRO (VL_API_SNAT_INTERFACE_ADD_DEL_FEATURE_REPLY);
-}
-
-static void *vl_api_snat_interface_add_del_feature_t_print
- (vl_api_snat_interface_add_del_feature_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_interface_add_del_feature ");
- s = format (s, "sw_if_index %d %s %s",
- clib_host_to_net_u32 (mp->sw_if_index),
- mp->is_inside ? "in" : "out", mp->is_add ? "" : "del");
-
- FINISH;
-}
-
-static void
- send_snat_interface_details
- (snat_interface_t * i, unix_shared_memory_queue_t * q, u32 context)
-{
- vl_api_snat_interface_details_t *rmp;
- snat_main_t *sm = &snat_main;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id = ntohs (VL_API_SNAT_INTERFACE_DETAILS + sm->msg_id_base);
- rmp->sw_if_index = ntohl (i->sw_if_index);
- rmp->is_inside = i->is_inside;
- rmp->context = context;
-
- vl_msg_api_send_shmem (q, (u8 *) & rmp);
-}
-
-static void
-vl_api_snat_interface_dump_t_handler (vl_api_snat_interface_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- snat_main_t *sm = &snat_main;
- snat_interface_t *i;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- /* *INDENT-OFF* */
- pool_foreach (i, sm->interfaces,
- ({
- send_snat_interface_details(i, q, mp->context);
- }));
- /* *INDENT-ON* */
-}
-
-static void *vl_api_snat_interface_dump_t_print
- (vl_api_snat_interface_dump_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_interface_dump ");
-
- FINISH;
-}
-
-static void
- vl_api_snat_interface_add_del_output_feature_t_handler
- (vl_api_snat_interface_add_del_output_feature_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_interface_add_del_output_feature_reply_t *rmp;
- u8 is_del = mp->is_add == 0;
- u32 sw_if_index = ntohl (mp->sw_if_index);
- int rv = 0;
-
- VALIDATE_SW_IF_INDEX (mp);
-
- rv = snat_interface_add_del_output_feature (sw_if_index, mp->is_inside,
- is_del);
-
- BAD_SW_IF_INDEX_LABEL;
-
- REPLY_MACRO (VL_API_SNAT_INTERFACE_ADD_DEL_OUTPUT_FEATURE_REPLY);
-}
-
-static void *vl_api_snat_interface_add_del_output_feature_t_print
- (vl_api_snat_interface_add_del_output_feature_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_interface_add_del_output_feature ");
- s = format (s, "sw_if_index %d %s %s",
- clib_host_to_net_u32 (mp->sw_if_index),
- mp->is_inside ? "in" : "out", mp->is_add ? "" : "del");
-
- FINISH;
-}
-
-static void
-send_snat_interface_output_feature_details (snat_interface_t * i,
- unix_shared_memory_queue_t * q,
- u32 context)
-{
- vl_api_snat_interface_output_feature_details_t *rmp;
- snat_main_t *sm = &snat_main;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id =
- ntohs (VL_API_SNAT_INTERFACE_OUTPUT_FEATURE_DETAILS + sm->msg_id_base);
- rmp->sw_if_index = ntohl (i->sw_if_index);
- rmp->context = context;
- rmp->is_inside = i->is_inside;
-
- vl_msg_api_send_shmem (q, (u8 *) & rmp);
-}
-
-static void
- vl_api_snat_interface_output_feature_dump_t_handler
- (vl_api_snat_interface_output_feature_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- snat_main_t *sm = &snat_main;
- snat_interface_t *i;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- /* *INDENT-OFF* */
- pool_foreach (i, sm->output_feature_interfaces,
- ({
- send_snat_interface_output_feature_details(i, q, mp->context);
- }));
- /* *INDENT-ON* */
-}
-
-static void *vl_api_snat_interface_output_feature_dump_t_print
- (vl_api_snat_interface_output_feature_dump_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_interface_output_feature_dump ");
-
- FINISH;
-}
-
-static void
- vl_api_snat_add_static_mapping_t_handler
- (vl_api_snat_add_static_mapping_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_add_static_mapping_reply_t *rmp;
- ip4_address_t local_addr, external_addr;
- u16 local_port = 0, external_port = 0;
- u32 vrf_id, external_sw_if_index;
- int rv = 0;
- snat_protocol_t proto;
-
- if (mp->is_ip4 != 1)
- {
- rv = VNET_API_ERROR_UNIMPLEMENTED;
- goto send_reply;
- }
-
- memcpy (&local_addr.as_u8, mp->local_ip_address, 4);
- memcpy (&external_addr.as_u8, mp->external_ip_address, 4);
- if (mp->addr_only == 0)
- {
- local_port = clib_net_to_host_u16 (mp->local_port);
- external_port = clib_net_to_host_u16 (mp->external_port);
- }
- vrf_id = clib_net_to_host_u32 (mp->vrf_id);
- external_sw_if_index = clib_net_to_host_u32 (mp->external_sw_if_index);
- proto = ip_proto_to_snat_proto (mp->protocol);
-
- rv = snat_add_static_mapping (local_addr, external_addr, local_port,
- external_port, vrf_id, mp->addr_only,
- external_sw_if_index, proto, mp->is_add);
-
-send_reply:
- REPLY_MACRO (VL_API_SNAT_ADD_ADDRESS_RANGE_REPLY);
-}
-
-static void *vl_api_snat_add_static_mapping_t_print
- (vl_api_snat_add_static_mapping_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_add_static_mapping ");
- s = format (s, "protocol %d local_addr %U external_addr %U ",
- mp->protocol,
- format_ip4_address, mp->local_ip_address,
- format_ip4_address, mp->external_ip_address);
-
- if (mp->addr_only == 0)
- s = format (s, "local_port %d external_port %d ",
- clib_net_to_host_u16 (mp->local_port),
- clib_net_to_host_u16 (mp->external_port));
-
- if (mp->vrf_id != ~0)
- s = format (s, "vrf %d", clib_net_to_host_u32 (mp->vrf_id));
-
- if (mp->external_sw_if_index != ~0)
- s = format (s, "external_sw_if_index %d",
- clib_net_to_host_u32 (mp->external_sw_if_index));
- FINISH;
-}
-
-static void
- send_snat_static_mapping_details
- (snat_static_mapping_t * m, unix_shared_memory_queue_t * q, u32 context)
-{
- vl_api_snat_static_mapping_details_t *rmp;
- snat_main_t *sm = &snat_main;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id =
- ntohs (VL_API_SNAT_STATIC_MAPPING_DETAILS + sm->msg_id_base);
- rmp->is_ip4 = 1;
- rmp->addr_only = m->addr_only;
- clib_memcpy (rmp->local_ip_address, &(m->local_addr), 4);
- clib_memcpy (rmp->external_ip_address, &(m->external_addr), 4);
- rmp->local_port = htons (m->local_port);
- rmp->external_port = htons (m->external_port);
- rmp->external_sw_if_index = ~0;
- rmp->vrf_id = htonl (m->vrf_id);
- rmp->protocol = snat_proto_to_ip_proto (m->proto);
- rmp->context = context;
-
- vl_msg_api_send_shmem (q, (u8 *) & rmp);
-}
-
-static void
- send_snat_static_map_resolve_details
- (snat_static_map_resolve_t * m, unix_shared_memory_queue_t * q, u32 context)
-{
- vl_api_snat_static_mapping_details_t *rmp;
- snat_main_t *sm = &snat_main;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id =
- ntohs (VL_API_SNAT_STATIC_MAPPING_DETAILS + sm->msg_id_base);
- rmp->is_ip4 = 1;
- rmp->addr_only = m->addr_only;
- clib_memcpy (rmp->local_ip_address, &(m->l_addr), 4);
- rmp->local_port = htons (m->l_port);
- rmp->external_port = htons (m->e_port);
- rmp->external_sw_if_index = htonl (m->sw_if_index);
- rmp->vrf_id = htonl (m->vrf_id);
- rmp->protocol = snat_proto_to_ip_proto (m->proto);
- rmp->context = context;
-
- vl_msg_api_send_shmem (q, (u8 *) & rmp);
-}
-
-static void
- vl_api_snat_static_mapping_dump_t_handler
- (vl_api_snat_static_mapping_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- snat_main_t *sm = &snat_main;
- snat_static_mapping_t *m;
- snat_static_map_resolve_t *rp;
- int j;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- /* *INDENT-OFF* */
- pool_foreach (m, sm->static_mappings,
- ({
- send_snat_static_mapping_details (m, q, mp->context);
- }));
- /* *INDENT-ON* */
-
- for (j = 0; j < vec_len (sm->to_resolve); j++)
- {
- rp = sm->to_resolve + j;
- send_snat_static_map_resolve_details (rp, q, mp->context);
- }
-}
-
-static void *vl_api_snat_static_mapping_dump_t_print
- (vl_api_snat_static_mapping_dump_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_static_mapping_dump ");
-
- FINISH;
-}
-
-static void
-vl_api_snat_control_ping_t_handler (vl_api_snat_control_ping_t * mp)
-{
- vl_api_snat_control_ping_reply_t *rmp;
- snat_main_t *sm = &snat_main;
- int rv = 0;
-
- /* *INDENT-OFF* */
- REPLY_MACRO2 (VL_API_SNAT_CONTROL_PING_REPLY,
- ({
- rmp->vpe_pid = ntohl (getpid ());
- }));
- /* *INDENT-ON* */
-}
-
-static void *vl_api_snat_control_ping_t_print
- (vl_api_snat_control_ping_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_control_ping ");
-
- FINISH;
-}
-
-static void
-vl_api_snat_show_config_t_handler (vl_api_snat_show_config_t * mp)
-{
- vl_api_snat_show_config_reply_t *rmp;
- snat_main_t *sm = &snat_main;
- int rv = 0;
-
- /* *INDENT-OFF* */
- REPLY_MACRO2 (VL_API_SNAT_SHOW_CONFIG_REPLY,
- ({
- rmp->translation_buckets = htonl (sm->translation_buckets);
- rmp->translation_memory_size = htonl (sm->translation_memory_size);
- rmp->user_buckets = htonl (sm->user_buckets);
- rmp->user_memory_size = htonl (sm->user_memory_size);
- rmp->max_translations_per_user = htonl (sm->max_translations_per_user);
- rmp->outside_vrf_id = htonl (sm->outside_vrf_id);
- rmp->inside_vrf_id = htonl (sm->inside_vrf_id);
- rmp->static_mapping_only = sm->static_mapping_only;
- rmp->static_mapping_connection_tracking =
- sm->static_mapping_connection_tracking;
- rmp->deterministic = sm->deterministic;
- }));
- /* *INDENT-ON* */
-}
-
-static void *vl_api_snat_show_config_t_print
- (vl_api_snat_show_config_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_show_config ");
-
- FINISH;
-}
-
-static void
-vl_api_snat_set_workers_t_handler (vl_api_snat_set_workers_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_set_workers_reply_t *rmp;
- int rv = 0;
- uword *bitmap = 0;
- u64 mask = clib_net_to_host_u64 (mp->worker_mask);
-
- if (sm->num_workers < 2)
- {
- rv = VNET_API_ERROR_FEATURE_DISABLED;
- goto send_reply;
- }
-
- bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask));
- rv = snat_set_workers (bitmap);
- clib_bitmap_free (bitmap);
-
-send_reply:
- REPLY_MACRO (VL_API_SNAT_SET_WORKERS_REPLY);
-}
-
-static void *vl_api_snat_set_workers_t_print
- (vl_api_snat_set_workers_t * mp, void *handle)
-{
- u8 *s;
- uword *bitmap = 0;
- u8 first = 1;
- int i;
- u64 mask = clib_net_to_host_u64 (mp->worker_mask);
-
- s = format (0, "SCRIPT: snat_set_workers ");
- bitmap = clib_bitmap_set_multiple (bitmap, 0, mask, BITS (mask));
- /* *INDENT-OFF* */
- clib_bitmap_foreach (i, bitmap,
- ({
- if (first)
- s = format (s, "%d", i);
- else
- s = format (s, ",%d", i);
- first = 0;
- }));
- /* *INDENT-ON* */
- clib_bitmap_free (bitmap);
- FINISH;
-}
-
-static void
- send_snat_worker_details
- (u32 worker_index, unix_shared_memory_queue_t * q, u32 context)
-{
- vl_api_snat_worker_details_t *rmp;
- snat_main_t *sm = &snat_main;
- vlib_worker_thread_t *w =
- vlib_worker_threads + worker_index + sm->first_worker_index;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id = ntohs (VL_API_SNAT_WORKER_DETAILS + sm->msg_id_base);
- rmp->context = context;
- rmp->worker_index = htonl (worker_index);
- rmp->lcore_id = htonl (w->lcore_id);
- strncpy ((char *) rmp->name, (char *) w->name, ARRAY_LEN (rmp->name) - 1);
-
- vl_msg_api_send_shmem (q, (u8 *) & rmp);
-}
-
-static void
-vl_api_snat_worker_dump_t_handler (vl_api_snat_worker_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- snat_main_t *sm = &snat_main;
- u32 *worker_index;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- /* *INDENT-OFF* */
- vec_foreach (worker_index, sm->workers)
- send_snat_worker_details(*worker_index, q, mp->context);
- /* *INDENT-ON* */
-}
-
-static void *vl_api_snat_worker_dump_t_print
- (vl_api_snat_worker_dump_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_worker_dump ");
-
- FINISH;
-}
-
-static void
- vl_api_snat_add_del_interface_addr_t_handler
- (vl_api_snat_add_del_interface_addr_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_add_del_interface_addr_reply_t *rmp;
- u8 is_del = mp->is_add == 0;
- u32 sw_if_index = ntohl (mp->sw_if_index);
- int rv = 0;
-
- VALIDATE_SW_IF_INDEX (mp);
-
- rv = snat_add_interface_address (sm, sw_if_index, is_del);
-
- BAD_SW_IF_INDEX_LABEL;
-
- REPLY_MACRO (VL_API_SNAT_ADD_DEL_INTERFACE_ADDR_REPLY);
-}
-
-static void *vl_api_snat_add_del_interface_addr_t_print
- (vl_api_snat_add_del_interface_addr_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_add_del_interface_addr ");
- s = format (s, "sw_if_index %d %s",
- clib_host_to_net_u32 (mp->sw_if_index),
- mp->is_add ? "" : "del");
-
- FINISH;
-}
-
-static void
- send_snat_interface_addr_details
- (u32 sw_if_index, unix_shared_memory_queue_t * q, u32 context)
-{
- vl_api_snat_interface_addr_details_t *rmp;
- snat_main_t *sm = &snat_main;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id =
- ntohs (VL_API_SNAT_INTERFACE_ADDR_DETAILS + sm->msg_id_base);
- rmp->sw_if_index = ntohl (sw_if_index);
- rmp->context = context;
-
- vl_msg_api_send_shmem (q, (u8 *) & rmp);
-}
-
-static void
- vl_api_snat_interface_addr_dump_t_handler
- (vl_api_snat_interface_addr_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- snat_main_t *sm = &snat_main;
- u32 *i;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- /* *INDENT-OFF* */
- vec_foreach (i, sm->auto_add_sw_if_indices)
- send_snat_interface_addr_details(*i, q, mp->context);
- /* *INDENT-ON* */
-}
-
-static void *vl_api_snat_interface_addr_dump_t_print
- (vl_api_snat_interface_addr_dump_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_interface_addr_dump ");
-
- FINISH;
-}
-
-static void
- vl_api_snat_ipfix_enable_disable_t_handler
- (vl_api_snat_ipfix_enable_disable_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_ipfix_enable_disable_reply_t *rmp;
- int rv = 0;
-
- rv = snat_ipfix_logging_enable_disable (mp->enable,
- clib_host_to_net_u32
- (mp->domain_id),
- clib_host_to_net_u16
- (mp->src_port));
-
- REPLY_MACRO (VL_API_SNAT_IPFIX_ENABLE_DISABLE_REPLY);
-}
-
-static void *vl_api_snat_ipfix_enable_disable_t_print
- (vl_api_snat_ipfix_enable_disable_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_ipfix_enable_disable ");
- if (mp->domain_id)
- s = format (s, "domain %d ", clib_net_to_host_u32 (mp->domain_id));
- if (mp->src_port)
- s = format (s, "src_port %d ", clib_net_to_host_u16 (mp->src_port));
- if (!mp->enable)
- s = format (s, "disable ");
-
- FINISH;
-}
-
-static void
- send_snat_user_details
- (snat_user_t * u, unix_shared_memory_queue_t * q, u32 context)
-{
- vl_api_snat_user_details_t *rmp;
- snat_main_t *sm = &snat_main;
- fib_table_t *fib = fib_table_get (u->fib_index, FIB_PROTOCOL_IP4);
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id = ntohs (VL_API_SNAT_USER_DETAILS + sm->msg_id_base);
-
- rmp->vrf_id = ntohl (fib->ft_table_id);
-
- rmp->is_ip4 = 1;
- clib_memcpy (rmp->ip_address, &(u->addr), 4);
- rmp->nsessions = ntohl (u->nsessions);
- rmp->nstaticsessions = ntohl (u->nstaticsessions);
- rmp->context = context;
-
- vl_msg_api_send_shmem (q, (u8 *) & rmp);
-}
-
-static void
-vl_api_snat_user_dump_t_handler (vl_api_snat_user_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- snat_main_t *sm = &snat_main;
- snat_main_per_thread_data_t *tsm;
- snat_user_t *u;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- /* *INDENT-OFF* */
- vec_foreach (tsm, sm->per_thread_data)
- vec_foreach (u, tsm->users)
- send_snat_user_details (u, q, mp->context);
- /* *INDENT-ON* */
-}
-
-static void *vl_api_snat_user_dump_t_print
- (vl_api_snat_user_dump_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_user_dump ");
-
- FINISH;
-}
-
-static void
- send_snat_user_session_details
- (snat_session_t * s, unix_shared_memory_queue_t * q, u32 context)
-{
- vl_api_snat_user_session_details_t *rmp;
- snat_main_t *sm = &snat_main;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id =
- ntohs (VL_API_SNAT_USER_SESSION_DETAILS + sm->msg_id_base);
- rmp->is_ip4 = 1;
- clib_memcpy (rmp->outside_ip_address, (&s->out2in.addr), 4);
- clib_memcpy (rmp->inside_ip_address, (&s->in2out.addr), 4);
- rmp->is_static = s->flags & SNAT_SESSION_FLAG_STATIC_MAPPING ? 1 : 0;
- rmp->last_heard = clib_host_to_net_u64 ((u64) s->last_heard);
- rmp->total_bytes = clib_host_to_net_u64 (s->total_bytes);
- rmp->total_pkts = ntohl (s->total_pkts);
- rmp->context = context;
- if (snat_is_unk_proto_session (s))
- {
- rmp->outside_port = 0;
- rmp->inside_port = 0;
- rmp->protocol = ntohs (s->in2out.port);
- }
- else
- {
- rmp->outside_port = s->out2in.port;
- rmp->inside_port = s->in2out.port;
- rmp->protocol = ntohs (snat_proto_to_ip_proto (s->in2out.protocol));
- }
-
- vl_msg_api_send_shmem (q, (u8 *) & rmp);
-}
-
-static void
- vl_api_snat_user_session_dump_t_handler
- (vl_api_snat_user_session_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- snat_main_t *sm = &snat_main;
- snat_main_per_thread_data_t *tsm;
- snat_session_t *s;
- clib_bihash_kv_8_8_t key, value;
- snat_user_key_t ukey;
- snat_user_t *u;
- u32 session_index, head_index, elt_index;
- dlist_elt_t *head, *elt;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
- if (!mp->is_ip4)
- return;
-
- clib_memcpy (&ukey.addr, mp->ip_address, 4);
- ukey.fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->vrf_id));
- key.key = ukey.as_u64;
- if (!clib_bihash_search_8_8 (&sm->worker_by_in, &key, &value))
- tsm = vec_elt_at_index (sm->per_thread_data, value.value);
- else
- tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
- if (clib_bihash_search_8_8 (&sm->user_hash, &key, &value))
- return;
- u = pool_elt_at_index (tsm->users, value.value);
- if (!u->nsessions && !u->nstaticsessions)
- return;
-
- head_index = u->sessions_per_user_list_head_index;
- head = pool_elt_at_index (tsm->list_pool, head_index);
- elt_index = head->next;
- elt = pool_elt_at_index (tsm->list_pool, elt_index);
- session_index = elt->value;
- while (session_index != ~0)
- {
- s = pool_elt_at_index (tsm->sessions, session_index);
-
- send_snat_user_session_details (s, q, mp->context);
-
- elt_index = elt->next;
- elt = pool_elt_at_index (tsm->list_pool, elt_index);
- session_index = elt->value;
- }
-}
-
-static void *vl_api_snat_user_session_dump_t_print
- (vl_api_snat_user_session_dump_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_user_session_dump ");
- s = format (s, "ip_address %U vrf_id %d\n",
- format_ip4_address, mp->ip_address,
- clib_net_to_host_u32 (mp->vrf_id));
-
- FINISH;
-}
-
-/****************************/
-/*** detrministic NAT/CGN ***/
-/****************************/
-
-static void
-vl_api_snat_add_det_map_t_handler (vl_api_snat_add_det_map_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_add_det_map_reply_t *rmp;
- int rv = 0;
- ip4_address_t in_addr, out_addr;
-
- clib_memcpy (&in_addr, mp->in_addr, 4);
- clib_memcpy (&out_addr, mp->out_addr, 4);
- rv = snat_det_add_map (sm, &in_addr, mp->in_plen, &out_addr,
- mp->out_plen, mp->is_add);
-
- REPLY_MACRO (VL_API_SNAT_ADD_DET_MAP_REPLY);
-}
-
-static void *vl_api_snat_add_det_map_t_print
- (vl_api_snat_add_det_map_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_add_det_map ");
- s = format (s, "inside address %U/%d outside address %U/%d\n",
- format_ip4_address, mp->in_addr, mp->in_plen,
- format_ip4_address, mp->out_addr, mp->out_plen);
-
- FINISH;
-}
-
-static void
-vl_api_snat_det_forward_t_handler (vl_api_snat_det_forward_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_det_forward_reply_t *rmp;
- int rv = 0;
- u16 lo_port = 0, hi_port = 0;
- snat_det_map_t *dm;
- ip4_address_t in_addr, out_addr;
-
- out_addr.as_u32 = 0;
- clib_memcpy (&in_addr, mp->in_addr, 4);
- dm = snat_det_map_by_user (sm, &in_addr);
- if (!dm)
- {
- rv = VNET_API_ERROR_NO_SUCH_ENTRY;
- goto send_reply;
- }
-
- snat_det_forward (dm, &in_addr, &out_addr, &lo_port);
- hi_port = lo_port + dm->ports_per_host - 1;
-
-send_reply:
- /* *INDENT-OFF* */
- REPLY_MACRO2 (VL_API_SNAT_DET_FORWARD_REPLY,
- ({
- rmp->out_port_lo = ntohs (lo_port);
- rmp->out_port_hi = ntohs (hi_port);
- rmp->is_ip4 = 1;
- memset (rmp->out_addr, 0, 16);
- clib_memcpy (rmp->out_addr, &out_addr, 4);
- }))
- /* *INDENT-ON* */
-}
-
-static void *vl_api_snat_det_forward_t_print
- (vl_api_snat_det_forward_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: smat_det_forward_t");
- s = format (s, "inside ip address %U\n", format_ip4_address, mp->in_addr);
-
- FINISH;
-}
-
-static void
-vl_api_snat_det_reverse_t_handler (vl_api_snat_det_reverse_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_det_reverse_reply_t *rmp;
- int rv = 0;
- ip4_address_t out_addr, in_addr;
- snat_det_map_t *dm;
-
- in_addr.as_u32 = 0;
- clib_memcpy (&out_addr, mp->out_addr, 4);
- dm = snat_det_map_by_out (sm, &out_addr);
- if (!dm)
- {
- rv = VNET_API_ERROR_NO_SUCH_ENTRY;
- goto send_reply;
- }
-
- snat_det_reverse (dm, &out_addr, htons (mp->out_port), &in_addr);
-
-send_reply:
- /* *INDENT-OFF* */
- REPLY_MACRO2 (VL_API_SNAT_DET_REVERSE_REPLY,
- ({
- rmp->is_ip4 = 1;
- memset (rmp->in_addr, 0, 16);
- clib_memcpy (rmp->in_addr, &in_addr, 4);
- }))
- /* *INDENT-ON* */
-}
-
-static void *vl_api_snat_det_reverse_t_print
- (vl_api_snat_det_reverse_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: smat_det_reverse_t");
- s = format (s, "outside ip address %U outside port %d",
- format_ip4_address, mp->out_addr, ntohs (mp->out_port));
-
- FINISH;
-}
-
-static void
- sent_snat_det_map_details
- (snat_det_map_t * m, unix_shared_memory_queue_t * q, u32 context)
-{
- vl_api_snat_det_map_details_t *rmp;
- snat_main_t *sm = &snat_main;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id = ntohs (VL_API_SNAT_DET_MAP_DETAILS + sm->msg_id_base);
- rmp->is_ip4 = 1;
- clib_memcpy (rmp->in_addr, &m->in_addr, 4);
- rmp->in_plen = m->in_plen;
- clib_memcpy (rmp->out_addr, &m->out_addr, 4);
- rmp->out_plen = m->out_plen;
- rmp->sharing_ratio = htonl (m->sharing_ratio);
- rmp->ports_per_host = htons (m->ports_per_host);
- rmp->ses_num = htonl (m->ses_num);
- rmp->context = context;
-
- vl_msg_api_send_shmem (q, (u8 *) & rmp);
-}
-
-static void
-vl_api_snat_det_map_dump_t_handler (vl_api_snat_det_map_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- snat_main_t *sm = &snat_main;
- snat_det_map_t *m;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- /* *INDENT-OFF* */
- vec_foreach(m, sm->det_maps)
- sent_snat_det_map_details(m, q, mp->context);
- /* *INDENT-ON* */
-}
-
-static void *vl_api_snat_det_map_dump_t_print
- (vl_api_snat_det_map_dump_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_det_map_dump ");
-
- FINISH;
-}
-
-static void
-vl_api_snat_det_set_timeouts_t_handler (vl_api_snat_det_set_timeouts_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_det_set_timeouts_reply_t *rmp;
- int rv = 0;
-
- sm->udp_timeout = ntohl (mp->udp);
- sm->tcp_established_timeout = ntohl (mp->tcp_established);
- sm->tcp_transitory_timeout = ntohl (mp->tcp_transitory);
- sm->icmp_timeout = ntohl (mp->icmp);
-
- REPLY_MACRO (VL_API_SNAT_DET_SET_TIMEOUTS_REPLY);
-}
-
-static void *vl_api_snat_det_set_timeouts_t_print
- (vl_api_snat_det_set_timeouts_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_det_set_timeouts ");
- s = format (s, "udp %d tcp_established %d tcp_transitory %d icmp %d\n",
- ntohl (mp->udp),
- ntohl (mp->tcp_established),
- ntohl (mp->tcp_transitory), ntohl (mp->icmp));
-
- FINISH;
-}
-
-static void
-vl_api_snat_det_get_timeouts_t_handler (vl_api_snat_det_get_timeouts_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_det_get_timeouts_reply_t *rmp;
- int rv = 0;
-
- /* *INDENT-OFF* */
- REPLY_MACRO2 (VL_API_SNAT_DET_GET_TIMEOUTS_REPLY,
- ({
- rmp->udp = htonl (sm->udp_timeout);
- rmp->tcp_established = htonl (sm->tcp_established_timeout);
- rmp->tcp_transitory = htonl (sm->tcp_transitory_timeout);
- rmp->icmp = htonl (sm->icmp_timeout);
- }))
- /* *INDENT-ON* */
-}
-
-static void *vl_api_snat_det_get_timeouts_t_print
- (vl_api_snat_det_get_timeouts_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_det_get_timeouts");
-
- FINISH;
-}
-
-static void
- vl_api_snat_det_close_session_out_t_handler
- (vl_api_snat_det_close_session_out_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_det_close_session_out_reply_t *rmp;
- ip4_address_t out_addr, ext_addr, in_addr;
- snat_det_out_key_t key;
- snat_det_map_t *dm;
- snat_det_session_t *ses;
- int rv = 0;
-
- clib_memcpy (&out_addr, mp->out_addr, 4);
- clib_memcpy (&ext_addr, mp->ext_addr, 4);
-
- dm = snat_det_map_by_out (sm, &out_addr);
- if (!dm)
- {
- rv = VNET_API_ERROR_NO_SUCH_ENTRY;
- goto send_reply;
- }
- snat_det_reverse (dm, &ext_addr, ntohs (mp->out_port), &in_addr);
- key.ext_host_addr = ext_addr;
- key.ext_host_port = mp->ext_port;
- key.out_port = mp->out_port;
- ses = snat_det_get_ses_by_out (dm, &in_addr, key.as_u64);
- if (!ses)
- {
- rv = VNET_API_ERROR_NO_SUCH_ENTRY;
- goto send_reply;
- }
- snat_det_ses_close (dm, ses);
-
-send_reply:
- REPLY_MACRO (VL_API_SNAT_DET_CLOSE_SESSION_OUT_REPLY);
-}
-
-static void *vl_api_snat_det_close_session_out_t_print
- (vl_api_snat_det_close_session_out_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_det_close_session_out ");
- s = format (s, "out_addr %U out_port %d "
- "ext_addr %U ext_port %d\n",
- format_ip4_address, mp->out_addr, ntohs (mp->out_port),
- format_ip4_address, mp->ext_addr, ntohs (mp->ext_port));
-
- FINISH;
-}
-
-static void
- vl_api_snat_det_close_session_in_t_handler
- (vl_api_snat_det_close_session_in_t * mp)
-{
- snat_main_t *sm = &snat_main;
- vl_api_snat_det_close_session_in_reply_t *rmp;
- ip4_address_t in_addr, ext_addr;
- snat_det_out_key_t key;
- snat_det_map_t *dm;
- snat_det_session_t *ses;
- int rv = 0;
-
- clib_memcpy (&in_addr, mp->in_addr, 4);
- clib_memcpy (&ext_addr, mp->ext_addr, 4);
-
- dm = snat_det_map_by_user (sm, &in_addr);
- if (!dm)
- {
- rv = VNET_API_ERROR_NO_SUCH_ENTRY;
- goto send_reply;
- }
- key.ext_host_addr = ext_addr;
- key.ext_host_port = mp->ext_port;
- ses = snat_det_find_ses_by_in (dm, &in_addr, mp->in_port, key);
- if (!ses)
- {
- rv = VNET_API_ERROR_NO_SUCH_ENTRY;
- goto send_reply;
- }
- snat_det_ses_close (dm, ses);
-
-send_reply:
- REPLY_MACRO (VL_API_SNAT_DET_CLOSE_SESSION_OUT_REPLY);
-}
-
-static void *vl_api_snat_det_close_session_in_t_print
- (vl_api_snat_det_close_session_in_t * mp, void *handle)
-{
- u8 *s;
- s = format (0, "SCRIPT: snat_det_close_session_in ");
- s = format (s, "in_addr %U in_port %d "
- "ext_addr %U ext_port %d\n",
- format_ip4_address, mp->in_addr, ntohs (mp->in_port),
- format_ip4_address, mp->ext_addr, ntohs (mp->ext_port));
-
- FINISH;
-}
-
-static void
- send_snat_det_session_details
- (snat_det_session_t * s, unix_shared_memory_queue_t * q, u32 context)
-{
- vl_api_snat_det_session_details_t *rmp;
- snat_main_t *sm = &snat_main;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id = ntohs (VL_API_SNAT_DET_SESSION_DETAILS + sm->msg_id_base);
- rmp->is_ip4 = 1;
- rmp->in_port = s->in_port;
- clib_memcpy (rmp->ext_addr, &s->out.ext_host_addr, 4);
- rmp->ext_port = s->out.ext_host_port;
- rmp->out_port = s->out.out_port;
- rmp->state = s->state;
- rmp->expire = ntohl (s->expire);
- rmp->context = context;
-
- vl_msg_api_send_shmem (q, (u8 *) & rmp);
-}
-
-static void
-vl_api_snat_det_session_dump_t_handler (vl_api_snat_det_session_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- snat_main_t *sm = &snat_main;
- ip4_address_t user_addr;
- snat_det_map_t *dm;
- snat_det_session_t *s, empty_ses;
- u16 i;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
- if (!mp->is_ip4)
- return;
-
- memset (&empty_ses, 0, sizeof (empty_ses));
- clib_memcpy (&user_addr, mp->user_addr, 4);
- dm = snat_det_map_by_user (sm, &user_addr);
- if (!dm)
- return;
-
- s = dm->sessions + snat_det_user_ses_offset (&user_addr, dm->in_plen);
- for (i = 0; i < SNAT_DET_SES_PER_USER; i++)
- {
- if (s->out.as_u64)
- send_snat_det_session_details (s, q, mp->context);
- s++;
- }
-}
-
-static void *vl_api_snat_det_session_dump_t_print
- (vl_api_snat_det_session_dump_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_det_session_dump ");
- s = format (s, "user_addr %U\n", format_ip4_address, mp->user_addr);
-
- FINISH;
-}
-
-/*************/
-/*** NAT64 ***/
-/*************/
-
-static void
- vl_api_nat64_add_del_pool_addr_range_t_handler
- (vl_api_nat64_add_del_pool_addr_range_t * mp)
-{
- vl_api_nat64_add_del_pool_addr_range_reply_t *rmp;
- snat_main_t *sm = &snat_main;
- nat64_main_t *nm = &nat64_main;
- int rv = 0;
- ip4_address_t this_addr;
- u32 start_host_order, end_host_order;
- u32 vrf_id;
- int i, count;
- u32 *tmp;
-
- if (nm->is_disabled)
- {
- rv = VNET_API_ERROR_FEATURE_DISABLED;
- goto send_reply;
- }
-
- tmp = (u32 *) mp->start_addr;
- start_host_order = clib_host_to_net_u32 (tmp[0]);
- tmp = (u32 *) mp->end_addr;
- end_host_order = clib_host_to_net_u32 (tmp[0]);
-
- count = (end_host_order - start_host_order) + 1;
-
- vrf_id = clib_host_to_net_u32 (mp->vrf_id);
-
- memcpy (&this_addr.as_u8, mp->start_addr, 4);
-
- for (i = 0; i < count; i++)
- {
- if ((rv = nat64_add_del_pool_addr (&this_addr, vrf_id, mp->is_add)))
- goto send_reply;
-
- increment_v4_address (&this_addr);
- }
-
-send_reply:
- REPLY_MACRO (VL_API_NAT64_ADD_DEL_POOL_ADDR_RANGE_REPLY);
-}
-
-static void *vl_api_nat64_add_del_pool_addr_range_t_print
- (vl_api_nat64_add_del_pool_addr_range_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: nat64_add_del_pool_addr_range ");
- s = format (s, "%U - %U vrf_id %u %s\n",
- format_ip4_address, mp->start_addr,
- format_ip4_address, mp->end_addr,
- ntohl (mp->vrf_id), mp->is_add ? "" : "del");
-
- FINISH;
-}
-
-typedef struct nat64_api_walk_ctx_t_
-{
- unix_shared_memory_queue_t *q;
- u32 context;
-} nat64_api_walk_ctx_t;
-
-static int
-nat64_api_pool_walk (snat_address_t * a, void *arg)
-{
- vl_api_nat64_pool_addr_details_t *rmp;
- snat_main_t *sm = &snat_main;
- nat64_api_walk_ctx_t *ctx = arg;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id = ntohs (VL_API_NAT64_POOL_ADDR_DETAILS + sm->msg_id_base);
- clib_memcpy (rmp->address, &(a->addr), 4);
- if (a->fib_index != ~0)
- {
- fib_table_t *fib = fib_table_get (a->fib_index, FIB_PROTOCOL_IP6);
- if (!fib)
- return -1;
- rmp->vrf_id = ntohl (fib->ft_table_id);
- }
- else
- rmp->vrf_id = ~0;
- rmp->context = ctx->context;
-
- vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp);
-
- return 0;
-}
-
-static void
-vl_api_nat64_pool_addr_dump_t_handler (vl_api_nat64_pool_addr_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- nat64_main_t *nm = &nat64_main;
-
- if (nm->is_disabled)
- return;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- nat64_api_walk_ctx_t ctx = {
- .q = q,
- .context = mp->context,
- };
-
- nat64_pool_addr_walk (nat64_api_pool_walk, &ctx);
-}
-
-static void *
-vl_api_nat64_pool_addr_dump_t_print (vl_api_nat64_pool_addr_dump_t * mp,
- void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: nat64_pool_addr_dump\n");
-
- FINISH;
-}
-
-static void
-vl_api_nat64_add_del_interface_t_handler (vl_api_nat64_add_del_interface_t *
- mp)
-{
- snat_main_t *sm = &snat_main;
- nat64_main_t *nm = &nat64_main;
- vl_api_nat64_add_del_interface_reply_t *rmp;
- int rv = 0;
-
- if (nm->is_disabled)
- {
- rv = VNET_API_ERROR_FEATURE_DISABLED;
- goto send_reply;
- }
-
- VALIDATE_SW_IF_INDEX (mp);
-
- rv =
- nat64_add_del_interface (ntohl (mp->sw_if_index), mp->is_inside,
- mp->is_add);
-
- BAD_SW_IF_INDEX_LABEL;
-
-send_reply:
- REPLY_MACRO (VL_API_NAT64_ADD_DEL_INTERFACE_REPLY);
-}
-
-static void *
-vl_api_nat64_add_del_interface_t_print (vl_api_nat64_add_del_interface_t * mp,
- void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: nat64_add_del_interface ");
- s = format (s, "sw_if_index %d %s %s",
- clib_host_to_net_u32 (mp->sw_if_index),
- mp->is_inside ? "in" : "out", mp->is_add ? "" : "del");
-
- FINISH;
-}
-
-static int
-nat64_api_interface_walk (snat_interface_t * i, void *arg)
-{
- vl_api_nat64_interface_details_t *rmp;
- snat_main_t *sm = &snat_main;
- nat64_api_walk_ctx_t *ctx = arg;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id = ntohs (VL_API_NAT64_INTERFACE_DETAILS + sm->msg_id_base);
- rmp->sw_if_index = ntohl (i->sw_if_index);
- rmp->is_inside = i->is_inside;
- rmp->context = ctx->context;
-
- vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp);
-
- return 0;
-}
-
-static void
-vl_api_nat64_interface_dump_t_handler (vl_api_nat64_interface_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- nat64_main_t *nm = &nat64_main;
-
- if (nm->is_disabled)
- return;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- nat64_api_walk_ctx_t ctx = {
- .q = q,
- .context = mp->context,
- };
-
- nat64_interfaces_walk (nat64_api_interface_walk, &ctx);
-}
-
-static void *
-vl_api_nat64_interface_dump_t_print (vl_api_nat64_interface_dump_t * mp,
- void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_interface_dump ");
-
- FINISH;
-}
-
-static void
- vl_api_nat64_add_del_static_bib_t_handler
- (vl_api_nat64_add_del_static_bib_t * mp)
-{
- snat_main_t *sm = &snat_main;
- nat64_main_t *nm = &nat64_main;
- vl_api_nat64_add_del_static_bib_reply_t *rmp;
- ip6_address_t in_addr;
- ip4_address_t out_addr;
- int rv = 0;
-
- if (nm->is_disabled)
- {
- rv = VNET_API_ERROR_FEATURE_DISABLED;
- goto send_reply;
- }
-
- memcpy (&in_addr.as_u8, mp->i_addr, 16);
- memcpy (&out_addr.as_u8, mp->o_addr, 4);
-
- rv =
- nat64_add_del_static_bib_entry (&in_addr, &out_addr,
- clib_net_to_host_u16 (mp->i_port),
- clib_net_to_host_u16 (mp->o_port),
- mp->proto,
- clib_net_to_host_u32 (mp->vrf_id),
- mp->is_add);
-
-send_reply:
- REPLY_MACRO (VL_API_NAT64_ADD_DEL_STATIC_BIB_REPLY);
-}
-
-static void *vl_api_nat64_add_del_static_bib_t_print
- (vl_api_nat64_add_del_static_bib_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: nat64_add_del_static_bib ");
- s = format (s, "protocol %d i_addr %U o_addr %U ",
- mp->proto,
- format_ip6_address, mp->i_addr, format_ip4_address, mp->o_addr);
-
- if (mp->vrf_id != ~0)
- s = format (s, "vrf %d", clib_net_to_host_u32 (mp->vrf_id));
-
- FINISH;
-}
-
-static int
-nat64_api_bib_walk (nat64_db_bib_entry_t * bibe, void *arg)
-{
- vl_api_nat64_bib_details_t *rmp;
- snat_main_t *sm = &snat_main;
- nat64_api_walk_ctx_t *ctx = arg;
- fib_table_t *fib;
-
- fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6);
- if (!fib)
- return -1;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id = ntohs (VL_API_NAT64_BIB_DETAILS + sm->msg_id_base);
- rmp->context = ctx->context;
- clib_memcpy (rmp->i_addr, &(bibe->in_addr), 16);
- clib_memcpy (rmp->o_addr, &(bibe->out_addr), 4);
- rmp->i_port = bibe->in_port;
- rmp->o_port = bibe->out_port;
- rmp->vrf_id = ntohl (fib->ft_table_id);
- rmp->proto = bibe->proto;
- rmp->is_static = bibe->is_static;
- rmp->ses_num = ntohl (bibe->ses_num);
-
- vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp);
-
- return 0;
-}
-
-static void
-vl_api_nat64_bib_dump_t_handler (vl_api_nat64_bib_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- nat64_main_t *nm = &nat64_main;
-
- if (nm->is_disabled)
- return;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- nat64_api_walk_ctx_t ctx = {
- .q = q,
- .context = mp->context,
- };
-
- nat64_db_bib_walk (&nm->db, mp->proto, nat64_api_bib_walk, &ctx);
-}
-
-static void *
-vl_api_nat64_bib_dump_t_print (vl_api_nat64_bib_dump_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_bib_dump protocol %d", mp->proto);
-
- FINISH;
-}
-
-static void
-vl_api_nat64_set_timeouts_t_handler (vl_api_nat64_set_timeouts_t * mp)
-{
- snat_main_t *sm = &snat_main;
- nat64_main_t *nm = &nat64_main;
- vl_api_nat64_set_timeouts_reply_t *rmp;
- int rv = 0;
-
- if (nm->is_disabled)
- {
- rv = VNET_API_ERROR_FEATURE_DISABLED;
- goto send_reply;
- }
-
- rv = nat64_set_icmp_timeout (ntohl (mp->icmp));
- if (rv)
- goto send_reply;
- rv = nat64_set_udp_timeout (ntohl (mp->udp));
- if (rv)
- goto send_reply;
- rv =
- nat64_set_tcp_timeouts (ntohl (mp->tcp_trans), ntohl (mp->tcp_est),
- ntohl (mp->tcp_incoming_syn));
-
-send_reply:
- REPLY_MACRO (VL_API_NAT64_SET_TIMEOUTS_REPLY);
-}
-
-static void *vl_api_nat64_set_timeouts_t_print
- (vl_api_nat64_set_timeouts_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: nat64_set_timeouts ");
- s =
- format (s,
- "udp %d icmp %d, tcp_trans %d, tcp_est %d, tcp_incoming_syn %d\n",
- ntohl (mp->udp), ntohl (mp->icmp), ntohl (mp->tcp_trans),
- ntohl (mp->tcp_est), ntohl (mp->tcp_incoming_syn));
-
- FINISH;
-}
-
-static void
-vl_api_nat64_get_timeouts_t_handler (vl_api_nat64_get_timeouts_t * mp)
-{
- snat_main_t *sm = &snat_main;
- nat64_main_t *nm = &nat64_main;
- vl_api_nat64_get_timeouts_reply_t *rmp;
- int rv = 0;
-
- if (nm->is_disabled)
- return;
-
- /* *INDENT-OFF* */
- REPLY_MACRO2 (VL_API_NAT64_GET_TIMEOUTS_REPLY,
- ({
- rmp->udp = htonl (nat64_get_udp_timeout());
- rmp->icmp = htonl (nat64_get_icmp_timeout());
- rmp->tcp_trans = htonl (nat64_get_tcp_trans_timeout());
- rmp->tcp_est = htonl (nat64_get_tcp_est_timeout());
- rmp->tcp_incoming_syn = htonl (nat64_get_tcp_incoming_syn_timeout());
- }))
- /* *INDENT-ON* */
-}
-
-static void *vl_api_nat64_get_timeouts_t_print
- (vl_api_nat64_get_timeouts_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: nat64_get_timeouts");
-
- FINISH;
-}
-
-static int
-nat64_api_st_walk (nat64_db_st_entry_t * ste, void *arg)
-{
- vl_api_nat64_st_details_t *rmp;
- snat_main_t *sm = &snat_main;
- nat64_api_walk_ctx_t *ctx = arg;
- nat64_main_t *nm = &nat64_main;
- nat64_db_bib_entry_t *bibe;
- fib_table_t *fib;
-
- bibe = nat64_db_bib_entry_by_index (&nm->db, ste->proto, ste->bibe_index);
- if (!bibe)
- return -1;
-
- fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6);
- if (!fib)
- return -1;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id = ntohs (VL_API_NAT64_ST_DETAILS + sm->msg_id_base);
- rmp->context = ctx->context;
- clib_memcpy (rmp->il_addr, &(bibe->in_addr), 16);
- clib_memcpy (rmp->ol_addr, &(bibe->out_addr), 4);
- rmp->il_port = bibe->in_port;
- rmp->ol_port = bibe->out_port;
- clib_memcpy (rmp->ir_addr, &(ste->in_r_addr), 16);
- clib_memcpy (rmp->or_addr, &(ste->out_r_addr), 4);
- rmp->il_port = ste->r_port;
- rmp->vrf_id = ntohl (fib->ft_table_id);
- rmp->proto = ste->proto;
-
- vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp);
-
- return 0;
-}
-
-static void
-vl_api_nat64_st_dump_t_handler (vl_api_nat64_st_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- nat64_main_t *nm = &nat64_main;
-
- if (nm->is_disabled)
- return;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- nat64_api_walk_ctx_t ctx = {
- .q = q,
- .context = mp->context,
- };
-
- nat64_db_st_walk (&nm->db, mp->proto, nat64_api_st_walk, &ctx);
-}
-
-static void *
-vl_api_nat64_st_dump_t_print (vl_api_nat64_st_dump_t * mp, void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: snat_st_dump protocol %d", mp->proto);
-
- FINISH;
-}
-
-static void
-vl_api_nat64_add_del_prefix_t_handler (vl_api_nat64_add_del_prefix_t * mp)
-{
- vl_api_nat64_add_del_prefix_reply_t *rmp;
- snat_main_t *sm = &snat_main;
- nat64_main_t *nm = &nat64_main;
- ip6_address_t prefix;
- int rv = 0;
-
- if (nm->is_disabled)
- {
- rv = VNET_API_ERROR_FEATURE_DISABLED;
- goto send_reply;
- }
-
- memcpy (&prefix.as_u8, mp->prefix, 16);
-
- rv =
- nat64_add_del_prefix (&prefix, mp->prefix_len,
- clib_net_to_host_u32 (mp->vrf_id), mp->is_add);
-send_reply:
- REPLY_MACRO (VL_API_NAT64_ADD_DEL_PREFIX_REPLY);
-}
-
-static void *
-vl_api_nat64_add_del_prefix_t_print (vl_api_nat64_add_del_prefix_t * mp,
- void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: nat64_add_del_prefix %U/%u vrf_id %u %s\n",
- format_ip6_address, mp->prefix, mp->prefix_len,
- ntohl (mp->vrf_id), mp->is_add ? "" : "del");
-
- FINISH;
-}
-
-static int
-nat64_api_prefix_walk (nat64_prefix_t * p, void *arg)
-{
- vl_api_nat64_prefix_details_t *rmp;
- snat_main_t *sm = &snat_main;
- nat64_api_walk_ctx_t *ctx = arg;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id = ntohs (VL_API_NAT64_PREFIX_DETAILS + sm->msg_id_base);
- clib_memcpy (rmp->prefix, &(p->prefix), 16);
- rmp->prefix_len = p->plen;
- rmp->vrf_id = ntohl (p->vrf_id);
- rmp->context = ctx->context;
-
- vl_msg_api_send_shmem (ctx->q, (u8 *) & rmp);
-
- return 0;
-}
-
-static void
-vl_api_nat64_prefix_dump_t_handler (vl_api_nat64_prefix_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- nat64_main_t *nm = &nat64_main;
-
- if (nm->is_disabled)
- return;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- return;
-
- nat64_api_walk_ctx_t ctx = {
- .q = q,
- .context = mp->context,
- };
-
- nat64_prefix_walk (nat64_api_prefix_walk, &ctx);
-}
-
-static void *
-vl_api_nat64_prefix_dump_t_print (vl_api_nat64_prefix_dump_t * mp,
- void *handle)
-{
- u8 *s;
-
- s = format (0, "SCRIPT: nat64_prefix_dump\n");
-
- FINISH;
-}
-
-/* List of message types that this plugin understands */
-#define foreach_snat_plugin_api_msg \
-_(SNAT_ADD_ADDRESS_RANGE, snat_add_address_range) \
-_(SNAT_INTERFACE_ADD_DEL_FEATURE, snat_interface_add_del_feature) \
-_(SNAT_ADD_STATIC_MAPPING, snat_add_static_mapping) \
-_(SNAT_CONTROL_PING, snat_control_ping) \
-_(SNAT_STATIC_MAPPING_DUMP, snat_static_mapping_dump) \
-_(SNAT_SHOW_CONFIG, snat_show_config) \
-_(SNAT_ADDRESS_DUMP, snat_address_dump) \
-_(SNAT_INTERFACE_DUMP, snat_interface_dump) \
-_(SNAT_SET_WORKERS, snat_set_workers) \
-_(SNAT_WORKER_DUMP, snat_worker_dump) \
-_(SNAT_ADD_DEL_INTERFACE_ADDR, snat_add_del_interface_addr) \
-_(SNAT_INTERFACE_ADDR_DUMP, snat_interface_addr_dump) \
-_(SNAT_IPFIX_ENABLE_DISABLE, snat_ipfix_enable_disable) \
-_(SNAT_USER_DUMP, snat_user_dump) \
-_(SNAT_USER_SESSION_DUMP, snat_user_session_dump) \
-_(SNAT_INTERFACE_ADD_DEL_OUTPUT_FEATURE, \
- snat_interface_add_del_output_feature) \
-_(SNAT_INTERFACE_OUTPUT_FEATURE_DUMP, \
- snat_interface_output_feature_dump) \
-_(SNAT_ADD_DET_MAP, snat_add_det_map) \
-_(SNAT_DET_FORWARD, snat_det_forward) \
-_(SNAT_DET_REVERSE, snat_det_reverse) \
-_(SNAT_DET_MAP_DUMP, snat_det_map_dump) \
-_(SNAT_DET_SET_TIMEOUTS, snat_det_set_timeouts) \
-_(SNAT_DET_GET_TIMEOUTS, snat_det_get_timeouts) \
-_(SNAT_DET_CLOSE_SESSION_OUT, snat_det_close_session_out) \
-_(SNAT_DET_CLOSE_SESSION_IN, snat_det_close_session_in) \
-_(SNAT_DET_SESSION_DUMP, snat_det_session_dump) \
-_(NAT64_ADD_DEL_POOL_ADDR_RANGE, nat64_add_del_pool_addr_range) \
-_(NAT64_POOL_ADDR_DUMP, nat64_pool_addr_dump) \
-_(NAT64_ADD_DEL_INTERFACE, nat64_add_del_interface) \
-_(NAT64_INTERFACE_DUMP, nat64_interface_dump) \
-_(NAT64_ADD_DEL_STATIC_BIB, nat64_add_del_static_bib) \
-_(NAT64_BIB_DUMP, nat64_bib_dump) \
-_(NAT64_SET_TIMEOUTS, nat64_set_timeouts) \
-_(NAT64_GET_TIMEOUTS, nat64_get_timeouts) \
-_(NAT64_ST_DUMP, nat64_st_dump) \
-_(NAT64_ADD_DEL_PREFIX, nat64_add_del_prefix) \
-_(NAT64_PREFIX_DUMP, nat64_prefix_dump)
-
-/* Set up the API message handling tables */
-static clib_error_t *
-snat_plugin_api_hookup (vlib_main_t * vm)
-{
- snat_main_t *sm __attribute__ ((unused)) = &snat_main;
-#define _(N,n) \
- vl_msg_api_set_handlers((VL_API_##N + sm->msg_id_base), \
- #n, \
- vl_api_##n##_t_handler, \
- vl_noop_handler, \
- vl_api_##n##_t_endian, \
- vl_api_##n##_t_print, \
- sizeof(vl_api_##n##_t), 1);
- foreach_snat_plugin_api_msg;
-#undef _
-
- return 0;
-}
-
-#define vl_msg_name_crc_list
-#include <snat/snat_all_api_h.h>
-#undef vl_msg_name_crc_list
-
-static void
-setup_message_id_table (snat_main_t * sm, api_main_t * am)
-{
-#define _(id,n,crc) \
- vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id + sm->msg_id_base);
- foreach_vl_msg_name_crc_snat;
-#undef _
-}
-
-static void
-plugin_custom_dump_configure (snat_main_t * sm)
-{
-#define _(n,f) sm->api_main->msg_print_handlers \
- [VL_API_##n + sm->msg_id_base] \
- = (void *) vl_api_##f##_t_print;
- foreach_snat_plugin_api_msg;
-#undef _
-}
-
-clib_error_t *
-snat_api_init (vlib_main_t * vm, snat_main_t * sm)
-{
- u8 *name;
- clib_error_t *error = 0;
-
- name = format (0, "snat_%08x%c", api_version, 0);
-
- /* Ask for a correctly-sized block of API message decode slots */
- sm->msg_id_base =
- vl_msg_api_get_msg_ids ((char *) name, VL_MSG_FIRST_AVAILABLE);
-
- error = snat_plugin_api_hookup (vm);
-
- /* Add our API messages to the global name_crc hash table */
- setup_message_id_table (sm, sm->api_main);
-
- plugin_custom_dump_configure (sm);
-
- vec_free (name);
-
- return error;
-}
-
-/*
- * fd.io coding-style-patch-verification: ON
- *
- * Local Variables:
- * eval: (c-set-style "gnu")
- * End:
- */
diff --git a/src/scripts/vnet/snat b/src/scripts/vnet/nat44
similarity index 92%
rename from src/scripts/vnet/snat
rename to src/scripts/vnet/nat44
index a711519..3292b56 100644
--- a/src/scripts/vnet/snat
+++ b/src/scripts/vnet/nat44
@@ -30,7 +30,7 @@
}
}
-snat add address 172.16.1.3
+nat44 add address 172.16.1.3
set int ip address pg0 10.0.0.1/24
set int ip address pg1 172.16.1.1/24
set int state pg0 up
@@ -38,4 +38,4 @@
set ip arp static pg0 10.0.0.3 abcd.abcd.abcd
set ip arp static pg0 10.0.0.4 abcd.abcd.abcd
set ip arp static pg1 172.16.1.2 cdef.abcd.abcd
-set int snat in pg0 out pg1
+set int nat44 in pg0 out pg1
diff --git a/src/scripts/vnet/snat_det b/src/scripts/vnet/nat44_det
similarity index 95%
rename from src/scripts/vnet/snat_det
rename to src/scripts/vnet/nat44_det
index d1361bb..629772e 100644
--- a/src/scripts/vnet/snat_det
+++ b/src/scripts/vnet/nat44_det
@@ -96,7 +96,7 @@
}
}
-snat deterministic add in 10.0.0.0/21 out 1.1.1.2/32
+nat44 deterministic add in 10.0.0.0/21 out 1.1.1.2/32
set int ip address pg0 10.0.0.1/24
set int ip address pg1 172.16.1.1/24
set int state pg0 up
@@ -104,5 +104,5 @@
set ip arp static pg0 10.0.0.3 abcd.abcd.abcd
set ip arp static pg0 10.0.0.4 abcd.abcd.abcd
set ip arp static pg1 172.16.1.2 cdef.abcd.abcd
-set int snat in pg0 out pg1
+set int nat44 in pg0 out pg1
trace add pg-input 10
diff --git a/src/scripts/vnet/snat_static b/src/scripts/vnet/nat44_static
similarity index 86%
rename from src/scripts/vnet/snat_static
rename to src/scripts/vnet/nat44_static
index 8fe48bf..2b8f25e 100644
--- a/src/scripts/vnet/snat_static
+++ b/src/scripts/vnet/nat44_static
@@ -32,13 +32,13 @@
}
}
-snat add address 172.16.1.3
-snat add static mapping local 10.0.0.3 external 172.16.1.3
+nat44 add address 172.16.1.3
+nat44 add static mapping local 10.0.0.3 external 172.16.1.3
set int ip address pg0 10.0.0.1/24
set int ip address pg1 172.16.1.1/24
set int state pg0 up
set int state pg1 up
set ip arp static pg0 10.0.0.3 abcd.abcd.abcd
set ip arp static pg1 172.16.1.2 cdef.abcd.abcd
-set int snat in pg0 out pg1
+set int nat44 in pg0 out pg1
trace add pg-input 10
diff --git a/src/scripts/vnet/snat_static b/src/scripts/vnet/nat44_static_with_port
similarity index 85%
copy from src/scripts/vnet/snat_static
copy to src/scripts/vnet/nat44_static_with_port
index 8fe48bf..15bef1b 100644
--- a/src/scripts/vnet/snat_static
+++ b/src/scripts/vnet/nat44_static_with_port
@@ -32,13 +32,13 @@
}
}
-snat add address 172.16.1.3
-snat add static mapping local 10.0.0.3 external 172.16.1.3
+nat44 add address 172.16.1.3
+nat44 add static mapping local 10.0.0.3 3000 external 172.16.1.3 3000
set int ip address pg0 10.0.0.1/24
set int ip address pg1 172.16.1.1/24
set int state pg0 up
set int state pg1 up
set ip arp static pg0 10.0.0.3 abcd.abcd.abcd
set ip arp static pg1 172.16.1.2 cdef.abcd.abcd
-set int snat in pg0 out pg1
+set int nat44 in pg0 out pg1
trace add pg-input 10
diff --git a/src/scripts/vnet/snat_static_with_port b/src/scripts/vnet/snat_static_with_port
deleted file mode 100644
index f646145..0000000
--- a/src/scripts/vnet/snat_static_with_port
+++ /dev/null
@@ -1,44 +0,0 @@
-create packet-generator interface pg0
-create packet-generator interface pg1
-
-packet-generator new {
- name f1
- limit 1000000
- node ip4-input
- size 64-64
- no-recycle
- worker 0
- interface pg0
- data {
- UDP: 10.0.0.3 -> 172.16.1.2
- UDP: 3000 -> 3001
- length 128 checksum 0 incrementing 1
- }
-}
-
-
-packet-generator new {
- name f2
- limit 1000000
- node ip4-input
- size 64-64
- no-recycle
- worker 1
- interface pg1
- data {
- UDP: 172.16.1.2 -> 172.16.1.3
- UDP: 3001 -> 3000
- length 128 checksum 0 incrementing 1
- }
-}
-
-snat add address 172.16.1.3
-snat add static mapping local 10.0.0.3 3000 external 172.16.1.3 3000
-set int ip address pg0 10.0.0.1/24
-set int ip address pg1 172.16.1.1/24
-set int state pg0 up
-set int state pg1 up
-set ip arp static pg0 10.0.0.3 abcd.abcd.abcd
-set ip arp static pg1 172.16.1.2 cdef.abcd.abcd
-set int snat in pg0 out pg1
-trace add pg-input 10
diff --git a/src/vpp-api/java/Makefile.am b/src/vpp-api/java/Makefile.am
index e0f5203..637bb77 100644
--- a/src/vpp-api/java/Makefile.am
+++ b/src/vpp-api/java/Makefile.am
@@ -169,23 +169,23 @@
endif
#
-# SNAT Plugin
+# NAT Plugin
#
-if ENABLE_SNAT_PLUGIN
-noinst_LTLIBRARIES += libjvpp_snat.la
-libjvpp_snat_la_SOURCES = jvpp-snat/jvpp_snat.c
-libjvpp_snat_la_CPPFLAGS = -Ijvpp-snat
-libjvpp_snat_la_LIBADD = $(JVPP_LIBS)
-libjvpp_snat_la_DEPENDENCIES = libjvpp_common.la
+if ENABLE_NAT_PLUGIN
+noinst_LTLIBRARIES += libjvpp_nat.la
+libjvpp_nat_la_SOURCES = jvpp-nat/jvpp_nat.c
+libjvpp_nat_la_CPPFLAGS = -Ijvpp-nat
+libjvpp_nat_la_LIBADD = $(JVPP_LIBS)
+libjvpp_nat_la_DEPENDENCIES = libjvpp_common.la
-BUILT_SOURCES += jvpp-snat/io_fd_vpp_jvpp_snat_JVppSnatImpl.h
-JAR_FILES += jvpp-snat-$(PACKAGE_VERSION).jar
-CLEANDIRS += jvpp-snat/target
+BUILT_SOURCES += jvpp-nat/io_fd_vpp_jvpp_nat_JVppNatImpl.h
+JAR_FILES += jvpp-nat-$(PACKAGE_VERSION).jar
+CLEANDIRS += jvpp-nat/target
-jvpp_snat_json_files = @top_builddir@/plugins/snat/snat.api.json
+jvpp_nat_json_files = @top_builddir@/plugins/nat/nat.api.json
-jvpp-snat/io_fd_vpp_jvpp_snat_JVppSnatImpl.h: $(jvpp_registry_ok) $(jvpp_snat_json_files)
- $(call japigen,snat,JVppSnatImpl)
+jvpp-nat/io_fd_vpp_jvpp_nat_JVppNatImpl.h: $(jvpp_registry_ok) $(jvpp_nat_json_files)
+ $(call japigen,nat,JVppNatImpl)
endif
#
diff --git a/src/vpp-api/java/jvpp-snat/io/fd/vpp/jvpp/snat/examples/CallbackApiExample.java b/src/vpp-api/java/jvpp-nat/io/fd/vpp/jvpp/nat/examples/CallbackApiExample.java
similarity index 63%
rename from src/vpp-api/java/jvpp-snat/io/fd/vpp/jvpp/snat/examples/CallbackApiExample.java
rename to src/vpp-api/java/jvpp-nat/io/fd/vpp/jvpp/nat/examples/CallbackApiExample.java
index f4a2943..e4d5cb3 100644
--- a/src/vpp-api/java/jvpp-snat/io/fd/vpp/jvpp/snat/examples/CallbackApiExample.java
+++ b/src/vpp-api/java/jvpp-nat/io/fd/vpp/jvpp/nat/examples/CallbackApiExample.java
@@ -14,24 +14,24 @@
* limitations under the License.
*/
-package io.fd.vpp.jvpp.snat.examples;
+package io.fd.vpp.jvpp.nat.examples;
import io.fd.vpp.jvpp.JVpp;
import io.fd.vpp.jvpp.JVppRegistry;
import io.fd.vpp.jvpp.JVppRegistryImpl;
import io.fd.vpp.jvpp.VppCallbackException;
-import io.fd.vpp.jvpp.snat.JVppSnatImpl;
-import io.fd.vpp.jvpp.snat.callback.SnatInterfaceAddDelFeatureCallback;
-import io.fd.vpp.jvpp.snat.dto.SnatInterfaceAddDelFeature;
-import io.fd.vpp.jvpp.snat.dto.SnatInterfaceAddDelFeatureReply;
+import io.fd.vpp.jvpp.nat.JVppNatImpl;
+import io.fd.vpp.jvpp.nat.callback.Nat44InterfaceAddDelFeatureCallback;
+import io.fd.vpp.jvpp.nat.dto.Nat44InterfaceAddDelFeature;
+import io.fd.vpp.jvpp.nat.dto.Nat44InterfaceAddDelFeatureReply;
public class CallbackApiExample {
- static class TestCallback implements SnatInterfaceAddDelFeatureCallback {
+ static class TestCallback implements Nat44InterfaceAddDelFeatureCallback {
@Override
- public void onSnatInterfaceAddDelFeatureReply(final SnatInterfaceAddDelFeatureReply msg) {
- System.out.printf("Received SnatInterfaceAddDelFeatureReply: context=%d%n",
+ public void onNat44InterfaceAddDelFeatureReply(final Nat44InterfaceAddDelFeatureReply msg) {
+ System.out.printf("Received Nat44InterfaceAddDelFeatureReply: context=%d%n",
msg.context);
}
@@ -47,18 +47,18 @@
}
private static void testCallbackApi() throws Exception {
- System.out.println("Testing Java callback API for snat plugin");
- try (final JVppRegistry registry = new JVppRegistryImpl("SnatCallbackApiTest");
- final JVpp jvpp = new JVppSnatImpl()) {
+ System.out.println("Testing Java callback API for nat plugin");
+ try (final JVppRegistry registry = new JVppRegistryImpl("NatCallbackApiTest");
+ final JVpp jvpp = new JVppNatImpl()) {
registry.register(jvpp, new TestCallback());
- System.out.println("Sending SnatInterfaceAddDelFeature request...");
- SnatInterfaceAddDelFeature request = new SnatInterfaceAddDelFeature();
+ System.out.println("Sending Nat44InterfaceAddDelFeature request...");
+ Nat44InterfaceAddDelFeature request = new Nat44InterfaceAddDelFeature();
request.isAdd = 1;
request.isInside = 1;
request.swIfIndex = 1;
final int result = jvpp.send(request);
- System.out.printf("SnatInterfaceAddDelFeature send result = %d%n", result);
+ System.out.printf("Nat44InterfaceAddDelFeature send result = %d%n", result);
Thread.sleep(1000);
diff --git a/src/vpp-api/java/jvpp-nat/io/fd/vpp/jvpp/nat/examples/Readme.txt b/src/vpp-api/java/jvpp-nat/io/fd/vpp/jvpp/nat/examples/Readme.txt
new file mode 100644
index 0000000..ac75e04
--- /dev/null
+++ b/src/vpp-api/java/jvpp-nat/io/fd/vpp/jvpp/nat/examples/Readme.txt
@@ -0,0 +1 @@
+sudo java -cp build-vpp-native/vpp/vpp-api/java/jvpp-registry-17.10.jar:build-vpp-native/vpp/vpp-api/java/jvpp-nat-17.10.jar io.fd.vpp.jvpp.nat.examples.CallbackApiExample
diff --git a/src/vpp-api/java/jvpp-snat/jvpp_snat.c b/src/vpp-api/java/jvpp-nat/jvpp_nat.c
similarity index 84%
rename from src/vpp-api/java/jvpp-snat/jvpp_snat.c
rename to src/vpp-api/java/jvpp-nat/jvpp_nat.c
index 5fd6a88..85217f0 100644
--- a/src/vpp-api/java/jvpp-snat/jvpp_snat.c
+++ b/src/vpp-api/java/jvpp-nat/jvpp_nat.c
@@ -15,9 +15,9 @@
#include <vnet/vnet.h>
-#include <snat/snat_msg_enum.h>
+#include <nat/nat_msg_enum.h>
#define vl_typedefs /* define message structures */
-#include <snat/snat_all_api_h.h>
+#include <nat/nat_all_api_h.h>
#undef vl_typedefs
#include <vnet/api_errno.h>
@@ -32,19 +32,19 @@
#include <jvpp-common/jvpp_common.h>
-#include "jvpp-snat/io_fd_vpp_jvpp_snat_JVppSnatImpl.h"
-#include "jvpp_snat.h"
-#include "jvpp-snat/jvpp_snat_gen.h"
+#include "jvpp-nat/io_fd_vpp_jvpp_nat_JVppNatImpl.h"
+#include "jvpp_nat.h"
+#include "jvpp-nat/jvpp_nat_gen.h"
/*
- * Class: io_fd_vpp_jvpp_snat_JVppsnatImpl
+ * Class: io_fd_vpp_jvpp_nat_JVppNatImpl
* Method: init0
* Signature: (JI)V
*/
-JNIEXPORT void JNICALL Java_io_fd_vpp_jvpp_snat_JVppSnatImpl_init0
+JNIEXPORT void JNICALL Java_io_fd_vpp_jvpp_nat_JVppNatImpl_init0
(JNIEnv *env, jclass clazz, jobject callback, jlong queue_address, jint my_client_index) {
- snat_main_t * plugin_main = &snat_main;
- clib_warning ("Java_io_fd_vpp_jvpp_snat_JVppSnatImpl_init0");
+ nat_main_t * plugin_main = &nat_main;
+ clib_warning ("Java_io_fd_vpp_jvpp_nat_JVppNatImpl_init0");
plugin_main->my_client_index = my_client_index;
plugin_main->vl_input_queue = uword_to_pointer (queue_address, unix_shared_memory_queue_t *);
@@ -69,9 +69,9 @@
#undef _
}
-JNIEXPORT void JNICALL Java_io_fd_vpp_jvpp_snat_JVppSnatImpl_close0
+JNIEXPORT void JNICALL Java_io_fd_vpp_jvpp_nat_JVppNatImpl_close0
(JNIEnv *env, jclass clazz) {
- snat_main_t * plugin_main = &snat_main;
+ nat_main_t * plugin_main = &nat_main;
// cleanup:
(*env)->DeleteGlobalRef(env, plugin_main->callbackClass);
diff --git a/src/vpp-api/java/jvpp-snat/jvpp_snat.h b/src/vpp-api/java/jvpp-nat/jvpp_nat.h
similarity index 83%
rename from src/vpp-api/java/jvpp-snat/jvpp_snat.h
rename to src/vpp-api/java/jvpp-nat/jvpp_nat.h
index 7739a41..c8f6b68 100644
--- a/src/vpp-api/java/jvpp-snat/jvpp_snat.h
+++ b/src/vpp-api/java/jvpp-nat/jvpp_nat.h
@@ -12,8 +12,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-#ifndef __included_jvpp_snat_h__
-#define __included_jvpp_snat_h__
+#ifndef __included_jvpp_nat_h__
+#define __included_jvpp_nat_h__
#include <vnet/vnet.h>
#include <vnet/ip/ip.h>
@@ -22,7 +22,7 @@
#include <vlibmemory/api.h>
#include <jni.h>
-/* Global state for JVPP-SNAT */
+/* Global state for JVPP-NAT */
typedef struct {
/* Pointer to shared memory queue */
unix_shared_memory_queue_t * vl_input_queue;
@@ -34,9 +34,9 @@
jobject callbackObject;
jclass callbackClass;
-} snat_main_t;
+} nat_main_t;
-snat_main_t snat_main __attribute__((aligned (64)));
+nat_main_t nat_main __attribute__((aligned (64)));
-#endif /* __included_jvpp_snat_h__ */
+#endif /* __included_jvpp_nat_h__ */
diff --git a/src/vpp-api/java/jvpp-snat/io/fd/vpp/jvpp/snat/examples/Readme.txt b/src/vpp-api/java/jvpp-snat/io/fd/vpp/jvpp/snat/examples/Readme.txt
deleted file mode 100644
index 470850e..0000000
--- a/src/vpp-api/java/jvpp-snat/io/fd/vpp/jvpp/snat/examples/Readme.txt
+++ /dev/null
@@ -1 +0,0 @@
-sudo java -cp build-vpp-native/vpp/vpp-api/java/jvpp-registry-17.10.jar:build-vpp-native/vpp/vpp-api/java/jvpp-snat-17.10.jar io.fd.vpp.jvpp.snat.examples.CallbackApiExample
diff --git a/test/test_snat.py b/test/test_nat.py
similarity index 83%
rename from test/test_snat.py
rename to test/test_nat.py
index eb47bbb..0d622b0 100644
--- a/test/test_snat.py
+++ b/test/test_nat.py
@@ -18,7 +18,7 @@
class MethodHolder(VppTestCase):
- """ SNAT create capture and verify method holder """
+ """ NAT create capture and verify method holder """
@classmethod
def setUpClass(cls):
@@ -241,11 +241,11 @@
Create packet stream for outside network
:param out_if: Outside interface
- :param dst_ip: Destination IP address (Default use global SNAT address)
+ :param dst_ip: Destination IP address (Default use global NAT address)
:param ttl: TTL of generated packets
"""
if dst_ip is None:
- dst_ip = self.snat_addr
+ dst_ip = self.nat_addr
pkts = []
# TCP
p = (Ether(dst=out_if.local_mac, src=out_if.remote_mac) /
@@ -273,13 +273,13 @@
Verify captured packets on outside network
:param capture: Captured packets
- :param nat_ip: Translated IP address (Default use global SNAT address)
+ :param nat_ip: Translated IP address (Default use global NAT address)
:param same_port: Sorce port number is not translated (Default False)
:param packet_num: Expected number of packets (Default 3)
:param dst_ip: Destination IP address (Default do not verify)
"""
if nat_ip is None:
- nat_ip = self.snat_addr
+ nat_ip = self.nat_addr
self.assertEqual(packet_num, len(capture))
for packet in capture:
try:
@@ -399,13 +399,13 @@
:param capture: Captured packets
:param src_ip: Translated IP address or IP address of VPP
- (Default use global SNAT address)
+ (Default use global NAT address)
:param packet_num: Expected number of packets (Default 3)
:param icmp_type: Type of error ICMP packet
we are expecting (Default 11)
"""
if src_ip is None:
- src_ip = self.snat_addr
+ src_ip = self.nat_addr
self.assertEqual(packet_num, len(capture))
for packet in capture:
try:
@@ -480,7 +480,7 @@
# sourceIPv4Address
self.assertEqual(self.pg0.remote_ip4n, record[8])
# postNATSourceIPv4Address
- self.assertEqual(socket.inet_pton(socket.AF_INET, self.snat_addr),
+ self.assertEqual(socket.inet_pton(socket.AF_INET, self.nat_addr),
record[225])
# ingressVRFID
self.assertEqual(struct.pack("!I", 0), record[234])
@@ -518,12 +518,12 @@
self.assertEqual(struct.pack("!I", 0), record[283])
-class TestSNAT(MethodHolder):
- """ SNAT Test Cases """
+class TestNAT44(MethodHolder):
+ """ NAT44 Test Cases """
@classmethod
def setUpClass(cls):
- super(TestSNAT, cls).setUpClass()
+ super(TestNAT44, cls).setUpClass()
try:
cls.tcp_port_in = 6303
@@ -532,7 +532,7 @@
cls.udp_port_out = 6304
cls.icmp_id_in = 6305
cls.icmp_id_out = 6305
- cls.snat_addr = '10.0.0.3'
+ cls.nat_addr = '10.0.0.3'
cls.ipfix_src_port = 4739
cls.ipfix_domain_id = 1
@@ -570,12 +570,12 @@
cls.pg8.admin_up()
except Exception:
- super(TestSNAT, cls).tearDownClass()
+ super(TestNAT44, cls).tearDownClass()
raise
- def clear_snat(self):
+ def clear_nat44(self):
"""
- Clear SNAT configuration.
+ Clear NAT44 configuration.
"""
# I found no elegant way to do this
self.vapi.ip_add_del_route(dst_address=self.pg7.remote_ip4n,
@@ -600,50 +600,51 @@
if self.pg7.has_ip4_config:
self.pg7.unconfig_ip4()
- interfaces = self.vapi.snat_interface_addr_dump()
+ interfaces = self.vapi.nat44_interface_addr_dump()
for intf in interfaces:
- self.vapi.snat_add_interface_addr(intf.sw_if_index, is_add=0)
+ self.vapi.nat44_add_interface_addr(intf.sw_if_index, is_add=0)
- self.vapi.snat_ipfix(enable=0, src_port=self.ipfix_src_port,
- domain_id=self.ipfix_domain_id)
+ self.vapi.nat_ipfix(enable=0, src_port=self.ipfix_src_port,
+ domain_id=self.ipfix_domain_id)
self.ipfix_src_port = 4739
self.ipfix_domain_id = 1
- interfaces = self.vapi.snat_interface_dump()
+ interfaces = self.vapi.nat44_interface_dump()
for intf in interfaces:
- self.vapi.snat_interface_add_del_feature(intf.sw_if_index,
- intf.is_inside,
- is_add=0)
+ self.vapi.nat44_interface_add_del_feature(intf.sw_if_index,
+ intf.is_inside,
+ is_add=0)
- interfaces = self.vapi.snat_interface_output_feature_dump()
+ interfaces = self.vapi.nat44_interface_output_feature_dump()
for intf in interfaces:
- self.vapi.snat_interface_add_del_output_feature(intf.sw_if_index,
- intf.is_inside,
- is_add=0)
+ self.vapi.nat44_interface_add_del_output_feature(intf.sw_if_index,
+ intf.is_inside,
+ is_add=0)
- static_mappings = self.vapi.snat_static_mapping_dump()
+ static_mappings = self.vapi.nat44_static_mapping_dump()
for sm in static_mappings:
- self.vapi.snat_add_static_mapping(sm.local_ip_address,
- sm.external_ip_address,
- local_port=sm.local_port,
- external_port=sm.external_port,
- addr_only=sm.addr_only,
- vrf_id=sm.vrf_id,
- protocol=sm.protocol,
- is_add=0)
+ self.vapi.nat44_add_del_static_mapping(
+ sm.local_ip_address,
+ sm.external_ip_address,
+ local_port=sm.local_port,
+ external_port=sm.external_port,
+ addr_only=sm.addr_only,
+ vrf_id=sm.vrf_id,
+ protocol=sm.protocol,
+ is_add=0)
- adresses = self.vapi.snat_address_dump()
+ adresses = self.vapi.nat44_address_dump()
for addr in adresses:
- self.vapi.snat_add_address_range(addr.ip_address,
- addr.ip_address,
- is_add=0)
+ self.vapi.nat44_add_del_address_range(addr.ip_address,
+ addr.ip_address,
+ is_add=0)
- def snat_add_static_mapping(self, local_ip, external_ip='0.0.0.0',
- local_port=0, external_port=0, vrf_id=0,
- is_add=1, external_sw_if_index=0xFFFFFFFF,
- proto=0):
+ def nat44_add_static_mapping(self, local_ip, external_ip='0.0.0.0',
+ local_port=0, external_port=0, vrf_id=0,
+ is_add=1, external_sw_if_index=0xFFFFFFFF,
+ proto=0):
"""
- Add/delete S-NAT static mapping
+ Add/delete NAT44 static mapping
:param local_ip: Local IP address
:param external_ip: External IP address
@@ -659,7 +660,7 @@
addr_only = 0
l_ip = socket.inet_pton(socket.AF_INET, local_ip)
e_ip = socket.inet_pton(socket.AF_INET, external_ip)
- self.vapi.snat_add_static_mapping(
+ self.vapi.nat44_add_del_static_mapping(
l_ip,
e_ip,
external_sw_if_index,
@@ -670,24 +671,24 @@
proto,
is_add)
- def snat_add_address(self, ip, is_add=1, vrf_id=0xFFFFFFFF):
+ def nat44_add_address(self, ip, is_add=1, vrf_id=0xFFFFFFFF):
"""
- Add/delete S-NAT address
+ Add/delete NAT44 address
:param ip: IP address
:param is_add: 1 if add, 0 if delete (Default add)
"""
- snat_addr = socket.inet_pton(socket.AF_INET, ip)
- self.vapi.snat_add_address_range(snat_addr, snat_addr, is_add,
- vrf_id=vrf_id)
+ nat_addr = socket.inet_pton(socket.AF_INET, ip)
+ self.vapi.nat44_add_del_address_range(nat_addr, nat_addr, is_add,
+ vrf_id=vrf_id)
def test_dynamic(self):
- """ SNAT dynamic translation test """
+ """ NAT44 dynamic translation test """
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# in2out
pkts = self.create_stream_in(self.pg0, self.pg1)
@@ -706,12 +707,12 @@
self.verify_capture_in(capture, self.pg0)
def test_dynamic_icmp_errors_in2out_ttl_1(self):
- """ SNAT handling of client packets with TTL=1 """
+ """ NAT44 handling of client packets with TTL=1 """
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# Client side - generate traffic
pkts = self.create_stream_in(self.pg0, self.pg1, ttl=1)
@@ -724,12 +725,12 @@
self.verify_capture_in_with_icmp_errors(capture, self.pg0)
def test_dynamic_icmp_errors_out2in_ttl_1(self):
- """ SNAT handling of server packets with TTL=1 """
+ """ NAT44 handling of server packets with TTL=1 """
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# Client side - create sessions
pkts = self.create_stream_in(self.pg0, self.pg1)
@@ -751,12 +752,12 @@
src_ip=self.pg1.local_ip4)
def test_dynamic_icmp_errors_in2out_ttl_2(self):
- """ SNAT handling of error responses to client packets with TTL=2 """
+ """ NAT44 handling of error responses to client packets with TTL=2 """
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# Client side - generate traffic
pkts = self.create_stream_in(self.pg0, self.pg1, ttl=2)
@@ -767,7 +768,7 @@
# Server side - simulate ICMP type 11 response
capture = self.pg1.get_capture(len(pkts))
pkts = [Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
- IP(src=self.pg1.remote_ip4, dst=self.snat_addr) /
+ IP(src=self.pg1.remote_ip4, dst=self.nat_addr) /
ICMP(type=11) / packet[IP] for packet in capture]
self.pg1.add_stream(pkts)
self.pg_enable_capture(self.pg_interfaces)
@@ -778,12 +779,12 @@
self.verify_capture_in_with_icmp_errors(capture, self.pg0)
def test_dynamic_icmp_errors_out2in_ttl_2(self):
- """ SNAT handling of error responses to server packets with TTL=2 """
+ """ NAT44 handling of error responses to server packets with TTL=2 """
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# Client side - create sessions
pkts = self.create_stream_in(self.pg0, self.pg1)
@@ -813,12 +814,12 @@
self.verify_capture_out_with_icmp_errors(capture)
def test_ping_out_interface_from_outside(self):
- """ Ping SNAT out interface from outside network """
+ """ Ping NAT44 out interface from outside network """
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
IP(src=self.pg1.remote_ip4, dst=self.pg1.local_ip4) /
@@ -843,14 +844,14 @@
def test_ping_internal_host_from_outside(self):
""" Ping internal host from outside network """
- self.snat_add_static_mapping(self.pg0.remote_ip4, self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# out2in
pkt = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
- IP(src=self.pg1.remote_ip4, dst=self.snat_addr, ttl=64) /
+ IP(src=self.pg1.remote_ip4, dst=self.nat_addr, ttl=64) /
ICMP(id=self.icmp_id_out, type='echo-request'))
self.pg1.add_stream(pkt)
self.pg_enable_capture(self.pg_interfaces)
@@ -871,17 +872,17 @@
self.assert_equal(capture[0][IP].proto, IP_PROTOS.icmp)
def test_static_in(self):
- """ SNAT 1:1 NAT initialized from inside network """
+ """ 1:1 NAT initialized from inside network """
nat_ip = "10.0.0.10"
self.tcp_port_out = 6303
self.udp_port_out = 6304
self.icmp_id_out = 6305
- self.snat_add_static_mapping(self.pg0.remote_ip4, nat_ip)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, nat_ip)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# in2out
pkts = self.create_stream_in(self.pg0, self.pg1)
@@ -900,17 +901,17 @@
self.verify_capture_in(capture, self.pg0)
def test_static_out(self):
- """ SNAT 1:1 NAT initialized from outside network """
+ """ 1:1 NAT initialized from outside network """
nat_ip = "10.0.0.20"
self.tcp_port_out = 6303
self.udp_port_out = 6304
self.icmp_id_out = 6305
- self.snat_add_static_mapping(self.pg0.remote_ip4, nat_ip)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, nat_ip)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# out2in
pkts = self.create_stream_out(self.pg1, nat_ip)
@@ -929,25 +930,25 @@
self.verify_capture_out(capture, nat_ip, True)
def test_static_with_port_in(self):
- """ SNAT 1:1 NAT with port initialized from inside network """
+ """ 1:1 NAPT initialized from inside network """
self.tcp_port_out = 3606
self.udp_port_out = 3607
self.icmp_id_out = 3608
- self.snat_add_address(self.snat_addr)
- self.snat_add_static_mapping(self.pg0.remote_ip4, self.snat_addr,
- self.tcp_port_in, self.tcp_port_out,
- proto=IP_PROTOS.tcp)
- self.snat_add_static_mapping(self.pg0.remote_ip4, self.snat_addr,
- self.udp_port_in, self.udp_port_out,
- proto=IP_PROTOS.udp)
- self.snat_add_static_mapping(self.pg0.remote_ip4, self.snat_addr,
- self.icmp_id_in, self.icmp_id_out,
- proto=IP_PROTOS.icmp)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, self.nat_addr,
+ self.tcp_port_in, self.tcp_port_out,
+ proto=IP_PROTOS.tcp)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, self.nat_addr,
+ self.udp_port_in, self.udp_port_out,
+ proto=IP_PROTOS.udp)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, self.nat_addr,
+ self.icmp_id_in, self.icmp_id_out,
+ proto=IP_PROTOS.icmp)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# in2out
pkts = self.create_stream_in(self.pg0, self.pg1)
@@ -966,25 +967,25 @@
self.verify_capture_in(capture, self.pg0)
def test_static_with_port_out(self):
- """ SNAT 1:1 NAT with port initialized from outside network """
+ """ 1:1 NAPT initialized from outside network """
self.tcp_port_out = 30606
self.udp_port_out = 30607
self.icmp_id_out = 30608
- self.snat_add_address(self.snat_addr)
- self.snat_add_static_mapping(self.pg0.remote_ip4, self.snat_addr,
- self.tcp_port_in, self.tcp_port_out,
- proto=IP_PROTOS.tcp)
- self.snat_add_static_mapping(self.pg0.remote_ip4, self.snat_addr,
- self.udp_port_in, self.udp_port_out,
- proto=IP_PROTOS.udp)
- self.snat_add_static_mapping(self.pg0.remote_ip4, self.snat_addr,
- self.icmp_id_in, self.icmp_id_out,
- proto=IP_PROTOS.icmp)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, self.nat_addr,
+ self.tcp_port_in, self.tcp_port_out,
+ proto=IP_PROTOS.tcp)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, self.nat_addr,
+ self.udp_port_in, self.udp_port_out,
+ proto=IP_PROTOS.udp)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, self.nat_addr,
+ self.icmp_id_in, self.icmp_id_out,
+ proto=IP_PROTOS.icmp)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# out2in
pkts = self.create_stream_out(self.pg1)
@@ -1003,7 +1004,7 @@
self.verify_capture_out(capture)
def test_static_vrf_aware(self):
- """ SNAT 1:1 NAT VRF awareness """
+ """ 1:1 NAT VRF awareness """
nat_ip1 = "10.0.0.30"
nat_ip2 = "10.0.0.40"
@@ -1011,16 +1012,16 @@
self.udp_port_out = 6304
self.icmp_id_out = 6305
- self.snat_add_static_mapping(self.pg4.remote_ip4, nat_ip1,
- vrf_id=10)
- self.snat_add_static_mapping(self.pg0.remote_ip4, nat_ip2,
- vrf_id=10)
- self.vapi.snat_interface_add_del_feature(self.pg3.sw_if_index,
- is_inside=0)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg4.sw_if_index)
+ self.nat44_add_static_mapping(self.pg4.remote_ip4, nat_ip1,
+ vrf_id=10)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, nat_ip2,
+ vrf_id=10)
+ self.vapi.nat44_interface_add_del_feature(self.pg3.sw_if_index,
+ is_inside=0)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg4.sw_if_index)
- # inside interface VRF match SNAT static mapping VRF
+ # inside interface VRF match NAT44 static mapping VRF
pkts = self.create_stream_in(self.pg4, self.pg3)
self.pg4.add_stream(pkts)
self.pg_enable_capture(self.pg_interfaces)
@@ -1028,7 +1029,7 @@
capture = self.pg3.get_capture(len(pkts))
self.verify_capture_out(capture, nat_ip1, True)
- # inside interface VRF don't match SNAT static mapping VRF (packets
+ # inside interface VRF don't match NAT44 static mapping VRF (packets
# are dropped)
pkts = self.create_stream_in(self.pg0, self.pg3)
self.pg0.add_stream(pkts)
@@ -1037,15 +1038,15 @@
self.pg3.assert_nothing_captured()
def test_multiple_inside_interfaces(self):
- """ SNAT multiple inside interfaces (non-overlapping address space) """
+ """ NAT44 multiple non-overlapping address space inside interfaces """
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg3.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg3.sw_if_index,
+ is_inside=0)
- # between two S-NAT inside interfaces (no translation)
+ # between two NAT44 inside interfaces (no translation)
pkts = self.create_stream_in(self.pg0, self.pg1)
self.pg0.add_stream(pkts)
self.pg_enable_capture(self.pg_interfaces)
@@ -1053,7 +1054,7 @@
capture = self.pg1.get_capture(len(pkts))
self.verify_capture_no_translation(capture, self.pg0, self.pg1)
- # from S-NAT inside to interface without S-NAT feature (no translation)
+ # from NAT44 inside to interface without NAT44 feature (no translation)
pkts = self.create_stream_in(self.pg0, self.pg2)
self.pg0.add_stream(pkts)
self.pg_enable_capture(self.pg_interfaces)
@@ -1094,19 +1095,19 @@
self.verify_capture_in(capture, self.pg1)
def test_inside_overlapping_interfaces(self):
- """ SNAT multiple inside interfaces with overlapping address space """
+ """ NAT44 multiple inside interfaces with overlapping address space """
static_nat_ip = "10.0.0.10"
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg3.sw_if_index,
- is_inside=0)
- self.vapi.snat_interface_add_del_feature(self.pg4.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg5.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg6.sw_if_index)
- self.snat_add_static_mapping(self.pg6.remote_ip4, static_nat_ip,
- vrf_id=20)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg3.sw_if_index,
+ is_inside=0)
+ self.vapi.nat44_interface_add_del_feature(self.pg4.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg5.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg6.sw_if_index)
+ self.nat44_add_static_mapping(self.pg6.remote_ip4, static_nat_ip,
+ vrf_id=20)
- # between S-NAT inside interfaces with same VRF (no translation)
+ # between NAT44 inside interfaces with same VRF (no translation)
pkts = self.create_stream_in(self.pg4, self.pg5)
self.pg4.add_stream(pkts)
self.pg_enable_capture(self.pg_interfaces)
@@ -1114,7 +1115,7 @@
capture = self.pg5.get_capture(len(pkts))
self.verify_capture_no_translation(capture, self.pg4, self.pg5)
- # between S-NAT inside interfaces with different VRF (hairpinning)
+ # between NAT44 inside interfaces with different VRF (hairpinning)
p = (Ether(src=self.pg4.remote_mac, dst=self.pg4.local_mac) /
IP(src=self.pg4.remote_ip4, dst=static_nat_ip) /
TCP(sport=1234, dport=5678))
@@ -1126,7 +1127,7 @@
try:
ip = p[IP]
tcp = p[TCP]
- self.assertEqual(ip.src, self.snat_addr)
+ self.assertEqual(ip.src, self.nat_addr)
self.assertEqual(ip.dst, self.pg6.remote_ip4)
self.assertNotEqual(tcp.sport, 1234)
self.assertEqual(tcp.dport, 5678)
@@ -1167,9 +1168,9 @@
self.verify_capture_in(capture, self.pg5)
# pg5 session dump
- addresses = self.vapi.snat_address_dump()
+ addresses = self.vapi.nat44_address_dump()
self.assertEqual(len(addresses), 1)
- sessions = self.vapi.snat_user_session_dump(self.pg5.remote_ip4n, 10)
+ sessions = self.vapi.nat44_user_session_dump(self.pg5.remote_ip4n, 10)
self.assertEqual(len(sessions), 3)
for session in sessions:
self.assertFalse(session.is_static)
@@ -1204,13 +1205,13 @@
self.verify_capture_in(capture, self.pg6)
# general user and session dump verifications
- users = self.vapi.snat_user_dump()
+ users = self.vapi.nat44_user_dump()
self.assertTrue(len(users) >= 3)
- addresses = self.vapi.snat_address_dump()
+ addresses = self.vapi.nat44_address_dump()
self.assertEqual(len(addresses), 1)
for user in users:
- sessions = self.vapi.snat_user_session_dump(user.ip_address,
- user.vrf_id)
+ sessions = self.vapi.nat44_user_session_dump(user.ip_address,
+ user.vrf_id)
for session in sessions:
self.assertEqual(user.ip_address, session.inside_ip_address)
self.assertTrue(session.total_bytes > session.total_pkts > 0)
@@ -1219,7 +1220,7 @@
IP_PROTOS.icmp])
# pg4 session dump
- sessions = self.vapi.snat_user_session_dump(self.pg4.remote_ip4n, 10)
+ sessions = self.vapi.nat44_user_session_dump(self.pg4.remote_ip4n, 10)
self.assertTrue(len(sessions) >= 4)
for session in sessions:
self.assertFalse(session.is_static)
@@ -1229,7 +1230,7 @@
addresses[0].ip_address)
# pg6 session dump
- sessions = self.vapi.snat_user_session_dump(self.pg6.remote_ip4n, 20)
+ sessions = self.vapi.nat44_user_session_dump(self.pg6.remote_ip4n, 20)
self.assertTrue(len(sessions) >= 3)
for session in sessions:
self.assertTrue(session.is_static)
@@ -1242,7 +1243,7 @@
self.icmp_id_in])
def test_hairpinning(self):
- """ SNAT hairpinning - 1:1 NAT with port"""
+ """ NAT44 hairpinning - 1:1 NAPT """
host = self.pg0.remote_hosts[0]
server = self.pg0.remote_hosts[1]
@@ -1251,18 +1252,18 @@
server_in_port = 5678
server_out_port = 8765
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# add static mapping for server
- self.snat_add_static_mapping(server.ip4, self.snat_addr,
- server_in_port, server_out_port,
- proto=IP_PROTOS.tcp)
+ self.nat44_add_static_mapping(server.ip4, self.nat_addr,
+ server_in_port, server_out_port,
+ proto=IP_PROTOS.tcp)
# send packet from host to server
p = (Ether(src=host.mac, dst=self.pg0.local_mac) /
- IP(src=host.ip4, dst=self.snat_addr) /
+ IP(src=host.ip4, dst=self.nat_addr) /
TCP(sport=host_in_port, dport=server_out_port))
self.pg0.add_stream(p)
self.pg_enable_capture(self.pg_interfaces)
@@ -1272,7 +1273,7 @@
try:
ip = p[IP]
tcp = p[TCP]
- self.assertEqual(ip.src, self.snat_addr)
+ self.assertEqual(ip.src, self.nat_addr)
self.assertEqual(ip.dst, server.ip4)
self.assertNotEqual(tcp.sport, host_in_port)
self.assertEqual(tcp.dport, server_in_port)
@@ -1284,7 +1285,7 @@
# send reply from server to host
p = (Ether(src=server.mac, dst=self.pg0.local_mac) /
- IP(src=server.ip4, dst=self.snat_addr) /
+ IP(src=server.ip4, dst=self.nat_addr) /
TCP(sport=server_in_port, dport=host_out_port))
self.pg0.add_stream(p)
self.pg_enable_capture(self.pg_interfaces)
@@ -1294,7 +1295,7 @@
try:
ip = p[IP]
tcp = p[TCP]
- self.assertEqual(ip.src, self.snat_addr)
+ self.assertEqual(ip.src, self.nat_addr)
self.assertEqual(ip.dst, host.ip4)
self.assertEqual(tcp.sport, server_out_port)
self.assertEqual(tcp.dport, host_in_port)
@@ -1304,7 +1305,7 @@
raise
def test_hairpinning2(self):
- """ SNAT hairpinning - 1:1 NAT"""
+ """ NAT44 hairpinning - 1:1 NAT"""
server1_nat_ip = "10.0.0.10"
server2_nat_ip = "10.0.0.11"
@@ -1314,14 +1315,14 @@
server_tcp_port = 22
server_udp_port = 20
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# add static mapping for servers
- self.snat_add_static_mapping(server1.ip4, server1_nat_ip)
- self.snat_add_static_mapping(server2.ip4, server2_nat_ip)
+ self.nat44_add_static_mapping(server1.ip4, server1_nat_ip)
+ self.nat44_add_static_mapping(server2.ip4, server2_nat_ip)
# host to server1
pkts = []
@@ -1343,7 +1344,7 @@
capture = self.pg0.get_capture(len(pkts))
for packet in capture:
try:
- self.assertEqual(packet[IP].src, self.snat_addr)
+ self.assertEqual(packet[IP].src, self.nat_addr)
self.assertEqual(packet[IP].dst, server1.ip4)
if packet.haslayer(TCP):
self.assertNotEqual(packet[TCP].sport, self.tcp_port_in)
@@ -1364,15 +1365,15 @@
# server1 to host
pkts = []
p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
- IP(src=server1.ip4, dst=self.snat_addr) /
+ IP(src=server1.ip4, dst=self.nat_addr) /
TCP(sport=server_tcp_port, dport=self.tcp_port_out))
pkts.append(p)
p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
- IP(src=server1.ip4, dst=self.snat_addr) /
+ IP(src=server1.ip4, dst=self.nat_addr) /
UDP(sport=server_udp_port, dport=self.udp_port_out))
pkts.append(p)
p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
- IP(src=server1.ip4, dst=self.snat_addr) /
+ IP(src=server1.ip4, dst=self.nat_addr) /
ICMP(id=self.icmp_id_out, type='echo-reply'))
pkts.append(p)
self.pg0.add_stream(pkts)
@@ -1472,16 +1473,16 @@
def test_max_translations_per_user(self):
""" MAX translations per user - recycle the least recently used """
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# get maximum number of translations per user
- snat_config = self.vapi.snat_show_config()
+ nat44_config = self.vapi.nat_show_config()
# send more than maximum number of translations per user packets
- pkts_num = snat_config.max_translations_per_user + 5
+ pkts_num = nat44_config.max_translations_per_user + 5
pkts = []
for port in range(0, pkts_num):
p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
@@ -1496,39 +1497,40 @@
self.pg1.get_capture(pkts_num)
def test_interface_addr(self):
- """ Acquire SNAT addresses from interface """
- self.vapi.snat_add_interface_addr(self.pg7.sw_if_index)
+ """ Acquire NAT44 addresses from interface """
+ self.vapi.nat44_add_interface_addr(self.pg7.sw_if_index)
# no address in NAT pool
- adresses = self.vapi.snat_address_dump()
+ adresses = self.vapi.nat44_address_dump()
self.assertEqual(0, len(adresses))
# configure interface address and check NAT address pool
self.pg7.config_ip4()
- adresses = self.vapi.snat_address_dump()
+ adresses = self.vapi.nat44_address_dump()
self.assertEqual(1, len(adresses))
self.assertEqual(adresses[0].ip_address[0:4], self.pg7.local_ip4n)
# remove interface address and check NAT address pool
self.pg7.unconfig_ip4()
- adresses = self.vapi.snat_address_dump()
+ adresses = self.vapi.nat44_address_dump()
self.assertEqual(0, len(adresses))
def test_interface_addr_static_mapping(self):
""" Static mapping with addresses from interface """
- self.vapi.snat_add_interface_addr(self.pg7.sw_if_index)
- self.snat_add_static_mapping('1.2.3.4',
- external_sw_if_index=self.pg7.sw_if_index)
+ self.vapi.nat44_add_interface_addr(self.pg7.sw_if_index)
+ self.nat44_add_static_mapping(
+ '1.2.3.4',
+ external_sw_if_index=self.pg7.sw_if_index)
# static mappings with external interface
- static_mappings = self.vapi.snat_static_mapping_dump()
+ static_mappings = self.vapi.nat44_static_mapping_dump()
self.assertEqual(1, len(static_mappings))
self.assertEqual(self.pg7.sw_if_index,
static_mappings[0].external_sw_if_index)
# configure interface address and check static mappings
self.pg7.config_ip4()
- static_mappings = self.vapi.snat_static_mapping_dump()
+ static_mappings = self.vapi.nat44_static_mapping_dump()
self.assertEqual(1, len(static_mappings))
self.assertEqual(static_mappings[0].external_ip_address[0:4],
self.pg7.local_ip4n)
@@ -1536,26 +1538,26 @@
# remove interface address and check static mappings
self.pg7.unconfig_ip4()
- static_mappings = self.vapi.snat_static_mapping_dump()
+ static_mappings = self.vapi.nat44_static_mapping_dump()
self.assertEqual(0, len(static_mappings))
def test_ipfix_nat44_sess(self):
- """ S-NAT IPFIX logging NAT44 session created/delted """
+ """ IPFIX logging NAT44 session created/delted """
self.ipfix_domain_id = 10
self.ipfix_src_port = 20202
colector_port = 30303
bind_layers(UDP, IPFIX, dport=30303)
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
self.vapi.set_ipfix_exporter(collector_address=self.pg3.remote_ip4n,
src_address=self.pg3.local_ip4n,
path_mtu=512,
template_interval=10,
collector_port=colector_port)
- self.vapi.snat_ipfix(domain_id=self.ipfix_domain_id,
- src_port=self.ipfix_src_port)
+ self.vapi.nat_ipfix(domain_id=self.ipfix_domain_id,
+ src_port=self.ipfix_src_port)
pkts = self.create_stream_in(self.pg0, self.pg1)
self.pg0.add_stream(pkts)
@@ -1563,7 +1565,7 @@
self.pg_start()
capture = self.pg1.get_capture(len(pkts))
self.verify_capture_out(capture)
- self.snat_add_address(self.snat_addr, is_add=0)
+ self.nat44_add_address(self.nat_addr, is_add=0)
self.vapi.cli("ipfix flush") # FIXME this should be an API call
capture = self.pg3.get_capture(3)
ipfix = IPFIXDecoder()
@@ -1585,16 +1587,16 @@
self.verify_ipfix_nat44_ses(data)
def test_ipfix_addr_exhausted(self):
- """ S-NAT IPFIX logging NAT addresses exhausted """
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ """ IPFIX logging NAT addresses exhausted """
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
self.vapi.set_ipfix_exporter(collector_address=self.pg3.remote_ip4n,
src_address=self.pg3.local_ip4n,
path_mtu=512,
template_interval=10)
- self.vapi.snat_ipfix(domain_id=self.ipfix_domain_id,
- src_port=self.ipfix_src_port)
+ self.vapi.nat_ipfix(domain_id=self.ipfix_domain_id,
+ src_port=self.ipfix_src_port)
p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) /
@@ -1624,17 +1626,17 @@
self.verify_ipfix_addr_exhausted(data)
def test_pool_addr_fib(self):
- """ S-NAT add pool addresses to FIB """
+ """ NAT44 add pool addresses to FIB """
static_addr = '10.0.0.10'
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
- self.snat_add_static_mapping(self.pg0.remote_ip4, static_addr)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, static_addr)
- # SNAT address
+ # NAT44 address
p = (Ether(src=self.pg1.remote_mac, dst='ff:ff:ff:ff:ff:ff') /
- ARP(op=ARP.who_has, pdst=self.snat_addr,
+ ARP(op=ARP.who_has, pdst=self.nat_addr,
psrc=self.pg1.remote_ip4, hwsrc=self.pg1.remote_mac))
self.pg1.add_stream(p)
self.pg_enable_capture(self.pg_interfaces)
@@ -1654,9 +1656,9 @@
self.assertTrue(capture[0].haslayer(ARP))
self.assertTrue(capture[0][ARP].op, ARP.is_at)
- # send ARP to non-SNAT interface
+ # send ARP to non-NAT44 interface
p = (Ether(src=self.pg2.remote_mac, dst='ff:ff:ff:ff:ff:ff') /
- ARP(op=ARP.who_has, pdst=self.snat_addr,
+ ARP(op=ARP.who_has, pdst=self.nat_addr,
psrc=self.pg2.remote_ip4, hwsrc=self.pg2.remote_mac))
self.pg2.add_stream(p)
self.pg_enable_capture(self.pg_interfaces)
@@ -1664,12 +1666,12 @@
capture = self.pg1.get_capture(0)
# remove addresses and verify
- self.snat_add_address(self.snat_addr, is_add=0)
- self.snat_add_static_mapping(self.pg0.remote_ip4, static_addr,
- is_add=0)
+ self.nat44_add_address(self.nat_addr, is_add=0)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, static_addr,
+ is_add=0)
p = (Ether(src=self.pg1.remote_mac, dst='ff:ff:ff:ff:ff:ff') /
- ARP(op=ARP.who_has, pdst=self.snat_addr,
+ ARP(op=ARP.who_has, pdst=self.nat_addr,
psrc=self.pg1.remote_ip4, hwsrc=self.pg1.remote_mac))
self.pg1.add_stream(p)
self.pg_enable_capture(self.pg_interfaces)
@@ -1685,7 +1687,7 @@
capture = self.pg1.get_capture(0)
def test_vrf_mode(self):
- """ S-NAT tenant VRF aware address pool mode """
+ """ NAT44 tenant VRF aware address pool mode """
vrf_id1 = 1
vrf_id2 = 2
@@ -1699,12 +1701,12 @@
self.pg0.config_ip4()
self.pg1.config_ip4()
- self.snat_add_address(nat_ip1, vrf_id=vrf_id1)
- self.snat_add_address(nat_ip2, vrf_id=vrf_id2)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg2.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(nat_ip1, vrf_id=vrf_id1)
+ self.nat44_add_address(nat_ip2, vrf_id=vrf_id2)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg2.sw_if_index,
+ is_inside=0)
# first VRF
pkts = self.create_stream_in(self.pg0, self.pg2)
@@ -1723,17 +1725,17 @@
self.verify_capture_out(capture, nat_ip2)
def test_vrf_feature_independent(self):
- """ S-NAT tenant VRF independent address pool mode """
+ """ NAT44 tenant VRF independent address pool mode """
nat_ip1 = "10.0.0.10"
nat_ip2 = "10.0.0.11"
- self.snat_add_address(nat_ip1)
- self.snat_add_address(nat_ip2)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg2.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(nat_ip1)
+ self.nat44_add_address(nat_ip2)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg2.sw_if_index,
+ is_inside=0)
# first VRF
pkts = self.create_stream_in(self.pg0, self.pg2)
@@ -1752,7 +1754,7 @@
self.verify_capture_out(capture, nat_ip1)
def test_dynamic_ipless_interfaces(self):
- """ SNAT interfaces without configured ip dynamic map """
+ """ NAT44 interfaces without configured IP address """
self.vapi.ip_neighbor_add_del(self.pg7.sw_if_index,
self.pg7.remote_mac,
@@ -1772,10 +1774,10 @@
next_hop_address=self.pg8.remote_ip4n,
next_hop_sw_if_index=self.pg8.sw_if_index)
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg7.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg8.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg7.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg8.sw_if_index,
+ is_inside=0)
# in2out
pkts = self.create_stream_in(self.pg7, self.pg8)
@@ -1786,7 +1788,7 @@
self.verify_capture_out(capture)
# out2in
- pkts = self.create_stream_out(self.pg8, self.snat_addr)
+ pkts = self.create_stream_out(self.pg8, self.nat_addr)
self.pg8.add_stream(pkts)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
@@ -1794,7 +1796,7 @@
self.verify_capture_in(capture, self.pg7)
def test_static_ipless_interfaces(self):
- """ SNAT 1:1 NAT interfaces without configured ip """
+ """ NAT44 interfaces without configured IP address - 1:1 NAT """
self.vapi.ip_neighbor_add_del(self.pg7.sw_if_index,
self.pg7.remote_mac,
@@ -1814,10 +1816,10 @@
next_hop_address=self.pg8.remote_ip4n,
next_hop_sw_if_index=self.pg8.sw_if_index)
- self.snat_add_static_mapping(self.pg7.remote_ip4, self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg7.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg8.sw_if_index,
- is_inside=0)
+ self.nat44_add_static_mapping(self.pg7.remote_ip4, self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg7.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg8.sw_if_index,
+ is_inside=0)
# out2in
pkts = self.create_stream_out(self.pg8)
@@ -1833,10 +1835,10 @@
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
capture = self.pg8.get_capture(len(pkts))
- self.verify_capture_out(capture, self.snat_addr, True)
+ self.verify_capture_out(capture, self.nat_addr, True)
def test_static_with_port_ipless_interfaces(self):
- """ SNAT 1:1 NAT with port interfaces without configured ip """
+ """ NAT44 interfaces without configured IP address - 1:1 NAPT """
self.tcp_port_out = 30606
self.udp_port_out = 30607
@@ -1860,19 +1862,19 @@
next_hop_address=self.pg8.remote_ip4n,
next_hop_sw_if_index=self.pg8.sw_if_index)
- self.snat_add_address(self.snat_addr)
- self.snat_add_static_mapping(self.pg7.remote_ip4, self.snat_addr,
- self.tcp_port_in, self.tcp_port_out,
- proto=IP_PROTOS.tcp)
- self.snat_add_static_mapping(self.pg7.remote_ip4, self.snat_addr,
- self.udp_port_in, self.udp_port_out,
- proto=IP_PROTOS.udp)
- self.snat_add_static_mapping(self.pg7.remote_ip4, self.snat_addr,
- self.icmp_id_in, self.icmp_id_out,
- proto=IP_PROTOS.icmp)
- self.vapi.snat_interface_add_del_feature(self.pg7.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg8.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.nat44_add_static_mapping(self.pg7.remote_ip4, self.nat_addr,
+ self.tcp_port_in, self.tcp_port_out,
+ proto=IP_PROTOS.tcp)
+ self.nat44_add_static_mapping(self.pg7.remote_ip4, self.nat_addr,
+ self.udp_port_in, self.udp_port_out,
+ proto=IP_PROTOS.udp)
+ self.nat44_add_static_mapping(self.pg7.remote_ip4, self.nat_addr,
+ self.icmp_id_in, self.icmp_id_out,
+ proto=IP_PROTOS.icmp)
+ self.vapi.nat44_interface_add_del_feature(self.pg7.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg8.sw_if_index,
+ is_inside=0)
# out2in
pkts = self.create_stream_out(self.pg8)
@@ -1893,10 +1895,10 @@
def test_static_unknown_proto(self):
""" 1:1 NAT translate packet with unknown protocol """
nat_ip = "10.0.0.10"
- self.snat_add_static_mapping(self.pg0.remote_ip4, nat_ip)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_static_mapping(self.pg0.remote_ip4, nat_ip)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# in2out
p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
@@ -1947,11 +1949,11 @@
host_nat_ip = "10.0.0.10"
server_nat_ip = "10.0.0.11"
- self.snat_add_static_mapping(host.ip4, host_nat_ip)
- self.snat_add_static_mapping(server.ip4, server_nat_ip)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_static_mapping(host.ip4, host_nat_ip)
+ self.nat44_add_static_mapping(server.ip4, server_nat_ip)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# host to server
p = (Ether(dst=self.pg0.local_mac, src=host.mac) /
@@ -1994,11 +1996,11 @@
raise
def test_unknown_proto(self):
- """ SNAT translate packet with unknown protocol """
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ """ NAT44 translate packet with unknown protocol """
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# in2out
p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
@@ -2020,7 +2022,7 @@
p = self.pg1.get_capture(1)
packet = p[0]
try:
- self.assertEqual(packet[IP].src, self.snat_addr)
+ self.assertEqual(packet[IP].src, self.nat_addr)
self.assertEqual(packet[IP].dst, self.pg1.remote_ip4)
self.assertTrue(packet.haslayer(GRE))
self.check_ip_checksum(packet)
@@ -2030,7 +2032,7 @@
# out2in
p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) /
- IP(src=self.pg1.remote_ip4, dst=self.snat_addr) /
+ IP(src=self.pg1.remote_ip4, dst=self.nat_addr) /
GRE() /
IP(src=self.pg3.remote_ip4, dst=self.pg2.remote_ip4) /
TCP(sport=1234, dport=1234))
@@ -2049,7 +2051,7 @@
raise
def test_hairpinning_unknown_proto(self):
- """ SNAT translate packet with unknown protocol - hairpinning """
+ """ NAT44 translate packet with unknown protocol - hairpinning """
host = self.pg0.remote_hosts[0]
server = self.pg0.remote_hosts[1]
host_in_port = 1234
@@ -2058,13 +2060,13 @@
server_out_port = 8765
server_nat_ip = "10.0.0.11"
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# add static mapping for server
- self.snat_add_static_mapping(server.ip4, server_nat_ip)
+ self.nat44_add_static_mapping(server.ip4, server_nat_ip)
# host to server
p = (Ether(src=host.mac, dst=self.pg0.local_mac) /
@@ -2086,7 +2088,7 @@
p = self.pg0.get_capture(1)
packet = p[0]
try:
- self.assertEqual(packet[IP].src, self.snat_addr)
+ self.assertEqual(packet[IP].src, self.nat_addr)
self.assertEqual(packet[IP].dst, server.ip4)
self.assertTrue(packet.haslayer(GRE))
self.check_ip_checksum(packet)
@@ -2096,7 +2098,7 @@
# server to host
p = (Ether(dst=self.pg0.local_mac, src=server.mac) /
- IP(src=server.ip4, dst=self.snat_addr) /
+ IP(src=server.ip4, dst=self.nat_addr) /
GRE() /
IP(src=self.pg3.remote_ip4, dst=self.pg2.remote_ip4) /
TCP(sport=1234, dport=1234))
@@ -2115,11 +2117,11 @@
raise
def test_output_feature(self):
- """ S-NAT interface output feature (in2out postrouting) """
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_output_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_output_feature(self.pg1.sw_if_index,
- is_inside=0)
+ """ NAT44 interface output feature (in2out postrouting) """
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_output_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_output_feature(self.pg1.sw_if_index,
+ is_inside=0)
# in2out
pkts = self.create_stream_in(self.pg0, self.pg1)
@@ -2138,7 +2140,7 @@
self.verify_capture_in(capture, self.pg0)
def test_output_feature_vrf_aware(self):
- """ S-NAT interface output feature VRF aware (in2out postrouting) """
+ """ NAT44 interface output feature VRF aware (in2out postrouting) """
nat_ip_vrf10 = "10.0.0.10"
nat_ip_vrf20 = "10.0.0.20"
@@ -2153,12 +2155,12 @@
next_hop_sw_if_index=self.pg3.sw_if_index,
table_id=20)
- self.snat_add_address(nat_ip_vrf10, vrf_id=10)
- self.snat_add_address(nat_ip_vrf20, vrf_id=20)
- self.vapi.snat_interface_add_del_output_feature(self.pg4.sw_if_index)
- self.vapi.snat_interface_add_del_output_feature(self.pg6.sw_if_index)
- self.vapi.snat_interface_add_del_output_feature(self.pg3.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(nat_ip_vrf10, vrf_id=10)
+ self.nat44_add_address(nat_ip_vrf20, vrf_id=20)
+ self.vapi.nat44_interface_add_del_output_feature(self.pg4.sw_if_index)
+ self.vapi.nat44_interface_add_del_output_feature(self.pg6.sw_if_index)
+ self.vapi.nat44_interface_add_del_output_feature(self.pg3.sw_if_index,
+ is_inside=0)
# in2out VRF 10
pkts = self.create_stream_in(self.pg4, self.pg3)
@@ -2193,7 +2195,7 @@
self.verify_capture_in(capture, self.pg6)
def test_output_feature_hairpinning(self):
- """ S-NAT interface output feature hairpinning (in2out postrouting) """
+ """ NAT44 interface output feature hairpinning (in2out postrouting) """
host = self.pg0.remote_hosts[0]
server = self.pg0.remote_hosts[1]
host_in_port = 1234
@@ -2201,19 +2203,19 @@
server_in_port = 5678
server_out_port = 8765
- self.snat_add_address(self.snat_addr)
- self.vapi.snat_interface_add_del_output_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_output_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_interface_add_del_output_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_output_feature(self.pg1.sw_if_index,
+ is_inside=0)
# add static mapping for server
- self.snat_add_static_mapping(server.ip4, self.snat_addr,
- server_in_port, server_out_port,
- proto=IP_PROTOS.tcp)
+ self.nat44_add_static_mapping(server.ip4, self.nat_addr,
+ server_in_port, server_out_port,
+ proto=IP_PROTOS.tcp)
# send packet from host to server
p = (Ether(src=host.mac, dst=self.pg0.local_mac) /
- IP(src=host.ip4, dst=self.snat_addr) /
+ IP(src=host.ip4, dst=self.nat_addr) /
TCP(sport=host_in_port, dport=server_out_port))
self.pg0.add_stream(p)
self.pg_enable_capture(self.pg_interfaces)
@@ -2223,7 +2225,7 @@
try:
ip = p[IP]
tcp = p[TCP]
- self.assertEqual(ip.src, self.snat_addr)
+ self.assertEqual(ip.src, self.nat_addr)
self.assertEqual(ip.dst, server.ip4)
self.assertNotEqual(tcp.sport, host_in_port)
self.assertEqual(tcp.dport, server_in_port)
@@ -2235,7 +2237,7 @@
# send reply from server to host
p = (Ether(src=server.mac, dst=self.pg0.local_mac) /
- IP(src=server.ip4, dst=self.snat_addr) /
+ IP(src=server.ip4, dst=self.nat_addr) /
TCP(sport=server_in_port, dport=host_out_port))
self.pg0.add_stream(p)
self.pg_enable_capture(self.pg_interfaces)
@@ -2245,7 +2247,7 @@
try:
ip = p[IP]
tcp = p[TCP]
- self.assertEqual(ip.src, self.snat_addr)
+ self.assertEqual(ip.src, self.nat_addr)
self.assertEqual(ip.dst, host.ip4)
self.assertEqual(tcp.sport, server_out_port)
self.assertEqual(tcp.dport, host_in_port)
@@ -2255,10 +2257,10 @@
raise
def tearDown(self):
- super(TestSNAT, self).tearDown()
+ super(TestNAT44, self).tearDown()
if not self.vpp_dead:
- self.logger.info(self.vapi.cli("show snat verbose"))
- self.clear_snat()
+ self.logger.info(self.vapi.cli("show nat44 verbose"))
+ self.clear_nat44()
class TestDeterministicNAT(MethodHolder):
@@ -2267,7 +2269,7 @@
@classmethod
def setUpConstants(cls):
super(TestDeterministicNAT, cls).setUpConstants()
- cls.vpp_cmdline.extend(["snat", "{", "deterministic", "}"])
+ cls.vpp_cmdline.extend(["nat", "{", "deterministic", "}"])
@classmethod
def setUpClass(cls):
@@ -2279,7 +2281,7 @@
cls.udp_port_in = 6304
cls.udp_external_port = 6304
cls.icmp_id_in = 6305
- cls.snat_addr = '10.0.0.3'
+ cls.nat_addr = '10.0.0.3'
cls.create_pg_interfaces(range(3))
cls.interfaces = list(cls.pg_interfaces)
@@ -2330,11 +2332,11 @@
Create packet stream for outside network
:param out_if: Outside interface
- :param dst_ip: Destination IP address (Default use global SNAT address)
+ :param dst_ip: Destination IP address (Default use global NAT address)
:param ttl: TTL of generated packets
"""
if dst_ip is None:
- dst_ip = self.snat_addr
+ dst_ip = self.nat_addr
pkts = []
# TCP
p = (Ether(dst=out_if.local_mac, src=out_if.remote_mac) /
@@ -2361,12 +2363,12 @@
Verify captured packets on outside network
:param capture: Captured packets
- :param nat_ip: Translated IP address (Default use global SNAT address)
+ :param nat_ip: Translated IP address (Default use global NAT address)
:param same_port: Sorce port number is not translated (Default False)
:param packet_num: Expected number of packets (Default 3)
"""
if nat_ip is None:
- nat_ip = self.snat_addr
+ nat_ip = self.nat_addr
self.assertEqual(packet_num, len(capture))
for packet in capture:
try:
@@ -2404,7 +2406,7 @@
# SYN + ACK packet out->in
p = (Ether(src=out_if.remote_mac, dst=out_if.local_mac) /
- IP(src=out_if.remote_ip4, dst=self.snat_addr) /
+ IP(src=out_if.remote_ip4, dst=self.nat_addr) /
TCP(sport=self.tcp_external_port, dport=self.tcp_port_out,
flags="SA"))
out_if.add_stream(p)
@@ -2442,7 +2444,7 @@
self.assertEqual(self.pg0.remote_ip4n, record[8])
def test_deterministic_mode(self):
- """ S-NAT run deterministic mode """
+ """ NAT plugin run deterministic mode """
in_addr = '172.16.255.0'
out_addr = '172.17.255.50'
in_addr_t = '172.16.255.20'
@@ -2452,17 +2454,17 @@
in_plen = 24
out_plen = 32
- snat_config = self.vapi.snat_show_config()
- self.assertEqual(1, snat_config.deterministic)
+ nat_config = self.vapi.nat_show_config()
+ self.assertEqual(1, nat_config.deterministic)
- self.vapi.snat_add_det_map(in_addr_n, in_plen, out_addr_n, out_plen)
+ self.vapi.nat_det_add_del_map(in_addr_n, in_plen, out_addr_n, out_plen)
- rep1 = self.vapi.snat_det_forward(in_addr_t_n)
+ rep1 = self.vapi.nat_det_forward(in_addr_t_n)
self.assertEqual(rep1.out_addr[:4], out_addr_n)
- rep2 = self.vapi.snat_det_reverse(out_addr_n, rep1.out_port_hi)
+ rep2 = self.vapi.nat_det_reverse(out_addr_n, rep1.out_port_hi)
self.assertEqual(rep2.in_addr[:4], in_addr_t_n)
- deterministic_mappings = self.vapi.snat_det_map_dump()
+ deterministic_mappings = self.vapi.nat_det_map_dump()
self.assertEqual(len(deterministic_mappings), 1)
dsm = deterministic_mappings[0]
self.assertEqual(in_addr_n, dsm.in_addr[:4])
@@ -2470,20 +2472,20 @@
self.assertEqual(out_addr_n, dsm.out_addr[:4])
self.assertEqual(out_plen, dsm.out_plen)
- self.clear_snat()
- deterministic_mappings = self.vapi.snat_det_map_dump()
+ self.clear_nat_det()
+ deterministic_mappings = self.vapi.nat_det_map_dump()
self.assertEqual(len(deterministic_mappings), 0)
def test_set_timeouts(self):
""" Set deterministic NAT timeouts """
- timeouts_before = self.vapi.snat_det_get_timeouts()
+ timeouts_before = self.vapi.nat_det_get_timeouts()
- self.vapi.snat_det_set_timeouts(timeouts_before.udp + 10,
- timeouts_before.tcp_established + 10,
- timeouts_before.tcp_transitory + 10,
- timeouts_before.icmp + 10)
+ self.vapi.nat_det_set_timeouts(timeouts_before.udp + 10,
+ timeouts_before.tcp_established + 10,
+ timeouts_before.tcp_transitory + 10,
+ timeouts_before.icmp + 10)
- timeouts_after = self.vapi.snat_det_get_timeouts()
+ timeouts_after = self.vapi.nat_det_get_timeouts()
self.assertNotEqual(timeouts_before.udp, timeouts_after.udp)
self.assertNotEqual(timeouts_before.icmp, timeouts_after.icmp)
@@ -2493,17 +2495,17 @@
timeouts_after.tcp_transitory)
def test_det_in(self):
- """ CGNAT translation test (TCP, UDP, ICMP) """
+ """ Deterministic NAT translation test (TCP, UDP, ICMP) """
nat_ip = "10.0.0.10"
- self.vapi.snat_add_det_map(self.pg0.remote_ip4n,
- 32,
- socket.inet_aton(nat_ip),
- 32)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.vapi.nat_det_add_del_map(self.pg0.remote_ip4n,
+ 32,
+ socket.inet_aton(nat_ip),
+ 32)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# in2out
pkts = self.create_stream_in(self.pg0, self.pg1)
@@ -2522,7 +2524,7 @@
self.verify_capture_in(capture, self.pg0)
# session dump test
- sessions = self.vapi.snat_det_session_dump(self.pg0.remote_ip4n)
+ sessions = self.vapi.nat_det_session_dump(self.pg0.remote_ip4n)
self.assertEqual(len(sessions), 3)
# TCP session
@@ -2546,7 +2548,7 @@
self.assertEqual(s.out_port, self.icmp_external_id)
def test_multiple_users(self):
- """ CGNAT multiple users """
+ """ Deterministic NAT multiple users """
nat_ip = "10.0.0.10"
port_in = 80
@@ -2555,13 +2557,13 @@
host0 = self.pg0.remote_hosts[0]
host1 = self.pg0.remote_hosts[1]
- self.vapi.snat_add_det_map(host0.ip4n,
- 24,
- socket.inet_aton(nat_ip),
- 32)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ self.vapi.nat_det_add_del_map(host0.ip4n,
+ 24,
+ socket.inet_aton(nat_ip),
+ 32)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
# host0 to out
p = (Ether(src=host0.mac, dst=self.pg0.local_mac) /
@@ -2603,7 +2605,7 @@
self.logger.error(ppp("Unexpected or invalid packet:", p))
raise
- dms = self.vapi.snat_det_map_dump()
+ dms = self.vapi.nat_det_map_dump()
self.assertEqual(1, len(dms))
self.assertEqual(2, dms[0].ses_num)
@@ -2648,29 +2650,29 @@
raise
# session close api test
- self.vapi.snat_det_close_session_out(socket.inet_aton(nat_ip),
- port_out1,
- self.pg1.remote_ip4n,
- external_port)
- dms = self.vapi.snat_det_map_dump()
- self.assertEqual(dms[0].ses_num, 1)
-
- self.vapi.snat_det_close_session_in(host0.ip4n,
- port_in,
+ self.vapi.nat_det_close_session_out(socket.inet_aton(nat_ip),
+ port_out1,
self.pg1.remote_ip4n,
external_port)
- dms = self.vapi.snat_det_map_dump()
+ dms = self.vapi.nat_det_map_dump()
+ self.assertEqual(dms[0].ses_num, 1)
+
+ self.vapi.nat_det_close_session_in(host0.ip4n,
+ port_in,
+ self.pg1.remote_ip4n,
+ external_port)
+ dms = self.vapi.nat_det_map_dump()
self.assertEqual(dms[0].ses_num, 0)
def test_tcp_session_close_detection_in(self):
- """ CGNAT TCP session close initiated from inside network """
- self.vapi.snat_add_det_map(self.pg0.remote_ip4n,
- 32,
- socket.inet_aton(self.snat_addr),
- 32)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ """ Deterministic NAT TCP session close from inside network """
+ self.vapi.nat_det_add_del_map(self.pg0.remote_ip4n,
+ 32,
+ socket.inet_aton(self.nat_addr),
+ 32)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
self.initiate_tcp_session(self.pg0, self.pg1)
@@ -2690,14 +2692,14 @@
# ACK packet out -> in
p = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) /
- IP(src=self.pg1.remote_ip4, dst=self.snat_addr) /
+ IP(src=self.pg1.remote_ip4, dst=self.nat_addr) /
TCP(sport=self.tcp_external_port, dport=self.tcp_port_out,
flags="A"))
pkts.append(p)
# FIN packet out -> in
p = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) /
- IP(src=self.pg1.remote_ip4, dst=self.snat_addr) /
+ IP(src=self.pg1.remote_ip4, dst=self.nat_addr) /
TCP(sport=self.tcp_external_port, dport=self.tcp_port_out,
flags="F"))
pkts.append(p)
@@ -2717,22 +2719,22 @@
self.pg_start()
self.pg1.get_capture(1)
- # Check if snat closed the session
- dms = self.vapi.snat_det_map_dump()
+ # Check if deterministic NAT44 closed the session
+ dms = self.vapi.nat_det_map_dump()
self.assertEqual(0, dms[0].ses_num)
except:
self.logger.error("TCP session termination failed")
raise
def test_tcp_session_close_detection_out(self):
- """ CGNAT TCP session close initiated from outside network """
- self.vapi.snat_add_det_map(self.pg0.remote_ip4n,
- 32,
- socket.inet_aton(self.snat_addr),
- 32)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ """ Deterministic NAT TCP session close from outside network """
+ self.vapi.nat_det_add_del_map(self.pg0.remote_ip4n,
+ 32,
+ socket.inet_aton(self.nat_addr),
+ 32)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
self.initiate_tcp_session(self.pg0, self.pg1)
@@ -2740,7 +2742,7 @@
try:
# FIN packet out -> in
p = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) /
- IP(src=self.pg1.remote_ip4, dst=self.snat_addr) /
+ IP(src=self.pg1.remote_ip4, dst=self.nat_addr) /
TCP(sport=self.tcp_external_port, dport=self.tcp_port_out,
flags="F"))
self.pg1.add_stream(p)
@@ -2771,7 +2773,7 @@
# ACK packet out -> in
p = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) /
- IP(src=self.pg1.remote_ip4, dst=self.snat_addr) /
+ IP(src=self.pg1.remote_ip4, dst=self.nat_addr) /
TCP(sport=self.tcp_external_port, dport=self.tcp_port_out,
flags="A"))
self.pg1.add_stream(p)
@@ -2779,8 +2781,8 @@
self.pg_start()
self.pg0.get_capture(1)
- # Check if snat closed the session
- dms = self.vapi.snat_det_map_dump()
+ # Check if deterministic NAT44 closed the session
+ dms = self.vapi.nat_det_map_dump()
self.assertEqual(0, dms[0].ses_num)
except:
self.logger.error("TCP session termination failed")
@@ -2788,17 +2790,17 @@
@unittest.skipUnless(running_extended_tests(), "part of extended tests")
def test_session_timeout(self):
- """ CGNAT session timeouts """
- self.vapi.snat_add_det_map(self.pg0.remote_ip4n,
- 32,
- socket.inet_aton(self.snat_addr),
- 32)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ """ Deterministic NAT session timeouts """
+ self.vapi.nat_det_add_del_map(self.pg0.remote_ip4n,
+ 32,
+ socket.inet_aton(self.nat_addr),
+ 32)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
self.initiate_tcp_session(self.pg0, self.pg1)
- self.vapi.snat_det_set_timeouts(5, 5, 5, 5)
+ self.vapi.nat_det_set_timeouts(5, 5, 5, 5)
pkts = self.create_stream_in(self.pg0, self.pg1)
self.pg0.add_stream(pkts)
self.pg_enable_capture(self.pg_interfaces)
@@ -2806,24 +2808,24 @@
capture = self.pg1.get_capture(len(pkts))
sleep(15)
- dms = self.vapi.snat_det_map_dump()
+ dms = self.vapi.nat_det_map_dump()
self.assertEqual(0, dms[0].ses_num)
@unittest.skipUnless(running_extended_tests(), "part of extended tests")
def test_session_limit_per_user(self):
- """ CGNAT maximum 1000 sessions per user should be created """
- self.vapi.snat_add_det_map(self.pg0.remote_ip4n,
- 32,
- socket.inet_aton(self.snat_addr),
- 32)
- self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
- self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
- is_inside=0)
+ """ Deterministic NAT maximum sessions per user limit """
+ self.vapi.nat_det_add_del_map(self.pg0.remote_ip4n,
+ 32,
+ socket.inet_aton(self.nat_addr),
+ 32)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
self.vapi.set_ipfix_exporter(collector_address=self.pg2.remote_ip4n,
src_address=self.pg2.local_ip4n,
path_mtu=512,
template_interval=10)
- self.vapi.snat_ipfix()
+ self.vapi.nat_ipfix()
pkts = []
for port in range(1025, 2025):
@@ -2857,7 +2859,7 @@
self.assertEqual(inner_ip[UDPerror].sport, 3001)
self.assertEqual(inner_ip[UDPerror].dport, 3002)
- dms = self.vapi.snat_det_map_dump()
+ dms = self.vapi.nat_det_map_dump()
self.assertEqual(1000, dms[0].ses_num)
@@ -2877,31 +2879,31 @@
data = ipfix.decode_data_set(p.getlayer(Set))
self.verify_ipfix_max_entries_per_user(data)
- def clear_snat(self):
+ def clear_nat_det(self):
"""
- Clear SNAT configuration.
+ Clear deterministic NAT configuration.
"""
- self.vapi.snat_ipfix(enable=0)
- self.vapi.snat_det_set_timeouts()
- deterministic_mappings = self.vapi.snat_det_map_dump()
+ self.vapi.nat_ipfix(enable=0)
+ self.vapi.nat_det_set_timeouts()
+ deterministic_mappings = self.vapi.nat_det_map_dump()
for dsm in deterministic_mappings:
- self.vapi.snat_add_det_map(dsm.in_addr,
- dsm.in_plen,
- dsm.out_addr,
- dsm.out_plen,
- is_add=0)
+ self.vapi.nat_det_add_del_map(dsm.in_addr,
+ dsm.in_plen,
+ dsm.out_addr,
+ dsm.out_plen,
+ is_add=0)
- interfaces = self.vapi.snat_interface_dump()
+ interfaces = self.vapi.nat44_interface_dump()
for intf in interfaces:
- self.vapi.snat_interface_add_del_feature(intf.sw_if_index,
- intf.is_inside,
- is_add=0)
+ self.vapi.nat44_interface_add_del_feature(intf.sw_if_index,
+ intf.is_inside,
+ is_add=0)
def tearDown(self):
super(TestDeterministicNAT, self).tearDown()
if not self.vpp_dead:
- self.logger.info(self.vapi.cli("show snat detail"))
- self.clear_snat()
+ self.logger.info(self.vapi.cli("show nat44 detail"))
+ self.clear_nat_det()
class TestNAT64(MethodHolder):
diff --git a/test/vpp_papi_provider.py b/test/vpp_papi_provider.py
index 95de0be..61db4d6 100644
--- a/test/vpp_papi_provider.py
+++ b/test/vpp_papi_provider.py
@@ -1061,41 +1061,41 @@
'mt_next_hop_table_id': next_hop_table_id,
'mt_next_hop_out_label_stack': next_hop_out_label_stack})
- def snat_interface_add_del_feature(
+ def nat44_interface_add_del_feature(
self,
sw_if_index,
is_inside=1,
is_add=1):
- """Enable/disable S-NAT feature on the interface
+ """Enable/disable NAT44 feature on the interface
:param sw_if_index: Software index of the interface
:param is_inside: 1 if inside, 0 if outside (Default value = 1)
:param is_add: 1 if add, 0 if delete (Default value = 1)
"""
return self.api(
- self.papi.snat_interface_add_del_feature,
+ self.papi.nat44_interface_add_del_feature,
{'is_add': is_add,
'is_inside': is_inside,
'sw_if_index': sw_if_index})
- def snat_interface_add_del_output_feature(
+ def nat44_interface_add_del_output_feature(
self,
sw_if_index,
is_inside=1,
is_add=1):
- """Enable/disable S-NAT output feature on the interface
+ """Enable/disable NAT44 output feature on the interface
:param sw_if_index: Software index of the interface
:param is_inside: 1 if inside, 0 if outside (Default value = 1)
:param is_add: 1 if add, 0 if delete (Default value = 1)
"""
return self.api(
- self.papi.snat_interface_add_del_output_feature,
+ self.papi.nat44_interface_add_del_output_feature,
{'is_add': is_add,
'is_inside': is_inside,
'sw_if_index': sw_if_index})
- def snat_add_static_mapping(
+ def nat44_add_del_static_mapping(
self,
local_ip,
external_ip=0,
@@ -1105,9 +1105,8 @@
addr_only=1,
vrf_id=0,
protocol=0,
- is_add=1,
- is_ip4=1):
- """Add/delete S-NAT static mapping
+ is_add=1):
+ """Add/delete NAT44 static mapping
:param local_ip: Local IP address
:param external_ip: External IP address
@@ -1118,12 +1117,10 @@
:param vrf_id: VRF ID
:param protocol: IP protocol (Default value = 0)
:param is_add: 1 if add, 0 if delete (Default value = 1)
- :param is_ip4: 1 if address type is IPv4 (Default value = 1)
"""
return self.api(
- self.papi.snat_add_static_mapping,
+ self.papi.nat44_add_del_static_mapping,
{'is_add': is_add,
- 'is_ip4': is_ip4,
'addr_only': addr_only,
'local_ip_address': local_ip,
'external_ip_address': external_ip,
@@ -1133,100 +1130,96 @@
'vrf_id': vrf_id,
'protocol': protocol})
- def snat_add_address_range(
+ def nat44_add_del_address_range(
self,
first_ip_address,
last_ip_address,
is_add=1,
- is_ip4=1,
vrf_id=0xFFFFFFFF):
- """Add/del S-NAT address range
+ """Add/del NAT44 address range
:param first_ip_address: First IP address
:param last_ip_address: Last IP address
:param vrf_id: VRF id for the address range
:param is_add: 1 if add, 0 if delete (Default value = 1)
- :param is_ip4: 1 if address type is IPv4 (Default value = 1)
"""
return self.api(
- self.papi.snat_add_address_range,
- {'is_ip4': is_ip4,
- 'first_ip_address': first_ip_address,
+ self.papi.nat44_add_del_address_range,
+ {'first_ip_address': first_ip_address,
'last_ip_address': last_ip_address,
'vrf_id': vrf_id,
'is_add': is_add})
- def snat_address_dump(self):
- """Dump S-NAT addresses
- :return: Dictionary of S-NAT addresses
+ def nat44_address_dump(self):
+ """Dump NAT44 addresses
+ :return: Dictionary of NAT44 addresses
"""
- return self.api(self.papi.snat_address_dump, {})
+ return self.api(self.papi.nat44_address_dump, {})
- def snat_interface_dump(self):
- """Dump interfaces with S-NAT feature
- :return: Dictionary of interfaces with S-NAT feature
+ def nat44_interface_dump(self):
+ """Dump interfaces with NAT44 feature
+ :return: Dictionary of interfaces with NAT44 feature
"""
- return self.api(self.papi.snat_interface_dump, {})
+ return self.api(self.papi.nat44_interface_dump, {})
- def snat_interface_output_feature_dump(self):
- """Dump interfaces with S-NAT output feature
- :return: Dictionary of interfaces with S-NAT output feature
+ def nat44_interface_output_feature_dump(self):
+ """Dump interfaces with NAT44 output feature
+ :return: Dictionary of interfaces with NAT44 output feature
"""
- return self.api(self.papi.snat_interface_output_feature_dump, {})
+ return self.api(self.papi.nat44_interface_output_feature_dump, {})
- def snat_static_mapping_dump(self):
- """Dump S-NAT static mappings
- :return: Dictionary of S-NAT static mappings
+ def nat44_static_mapping_dump(self):
+ """Dump NAT44 static mappings
+ :return: Dictionary of NAT44 static mappings
"""
- return self.api(self.papi.snat_static_mapping_dump, {})
+ return self.api(self.papi.nat44_static_mapping_dump, {})
- def snat_show_config(self):
- """Show S-NAT config
- :return: S-NAT config parameters
+ def nat_show_config(self):
+ """Show NAT plugin config
+ :return: NAT plugin config parameters
"""
- return self.api(self.papi.snat_show_config, {})
+ return self.api(self.papi.nat_show_config, {})
- def snat_add_interface_addr(
+ def nat44_add_interface_addr(
self,
sw_if_index,
is_add=1):
- """Add/del S-NAT address from interface
+ """Add/del NAT44 address from interface
:param sw_if_index: Software index of the interface
:param is_add: 1 if add, 0 if delete (Default value = 1)
"""
- return self.api(self.papi.snat_add_del_interface_addr,
+ return self.api(self.papi.nat44_add_del_interface_addr,
{'is_add': is_add, 'sw_if_index': sw_if_index})
- def snat_interface_addr_dump(self):
- """Dump S-NAT addresses interfaces
- :return: Dictionary of S-NAT addresses interfaces
+ def nat44_interface_addr_dump(self):
+ """Dump NAT44 addresses interfaces
+ :return: Dictionary of NAT44 addresses interfaces
"""
- return self.api(self.papi.snat_interface_addr_dump, {})
+ return self.api(self.papi.nat44_interface_addr_dump, {})
- def snat_ipfix(
+ def nat_ipfix(
self,
domain_id=1,
src_port=4739,
enable=1):
- """Enable/disable S-NAT IPFIX logging
+ """Enable/disable NAT IPFIX logging
:param domain_id: Observation domain ID (Default value = 1)
:param src_port: Source port number (Default value = 4739)
:param enable: 1 if enable, 0 if disable (Default value = 1)
"""
return self.api(
- self.papi.snat_ipfix_enable_disable,
+ self.papi.nat_ipfix_enable_disable,
{'domain_id': domain_id,
'src_port': src_port,
'enable': enable})
- def snat_user_session_dump(
+ def nat44_user_session_dump(
self,
ip_address,
- vrf_id,
- is_ip4=1):
- """Dump S-NAT user's sessions
+ vrf_id):
+ """Dump NAT44 user's sessions
:param ip_address: ip adress of the user to be dumped
:param cpu_index: cpu_index on which the user is
@@ -1234,26 +1227,25 @@
:return: Dictionary of S-NAT sessions
"""
return self.api(
- self.papi.snat_user_session_dump,
+ self.papi.nat44_user_session_dump,
{'ip_address': ip_address,
- 'vrf_id': vrf_id,
- 'is_ip4': is_ip4})
+ 'vrf_id': vrf_id})
- def snat_user_dump(self):
- """Dump S-NAT users
+ def nat44_user_dump(self):
+ """Dump NAT44 users
- :return: Dictionary of S-NAT users
+ :return: Dictionary of NAT44 users
"""
- return self.api(self.papi.snat_user_dump, {})
+ return self.api(self.papi.nat44_user_dump, {})
- def snat_add_det_map(
+ def nat_det_add_del_map(
self,
in_addr,
in_plen,
out_addr,
out_plen,
is_add=1):
- """Add/delete S-NAT deterministic mapping
+ """Add/delete deterministic NAT mapping
:param is_add - 1 if add, 0 if delete
:param in_addr - inside IP address
@@ -1262,14 +1254,15 @@
:param out_plen - outside IP address prefix length
"""
return self.api(
- self.papi.snat_add_det_map,
+ self.papi.nat_det_add_del_map,
{'is_add': is_add,
+ 'is_nat44': 1,
'in_addr': in_addr,
'in_plen': in_plen,
'out_addr': out_addr,
'out_plen': out_plen})
- def snat_det_forward(
+ def nat_det_forward(
self,
in_addr):
"""Get outside address and port range from inside address
@@ -1277,10 +1270,11 @@
:param in_addr - inside IP address
"""
return self.api(
- self.papi.snat_det_forward,
- {'in_addr': in_addr})
+ self.papi.nat_det_forward,
+ {'in_addr': in_addr,
+ 'is_nat44': 1})
- def snat_det_reverse(
+ def nat_det_reverse(
self,
out_addr,
out_port):
@@ -1290,18 +1284,18 @@
:param out_port - outside port
"""
return self.api(
- self.papi.snat_det_reverse,
+ self.papi.nat_det_reverse,
{'out_addr': out_addr,
'out_port': out_port})
- def snat_det_map_dump(self):
- """Dump S-NAT deterministic mappings
+ def nat_det_map_dump(self):
+ """Dump deterministic NAT mappings
- :return: Dictionary of S-NAT deterministic mappings
+ :return: Dictionary of deterministic NAT mappings
"""
- return self.api(self.papi.snat_det_map_dump, {})
+ return self.api(self.papi.nat_det_map_dump, {})
- def snat_det_set_timeouts(
+ def nat_det_set_timeouts(
self,
udp=300,
tcp_established=7440,
@@ -1315,78 +1309,71 @@
:param icmp - ICMP timeout (Default value = 60)
"""
return self.api(
- self.papi.snat_det_set_timeouts,
+ self.papi.nat_det_set_timeouts,
{'udp': udp,
'tcp_established': tcp_established,
'tcp_transitory': tcp_transitory,
'icmp': icmp})
- def snat_det_get_timeouts(self):
+ def nat_det_get_timeouts(self):
"""Get values of timeouts for deterministic NAT
:return: Timeouts for deterministic NAT (in seconds)
"""
- return self.api(self.papi.snat_det_get_timeouts, {})
+ return self.api(self.papi.nat_det_get_timeouts, {})
- def snat_det_close_session_out(
+ def nat_det_close_session_out(
self,
out_addr,
out_port,
ext_addr,
- ext_port,
- is_ip4=1):
- """Close CGN session using outside address and port
+ ext_port):
+ """Close deterministic NAT session using outside address and port
:param out_addr - outside IP address
:param out_port - outside port
:param ext_addr - external host IP address
:param ext_port - external host port
- :param is_ip4: 1 if address type is IPv4 (Default value = 1)
"""
return self.api(
- self.papi.snat_det_close_session_out,
+ self.papi.nat_det_close_session_out,
{'out_addr': out_addr,
'out_port': out_port,
'ext_addr': ext_addr,
- 'ext_port': ext_port,
- 'is_ip4': is_ip4})
+ 'ext_port': ext_port})
- def snat_det_close_session_in(
+ def nat_det_close_session_in(
self,
in_addr,
in_port,
ext_addr,
- ext_port,
- is_ip4=1):
- """Close CGN session using inside address and port
+ ext_port):
+ """Close deterministic NAT session using inside address and port
:param in_addr - inside IP address
:param in_port - inside port
:param ext_addr - external host IP address
:param ext_port - external host port
- :param is_ip4: 1 if address type is IPv4 (Default value = 1)
"""
return self.api(
- self.papi.snat_det_close_session_in,
+ self.papi.nat_det_close_session_in,
{'in_addr': in_addr,
'in_port': in_port,
'ext_addr': ext_addr,
'ext_port': ext_port,
- 'is_ip4': is_ip4})
+ 'is_nat44': 1})
- def snat_det_session_dump(
+ def nat_det_session_dump(
self,
- user_addr,
- is_ip4=1):
- """Dump S-NAT deterministic sessions belonging to a user
+ user_addr):
+ """Dump deterministic NAT sessions belonging to a user
:param user_addr - inside IP address of the user
- :param is_ip4: - 1 if address type is IPv4 (Default value = 1)
- :return: Dictionary of S-NAT deterministic sessions
+ :return: Dictionary of deterministic NAT sessions
"""
return self.api(
- self.papi.snat_det_session_dump,
- {'is_ip4': is_ip4,
+ self.papi.nat_det_session_dump,
+ {'is_nat44': 1,
'user_addr': user_addr})
def nat64_add_del_pool_addr_range(