Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1 | /* |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 2 | * Copyright (c) 2017-2019 Cisco and/or its affiliates. |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 3 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 | * you may not use this file except in compliance with the License. |
| 5 | * You may obtain a copy of the License at: |
| 6 | * |
| 7 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | * |
| 9 | * Unless required by applicable law or agreed to in writing, software |
| 10 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 11 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 | * See the License for the specific language governing permissions and |
| 13 | * limitations under the License. |
| 14 | */ |
| 15 | |
| 16 | /** Generate typed init functions for multiple hash table styles... */ |
| 17 | #include <vppinfra/bihash_16_8.h> |
| 18 | #include <vppinfra/bihash_template.h> |
| 19 | |
| 20 | #include <vppinfra/bihash_template.c> |
| 21 | |
| 22 | #undef __included_bihash_template_h__ |
| 23 | |
| 24 | #include <vppinfra/bihash_48_8.h> |
| 25 | #include <vppinfra/bihash_template.h> |
| 26 | |
| 27 | #include <vppinfra/bihash_template.c> |
| 28 | #include <vnet/session/session_lookup.h> |
| 29 | #include <vnet/session/session.h> |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 30 | #include <vnet/session/application.h> |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 31 | |
Florin Coras | f9bdc03 | 2024-02-02 13:01:07 -0800 | [diff] [blame] | 32 | static session_lookup_main_t sl_main; |
| 33 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 34 | /** |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 35 | * Network namespace index (i.e., fib index) to session lookup table. We |
| 36 | * should have one per network protocol type but for now we only support IP4/6 |
| 37 | */ |
| 38 | static u32 *fib_index_to_table_index[2]; |
| 39 | |
Steven Luong | 5682ca8 | 2024-07-17 16:16:05 -0700 | [diff] [blame] | 40 | static u32 *fib_index_to_lock_count[2]; |
| 41 | |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 42 | /* 16 octets */ |
| 43 | typedef CLIB_PACKED (struct { |
| 44 | union |
| 45 | { |
| 46 | struct |
| 47 | { |
| 48 | ip4_address_t src; |
| 49 | ip4_address_t dst; |
| 50 | u16 src_port; |
| 51 | u16 dst_port; |
| 52 | /* align by making this 4 octets even though its a 1-bit field |
| 53 | * NOTE: avoid key overlap with other transports that use 5 tuples for |
| 54 | * session identification. |
| 55 | */ |
| 56 | u32 proto; |
| 57 | }; |
| 58 | u64 as_u64[2]; |
| 59 | }; |
| 60 | }) v4_connection_key_t; |
| 61 | |
| 62 | typedef CLIB_PACKED (struct { |
| 63 | union |
| 64 | { |
| 65 | struct |
| 66 | { |
| 67 | /* 48 octets */ |
| 68 | ip6_address_t src; |
| 69 | ip6_address_t dst; |
| 70 | u16 src_port; |
| 71 | u16 dst_port; |
| 72 | u32 proto; |
| 73 | u64 unused; |
| 74 | }; |
| 75 | u64 as_u64[6]; |
| 76 | }; |
| 77 | }) v6_connection_key_t; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 78 | |
| 79 | typedef clib_bihash_kv_16_8_t session_kv4_t; |
| 80 | typedef clib_bihash_kv_48_8_t session_kv6_t; |
| 81 | |
| 82 | always_inline void |
| 83 | make_v4_ss_kv (session_kv4_t * kv, ip4_address_t * lcl, ip4_address_t * rmt, |
| 84 | u16 lcl_port, u16 rmt_port, u8 proto) |
| 85 | { |
Florin Coras | 9679c81 | 2018-06-21 08:14:34 -0700 | [diff] [blame] | 86 | kv->key[0] = (u64) rmt->as_u32 << 32 | (u64) lcl->as_u32; |
| 87 | kv->key[1] = (u64) proto << 32 | (u64) rmt_port << 16 | (u64) lcl_port; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 88 | kv->value = ~0ULL; |
| 89 | } |
| 90 | |
| 91 | always_inline void |
| 92 | make_v4_listener_kv (session_kv4_t * kv, ip4_address_t * lcl, u16 lcl_port, |
| 93 | u8 proto) |
| 94 | { |
Florin Coras | 9679c81 | 2018-06-21 08:14:34 -0700 | [diff] [blame] | 95 | kv->key[0] = (u64) lcl->as_u32; |
| 96 | kv->key[1] = (u64) proto << 32 | (u64) lcl_port; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 97 | kv->value = ~0ULL; |
| 98 | } |
| 99 | |
| 100 | always_inline void |
Florin Coras | dbd4456 | 2017-11-09 19:30:17 -0800 | [diff] [blame] | 101 | make_v4_proxy_kv (session_kv4_t * kv, ip4_address_t * lcl, u8 proto) |
| 102 | { |
Florin Coras | 9679c81 | 2018-06-21 08:14:34 -0700 | [diff] [blame] | 103 | kv->key[0] = (u64) lcl->as_u32; |
| 104 | kv->key[1] = (u64) proto << 32; |
Florin Coras | dbd4456 | 2017-11-09 19:30:17 -0800 | [diff] [blame] | 105 | kv->value = ~0ULL; |
| 106 | } |
| 107 | |
| 108 | always_inline void |
Florin Coras | 561af9b | 2017-12-09 10:19:43 -0800 | [diff] [blame] | 109 | make_v4_ss_kv_from_tc (session_kv4_t * kv, transport_connection_t * tc) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 110 | { |
Florin Coras | 561af9b | 2017-12-09 10:19:43 -0800 | [diff] [blame] | 111 | make_v4_ss_kv (kv, &tc->lcl_ip.ip4, &tc->rmt_ip.ip4, tc->lcl_port, |
| 112 | tc->rmt_port, tc->proto); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 113 | } |
| 114 | |
| 115 | always_inline void |
| 116 | make_v6_ss_kv (session_kv6_t * kv, ip6_address_t * lcl, ip6_address_t * rmt, |
| 117 | u16 lcl_port, u16 rmt_port, u8 proto) |
| 118 | { |
Florin Coras | 9679c81 | 2018-06-21 08:14:34 -0700 | [diff] [blame] | 119 | kv->key[0] = lcl->as_u64[0]; |
| 120 | kv->key[1] = lcl->as_u64[1]; |
| 121 | kv->key[2] = rmt->as_u64[0]; |
| 122 | kv->key[3] = rmt->as_u64[1]; |
| 123 | kv->key[4] = (u64) proto << 32 | (u64) rmt_port << 16 | (u64) lcl_port; |
| 124 | kv->key[5] = 0; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 125 | kv->value = ~0ULL; |
| 126 | } |
| 127 | |
| 128 | always_inline void |
| 129 | make_v6_listener_kv (session_kv6_t * kv, ip6_address_t * lcl, u16 lcl_port, |
| 130 | u8 proto) |
| 131 | { |
Florin Coras | 9679c81 | 2018-06-21 08:14:34 -0700 | [diff] [blame] | 132 | kv->key[0] = lcl->as_u64[0]; |
| 133 | kv->key[1] = lcl->as_u64[1]; |
| 134 | kv->key[2] = 0; |
| 135 | kv->key[3] = 0; |
| 136 | kv->key[4] = (u64) proto << 32 | (u64) lcl_port; |
| 137 | kv->key[5] = 0; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 138 | kv->value = ~0ULL; |
| 139 | } |
| 140 | |
| 141 | always_inline void |
Florin Coras | dbd4456 | 2017-11-09 19:30:17 -0800 | [diff] [blame] | 142 | make_v6_proxy_kv (session_kv6_t * kv, ip6_address_t * lcl, u8 proto) |
| 143 | { |
Florin Coras | 9679c81 | 2018-06-21 08:14:34 -0700 | [diff] [blame] | 144 | kv->key[0] = lcl->as_u64[0]; |
| 145 | kv->key[1] = lcl->as_u64[1]; |
| 146 | kv->key[2] = 0; |
| 147 | kv->key[3] = 0; |
| 148 | kv->key[4] = (u64) proto << 32; |
| 149 | kv->key[5] = 0; |
Florin Coras | dbd4456 | 2017-11-09 19:30:17 -0800 | [diff] [blame] | 150 | kv->value = ~0ULL; |
| 151 | } |
| 152 | |
| 153 | always_inline void |
Florin Coras | 561af9b | 2017-12-09 10:19:43 -0800 | [diff] [blame] | 154 | make_v6_ss_kv_from_tc (session_kv6_t * kv, transport_connection_t * tc) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 155 | { |
Florin Coras | 561af9b | 2017-12-09 10:19:43 -0800 | [diff] [blame] | 156 | make_v6_ss_kv (kv, &tc->lcl_ip.ip6, &tc->rmt_ip.ip6, tc->lcl_port, |
| 157 | tc->rmt_port, tc->proto); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 158 | } |
| 159 | |
Florin Coras | f9bdc03 | 2024-02-02 13:01:07 -0800 | [diff] [blame] | 160 | static inline u8 |
| 161 | session_table_alloc_needs_sync (void) |
| 162 | { |
| 163 | return !vlib_thread_is_main_w_barrier () && (vlib_num_workers () > 1); |
| 164 | } |
| 165 | |
Florin Coras | 5bd96b7 | 2024-03-20 16:31:38 -0700 | [diff] [blame] | 166 | static_always_inline u8 |
| 167 | session_table_is_alloced (u8 fib_proto, u32 fib_index) |
| 168 | { |
| 169 | return (vec_len (fib_index_to_table_index[fib_proto]) > fib_index && |
| 170 | fib_index_to_table_index[fib_proto][fib_index] != ~0); |
| 171 | } |
| 172 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 173 | static session_table_t * |
Andreas Schultz | 30a28c1 | 2020-04-23 10:41:50 +0200 | [diff] [blame] | 174 | session_table_get_or_alloc (u8 fib_proto, u32 fib_index) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 175 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 176 | session_table_t *st; |
Florin Coras | 6c36f53 | 2017-11-03 18:32:34 -0700 | [diff] [blame] | 177 | u32 table_index; |
Florin Coras | 5bd96b7 | 2024-03-20 16:31:38 -0700 | [diff] [blame] | 178 | |
Andreas Schultz | 30a28c1 | 2020-04-23 10:41:50 +0200 | [diff] [blame] | 179 | ASSERT (fib_index != ~0); |
Florin Coras | 5bd96b7 | 2024-03-20 16:31:38 -0700 | [diff] [blame] | 180 | |
| 181 | if (session_table_is_alloced (fib_proto, fib_index)) |
Andreas Schultz | 30a28c1 | 2020-04-23 10:41:50 +0200 | [diff] [blame] | 182 | { |
| 183 | table_index = fib_index_to_table_index[fib_proto][fib_index]; |
| 184 | return session_table_get (table_index); |
| 185 | } |
Florin Coras | 5bd96b7 | 2024-03-20 16:31:38 -0700 | [diff] [blame] | 186 | |
| 187 | u8 needs_sync = session_table_alloc_needs_sync (); |
| 188 | session_lookup_main_t *slm = &sl_main; |
| 189 | |
| 190 | /* Stop workers, otherwise consumers might be affected. This is |
| 191 | * acceptable because new tables should seldom be allocated */ |
| 192 | if (needs_sync) |
| 193 | { |
| 194 | vlib_workers_sync (); |
| 195 | |
| 196 | /* We might have a race, only one worker allowed at once */ |
| 197 | clib_spinlock_lock (&slm->st_alloc_lock); |
| 198 | } |
| 199 | |
| 200 | /* Another worker just allocated this table */ |
| 201 | if (session_table_is_alloced (fib_proto, fib_index)) |
| 202 | { |
| 203 | table_index = fib_index_to_table_index[fib_proto][fib_index]; |
| 204 | st = session_table_get (table_index); |
| 205 | } |
Andreas Schultz | 30a28c1 | 2020-04-23 10:41:50 +0200 | [diff] [blame] | 206 | else |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 207 | { |
| 208 | st = session_table_alloc (); |
Florin Coras | 6c36f53 | 2017-11-03 18:32:34 -0700 | [diff] [blame] | 209 | st->active_fib_proto = fib_proto; |
Florin Coras | b795bd0 | 2017-12-14 11:30:48 -0800 | [diff] [blame] | 210 | session_table_init (st, fib_proto); |
Florin Coras | 5bd96b7 | 2024-03-20 16:31:38 -0700 | [diff] [blame] | 211 | vec_validate_init_empty (fib_index_to_table_index[fib_proto], fib_index, |
| 212 | ~0); |
| 213 | table_index = session_table_index (st); |
| 214 | fib_index_to_table_index[fib_proto][fib_index] = table_index; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 215 | } |
Florin Coras | 5bd96b7 | 2024-03-20 16:31:38 -0700 | [diff] [blame] | 216 | |
| 217 | if (needs_sync) |
| 218 | { |
| 219 | clib_spinlock_unlock (&slm->st_alloc_lock); |
| 220 | vlib_workers_continue (); |
| 221 | } |
| 222 | |
| 223 | return st; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 224 | } |
| 225 | |
| 226 | static session_table_t * |
Florin Coras | 6c36f53 | 2017-11-03 18:32:34 -0700 | [diff] [blame] | 227 | session_table_get_or_alloc_for_connection (transport_connection_t * tc) |
| 228 | { |
| 229 | u32 fib_proto; |
| 230 | fib_proto = transport_connection_fib_proto (tc); |
| 231 | return session_table_get_or_alloc (fib_proto, tc->fib_index); |
| 232 | } |
| 233 | |
| 234 | static session_table_t * |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 235 | session_table_get_for_connection (transport_connection_t * tc) |
| 236 | { |
| 237 | u32 fib_proto = transport_connection_fib_proto (tc); |
| 238 | if (vec_len (fib_index_to_table_index[fib_proto]) <= tc->fib_index) |
| 239 | return 0; |
| 240 | return |
| 241 | session_table_get (fib_index_to_table_index[fib_proto][tc->fib_index]); |
| 242 | } |
| 243 | |
| 244 | static session_table_t * |
| 245 | session_table_get_for_fib_index (u32 fib_proto, u32 fib_index) |
| 246 | { |
| 247 | if (vec_len (fib_index_to_table_index[fib_proto]) <= fib_index) |
| 248 | return 0; |
| 249 | return session_table_get (fib_index_to_table_index[fib_proto][fib_index]); |
| 250 | } |
| 251 | |
| 252 | u32 |
| 253 | session_lookup_get_index_for_fib (u32 fib_proto, u32 fib_index) |
| 254 | { |
| 255 | if (vec_len (fib_index_to_table_index[fib_proto]) <= fib_index) |
| 256 | return SESSION_TABLE_INVALID_INDEX; |
| 257 | return fib_index_to_table_index[fib_proto][fib_index]; |
| 258 | } |
| 259 | |
Florin Coras | a4d0956 | 2021-07-08 08:25:09 -0700 | [diff] [blame] | 260 | u32 |
| 261 | session_lookup_get_or_alloc_index_for_fib (u32 fib_proto, u32 fib_index) |
| 262 | { |
| 263 | session_table_t *st; |
| 264 | st = session_table_get_or_alloc (fib_proto, fib_index); |
| 265 | return session_table_index (st); |
| 266 | } |
| 267 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 268 | /** |
| 269 | * Add transport connection to a session table |
| 270 | * |
| 271 | * Session lookup 5-tuple (src-ip, dst-ip, src-port, dst-port, session-type) |
| 272 | * is added to requested session table. |
| 273 | * |
| 274 | * @param tc transport connection to be added |
| 275 | * @param value value to be stored |
| 276 | * |
| 277 | * @return non-zero if failure |
| 278 | */ |
| 279 | int |
| 280 | session_lookup_add_connection (transport_connection_t * tc, u64 value) |
| 281 | { |
| 282 | session_table_t *st; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 283 | session_kv4_t kv4; |
| 284 | session_kv6_t kv6; |
| 285 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 286 | st = session_table_get_or_alloc_for_connection (tc); |
| 287 | if (!st) |
| 288 | return -1; |
Florin Coras | 6881062 | 2017-07-24 17:40:28 -0700 | [diff] [blame] | 289 | if (tc->is_ip4) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 290 | { |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 291 | make_v4_ss_kv_from_tc (&kv4, tc); |
| 292 | kv4.value = value; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 293 | return clib_bihash_add_del_16_8 (&st->v4_session_hash, &kv4, |
| 294 | 1 /* is_add */ ); |
Florin Coras | 6881062 | 2017-07-24 17:40:28 -0700 | [diff] [blame] | 295 | } |
| 296 | else |
| 297 | { |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 298 | make_v6_ss_kv_from_tc (&kv6, tc); |
| 299 | kv6.value = value; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 300 | return clib_bihash_add_del_48_8 (&st->v6_session_hash, &kv6, |
| 301 | 1 /* is_add */ ); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 302 | } |
| 303 | } |
| 304 | |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 305 | int |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 306 | session_lookup_add_session_endpoint (u32 table_index, |
| 307 | session_endpoint_t * sep, u64 value) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 308 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 309 | session_table_t *st; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 310 | session_kv4_t kv4; |
| 311 | session_kv6_t kv6; |
Florin Coras | 6881062 | 2017-07-24 17:40:28 -0700 | [diff] [blame] | 312 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 313 | st = session_table_get (table_index); |
| 314 | if (!st) |
| 315 | return -1; |
| 316 | if (sep->is_ip4) |
| 317 | { |
| 318 | make_v4_listener_kv (&kv4, &sep->ip.ip4, sep->port, |
| 319 | sep->transport_proto); |
| 320 | kv4.value = value; |
| 321 | return clib_bihash_add_del_16_8 (&st->v4_session_hash, &kv4, 1); |
| 322 | } |
| 323 | else |
| 324 | { |
| 325 | make_v6_listener_kv (&kv6, &sep->ip.ip6, sep->port, |
| 326 | sep->transport_proto); |
| 327 | kv6.value = value; |
| 328 | return clib_bihash_add_del_48_8 (&st->v6_session_hash, &kv6, 1); |
| 329 | } |
| 330 | } |
| 331 | |
| 332 | int |
| 333 | session_lookup_del_session_endpoint (u32 table_index, |
| 334 | session_endpoint_t * sep) |
| 335 | { |
| 336 | session_table_t *st; |
| 337 | session_kv4_t kv4; |
| 338 | session_kv6_t kv6; |
| 339 | |
| 340 | st = session_table_get (table_index); |
| 341 | if (!st) |
| 342 | return -1; |
| 343 | if (sep->is_ip4) |
| 344 | { |
| 345 | make_v4_listener_kv (&kv4, &sep->ip.ip4, sep->port, |
| 346 | sep->transport_proto); |
| 347 | return clib_bihash_add_del_16_8 (&st->v4_session_hash, &kv4, 0); |
| 348 | } |
| 349 | else |
| 350 | { |
| 351 | make_v6_listener_kv (&kv6, &sep->ip.ip6, sep->port, |
| 352 | sep->transport_proto); |
| 353 | return clib_bihash_add_del_48_8 (&st->v6_session_hash, &kv6, 0); |
| 354 | } |
| 355 | } |
| 356 | |
Florin Coras | aab0604 | 2020-02-26 02:56:14 +0000 | [diff] [blame] | 357 | int |
| 358 | session_lookup_del_session_endpoint2 (session_endpoint_t * sep) |
| 359 | { |
| 360 | fib_protocol_t fib_proto; |
| 361 | session_table_t *st; |
| 362 | session_kv4_t kv4; |
| 363 | session_kv6_t kv6; |
| 364 | |
| 365 | fib_proto = sep->is_ip4 ? FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6; |
| 366 | st = session_table_get_for_fib_index (fib_proto, sep->fib_index); |
| 367 | if (!st) |
| 368 | return -1; |
| 369 | if (sep->is_ip4) |
| 370 | { |
| 371 | make_v4_listener_kv (&kv4, &sep->ip.ip4, sep->port, |
| 372 | sep->transport_proto); |
| 373 | return clib_bihash_add_del_16_8 (&st->v4_session_hash, &kv4, 0); |
| 374 | } |
| 375 | else |
| 376 | { |
| 377 | make_v6_listener_kv (&kv6, &sep->ip.ip6, sep->port, |
| 378 | sep->transport_proto); |
| 379 | return clib_bihash_add_del_48_8 (&st->v6_session_hash, &kv6, 0); |
| 380 | } |
| 381 | } |
| 382 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 383 | /** |
| 384 | * Delete transport connection from session table |
| 385 | * |
| 386 | * @param table_index session table index |
| 387 | * @param tc transport connection to be removed |
| 388 | * |
| 389 | * @return non-zero if failure |
| 390 | */ |
| 391 | int |
| 392 | session_lookup_del_connection (transport_connection_t * tc) |
| 393 | { |
| 394 | session_table_t *st; |
| 395 | session_kv4_t kv4; |
| 396 | session_kv6_t kv6; |
| 397 | |
| 398 | st = session_table_get_for_connection (tc); |
| 399 | if (!st) |
| 400 | return -1; |
Florin Coras | 6881062 | 2017-07-24 17:40:28 -0700 | [diff] [blame] | 401 | if (tc->is_ip4) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 402 | { |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 403 | make_v4_ss_kv_from_tc (&kv4, tc); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 404 | return clib_bihash_add_del_16_8 (&st->v4_session_hash, &kv4, |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 405 | 0 /* is_add */ ); |
Florin Coras | 6881062 | 2017-07-24 17:40:28 -0700 | [diff] [blame] | 406 | } |
| 407 | else |
| 408 | { |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 409 | make_v6_ss_kv_from_tc (&kv6, tc); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 410 | return clib_bihash_add_del_48_8 (&st->v6_session_hash, &kv6, |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 411 | 0 /* is_add */ ); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 412 | } |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 413 | } |
| 414 | |
| 415 | int |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 416 | session_lookup_del_session (session_t * s) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 417 | { |
| 418 | transport_connection_t *ts; |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 419 | ts = transport_get_connection (session_get_transport_proto (s), |
| 420 | s->connection_index, s->thread_index); |
Florin Coras | e1e7fb8 | 2019-09-25 07:28:34 -0700 | [diff] [blame] | 421 | if (!ts || (ts->flags & TRANSPORT_CONNECTION_F_NO_LOOKUP)) |
Nathan Skrzypczak | 2eed1a1 | 2019-07-04 14:26:21 +0200 | [diff] [blame] | 422 | return 0; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 423 | return session_lookup_del_connection (ts); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 424 | } |
| 425 | |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 426 | static u8 |
| 427 | session_lookup_action_index_is_valid (u32 action_index) |
Florin Coras | f0c1c96 | 2017-11-02 21:31:46 -0700 | [diff] [blame] | 428 | { |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 429 | if (action_index == SESSION_RULES_TABLE_ACTION_ALLOW |
| 430 | || action_index == SESSION_RULES_TABLE_INVALID_INDEX) |
| 431 | return 0; |
| 432 | return 1; |
| 433 | } |
| 434 | |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 435 | static u64 |
| 436 | session_lookup_action_to_handle (u32 action_index) |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 437 | { |
| 438 | switch (action_index) |
| 439 | { |
| 440 | case SESSION_RULES_TABLE_ACTION_DROP: |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 441 | return SESSION_DROP_HANDLE; |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 442 | case SESSION_RULES_TABLE_ACTION_ALLOW: |
| 443 | case SESSION_RULES_TABLE_INVALID_INDEX: |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 444 | return SESSION_INVALID_HANDLE; |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 445 | default: |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 446 | /* application index */ |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 447 | return action_index; |
| 448 | } |
Florin Coras | f0c1c96 | 2017-11-02 21:31:46 -0700 | [diff] [blame] | 449 | } |
| 450 | |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 451 | static session_t * |
Florin Coras | 7999e83 | 2017-10-31 01:51:04 -0700 | [diff] [blame] | 452 | session_lookup_app_listen_session (u32 app_index, u8 fib_proto, |
| 453 | u8 transport_proto) |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 454 | { |
| 455 | application_t *app; |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 456 | app = application_get_if_valid (app_index); |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 457 | if (!app) |
| 458 | return 0; |
| 459 | |
Florin Coras | 1553197 | 2018-08-12 23:50:53 -0700 | [diff] [blame] | 460 | return app_worker_first_listener (application_get_default_worker (app), |
| 461 | fib_proto, transport_proto); |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 462 | } |
| 463 | |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 464 | static session_t * |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 465 | session_lookup_action_to_session (u32 action_index, u8 fib_proto, |
| 466 | u8 transport_proto) |
| 467 | { |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 468 | u32 app_index; |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 469 | app_index = session_lookup_action_to_handle (action_index); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 470 | /* Nothing sophisticated for now, action index is app index */ |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 471 | return session_lookup_app_listen_session (app_index, fib_proto, |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 472 | transport_proto); |
| 473 | } |
| 474 | |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 475 | /** UNUSED */ |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 476 | session_t * |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 477 | session_lookup_rules_table_session4 (session_table_t * st, u8 proto, |
| 478 | ip4_address_t * lcl, u16 lcl_port, |
| 479 | ip4_address_t * rmt, u16 rmt_port) |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 480 | { |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 481 | session_rules_table_t *srt = &st->session_rules[proto]; |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 482 | u32 action_index, app_index; |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 483 | action_index = session_rules_table_lookup4 (srt, lcl, rmt, lcl_port, |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 484 | rmt_port); |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 485 | app_index = session_lookup_action_to_handle (action_index); |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 486 | /* Nothing sophisticated for now, action index is app index */ |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 487 | return session_lookup_app_listen_session (app_index, FIB_PROTOCOL_IP4, |
Florin Coras | 7999e83 | 2017-10-31 01:51:04 -0700 | [diff] [blame] | 488 | proto); |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 489 | } |
| 490 | |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 491 | /** UNUSED */ |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 492 | session_t * |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 493 | session_lookup_rules_table_session6 (session_table_t * st, u8 proto, |
| 494 | ip6_address_t * lcl, u16 lcl_port, |
| 495 | ip6_address_t * rmt, u16 rmt_port) |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 496 | { |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 497 | session_rules_table_t *srt = &st->session_rules[proto]; |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 498 | u32 action_index, app_index; |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 499 | action_index = session_rules_table_lookup6 (srt, lcl, rmt, lcl_port, |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 500 | rmt_port); |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 501 | app_index = session_lookup_action_to_handle (action_index); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 502 | return session_lookup_app_listen_session (app_index, FIB_PROTOCOL_IP6, |
Florin Coras | 7999e83 | 2017-10-31 01:51:04 -0700 | [diff] [blame] | 503 | proto); |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 504 | } |
| 505 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 506 | /** |
| 507 | * Lookup listener for session endpoint in table |
| 508 | * |
| 509 | * @param table_index table where the endpoint should be looked up |
| 510 | * @param sep session endpoint to be looked up |
| 511 | * @param use_rules flag that indicates if the session rules of the table |
| 512 | * should be used |
| 513 | * @return invalid handle if nothing is found, the handle of a valid listener |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 514 | * or an action derived handle if a rule is hit |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 515 | */ |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 516 | u64 |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 517 | session_lookup_endpoint_listener (u32 table_index, session_endpoint_t * sep, |
| 518 | u8 use_rules) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 519 | { |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 520 | session_rules_table_t *srt; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 521 | session_table_t *st; |
Florin Coras | f0c1c96 | 2017-11-02 21:31:46 -0700 | [diff] [blame] | 522 | u32 ai; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 523 | int rv; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 524 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 525 | st = session_table_get (table_index); |
| 526 | if (!st) |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 527 | return SESSION_INVALID_HANDLE; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 528 | if (sep->is_ip4) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 529 | { |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 530 | session_kv4_t kv4; |
| 531 | ip4_address_t lcl4; |
| 532 | |
Florin Coras | 561af9b | 2017-12-09 10:19:43 -0800 | [diff] [blame] | 533 | make_v4_listener_kv (&kv4, &sep->ip.ip4, sep->port, |
| 534 | sep->transport_proto); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 535 | rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); |
| 536 | if (rv == 0) |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 537 | return kv4.value; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 538 | if (use_rules) |
| 539 | { |
Dave Barach | b7b9299 | 2018-10-17 10:38:51 -0400 | [diff] [blame] | 540 | clib_memset (&lcl4, 0, sizeof (lcl4)); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 541 | srt = &st->session_rules[sep->transport_proto]; |
| 542 | ai = session_rules_table_lookup4 (srt, &lcl4, &sep->ip.ip4, 0, |
| 543 | sep->port); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 544 | if (session_lookup_action_index_is_valid (ai)) |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 545 | return session_lookup_action_to_handle (ai); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 546 | } |
Florin Coras | 6881062 | 2017-07-24 17:40:28 -0700 | [diff] [blame] | 547 | } |
| 548 | else |
| 549 | { |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 550 | session_kv6_t kv6; |
| 551 | ip6_address_t lcl6; |
| 552 | |
Florin Coras | 561af9b | 2017-12-09 10:19:43 -0800 | [diff] [blame] | 553 | make_v6_listener_kv (&kv6, &sep->ip.ip6, sep->port, |
| 554 | sep->transport_proto); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 555 | rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); |
| 556 | if (rv == 0) |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 557 | return kv6.value; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 558 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 559 | if (use_rules) |
| 560 | { |
Dave Barach | b7b9299 | 2018-10-17 10:38:51 -0400 | [diff] [blame] | 561 | clib_memset (&lcl6, 0, sizeof (lcl6)); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 562 | srt = &st->session_rules[sep->transport_proto]; |
| 563 | ai = session_rules_table_lookup6 (srt, &lcl6, &sep->ip.ip6, 0, |
| 564 | sep->port); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 565 | if (session_lookup_action_index_is_valid (ai)) |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 566 | return session_lookup_action_to_handle (ai); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 567 | } |
Florin Coras | 6881062 | 2017-07-24 17:40:28 -0700 | [diff] [blame] | 568 | } |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 569 | return SESSION_INVALID_HANDLE; |
| 570 | } |
| 571 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 572 | /** |
| 573 | * Look up endpoint in local session table |
| 574 | * |
| 575 | * The result, for now, is an application index and it may in the future |
| 576 | * be extended to a more complicated "action object". The only action we |
| 577 | * emulate now is "drop" and for that we return a special app index. |
| 578 | * |
| 579 | * Lookup logic is to check in order: |
| 580 | * - the rules in the table (connect acls) |
| 581 | * - session sub-table for a listener |
| 582 | * - session sub-table for a local listener (zeroed addr) |
| 583 | * |
| 584 | * @param table_index table where the lookup should be done |
| 585 | * @param sep session endpoint to be looked up |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 586 | * @return session handle that can be interpreted as an adjacency |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 587 | */ |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 588 | u64 |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 589 | session_lookup_local_endpoint (u32 table_index, session_endpoint_t * sep) |
Florin Coras | 6881062 | 2017-07-24 17:40:28 -0700 | [diff] [blame] | 590 | { |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 591 | session_rules_table_t *srt; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 592 | session_table_t *st; |
Florin Coras | f0c1c96 | 2017-11-02 21:31:46 -0700 | [diff] [blame] | 593 | u32 ai; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 594 | int rv; |
Florin Coras | 6881062 | 2017-07-24 17:40:28 -0700 | [diff] [blame] | 595 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 596 | st = session_table_get (table_index); |
| 597 | if (!st) |
| 598 | return SESSION_INVALID_INDEX; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 599 | ASSERT (st->is_local); |
| 600 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 601 | if (sep->is_ip4) |
Florin Coras | 6881062 | 2017-07-24 17:40:28 -0700 | [diff] [blame] | 602 | { |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 603 | session_kv4_t kv4; |
| 604 | ip4_address_t lcl4; |
| 605 | |
| 606 | /* |
| 607 | * Check if endpoint has special rules associated |
| 608 | */ |
Dave Barach | b7b9299 | 2018-10-17 10:38:51 -0400 | [diff] [blame] | 609 | clib_memset (&lcl4, 0, sizeof (lcl4)); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 610 | srt = &st->session_rules[sep->transport_proto]; |
| 611 | ai = session_rules_table_lookup4 (srt, &lcl4, &sep->ip.ip4, 0, |
| 612 | sep->port); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 613 | if (session_lookup_action_index_is_valid (ai)) |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 614 | return session_lookup_action_to_handle (ai); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 615 | |
| 616 | /* |
| 617 | * Check if session endpoint is a listener |
| 618 | */ |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 619 | make_v4_listener_kv (&kv4, &sep->ip.ip4, sep->port, |
| 620 | sep->transport_proto); |
| 621 | rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); |
| 622 | if (rv == 0) |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 623 | return kv4.value; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 624 | |
| 625 | /* |
| 626 | * Zero out the ip. Logic is that connect to local ips, say |
| 627 | * 127.0.0.1:port, can match 0.0.0.0:port |
| 628 | */ |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 629 | if (ip4_is_local_host (&sep->ip.ip4)) |
| 630 | { |
| 631 | kv4.key[0] = 0; |
| 632 | rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); |
| 633 | if (rv == 0) |
| 634 | return kv4.value; |
| 635 | } |
| 636 | else |
| 637 | { |
| 638 | kv4.key[0] = 0; |
| 639 | } |
Florin Coras | dbd4456 | 2017-11-09 19:30:17 -0800 | [diff] [blame] | 640 | |
| 641 | /* |
| 642 | * Zero out the port and check if we have proxy |
| 643 | */ |
| 644 | kv4.key[1] = 0; |
| 645 | rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); |
| 646 | if (rv == 0) |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 647 | return kv4.value; |
Florin Coras | 6881062 | 2017-07-24 17:40:28 -0700 | [diff] [blame] | 648 | } |
| 649 | else |
| 650 | { |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 651 | session_kv6_t kv6; |
| 652 | ip6_address_t lcl6; |
| 653 | |
Dave Barach | b7b9299 | 2018-10-17 10:38:51 -0400 | [diff] [blame] | 654 | clib_memset (&lcl6, 0, sizeof (lcl6)); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 655 | srt = &st->session_rules[sep->transport_proto]; |
| 656 | ai = session_rules_table_lookup6 (srt, &lcl6, &sep->ip.ip6, 0, |
| 657 | sep->port); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 658 | if (session_lookup_action_index_is_valid (ai)) |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 659 | return session_lookup_action_to_handle (ai); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 660 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 661 | make_v6_listener_kv (&kv6, &sep->ip.ip6, sep->port, |
| 662 | sep->transport_proto); |
| 663 | rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); |
| 664 | if (rv == 0) |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 665 | return kv6.value; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 666 | |
| 667 | /* |
| 668 | * Zero out the ip. Same logic as above. |
| 669 | */ |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 670 | |
| 671 | if (ip6_is_local_host (&sep->ip.ip6)) |
| 672 | { |
| 673 | kv6.key[0] = kv6.key[1] = 0; |
| 674 | rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); |
| 675 | if (rv == 0) |
| 676 | return kv6.value; |
| 677 | } |
| 678 | else |
| 679 | { |
| 680 | kv6.key[0] = kv6.key[1] = 0; |
| 681 | } |
Florin Coras | dbd4456 | 2017-11-09 19:30:17 -0800 | [diff] [blame] | 682 | |
| 683 | /* |
| 684 | * Zero out the port. Same logic as above. |
| 685 | */ |
| 686 | kv6.key[4] = kv6.key[5] = 0; |
| 687 | rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); |
| 688 | if (rv == 0) |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 689 | return kv6.value; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 690 | } |
Florin Coras | f8f516a | 2018-02-08 15:10:09 -0800 | [diff] [blame] | 691 | return SESSION_INVALID_HANDLE; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 692 | } |
| 693 | |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 694 | static inline session_t * |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 695 | session_lookup_listener4_i (session_table_t * st, ip4_address_t * lcl, |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 696 | u16 lcl_port, u8 proto, u8 use_wildcard) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 697 | { |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 698 | session_kv4_t kv4; |
| 699 | int rv; |
| 700 | |
Florin Coras | dbd4456 | 2017-11-09 19:30:17 -0800 | [diff] [blame] | 701 | /* |
| 702 | * First, try a fully formed listener |
| 703 | */ |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 704 | make_v4_listener_kv (&kv4, lcl, lcl_port, proto); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 705 | rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 706 | if (rv == 0) |
Florin Coras | 5c9083d | 2018-04-13 06:39:07 -0700 | [diff] [blame] | 707 | return listen_session_get ((u32) kv4.value); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 708 | |
Florin Coras | dbd4456 | 2017-11-09 19:30:17 -0800 | [diff] [blame] | 709 | /* |
| 710 | * Zero out the lcl ip and check if any 0/0 port binds have been done |
| 711 | */ |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 712 | if (use_wildcard) |
| 713 | { |
| 714 | kv4.key[0] = 0; |
| 715 | rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); |
| 716 | if (rv == 0) |
Florin Coras | 5c9083d | 2018-04-13 06:39:07 -0700 | [diff] [blame] | 717 | return listen_session_get ((u32) kv4.value); |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 718 | } |
| 719 | else |
| 720 | { |
| 721 | kv4.key[0] = 0; |
| 722 | } |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 723 | |
Florin Coras | dbd4456 | 2017-11-09 19:30:17 -0800 | [diff] [blame] | 724 | /* |
| 725 | * Zero out port and check if we have a proxy set up for our ip |
| 726 | */ |
| 727 | make_v4_proxy_kv (&kv4, lcl, proto); |
| 728 | rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); |
| 729 | if (rv == 0) |
Florin Coras | 5c9083d | 2018-04-13 06:39:07 -0700 | [diff] [blame] | 730 | return listen_session_get ((u32) kv4.value); |
Florin Coras | dbd4456 | 2017-11-09 19:30:17 -0800 | [diff] [blame] | 731 | |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 732 | return 0; |
| 733 | } |
| 734 | |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 735 | session_t * |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 736 | session_lookup_listener4 (u32 fib_index, ip4_address_t * lcl, u16 lcl_port, |
Yu Ping | b092b77 | 2019-12-27 04:04:33 +0800 | [diff] [blame] | 737 | u8 proto, u8 use_wildcard) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 738 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 739 | session_table_t *st; |
| 740 | st = session_table_get_for_fib_index (FIB_PROTOCOL_IP4, fib_index); |
| 741 | if (!st) |
| 742 | return 0; |
Yu Ping | b092b77 | 2019-12-27 04:04:33 +0800 | [diff] [blame] | 743 | return session_lookup_listener4_i (st, lcl, lcl_port, proto, use_wildcard); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 744 | } |
| 745 | |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 746 | static session_t * |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 747 | session_lookup_listener6_i (session_table_t * st, ip6_address_t * lcl, |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 748 | u16 lcl_port, u8 proto, u8 ip_wildcard) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 749 | { |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 750 | session_kv6_t kv6; |
| 751 | int rv; |
| 752 | |
| 753 | make_v6_listener_kv (&kv6, lcl, lcl_port, proto); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 754 | rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 755 | if (rv == 0) |
Florin Coras | 5c9083d | 2018-04-13 06:39:07 -0700 | [diff] [blame] | 756 | return listen_session_get ((u32) kv6.value); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 757 | |
| 758 | /* Zero out the lcl ip */ |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 759 | if (ip_wildcard) |
| 760 | { |
| 761 | kv6.key[0] = kv6.key[1] = 0; |
| 762 | rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); |
| 763 | if (rv == 0) |
Florin Coras | 5c9083d | 2018-04-13 06:39:07 -0700 | [diff] [blame] | 764 | return listen_session_get ((u32) kv6.value); |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 765 | } |
| 766 | else |
| 767 | { |
| 768 | kv6.key[0] = kv6.key[1] = 0; |
| 769 | } |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 770 | |
Florin Coras | dbd4456 | 2017-11-09 19:30:17 -0800 | [diff] [blame] | 771 | make_v6_proxy_kv (&kv6, lcl, proto); |
| 772 | rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); |
| 773 | if (rv == 0) |
Florin Coras | 5c9083d | 2018-04-13 06:39:07 -0700 | [diff] [blame] | 774 | return listen_session_get ((u32) kv6.value); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 775 | return 0; |
| 776 | } |
| 777 | |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 778 | session_t * |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 779 | session_lookup_listener6 (u32 fib_index, ip6_address_t * lcl, u16 lcl_port, |
Yu Ping | b092b77 | 2019-12-27 04:04:33 +0800 | [diff] [blame] | 780 | u8 proto, u8 use_wildcard) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 781 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 782 | session_table_t *st; |
| 783 | st = session_table_get_for_fib_index (FIB_PROTOCOL_IP6, fib_index); |
| 784 | if (!st) |
| 785 | return 0; |
Yu Ping | b092b77 | 2019-12-27 04:04:33 +0800 | [diff] [blame] | 786 | return session_lookup_listener6_i (st, lcl, lcl_port, proto, use_wildcard); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 787 | } |
| 788 | |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 789 | /** |
| 790 | * Lookup listener, exact or proxy (inaddr_any:0) match |
| 791 | */ |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 792 | session_t * |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 793 | session_lookup_listener (u32 table_index, session_endpoint_t * sep) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 794 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 795 | session_table_t *st; |
| 796 | st = session_table_get (table_index); |
| 797 | if (!st) |
| 798 | return 0; |
| 799 | if (sep->is_ip4) |
| 800 | return session_lookup_listener4_i (st, &sep->ip.ip4, sep->port, |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 801 | sep->transport_proto, 0); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 802 | else |
| 803 | return session_lookup_listener6_i (st, &sep->ip.ip6, sep->port, |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 804 | sep->transport_proto, 0); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 805 | return 0; |
| 806 | } |
| 807 | |
Florin Coras | 9f1a543 | 2019-03-10 21:03:20 -0700 | [diff] [blame] | 808 | /** |
| 809 | * Lookup listener wildcard match |
| 810 | */ |
| 811 | session_t * |
| 812 | session_lookup_listener_wildcard (u32 table_index, session_endpoint_t * sep) |
| 813 | { |
| 814 | session_table_t *st; |
| 815 | st = session_table_get (table_index); |
| 816 | if (!st) |
| 817 | return 0; |
| 818 | if (sep->is_ip4) |
| 819 | return session_lookup_listener4_i (st, &sep->ip.ip4, sep->port, |
| 820 | sep->transport_proto, |
| 821 | 1 /* use_wildcard */ ); |
| 822 | else |
| 823 | return session_lookup_listener6_i (st, &sep->ip.ip6, sep->port, |
| 824 | sep->transport_proto, |
| 825 | 1 /* use_wildcard */ ); |
| 826 | return 0; |
| 827 | } |
| 828 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 829 | int |
| 830 | session_lookup_add_half_open (transport_connection_t * tc, u64 value) |
| 831 | { |
| 832 | session_table_t *st; |
| 833 | session_kv4_t kv4; |
| 834 | session_kv6_t kv6; |
| 835 | |
| 836 | st = session_table_get_or_alloc_for_connection (tc); |
| 837 | if (!st) |
| 838 | return 0; |
| 839 | if (tc->is_ip4) |
| 840 | { |
| 841 | make_v4_ss_kv_from_tc (&kv4, tc); |
| 842 | kv4.value = value; |
| 843 | return clib_bihash_add_del_16_8 (&st->v4_half_open_hash, &kv4, |
| 844 | 1 /* is_add */ ); |
| 845 | } |
| 846 | else |
| 847 | { |
| 848 | make_v6_ss_kv_from_tc (&kv6, tc); |
| 849 | kv6.value = value; |
| 850 | return clib_bihash_add_del_48_8 (&st->v6_half_open_hash, &kv6, |
| 851 | 1 /* is_add */ ); |
| 852 | } |
| 853 | } |
| 854 | |
| 855 | int |
| 856 | session_lookup_del_half_open (transport_connection_t * tc) |
| 857 | { |
| 858 | session_table_t *st; |
| 859 | session_kv4_t kv4; |
| 860 | session_kv6_t kv6; |
| 861 | |
| 862 | st = session_table_get_for_connection (tc); |
| 863 | if (!st) |
| 864 | return -1; |
| 865 | if (tc->is_ip4) |
| 866 | { |
| 867 | make_v4_ss_kv_from_tc (&kv4, tc); |
| 868 | return clib_bihash_add_del_16_8 (&st->v4_half_open_hash, &kv4, |
| 869 | 0 /* is_add */ ); |
| 870 | } |
| 871 | else |
| 872 | { |
| 873 | make_v6_ss_kv_from_tc (&kv6, tc); |
| 874 | return clib_bihash_add_del_48_8 (&st->v6_half_open_hash, &kv6, |
| 875 | 0 /* is_add */ ); |
| 876 | } |
| 877 | } |
| 878 | |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 879 | u64 |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 880 | session_lookup_half_open_handle (transport_connection_t * tc) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 881 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 882 | session_table_t *st; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 883 | session_kv4_t kv4; |
| 884 | session_kv6_t kv6; |
| 885 | int rv; |
| 886 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 887 | st = session_table_get_for_fib_index (transport_connection_fib_proto (tc), |
| 888 | tc->fib_index); |
| 889 | if (!st) |
| 890 | return HALF_OPEN_LOOKUP_INVALID_VALUE; |
| 891 | if (tc->is_ip4) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 892 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 893 | make_v4_ss_kv (&kv4, &tc->lcl_ip.ip4, &tc->rmt_ip.ip4, tc->lcl_port, |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 894 | tc->rmt_port, tc->proto); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 895 | rv = clib_bihash_search_inline_16_8 (&st->v4_half_open_hash, &kv4); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 896 | if (rv == 0) |
| 897 | return kv4.value; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 898 | } |
| 899 | else |
| 900 | { |
| 901 | make_v6_ss_kv (&kv6, &tc->lcl_ip.ip6, &tc->rmt_ip.ip6, tc->lcl_port, |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 902 | tc->rmt_port, tc->proto); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 903 | rv = clib_bihash_search_inline_48_8 (&st->v6_half_open_hash, &kv6); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 904 | if (rv == 0) |
| 905 | return kv6.value; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 906 | } |
| 907 | return HALF_OPEN_LOOKUP_INVALID_VALUE; |
| 908 | } |
| 909 | |
| 910 | transport_connection_t * |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 911 | session_lookup_half_open_connection (u64 handle, u8 proto, u8 is_ip4) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 912 | { |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 913 | if (handle != HALF_OPEN_LOOKUP_INVALID_VALUE) |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 914 | { |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 915 | u32 sst = session_type_from_proto_and_ip (proto, is_ip4); |
| 916 | return transport_get_half_open (sst, handle & 0xFFFFFFFF); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 917 | } |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 918 | return 0; |
| 919 | } |
| 920 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 921 | /** |
| 922 | * Lookup connection with ip4 and transport layer information |
| 923 | * |
| 924 | * This is used on the fast path so it needs to be fast. Thereby, |
| 925 | * duplication of code and 'hacks' allowed. |
| 926 | * |
| 927 | * The lookup is incremental and returns whenever something is matched. The |
| 928 | * steps are: |
| 929 | * - Try to find an established session |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 930 | * - Try to find a half-open connection |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 931 | * - Try session rules table |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 932 | * - Try to find a fully-formed or local source wildcarded (listener bound to |
| 933 | * all interfaces) listener session |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 934 | * - return 0 |
| 935 | * |
| 936 | * @param fib_index index of fib wherein the connection was received |
| 937 | * @param lcl local ip4 address |
| 938 | * @param rmt remote ip4 address |
| 939 | * @param lcl_port local port |
| 940 | * @param rmt_port remote port |
| 941 | * @param proto transport protocol (e.g., tcp, udp) |
| 942 | * @param thread_index thread index for request |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 943 | * @param is_filtered return flag that indicates if connection was filtered. |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 944 | * |
| 945 | * @return pointer to transport connection, if one is found, 0 otherwise |
| 946 | */ |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 947 | transport_connection_t * |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 948 | session_lookup_connection_wt4 (u32 fib_index, ip4_address_t * lcl, |
| 949 | ip4_address_t * rmt, u16 lcl_port, |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 950 | u16 rmt_port, u8 proto, u32 thread_index, |
Florin Coras | b5e55a2 | 2019-01-10 12:42:47 -0800 | [diff] [blame] | 951 | u8 * result) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 952 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 953 | session_table_t *st; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 954 | session_kv4_t kv4; |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 955 | session_t *s; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 956 | u32 action_index; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 957 | int rv; |
| 958 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 959 | st = session_table_get_for_fib_index (FIB_PROTOCOL_IP4, fib_index); |
| 960 | if (PREDICT_FALSE (!st)) |
| 961 | return 0; |
| 962 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 963 | /* |
| 964 | * Lookup session amongst established ones |
| 965 | */ |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 966 | make_v4_ss_kv (&kv4, lcl, rmt, lcl_port, rmt_port, proto); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 967 | rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 968 | if (rv == 0) |
| 969 | { |
Florin Coras | b5e55a2 | 2019-01-10 12:42:47 -0800 | [diff] [blame] | 970 | if (PREDICT_FALSE ((u32) (kv4.value >> 32) != thread_index)) |
| 971 | { |
| 972 | *result = SESSION_LOOKUP_RESULT_WRONG_THREAD; |
| 973 | return 0; |
| 974 | } |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 975 | s = session_get (kv4.value & 0xFFFFFFFFULL, thread_index); |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 976 | return transport_get_connection (proto, s->connection_index, |
| 977 | thread_index); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 978 | } |
| 979 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 980 | /* |
| 981 | * Try half-open connections |
| 982 | */ |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 983 | rv = clib_bihash_search_inline_16_8 (&st->v4_half_open_hash, &kv4); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 984 | if (rv == 0) |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 985 | return transport_get_half_open (proto, kv4.value & 0xFFFFFFFF); |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 986 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 987 | /* |
| 988 | * Check the session rules table |
| 989 | */ |
| 990 | action_index = session_rules_table_lookup4 (&st->session_rules[proto], lcl, |
| 991 | rmt, lcl_port, rmt_port); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 992 | if (session_lookup_action_index_is_valid (action_index)) |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 993 | { |
Florin Coras | b5e55a2 | 2019-01-10 12:42:47 -0800 | [diff] [blame] | 994 | if (action_index == SESSION_RULES_TABLE_ACTION_DROP) |
| 995 | { |
| 996 | *result = SESSION_LOOKUP_RESULT_FILTERED; |
| 997 | return 0; |
| 998 | } |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 999 | if ((s = session_lookup_action_to_session (action_index, |
| 1000 | FIB_PROTOCOL_IP4, proto))) |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1001 | return transport_get_listener (proto, s->connection_index); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1002 | return 0; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1003 | } |
| 1004 | |
| 1005 | /* |
| 1006 | * If nothing is found, check if any listener is available |
| 1007 | */ |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 1008 | s = session_lookup_listener4_i (st, lcl, lcl_port, proto, 1); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1009 | if (s) |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1010 | return transport_get_listener (proto, s->connection_index); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1011 | |
| 1012 | return 0; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1013 | } |
| 1014 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1015 | /** |
| 1016 | * Lookup connection with ip4 and transport layer information |
| 1017 | * |
Florin Coras | b5e55a2 | 2019-01-10 12:42:47 -0800 | [diff] [blame] | 1018 | * Not optimized. Lookup logic is identical to that of |
| 1019 | * @ref session_lookup_connection_wt4 |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1020 | * |
| 1021 | * @param fib_index index of the fib wherein the connection was received |
| 1022 | * @param lcl local ip4 address |
| 1023 | * @param rmt remote ip4 address |
| 1024 | * @param lcl_port local port |
| 1025 | * @param rmt_port remote port |
| 1026 | * @param proto transport protocol (e.g., tcp, udp) |
| 1027 | * |
| 1028 | * @return pointer to transport connection, if one is found, 0 otherwise |
| 1029 | */ |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1030 | transport_connection_t * |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1031 | session_lookup_connection4 (u32 fib_index, ip4_address_t * lcl, |
| 1032 | ip4_address_t * rmt, u16 lcl_port, u16 rmt_port, |
| 1033 | u8 proto) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1034 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1035 | session_table_t *st; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1036 | session_kv4_t kv4; |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 1037 | session_t *s; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1038 | u32 action_index; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1039 | int rv; |
| 1040 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1041 | st = session_table_get_for_fib_index (FIB_PROTOCOL_IP4, fib_index); |
| 1042 | if (PREDICT_FALSE (!st)) |
| 1043 | return 0; |
| 1044 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1045 | /* |
| 1046 | * Lookup session amongst established ones |
| 1047 | */ |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1048 | make_v4_ss_kv (&kv4, lcl, rmt, lcl_port, rmt_port, proto); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1049 | rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1050 | if (rv == 0) |
| 1051 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1052 | s = session_get_from_handle (kv4.value); |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1053 | return transport_get_connection (proto, s->connection_index, |
| 1054 | s->thread_index); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1055 | } |
| 1056 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1057 | /* |
| 1058 | * Try half-open connections |
| 1059 | */ |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1060 | rv = clib_bihash_search_inline_16_8 (&st->v4_half_open_hash, &kv4); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1061 | if (rv == 0) |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1062 | return transport_get_half_open (proto, kv4.value & 0xFFFFFFFF); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1063 | |
| 1064 | /* |
| 1065 | * Check the session rules table |
| 1066 | */ |
| 1067 | action_index = session_rules_table_lookup4 (&st->session_rules[proto], lcl, |
| 1068 | rmt, lcl_port, rmt_port); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1069 | if (session_lookup_action_index_is_valid (action_index)) |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1070 | { |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1071 | if (action_index == SESSION_RULES_TABLE_ACTION_DROP) |
| 1072 | return 0; |
| 1073 | if ((s = session_lookup_action_to_session (action_index, |
| 1074 | FIB_PROTOCOL_IP4, proto))) |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1075 | return transport_get_listener (proto, s->connection_index); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1076 | return 0; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1077 | } |
| 1078 | |
| 1079 | /* |
| 1080 | * If nothing is found, check if any listener is available |
| 1081 | */ |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 1082 | s = session_lookup_listener4_i (st, lcl, lcl_port, proto, 1); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1083 | if (s) |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1084 | return transport_get_listener (proto, s->connection_index); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1085 | |
| 1086 | return 0; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1087 | } |
| 1088 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1089 | /** |
| 1090 | * Lookup session with ip4 and transport layer information |
| 1091 | * |
Florin Coras | 6bd8d3f | 2022-03-14 21:17:25 -0700 | [diff] [blame] | 1092 | * Important note: this may look into another thread's pool table |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1093 | * |
| 1094 | * Lookup logic is similar to that of @ref session_lookup_connection_wt4 but |
| 1095 | * this returns a session as opposed to a transport connection and it does not |
| 1096 | * try to lookup half-open sessions. |
| 1097 | * |
| 1098 | * Typically used by dgram connections |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1099 | */ |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 1100 | session_t * |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1101 | session_lookup_safe4 (u32 fib_index, ip4_address_t * lcl, ip4_address_t * rmt, |
| 1102 | u16 lcl_port, u16 rmt_port, u8 proto) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1103 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1104 | session_table_t *st; |
| 1105 | session_kv4_t kv4; |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 1106 | session_t *s; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1107 | u32 action_index; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1108 | int rv; |
| 1109 | |
| 1110 | st = session_table_get_for_fib_index (FIB_PROTOCOL_IP4, fib_index); |
| 1111 | if (PREDICT_FALSE (!st)) |
| 1112 | return 0; |
| 1113 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1114 | /* |
| 1115 | * Lookup session amongst established ones |
| 1116 | */ |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1117 | make_v4_ss_kv (&kv4, lcl, rmt, lcl_port, rmt_port, proto); |
| 1118 | rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); |
| 1119 | if (rv == 0) |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1120 | return session_get_from_handle_safe (kv4.value); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1121 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1122 | /* |
| 1123 | * Check the session rules table |
| 1124 | */ |
| 1125 | action_index = session_rules_table_lookup4 (&st->session_rules[proto], lcl, |
| 1126 | rmt, lcl_port, rmt_port); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1127 | if (session_lookup_action_index_is_valid (action_index)) |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1128 | { |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1129 | if (action_index == SESSION_RULES_TABLE_ACTION_DROP) |
| 1130 | return 0; |
| 1131 | return session_lookup_action_to_session (action_index, FIB_PROTOCOL_IP4, |
| 1132 | proto); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1133 | } |
| 1134 | |
| 1135 | /* |
| 1136 | * If nothing is found, check if any listener is available |
| 1137 | */ |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 1138 | if ((s = session_lookup_listener4_i (st, lcl, lcl_port, proto, 1))) |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1139 | return s; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1140 | |
| 1141 | return 0; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1142 | } |
| 1143 | |
| 1144 | /** |
| 1145 | * Lookup connection with ip6 and transport layer information |
| 1146 | * |
| 1147 | * This is used on the fast path so it needs to be fast. Thereby, |
| 1148 | * duplication of code and 'hacks' allowed. |
| 1149 | * |
| 1150 | * The lookup is incremental and returns whenever something is matched. The |
| 1151 | * steps are: |
| 1152 | * - Try to find an established session |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1153 | * - Try to find a half-open connection |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1154 | * - Try session rules table |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1155 | * - Try to find a fully-formed or local source wildcarded (listener bound to |
| 1156 | * all interfaces) listener session |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1157 | * - return 0 |
| 1158 | * |
| 1159 | * @param fib_index index of the fib wherein the connection was received |
| 1160 | * @param lcl local ip6 address |
| 1161 | * @param rmt remote ip6 address |
| 1162 | * @param lcl_port local port |
| 1163 | * @param rmt_port remote port |
| 1164 | * @param proto transport protocol (e.g., tcp, udp) |
| 1165 | * @param thread_index thread index for request |
| 1166 | * |
| 1167 | * @return pointer to transport connection, if one is found, 0 otherwise |
| 1168 | */ |
| 1169 | transport_connection_t * |
| 1170 | session_lookup_connection_wt6 (u32 fib_index, ip6_address_t * lcl, |
| 1171 | ip6_address_t * rmt, u16 lcl_port, |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1172 | u16 rmt_port, u8 proto, u32 thread_index, |
Florin Coras | b5e55a2 | 2019-01-10 12:42:47 -0800 | [diff] [blame] | 1173 | u8 * result) |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1174 | { |
| 1175 | session_table_t *st; |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 1176 | session_t *s; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1177 | session_kv6_t kv6; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1178 | u32 action_index; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1179 | int rv; |
| 1180 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1181 | st = session_table_get_for_fib_index (FIB_PROTOCOL_IP6, fib_index); |
| 1182 | if (PREDICT_FALSE (!st)) |
| 1183 | return 0; |
| 1184 | |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1185 | make_v6_ss_kv (&kv6, lcl, rmt, lcl_port, rmt_port, proto); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1186 | rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1187 | if (rv == 0) |
| 1188 | { |
Florin Coras | b5e55a2 | 2019-01-10 12:42:47 -0800 | [diff] [blame] | 1189 | if (PREDICT_FALSE ((u32) (kv6.value >> 32) != thread_index)) |
| 1190 | { |
| 1191 | *result = SESSION_LOOKUP_RESULT_WRONG_THREAD; |
| 1192 | return 0; |
| 1193 | } |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1194 | s = session_get (kv6.value & 0xFFFFFFFFULL, thread_index); |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1195 | return transport_get_connection (proto, s->connection_index, |
| 1196 | thread_index); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1197 | } |
| 1198 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1199 | /* Try half-open connections */ |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1200 | rv = clib_bihash_search_inline_48_8 (&st->v6_half_open_hash, &kv6); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1201 | if (rv == 0) |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1202 | return transport_get_half_open (proto, kv6.value & 0xFFFFFFFF); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1203 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1204 | /* Check the session rules table */ |
| 1205 | action_index = session_rules_table_lookup6 (&st->session_rules[proto], lcl, |
| 1206 | rmt, lcl_port, rmt_port); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1207 | if (session_lookup_action_index_is_valid (action_index)) |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1208 | { |
Florin Coras | b5e55a2 | 2019-01-10 12:42:47 -0800 | [diff] [blame] | 1209 | if (action_index == SESSION_RULES_TABLE_ACTION_DROP) |
| 1210 | { |
| 1211 | *result = SESSION_LOOKUP_RESULT_FILTERED; |
| 1212 | return 0; |
| 1213 | } |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1214 | if ((s = session_lookup_action_to_session (action_index, |
| 1215 | FIB_PROTOCOL_IP6, proto))) |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1216 | return transport_get_listener (proto, s->connection_index); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1217 | return 0; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1218 | } |
| 1219 | |
| 1220 | /* If nothing is found, check if any listener is available */ |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 1221 | s = session_lookup_listener6_i (st, lcl, lcl_port, proto, 1); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1222 | if (s) |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1223 | return transport_get_listener (proto, s->connection_index); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1224 | |
| 1225 | return 0; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1226 | } |
| 1227 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1228 | /** |
| 1229 | * Lookup connection with ip6 and transport layer information |
| 1230 | * |
| 1231 | * Not optimized. This is used on the fast path so it needs to be fast. |
| 1232 | * Thereby, duplication of code and 'hacks' allowed. Lookup logic is identical |
| 1233 | * to that of @ref session_lookup_connection_wt4 |
| 1234 | * |
| 1235 | * @param fib_index index of the fib wherein the connection was received |
| 1236 | * @param lcl local ip6 address |
| 1237 | * @param rmt remote ip6 address |
| 1238 | * @param lcl_port local port |
| 1239 | * @param rmt_port remote port |
| 1240 | * @param proto transport protocol (e.g., tcp, udp) |
| 1241 | * |
| 1242 | * @return pointer to transport connection, if one is found, 0 otherwise |
| 1243 | */ |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1244 | transport_connection_t * |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1245 | session_lookup_connection6 (u32 fib_index, ip6_address_t * lcl, |
| 1246 | ip6_address_t * rmt, u16 lcl_port, u16 rmt_port, |
| 1247 | u8 proto) |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1248 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1249 | session_table_t *st; |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 1250 | session_t *s; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1251 | session_kv6_t kv6; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1252 | u32 action_index; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1253 | int rv; |
| 1254 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1255 | st = session_table_get_for_fib_index (FIB_PROTOCOL_IP6, fib_index); |
| 1256 | if (PREDICT_FALSE (!st)) |
| 1257 | return 0; |
| 1258 | |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1259 | make_v6_ss_kv (&kv6, lcl, rmt, lcl_port, rmt_port, proto); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1260 | rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1261 | if (rv == 0) |
| 1262 | { |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1263 | s = session_get_from_handle (kv6.value); |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1264 | return transport_get_connection (proto, s->connection_index, |
| 1265 | s->thread_index); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1266 | } |
| 1267 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1268 | /* Try half-open connections */ |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1269 | rv = clib_bihash_search_inline_48_8 (&st->v6_half_open_hash, &kv6); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1270 | if (rv == 0) |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1271 | return transport_get_half_open (proto, kv6.value & 0xFFFFFFFF); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1272 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1273 | /* Check the session rules table */ |
| 1274 | action_index = session_rules_table_lookup6 (&st->session_rules[proto], lcl, |
| 1275 | rmt, lcl_port, rmt_port); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1276 | if (session_lookup_action_index_is_valid (action_index)) |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1277 | { |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1278 | if (action_index == SESSION_RULES_TABLE_ACTION_DROP) |
| 1279 | return 0; |
| 1280 | if ((s = session_lookup_action_to_session (action_index, |
| 1281 | FIB_PROTOCOL_IP6, proto))) |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1282 | return transport_get_listener (proto, s->connection_index); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1283 | return 0; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1284 | } |
| 1285 | |
| 1286 | /* If nothing is found, check if any listener is available */ |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 1287 | s = session_lookup_listener6_i (st, lcl, lcl_port, proto, 1); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1288 | if (s) |
Florin Coras | 1ee7830 | 2019-02-05 15:51:15 -0800 | [diff] [blame] | 1289 | return transport_get_listener (proto, s->connection_index); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1290 | |
| 1291 | return 0; |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1292 | } |
| 1293 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1294 | /** |
| 1295 | * Lookup session with ip6 and transport layer information |
| 1296 | * |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1297 | * Important note: this may look into another thread's pool table and |
| 1298 | * register as 'peeker'. Caller should call @ref session_pool_remove_peeker as |
| 1299 | * if needed as soon as possible. |
| 1300 | * |
| 1301 | * Lookup logic is similar to that of @ref session_lookup_connection_wt6 but |
| 1302 | * this returns a session as opposed to a transport connection and it does not |
| 1303 | * try to lookup half-open sessions. |
| 1304 | * |
| 1305 | * Typically used by dgram connections |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1306 | */ |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 1307 | session_t * |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1308 | session_lookup_safe6 (u32 fib_index, ip6_address_t * lcl, ip6_address_t * rmt, |
| 1309 | u16 lcl_port, u16 rmt_port, u8 proto) |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1310 | { |
| 1311 | session_table_t *st; |
| 1312 | session_kv6_t kv6; |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 1313 | session_t *s; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1314 | u32 action_index; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1315 | int rv; |
| 1316 | |
| 1317 | st = session_table_get_for_fib_index (FIB_PROTOCOL_IP6, fib_index); |
| 1318 | if (PREDICT_FALSE (!st)) |
| 1319 | return 0; |
| 1320 | |
| 1321 | make_v6_ss_kv (&kv6, lcl, rmt, lcl_port, rmt_port, proto); |
| 1322 | rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); |
| 1323 | if (rv == 0) |
Florin Coras | 3cbc04b | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1324 | return session_get_from_handle_safe (kv6.value); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1325 | |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1326 | /* Check the session rules table */ |
| 1327 | action_index = session_rules_table_lookup6 (&st->session_rules[proto], lcl, |
| 1328 | rmt, lcl_port, rmt_port); |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1329 | if (session_lookup_action_index_is_valid (action_index)) |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1330 | { |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1331 | if (action_index == SESSION_RULES_TABLE_ACTION_DROP) |
| 1332 | return 0; |
| 1333 | return session_lookup_action_to_session (action_index, FIB_PROTOCOL_IP6, |
| 1334 | proto); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1335 | } |
| 1336 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1337 | /* If nothing is found, check if any listener is available */ |
Florin Coras | 477e91a | 2018-02-27 10:05:57 -0800 | [diff] [blame] | 1338 | if ((s = session_lookup_listener6_i (st, lcl, lcl_port, proto, 1))) |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1339 | return s; |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1340 | return 0; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1341 | } |
| 1342 | |
Florin Coras | 57660d9 | 2020-04-04 22:45:34 +0000 | [diff] [blame] | 1343 | transport_connection_t * |
| 1344 | session_lookup_connection (u32 fib_index, ip46_address_t * lcl, |
| 1345 | ip46_address_t * rmt, u16 lcl_port, u16 rmt_port, |
| 1346 | u8 proto, u8 is_ip4) |
| 1347 | { |
| 1348 | if (is_ip4) |
| 1349 | return session_lookup_connection4 (fib_index, &lcl->ip4, &rmt->ip4, |
| 1350 | lcl_port, rmt_port, proto); |
| 1351 | else |
| 1352 | return session_lookup_connection6 (fib_index, &lcl->ip6, &rmt->ip6, |
| 1353 | lcl_port, rmt_port, proto); |
| 1354 | } |
| 1355 | |
Filip Tehlar | 0028e6f | 2023-06-28 10:47:32 +0200 | [diff] [blame] | 1356 | session_error_t |
| 1357 | vnet_session_rule_add_del (session_rule_add_del_args_t *args) |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1358 | { |
| 1359 | app_namespace_t *app_ns = app_namespace_get (args->appns_index); |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1360 | session_rules_table_t *srt; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1361 | session_table_t *st; |
| 1362 | u32 fib_index; |
| 1363 | u8 fib_proto; |
Florin Coras | c1a4265 | 2019-02-08 18:27:29 -0800 | [diff] [blame] | 1364 | int rv = 0; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1365 | |
| 1366 | if (!app_ns) |
Filip Tehlar | 0028e6f | 2023-06-28 10:47:32 +0200 | [diff] [blame] | 1367 | return SESSION_E_INVALID_NS; |
Florin Coras | c1a4265 | 2019-02-08 18:27:29 -0800 | [diff] [blame] | 1368 | |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1369 | if (args->scope > 3) |
Filip Tehlar | 0028e6f | 2023-06-28 10:47:32 +0200 | [diff] [blame] | 1370 | return SESSION_E_INVALID; |
Florin Coras | c1a4265 | 2019-02-08 18:27:29 -0800 | [diff] [blame] | 1371 | |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1372 | if (args->transport_proto != TRANSPORT_PROTO_TCP |
| 1373 | && args->transport_proto != TRANSPORT_PROTO_UDP) |
Filip Tehlar | 0028e6f | 2023-06-28 10:47:32 +0200 | [diff] [blame] | 1374 | return SESSION_E_INVALID; |
Florin Coras | c1a4265 | 2019-02-08 18:27:29 -0800 | [diff] [blame] | 1375 | |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1376 | if ((args->scope & SESSION_RULE_SCOPE_GLOBAL) || args->scope == 0) |
| 1377 | { |
| 1378 | fib_proto = args->table_args.rmt.fp_proto; |
| 1379 | fib_index = app_namespace_get_fib_index (app_ns, fib_proto); |
| 1380 | st = session_table_get_for_fib_index (fib_proto, fib_index); |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1381 | srt = &st->session_rules[args->transport_proto]; |
Florin Coras | c1a4265 | 2019-02-08 18:27:29 -0800 | [diff] [blame] | 1382 | if ((rv = session_rules_table_add_del (srt, &args->table_args))) |
| 1383 | return rv; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1384 | } |
| 1385 | if (args->scope & SESSION_RULE_SCOPE_LOCAL) |
| 1386 | { |
Dave Barach | b7b9299 | 2018-10-17 10:38:51 -0400 | [diff] [blame] | 1387 | clib_memset (&args->table_args.lcl, 0, sizeof (args->table_args.lcl)); |
Florin Coras | a2ff7b8 | 2017-11-08 17:55:03 -0800 | [diff] [blame] | 1388 | args->table_args.lcl.fp_proto = args->table_args.rmt.fp_proto; |
| 1389 | args->table_args.lcl_port = 0; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1390 | st = app_namespace_get_local_table (app_ns); |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1391 | srt = &st->session_rules[args->transport_proto]; |
Florin Coras | c1a4265 | 2019-02-08 18:27:29 -0800 | [diff] [blame] | 1392 | rv = session_rules_table_add_del (srt, &args->table_args); |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1393 | } |
Florin Coras | c1a4265 | 2019-02-08 18:27:29 -0800 | [diff] [blame] | 1394 | return rv; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1395 | } |
| 1396 | |
Steven Luong | 5682ca8 | 2024-07-17 16:16:05 -0700 | [diff] [blame] | 1397 | static void |
| 1398 | session_lookup_fib_table_lock (u32 fib_index, u32 protocol) |
| 1399 | { |
| 1400 | fib_table_lock (fib_index, protocol, sl_main.fib_src); |
| 1401 | vec_validate (fib_index_to_lock_count[protocol], fib_index); |
| 1402 | fib_index_to_lock_count[protocol][fib_index]++; |
| 1403 | ASSERT (fib_index_to_lock_count[protocol][fib_index] > 0); |
| 1404 | } |
| 1405 | |
| 1406 | static void |
| 1407 | session_lookup_fib_table_unlock (u32 fib_index, u32 protocol) |
| 1408 | { |
| 1409 | fib_table_unlock (fib_index, protocol, sl_main.fib_src); |
| 1410 | ASSERT (fib_index_to_lock_count[protocol][fib_index] > 0); |
| 1411 | fib_index_to_lock_count[protocol][fib_index]--; |
| 1412 | } |
| 1413 | |
Florin Coras | 6c36f53 | 2017-11-03 18:32:34 -0700 | [diff] [blame] | 1414 | /** |
| 1415 | * Mark (global) tables as pertaining to app ns |
| 1416 | */ |
| 1417 | void |
| 1418 | session_lookup_set_tables_appns (app_namespace_t * app_ns) |
| 1419 | { |
| 1420 | session_table_t *st; |
| 1421 | u32 fib_index; |
| 1422 | u8 fp; |
| 1423 | |
| 1424 | for (fp = 0; fp < ARRAY_LEN (fib_index_to_table_index); fp++) |
| 1425 | { |
| 1426 | fib_index = app_namespace_get_fib_index (app_ns, fp); |
Florin Coras | 95cd864 | 2019-12-30 21:53:19 -0800 | [diff] [blame] | 1427 | st = session_table_get_or_alloc (fp, fib_index); |
Florin Coras | 6c36f53 | 2017-11-03 18:32:34 -0700 | [diff] [blame] | 1428 | if (st) |
Steven Luong | 5682ca8 | 2024-07-17 16:16:05 -0700 | [diff] [blame] | 1429 | { |
| 1430 | st->appns_index = app_namespace_index (app_ns); |
| 1431 | session_lookup_fib_table_lock (fib_index, fp); |
| 1432 | } |
Florin Coras | 6c36f53 | 2017-11-03 18:32:34 -0700 | [diff] [blame] | 1433 | } |
| 1434 | } |
| 1435 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1436 | u8 * |
| 1437 | format_ip4_session_lookup_kvp (u8 * s, va_list * args) |
| 1438 | { |
| 1439 | clib_bihash_kv_16_8_t *kvp = va_arg (*args, clib_bihash_kv_16_8_t *); |
Florin Coras | 2b81e3c | 2019-02-27 07:55:46 -0800 | [diff] [blame] | 1440 | u32 is_local = va_arg (*args, u32); |
Florin Coras | 1553197 | 2018-08-12 23:50:53 -0700 | [diff] [blame] | 1441 | v4_connection_key_t *key = (v4_connection_key_t *) kvp->key; |
Florin Coras | 288eaab | 2019-02-03 15:26:14 -0800 | [diff] [blame] | 1442 | session_t *session; |
Florin Coras | 1553197 | 2018-08-12 23:50:53 -0700 | [diff] [blame] | 1443 | app_worker_t *app_wrk; |
Florin Coras | 053a0e4 | 2018-11-13 15:52:38 -0800 | [diff] [blame] | 1444 | const u8 *app_name; |
| 1445 | u8 *str = 0; |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1446 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1447 | if (!is_local) |
| 1448 | { |
| 1449 | session = session_get_from_handle (kvp->value); |
Florin Coras | 1553197 | 2018-08-12 23:50:53 -0700 | [diff] [blame] | 1450 | app_wrk = app_worker_get (session->app_wrk_index); |
| 1451 | app_name = application_name_from_index (app_wrk->app_index); |
Florin Coras | 561af9b | 2017-12-09 10:19:43 -0800 | [diff] [blame] | 1452 | str = format (0, "[%U] %U:%d->%U:%d", format_transport_proto_short, |
| 1453 | key->proto, format_ip4_address, &key->src, |
| 1454 | clib_net_to_host_u16 (key->src_port), format_ip4_address, |
| 1455 | &key->dst, clib_net_to_host_u16 (key->dst_port)); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1456 | s = format (s, "%-40v%-30v", str, app_name); |
| 1457 | } |
| 1458 | else |
| 1459 | { |
Florin Coras | 2b81e3c | 2019-02-27 07:55:46 -0800 | [diff] [blame] | 1460 | session = session_get_from_handle (kvp->value); |
| 1461 | app_wrk = app_worker_get (session->app_wrk_index); |
Florin Coras | 1553197 | 2018-08-12 23:50:53 -0700 | [diff] [blame] | 1462 | app_name = application_name_from_index (app_wrk->app_index); |
Florin Coras | 561af9b | 2017-12-09 10:19:43 -0800 | [diff] [blame] | 1463 | str = format (0, "[%U] %U:%d", format_transport_proto_short, key->proto, |
| 1464 | format_ip4_address, &key->src, |
| 1465 | clib_net_to_host_u16 (key->src_port)); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1466 | s = format (s, "%-30v%-30v", str, app_name); |
| 1467 | } |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1468 | return s; |
| 1469 | } |
| 1470 | |
| 1471 | typedef struct _ip4_session_table_show_ctx_t |
| 1472 | { |
| 1473 | vlib_main_t *vm; |
| 1474 | u8 is_local; |
| 1475 | } ip4_session_table_show_ctx_t; |
| 1476 | |
| 1477 | static int |
| 1478 | ip4_session_table_show (clib_bihash_kv_16_8_t * kvp, void *arg) |
| 1479 | { |
| 1480 | ip4_session_table_show_ctx_t *ctx = arg; |
| 1481 | vlib_cli_output (ctx->vm, "%U", format_ip4_session_lookup_kvp, kvp, |
| 1482 | ctx->is_local); |
| 1483 | return 1; |
| 1484 | } |
| 1485 | |
| 1486 | void |
| 1487 | session_lookup_show_table_entries (vlib_main_t * vm, session_table_t * table, |
| 1488 | u8 type, u8 is_local) |
| 1489 | { |
| 1490 | ip4_session_table_show_ctx_t ctx = { |
| 1491 | .vm = vm, |
| 1492 | .is_local = is_local, |
| 1493 | }; |
| 1494 | if (!is_local) |
| 1495 | vlib_cli_output (vm, "%-40s%-30s", "Session", "Application"); |
| 1496 | else |
| 1497 | vlib_cli_output (vm, "%-30s%-30s", "Listener", "Application"); |
| 1498 | switch (type) |
| 1499 | { |
| 1500 | /* main table v4 */ |
| 1501 | case 0: |
| 1502 | ip4_session_table_walk (&table->v4_session_hash, ip4_session_table_show, |
| 1503 | &ctx); |
| 1504 | break; |
| 1505 | default: |
| 1506 | clib_warning ("not supported"); |
| 1507 | } |
| 1508 | } |
Florin Coras | 66b1131 | 2017-07-31 17:18:03 -0700 | [diff] [blame] | 1509 | |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1510 | static clib_error_t * |
| 1511 | session_rule_command_fn (vlib_main_t * vm, unformat_input_t * input, |
| 1512 | vlib_cli_command_t * cmd) |
| 1513 | { |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1514 | u32 proto = ~0, lcl_port, rmt_port, action = 0, lcl_plen = 0, rmt_plen = 0; |
Nathan Skrzypczak | 1a9e2f9 | 2021-07-28 19:35:08 +0200 | [diff] [blame] | 1515 | clib_error_t *error = 0; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1516 | u32 appns_index, scope = 0; |
| 1517 | ip46_address_t lcl_ip, rmt_ip; |
| 1518 | u8 is_ip4 = 1, conn_set = 0; |
| 1519 | u8 fib_proto, is_add = 1, *ns_id = 0; |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1520 | u8 *tag = 0; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1521 | app_namespace_t *app_ns; |
Florin Coras | c1a4265 | 2019-02-08 18:27:29 -0800 | [diff] [blame] | 1522 | int rv; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1523 | |
Guanghua Zhang | fcd5e12 | 2019-08-24 10:52:19 +0800 | [diff] [blame] | 1524 | session_cli_return_if_not_enabled (); |
| 1525 | |
Dave Barach | b7b9299 | 2018-10-17 10:38:51 -0400 | [diff] [blame] | 1526 | clib_memset (&lcl_ip, 0, sizeof (lcl_ip)); |
| 1527 | clib_memset (&rmt_ip, 0, sizeof (rmt_ip)); |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1528 | while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) |
| 1529 | { |
| 1530 | if (unformat (input, "del")) |
| 1531 | is_add = 0; |
| 1532 | else if (unformat (input, "add")) |
| 1533 | ; |
| 1534 | else if (unformat (input, "appns %_%v%_", &ns_id)) |
| 1535 | ; |
| 1536 | else if (unformat (input, "scope global")) |
| 1537 | scope = SESSION_RULE_SCOPE_GLOBAL; |
| 1538 | else if (unformat (input, "scope local")) |
| 1539 | scope = SESSION_RULE_SCOPE_LOCAL; |
| 1540 | else if (unformat (input, "scope all")) |
| 1541 | scope = SESSION_RULE_SCOPE_LOCAL | SESSION_RULE_SCOPE_GLOBAL; |
| 1542 | else if (unformat (input, "proto %U", unformat_transport_proto, &proto)) |
| 1543 | ; |
| 1544 | else if (unformat (input, "%U/%d %d %U/%d %d", unformat_ip4_address, |
| 1545 | &lcl_ip.ip4, &lcl_plen, &lcl_port, |
| 1546 | unformat_ip4_address, &rmt_ip.ip4, &rmt_plen, |
| 1547 | &rmt_port)) |
| 1548 | { |
| 1549 | is_ip4 = 1; |
| 1550 | conn_set = 1; |
| 1551 | } |
| 1552 | else if (unformat (input, "%U/%d %d %U/%d %d", unformat_ip6_address, |
| 1553 | &lcl_ip.ip6, &lcl_plen, &lcl_port, |
| 1554 | unformat_ip6_address, &rmt_ip.ip6, &rmt_plen, |
| 1555 | &rmt_port)) |
| 1556 | { |
| 1557 | is_ip4 = 0; |
| 1558 | conn_set = 1; |
| 1559 | } |
| 1560 | else if (unformat (input, "action %d", &action)) |
| 1561 | ; |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1562 | else if (unformat (input, "tag %_%v%_", &tag)) |
| 1563 | ; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1564 | else |
Nathan Skrzypczak | 1a9e2f9 | 2021-07-28 19:35:08 +0200 | [diff] [blame] | 1565 | { |
| 1566 | error = clib_error_return (0, "unknown input `%U'", |
| 1567 | format_unformat_error, input); |
| 1568 | goto done; |
| 1569 | } |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1570 | } |
| 1571 | |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1572 | if (proto == ~0) |
| 1573 | { |
| 1574 | vlib_cli_output (vm, "proto must be set"); |
Nathan Skrzypczak | 1a9e2f9 | 2021-07-28 19:35:08 +0200 | [diff] [blame] | 1575 | goto done; |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1576 | } |
| 1577 | if (is_add && !conn_set && action == ~0) |
| 1578 | { |
| 1579 | vlib_cli_output (vm, "connection and action must be set for add"); |
Nathan Skrzypczak | 1a9e2f9 | 2021-07-28 19:35:08 +0200 | [diff] [blame] | 1580 | goto done; |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1581 | } |
| 1582 | if (!is_add && !tag && !conn_set) |
| 1583 | { |
| 1584 | vlib_cli_output (vm, "connection or tag must be set for delete"); |
Nathan Skrzypczak | 1a9e2f9 | 2021-07-28 19:35:08 +0200 | [diff] [blame] | 1585 | goto done; |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1586 | } |
| 1587 | if (vec_len (tag) > SESSION_RULE_TAG_MAX_LEN) |
| 1588 | { |
| 1589 | vlib_cli_output (vm, "tag too long (max u64)"); |
Nathan Skrzypczak | 1a9e2f9 | 2021-07-28 19:35:08 +0200 | [diff] [blame] | 1590 | goto done; |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1591 | } |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1592 | |
| 1593 | if (ns_id) |
| 1594 | { |
| 1595 | app_ns = app_namespace_get_from_id (ns_id); |
| 1596 | if (!app_ns) |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1597 | { |
| 1598 | vlib_cli_output (vm, "namespace %v does not exist", ns_id); |
Nathan Skrzypczak | 1a9e2f9 | 2021-07-28 19:35:08 +0200 | [diff] [blame] | 1599 | goto done; |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1600 | } |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1601 | } |
| 1602 | else |
| 1603 | { |
| 1604 | app_ns = app_namespace_get_default (); |
| 1605 | } |
| 1606 | appns_index = app_namespace_index (app_ns); |
| 1607 | |
| 1608 | fib_proto = is_ip4 ? FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6; |
| 1609 | session_rule_add_del_args_t args = { |
zhanglimao | a04ebb8 | 2019-03-13 10:36:54 +0800 | [diff] [blame] | 1610 | .transport_proto = proto, |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1611 | .table_args.lcl.fp_addr = lcl_ip, |
| 1612 | .table_args.lcl.fp_len = lcl_plen, |
| 1613 | .table_args.lcl.fp_proto = fib_proto, |
| 1614 | .table_args.rmt.fp_addr = rmt_ip, |
| 1615 | .table_args.rmt.fp_len = rmt_plen, |
| 1616 | .table_args.rmt.fp_proto = fib_proto, |
| 1617 | .table_args.lcl_port = lcl_port, |
| 1618 | .table_args.rmt_port = rmt_port, |
| 1619 | .table_args.action_index = action, |
| 1620 | .table_args.is_add = is_add, |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1621 | .table_args.tag = tag, |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1622 | .appns_index = appns_index, |
| 1623 | .scope = scope, |
| 1624 | }; |
Florin Coras | c1a4265 | 2019-02-08 18:27:29 -0800 | [diff] [blame] | 1625 | if ((rv = vnet_session_rule_add_del (&args))) |
Nathan Skrzypczak | 1a9e2f9 | 2021-07-28 19:35:08 +0200 | [diff] [blame] | 1626 | error = clib_error_return (0, "rule add del returned %u", rv); |
Florin Coras | c1a4265 | 2019-02-08 18:27:29 -0800 | [diff] [blame] | 1627 | |
Nathan Skrzypczak | 1a9e2f9 | 2021-07-28 19:35:08 +0200 | [diff] [blame] | 1628 | done: |
| 1629 | vec_free (ns_id); |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1630 | vec_free (tag); |
Nathan Skrzypczak | 1a9e2f9 | 2021-07-28 19:35:08 +0200 | [diff] [blame] | 1631 | return error; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1632 | } |
| 1633 | |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1634 | VLIB_CLI_COMMAND (session_rule_command, static) = |
| 1635 | { |
| 1636 | .path = "session rule", |
| 1637 | .short_help = "session rule [add|del] appns <ns_id> proto <proto> " |
| 1638 | "<lcl-ip/plen> <lcl-port> <rmt-ip/plen> <rmt-port> action <action>", |
| 1639 | .function = session_rule_command_fn, |
| 1640 | }; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1641 | |
Florin Coras | 7999e83 | 2017-10-31 01:51:04 -0700 | [diff] [blame] | 1642 | void |
| 1643 | session_lookup_dump_rules_table (u32 fib_index, u8 fib_proto, |
| 1644 | u8 transport_proto) |
| 1645 | { |
| 1646 | vlib_main_t *vm = vlib_get_main (); |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1647 | session_rules_table_t *srt; |
Florin Coras | 7999e83 | 2017-10-31 01:51:04 -0700 | [diff] [blame] | 1648 | session_table_t *st; |
| 1649 | st = session_table_get_for_fib_index (fib_index, fib_proto); |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1650 | srt = &st->session_rules[transport_proto]; |
| 1651 | session_rules_table_cli_dump (vm, srt, fib_proto); |
Florin Coras | 7999e83 | 2017-10-31 01:51:04 -0700 | [diff] [blame] | 1652 | } |
| 1653 | |
| 1654 | void |
| 1655 | session_lookup_dump_local_rules_table (u32 table_index, u8 fib_proto, |
| 1656 | u8 transport_proto) |
| 1657 | { |
| 1658 | vlib_main_t *vm = vlib_get_main (); |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1659 | session_rules_table_t *srt; |
Florin Coras | 7999e83 | 2017-10-31 01:51:04 -0700 | [diff] [blame] | 1660 | session_table_t *st; |
| 1661 | st = session_table_get (table_index); |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1662 | srt = &st->session_rules[transport_proto]; |
| 1663 | session_rules_table_cli_dump (vm, srt, fib_proto); |
Florin Coras | 7999e83 | 2017-10-31 01:51:04 -0700 | [diff] [blame] | 1664 | } |
| 1665 | |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1666 | static clib_error_t * |
| 1667 | show_session_rules_command_fn (vlib_main_t * vm, unformat_input_t * input, |
| 1668 | vlib_cli_command_t * cmd) |
| 1669 | { |
| 1670 | u32 transport_proto = ~0, lcl_port, rmt_port, lcl_plen, rmt_plen; |
| 1671 | u32 fib_index, scope = 0; |
| 1672 | ip46_address_t lcl_ip, rmt_ip; |
| 1673 | u8 is_ip4 = 1, show_one = 0; |
| 1674 | app_namespace_t *app_ns; |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1675 | session_rules_table_t *srt; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1676 | session_table_t *st; |
| 1677 | u8 *ns_id = 0, fib_proto; |
| 1678 | |
Guanghua Zhang | fcd5e12 | 2019-08-24 10:52:19 +0800 | [diff] [blame] | 1679 | session_cli_return_if_not_enabled (); |
| 1680 | |
Dave Barach | b7b9299 | 2018-10-17 10:38:51 -0400 | [diff] [blame] | 1681 | clib_memset (&lcl_ip, 0, sizeof (lcl_ip)); |
| 1682 | clib_memset (&rmt_ip, 0, sizeof (rmt_ip)); |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1683 | while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) |
| 1684 | { |
| 1685 | if (unformat (input, "%U", unformat_transport_proto, &transport_proto)) |
| 1686 | ; |
| 1687 | else if (unformat (input, "appns %_%v%_", &ns_id)) |
| 1688 | ; |
| 1689 | else if (unformat (input, "scope global")) |
Steven Luong | e87a03f | 2024-07-18 09:10:48 -0700 | [diff] [blame] | 1690 | scope = SESSION_RULE_SCOPE_GLOBAL; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1691 | else if (unformat (input, "scope local")) |
Steven Luong | e87a03f | 2024-07-18 09:10:48 -0700 | [diff] [blame] | 1692 | scope = SESSION_RULE_SCOPE_LOCAL; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1693 | else if (unformat (input, "%U/%d %d %U/%d %d", unformat_ip4_address, |
| 1694 | &lcl_ip.ip4, &lcl_plen, &lcl_port, |
| 1695 | unformat_ip4_address, &rmt_ip.ip4, &rmt_plen, |
| 1696 | &rmt_port)) |
| 1697 | { |
| 1698 | is_ip4 = 1; |
| 1699 | show_one = 1; |
| 1700 | } |
| 1701 | else if (unformat (input, "%U/%d %d %U/%d %d", unformat_ip6_address, |
| 1702 | &lcl_ip.ip6, &lcl_plen, &lcl_port, |
| 1703 | unformat_ip6_address, &rmt_ip.ip6, &rmt_plen, |
| 1704 | &rmt_port)) |
| 1705 | { |
| 1706 | is_ip4 = 0; |
| 1707 | show_one = 1; |
| 1708 | } |
| 1709 | else |
| 1710 | return clib_error_return (0, "unknown input `%U'", |
| 1711 | format_unformat_error, input); |
| 1712 | } |
| 1713 | |
| 1714 | if (transport_proto == ~0) |
| 1715 | { |
| 1716 | vlib_cli_output (vm, "transport proto must be set"); |
| 1717 | return 0; |
| 1718 | } |
| 1719 | |
| 1720 | if (ns_id) |
| 1721 | { |
| 1722 | app_ns = app_namespace_get_from_id (ns_id); |
| 1723 | if (!app_ns) |
| 1724 | { |
| 1725 | vlib_cli_output (vm, "appns %v doesn't exist", ns_id); |
| 1726 | return 0; |
| 1727 | } |
| 1728 | } |
| 1729 | else |
| 1730 | { |
| 1731 | app_ns = app_namespace_get_default (); |
| 1732 | } |
| 1733 | |
Steven Luong | e87a03f | 2024-07-18 09:10:48 -0700 | [diff] [blame] | 1734 | if (scope == SESSION_RULE_SCOPE_GLOBAL || scope == 0) |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1735 | { |
| 1736 | fib_proto = is_ip4 ? FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6; |
| 1737 | fib_index = is_ip4 ? app_ns->ip4_fib_index : app_ns->ip6_fib_index; |
| 1738 | st = session_table_get_for_fib_index (fib_proto, fib_index); |
| 1739 | } |
| 1740 | else |
| 1741 | { |
| 1742 | st = app_namespace_get_local_table (app_ns); |
| 1743 | } |
| 1744 | |
| 1745 | if (show_one) |
| 1746 | { |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1747 | srt = &st->session_rules[transport_proto]; |
| 1748 | session_rules_table_show_rule (vm, srt, &lcl_ip, lcl_port, &rmt_ip, |
| 1749 | rmt_port, is_ip4); |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1750 | return 0; |
| 1751 | } |
| 1752 | |
Florin Coras | c97a739 | 2017-11-05 23:07:07 -0800 | [diff] [blame] | 1753 | vlib_cli_output (vm, "%U rules table", format_transport_proto, |
| 1754 | transport_proto); |
Steven Luong | e87a03f | 2024-07-18 09:10:48 -0700 | [diff] [blame] | 1755 | if (scope == SESSION_RULE_SCOPE_LOCAL) |
| 1756 | { |
| 1757 | if (st) |
| 1758 | { |
| 1759 | srt = &st->session_rules[transport_proto]; |
| 1760 | session_rules_table_cli_dump (vm, srt, FIB_PROTOCOL_IP4); |
| 1761 | session_rules_table_cli_dump (vm, srt, FIB_PROTOCOL_IP6); |
| 1762 | } |
| 1763 | } |
| 1764 | else |
| 1765 | { |
| 1766 | /* |
| 1767 | * 2 separate session tables for global entries, 1 for ip4 and 1 for ip6 |
| 1768 | */ |
| 1769 | st = session_table_get_for_fib_index (FIB_PROTOCOL_IP4, |
| 1770 | app_ns->ip4_fib_index); |
| 1771 | if (st) |
| 1772 | { |
| 1773 | srt = &st->session_rules[transport_proto]; |
| 1774 | session_rules_table_cli_dump (vm, srt, FIB_PROTOCOL_IP4); |
| 1775 | } |
| 1776 | |
| 1777 | st = session_table_get_for_fib_index (FIB_PROTOCOL_IP6, |
| 1778 | app_ns->ip6_fib_index); |
| 1779 | if (st) |
| 1780 | { |
| 1781 | srt = &st->session_rules[transport_proto]; |
| 1782 | session_rules_table_cli_dump (vm, srt, FIB_PROTOCOL_IP6); |
| 1783 | } |
| 1784 | } |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1785 | |
| 1786 | vec_free (ns_id); |
| 1787 | return 0; |
| 1788 | } |
| 1789 | |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1790 | VLIB_CLI_COMMAND (show_session_rules_command, static) = |
| 1791 | { |
| 1792 | .path = "show session rules", |
Florin Coras | dff48db | 2017-11-19 18:06:58 -0800 | [diff] [blame] | 1793 | .short_help = "show session rules [<proto> appns <id> <lcl-ip/plen> " |
| 1794 | "<lcl-port> <rmt-ip/plen> <rmt-port> scope <scope>]", |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1795 | .function = show_session_rules_command_fn, |
| 1796 | }; |
Florin Coras | 1c71045 | 2017-10-17 00:03:13 -0700 | [diff] [blame] | 1797 | |
Florin Coras | 894d0a6 | 2023-11-17 16:35:04 -0800 | [diff] [blame] | 1798 | u8 * |
| 1799 | format_session_lookup_tables (u8 *s, va_list *args) |
| 1800 | { |
| 1801 | u32 fib_proto = va_arg (*args, u32); |
| 1802 | u32 *fibs, num_fibs = 0, fib_index, indent; |
| 1803 | session_table_t *st; |
| 1804 | u64 total_mem = 0; |
| 1805 | |
| 1806 | fibs = fib_index_to_table_index[fib_proto]; |
| 1807 | |
| 1808 | for (fib_index = 0; fib_index < vec_len (fibs); fib_index++) |
| 1809 | { |
| 1810 | if (fibs[fib_index] == ~0) |
| 1811 | continue; |
| 1812 | |
| 1813 | num_fibs += 1; |
| 1814 | st = session_table_get (fibs[fib_index]); |
| 1815 | total_mem += session_table_memory_size (st); |
| 1816 | } |
| 1817 | |
| 1818 | indent = format_get_indent (s); |
| 1819 | s = format (s, "active fibs:\t%u\n", num_fibs); |
| 1820 | s = format (s, "%Umax fib-index:\t%u\n", format_white_space, indent, |
| 1821 | vec_len (fibs) - 1); |
| 1822 | s = format (s, "%Utable memory:\t%U\n", format_white_space, indent, |
| 1823 | format_memory_size, total_mem); |
| 1824 | s = format (s, "%Uvec memory:\t%U\n", format_white_space, indent, |
| 1825 | format_memory_size, vec_mem_size (fibs)); |
| 1826 | |
| 1827 | return s; |
| 1828 | } |
| 1829 | |
| 1830 | static clib_error_t * |
| 1831 | show_session_lookup_command_fn (vlib_main_t *vm, unformat_input_t *input, |
| 1832 | vlib_cli_command_t *cmd) |
| 1833 | { |
| 1834 | session_table_t *st; |
| 1835 | u32 fib_index = ~0; |
| 1836 | |
| 1837 | session_cli_return_if_not_enabled (); |
| 1838 | while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) |
| 1839 | { |
| 1840 | if (unformat (input, "table %u", &fib_index)) |
| 1841 | ; |
| 1842 | else |
| 1843 | return clib_error_return (0, "unknown input `%U'", |
| 1844 | format_unformat_error, input); |
| 1845 | } |
| 1846 | |
| 1847 | if (fib_index != ~0) |
| 1848 | { |
| 1849 | st = session_table_get_for_fib_index (FIB_PROTOCOL_IP4, fib_index); |
| 1850 | if (st) |
| 1851 | vlib_cli_output (vm, "%U", format_session_table, st); |
| 1852 | else |
| 1853 | vlib_cli_output (vm, "no ip4 table for fib-index %u", fib_index); |
| 1854 | st = session_table_get_for_fib_index (FIB_PROTOCOL_IP6, fib_index); |
| 1855 | if (st) |
| 1856 | vlib_cli_output (vm, "%U", format_session_table, st); |
| 1857 | else |
| 1858 | vlib_cli_output (vm, "no ip6 table for fib-index %u", fib_index); |
| 1859 | goto done; |
| 1860 | } |
| 1861 | |
| 1862 | vlib_cli_output (vm, "ip4 fib lookup tables:\n %U", |
| 1863 | format_session_lookup_tables, FIB_PROTOCOL_IP4); |
| 1864 | vlib_cli_output (vm, "ip6 fib lookup tables:\n %U", |
| 1865 | format_session_lookup_tables, FIB_PROTOCOL_IP6); |
| 1866 | |
| 1867 | done: |
| 1868 | return 0; |
| 1869 | } |
| 1870 | |
| 1871 | VLIB_CLI_COMMAND (show_session_lookup_command, static) = { |
| 1872 | .path = "show session lookup", |
| 1873 | .short_help = "show session lookup [table <fib-index>]", |
| 1874 | .function = show_session_lookup_command_fn, |
| 1875 | }; |
| 1876 | |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1877 | void |
| 1878 | session_lookup_init (void) |
| 1879 | { |
Florin Coras | f9bdc03 | 2024-02-02 13:01:07 -0800 | [diff] [blame] | 1880 | session_lookup_main_t *slm = &sl_main; |
| 1881 | |
| 1882 | clib_spinlock_init (&slm->st_alloc_lock); |
| 1883 | |
Steven Luong | 5682ca8 | 2024-07-17 16:16:05 -0700 | [diff] [blame] | 1884 | /* We are not contributing any route to the fib. But we allocate a fib source |
| 1885 | * so that when we lock the fib table, we can view that we have a lock on the |
| 1886 | * particular fib table in case we wonder why the fib table is not free after |
| 1887 | * "ip table del" |
| 1888 | */ |
| 1889 | slm->fib_src = fib_source_allocate ( |
| 1890 | "session lookup", FIB_SOURCE_PRIORITY_LOW, FIB_SOURCE_BH_SIMPLE); |
| 1891 | |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1892 | /* |
| 1893 | * Allocate default table and map it to fib_index 0 |
| 1894 | */ |
| 1895 | session_table_t *st = session_table_alloc (); |
| 1896 | vec_validate (fib_index_to_table_index[FIB_PROTOCOL_IP4], 0); |
| 1897 | fib_index_to_table_index[FIB_PROTOCOL_IP4][0] = session_table_index (st); |
Florin Coras | 6c36f53 | 2017-11-03 18:32:34 -0700 | [diff] [blame] | 1898 | st->active_fib_proto = FIB_PROTOCOL_IP4; |
| 1899 | session_table_init (st, FIB_PROTOCOL_IP4); |
Florin Coras | cea194d | 2017-10-02 00:18:51 -0700 | [diff] [blame] | 1900 | st = session_table_alloc (); |
| 1901 | vec_validate (fib_index_to_table_index[FIB_PROTOCOL_IP6], 0); |
| 1902 | fib_index_to_table_index[FIB_PROTOCOL_IP6][0] = session_table_index (st); |
Florin Coras | 6c36f53 | 2017-11-03 18:32:34 -0700 | [diff] [blame] | 1903 | st->active_fib_proto = FIB_PROTOCOL_IP6; |
| 1904 | session_table_init (st, FIB_PROTOCOL_IP6); |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1905 | } |
| 1906 | |
Steven Luong | 5682ca8 | 2024-07-17 16:16:05 -0700 | [diff] [blame] | 1907 | void |
| 1908 | session_lookup_table_cleanup (u32 fib_proto, u32 fib_index) |
| 1909 | { |
| 1910 | session_table_t *st; |
| 1911 | u32 table_index; |
| 1912 | |
| 1913 | session_lookup_fib_table_unlock (fib_index, fib_proto); |
| 1914 | if (fib_index_to_lock_count[fib_proto][fib_index] == 0) |
| 1915 | { |
| 1916 | table_index = session_lookup_get_index_for_fib (fib_proto, fib_index); |
| 1917 | st = session_table_get (table_index); |
| 1918 | if (st) |
| 1919 | { |
| 1920 | session_table_free (st, fib_proto); |
| 1921 | if (vec_len (fib_index_to_table_index[fib_proto]) > fib_index) |
| 1922 | fib_index_to_table_index[fib_proto][fib_index] = ~0; |
| 1923 | } |
| 1924 | } |
| 1925 | } |
| 1926 | |
Florin Coras | 04e5344 | 2017-07-16 17:12:15 -0700 | [diff] [blame] | 1927 | /* |
| 1928 | * fd.io coding-style-patch-verification: ON |
| 1929 | * |
| 1930 | * Local Variables: |
| 1931 | * eval: (c-set-style "gnu") |
| 1932 | * End: |
| 1933 | */ |