d1/dd6/nat__inlines_8h_source.html

 /*
  * Copyright (c) 2018 Cisco and/or its affiliates.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at:
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 /**
  * @brief The NAT inline functions
  */

 #ifndef __included_nat_inlines_h__
 #define __included_nat_inlines_h__

 #include <nat/nat.h>

 always_inline u32
 ip_proto_to_snat_proto (u8 ip_proto)
 {
   u32 snat_proto = ~0;

   snat_proto = (ip_proto == IP_PROTOCOL_UDP) ? SNAT_PROTOCOL_UDP : snat_proto;
   snat_proto = (ip_proto == IP_PROTOCOL_TCP) ? SNAT_PROTOCOL_TCP : snat_proto;
   snat_proto =
     (ip_proto == IP_PROTOCOL_ICMP) ? SNAT_PROTOCOL_ICMP : snat_proto;
   snat_proto =
     (ip_proto == IP_PROTOCOL_ICMP6) ? SNAT_PROTOCOL_ICMP : snat_proto;

   return snat_proto;
 }

 always_inline u8
 snat_proto_to_ip_proto (snat_protocol_t snat_proto)
 {
   u8 ip_proto = ~0;

   ip_proto = (snat_proto == SNAT_PROTOCOL_UDP) ? IP_PROTOCOL_UDP : ip_proto;
   ip_proto = (snat_proto == SNAT_PROTOCOL_TCP) ? IP_PROTOCOL_TCP : ip_proto;
   ip_proto = (snat_proto == SNAT_PROTOCOL_ICMP) ? IP_PROTOCOL_ICMP : ip_proto;

   return ip_proto;
 }

 static_always_inline u8
 icmp_is_error_message (icmp46_header_t * icmp)
 {
   switch (icmp->type)
     {
     case ICMP4_destination_unreachable:
     case ICMP4_time_exceeded:
     case ICMP4_parameter_problem:
     case ICMP4_source_quench:
     case ICMP4_redirect:
     case ICMP4_alternate_host_address:
       return 1;
     }
   return 0;
 }

 always_inline u8
 is_interface_addr (snat_main_t * sm, vlib_node_runtime_t * node,
                    u32 sw_if_index0, u32 ip4_addr)
 {
   snat_runtime_t *rt = (snat_runtime_t *) node->runtime_data;
   ip4_address_t *first_int_addr;

   if (PREDICT_FALSE (rt->cached_sw_if_index != sw_if_index0))
     {
       first_int_addr =
         ip4_interface_first_address (sm->ip4_main, sw_if_index0,
                                      0 /* just want the address */ );
       rt->cached_sw_if_index = sw_if_index0;
       if (first_int_addr)
         rt->cached_ip4_address = first_int_addr->as_u32;
       else
         rt->cached_ip4_address = 0;
     }

   if (PREDICT_FALSE (ip4_addr == rt->cached_ip4_address))
     return 1;
   else
     return 0;
 }

 always_inline u8
 maximum_sessions_exceeded (snat_main_t * sm, u32 thread_index)
 {
   if (pool_elts (sm->per_thread_data[thread_index].sessions) >=
       sm->max_translations)
     return 1;

   return 0;
 }

 always_inline void
 nat_send_all_to_node (vlib_main_t * vm, u32 * bi_vector,
                       vlib_node_runtime_t * node, vlib_error_t * error,
                       u32 next)
 {
   u32 n_left_from, *from, next_index, *to_next, n_left_to_next;

   from = bi_vector;
   n_left_from = vec_len (bi_vector);
   next_index = node->cached_next_index;
   while (n_left_from > 0)
     {
       vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
       while (n_left_from > 0 && n_left_to_next > 0)
         {
           u32 bi0 = to_next[0] = from[0];
           from += 1;
           n_left_from -= 1;
           to_next += 1;
           n_left_to_next -= 1;
           vlib_buffer_t *p0 = vlib_get_buffer (vm, bi0);
           p0->error = *error;
           vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
                                            n_left_to_next, bi0, next);
         }
       vlib_put_next_frame (vm, node, next_index, n_left_to_next);
     }
 }

 always_inline void
 user_session_increment (snat_main_t * sm, snat_user_t * u, u8 is_static)
 {
   if (u->nsessions + u->nstaticsessions < sm->max_translations_per_user)
     {
       if (is_static)
         u->nstaticsessions++;
       else
         u->nsessions++;
     }
 }

 always_inline void
 nat44_delete_session (snat_main_t * sm, snat_session_t * ses,
                       u32 thread_index)
 {
   snat_main_per_thread_data_t *tsm = vec_elt_at_index (sm->per_thread_data,
                                                        thread_index);
   clib_bihash_kv_8_8_t kv, value;
   snat_user_key_t u_key;
   snat_user_t *u;

   nat_log_debug ("session deleted %U", format_snat_session, tsm, ses);
   u_key.addr = ses->in2out.addr;
   u_key.fib_index = ses->in2out.fib_index;
   kv.key = u_key.as_u64;
   if (!clib_bihash_search_8_8 (&tsm->user_hash, &kv, &value))
     {
       u = pool_elt_at_index (tsm->users, value.value);
       if (snat_is_session_static (ses))
         u->nstaticsessions--;
       else
         u->nsessions--;
     }
   clib_dlist_remove (tsm->list_pool, ses->per_user_index);
   pool_put_index (tsm->list_pool, ses->per_user_index);
   pool_put (tsm->sessions, ses);
 }

 /** \brief Set TCP session state.
     @return 1 if session was closed, otherwise 0
 */
 always_inline int
 nat44_set_tcp_session_state_i2o (snat_main_t * sm, snat_session_t * ses,
                                  tcp_header_t * tcp, u32 thread_index)
 {
   if (tcp->flags & TCP_FLAG_FIN)
     {
       ses->i2o_fin_seq = clib_net_to_host_u32 (tcp->seq_number);
       ses->state |= NAT44_SES_I2O_FIN;
     }
   if ((tcp->flags & TCP_FLAG_ACK) && (ses->state & NAT44_SES_O2I_FIN))
     {
       if (clib_net_to_host_u32 (tcp->ack_number) > ses->o2i_fin_seq)
         ses->state |= NAT44_SES_O2I_FIN_ACK;
     }
   if (nat44_is_ses_closed (ses))
     {
       nat_log_debug ("TCP close connection %U", format_snat_session,
                      &sm->per_thread_data[thread_index], ses);
       nat_free_session_data (sm, ses, thread_index);
       nat44_delete_session (sm, ses, thread_index);
       return 1;
     }
   return 0;
 }

 always_inline int
 nat44_set_tcp_session_state_o2i (snat_main_t * sm, snat_session_t * ses,
                                  tcp_header_t * tcp, u32 thread_index)
 {
   if (tcp->flags & TCP_FLAG_FIN)
     {
       ses->o2i_fin_seq = clib_net_to_host_u32 (tcp->seq_number);
       ses->state |= NAT44_SES_O2I_FIN;
     }
   if ((tcp->flags & TCP_FLAG_ACK) && (ses->state & NAT44_SES_I2O_FIN))
     {
       if (clib_net_to_host_u32 (tcp->ack_number) > ses->i2o_fin_seq)
         ses->state |= NAT44_SES_I2O_FIN_ACK;
     }
   if (nat44_is_ses_closed (ses))
     {
       nat_log_debug ("TCP close connection %U", format_snat_session,
                      &sm->per_thread_data[thread_index], ses);
       nat_free_session_data (sm, ses, thread_index);
       nat44_delete_session (sm, ses, thread_index);
       return 1;
     }
   return 0;
 }

 always_inline void
 nat44_session_update_counters (snat_session_t * s, f64 now, uword bytes)
 {
   s->last_heard = now;
   s->total_pkts++;
   s->total_bytes += bytes;
 }

 /** \brief Per-user LRU list maintenance */
 always_inline void
 nat44_session_update_lru (snat_main_t * sm, snat_session_t * s,
                           u32 thread_index)
 {
   clib_dlist_remove (sm->per_thread_data[thread_index].list_pool,
                      s->per_user_index);
   clib_dlist_addtail (sm->per_thread_data[thread_index].list_pool,
                       s->per_user_list_head_index, s->per_user_index);
 }

 always_inline void
 make_ed_kv (clib_bihash_kv_16_8_t * kv, ip4_address_t * l_addr,
             ip4_address_t * r_addr, u8 proto, u32 fib_index, u16 l_port,
             u16 r_port)
 {
   nat_ed_ses_key_t *key = (nat_ed_ses_key_t *) kv->key;

   key->l_addr.as_u32 = l_addr->as_u32;
   key->r_addr.as_u32 = r_addr->as_u32;
   key->fib_index = fib_index;
   key->proto = proto;
   key->l_port = l_port;
   key->r_port = r_port;

   kv->value = ~0ULL;
 }

 always_inline void
 make_sm_kv (clib_bihash_kv_8_8_t * kv, ip4_address_t * addr, u8 proto,
             u32 fib_index, u16 port)
 {
   snat_session_key_t key;

   key.addr.as_u32 = addr->as_u32;
   key.port = port;
   key.protocol = proto;
   key.fib_index = fib_index;

   kv->key = key.as_u64;
   kv->value = ~0ULL;
 }

 #endif /* __included_nat_inlines_h__ */

 /*
  * fd.io coding-style-patch-verification: ON
  *
  * Local Variables:
  * eval: (c-set-style "gnu")
  * End:
  */
snat_is_session_static
#define snat_is_session_static(s)
Check if SNAT session is created from static mapping.
Definition: nat.h:483

snat_user_t
Definition: nat.h:186

clib_bihash_kv_16_8_t::value
u64 value
Definition: bihash_16_8.h:35

NAT44_SES_I2O_FIN
#define NAT44_SES_I2O_FIN
Definition: nat.h:132

vlib_node_runtime_t::runtime_data
u8 runtime_data[0]
Function dependent node-runtime data.
Definition: node.h:500

snat_user_t::nsessions
u32 nsessions
Definition: nat.h:190

icmp_is_error_message
static_always_inline u8 icmp_is_error_message(icmp46_header_t *icmp)
Definition: nat_inlines.h:52

ip4_interface_first_address
ip4_address_t * ip4_interface_first_address(ip4_main_t *im, u32 sw_if_index, ip_interface_address_t **result_ia)
Definition: ip4_forward.c:320

make_sm_kv
static void make_sm_kv(clib_bihash_kv_8_8_t *kv, ip4_address_t *addr, u8 proto, u32 fib_index, u16 port)
Definition: nat_inlines.h:260

snat_user_t::nstaticsessions
u32 nstaticsessions
Definition: nat.h:191

vlib_error_t
u16 vlib_error_t
Definition: error.h:44

nat44_is_ses_closed
#define nat44_is_ses_closed(s)
Definition: nat.h:137

NAT44_SES_O2I_FIN
#define NAT44_SES_O2I_FIN
Definition: nat.h:133

snat_main_per_thread_data_t::list_pool
dlist_elt_t * list_pool
Definition: nat.h:290

tcp_header_t
struct _tcp_header tcp_header_t

nat_ed_ses_key_t::proto
u32 proto
Definition: nat.h:67

u8
unsigned char u8
Definition: types.h:56

nat44_set_tcp_session_state_o2i
static int nat44_set_tcp_session_state_o2i(snat_main_t *sm, snat_session_t *ses, tcp_header_t *tcp, u32 thread_index)
Definition: nat_inlines.h:199

nat_ed_ses_key_t::l_port
u16 l_port
Definition: nat.h:69

f64
double f64
Definition: types.h:142

snat_main_per_thread_data_t::user_hash
clib_bihash_8_8_t user_hash
Definition: nat.h:281

snat_runtime_t::cached_sw_if_index
u32 cached_sw_if_index
Definition: nat.h:475

snat_main_s::max_translations_per_user
u32 max_translations_per_user
Definition: nat.h:394

vlib_node_runtime_t
Definition: node.h:445

static_always_inline
#define static_always_inline
Definition: clib.h:93

nat_ed_ses_key_t::r_port
u16 r_port
Definition: nat.h:70

always_inline
#define always_inline
Definition: clib.h:92

TCP_FLAG_ACK
#define TCP_FLAG_ACK
Definition: fa_node.h:16

vec_elt_at_index
#define vec_elt_at_index(v, i)
Get vector value at index i checking that i is in bounds.
Definition: vec_bootstrap.h:174

snat_main_s::ip4_main
ip4_main_t * ip4_main
Definition: nat.h:415

u32
unsigned int u32
Definition: types.h:88

snat_session_key_t::as_u64
u64 as_u64
Definition: nat.h:56

maximum_sessions_exceeded
static u8 maximum_sessions_exceeded(snat_main_t *sm, u32 thread_index)
Definition: nat_inlines.h:93

nat44_delete_session
static void nat44_delete_session(snat_main_t *sm, snat_session_t *ses, u32 thread_index)
Definition: nat_inlines.h:144

ip4_address_t
Definition: ip4_packet.h:49

snat_main_s::max_translations
u32 max_translations
Definition: nat.h:391

nat_ed_ses_key_t::fib_index
u32 fib_index
Definition: nat.h:67

pool_elt_at_index
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
Definition: pool.h:461

nat_free_session_data
void nat_free_session_data(snat_main_t *sm, snat_session_t *s, u32 thread_index)
Definition: nat.c:187

snat_session_key_t
Definition: nat.h:46

clib_bihash_kv_8_8_t::key
u64 key
the key
Definition: bihash_8_8.h:35

clib_dlist_addtail
static void clib_dlist_addtail(dlist_elt_t *pool, u32 head_index, u32 new_index)
Definition: dlist.h:43

u16
unsigned short u16
Definition: types.h:57

snat_session_key_t::protocol
u16 protocol
Definition: nat.h:53

pool_put
#define pool_put(P, E)
Free an object E in pool P.
Definition: pool.h:273

PREDICT_FALSE
#define PREDICT_FALSE(x)
Definition: clib.h:105

TCP_FLAG_FIN
#define TCP_FLAG_FIN
Definition: fa_node.h:12

vlib_validate_buffer_enqueue_x1
#define vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, bi0, next0)
Finish enqueueing one buffer forward in the graph.
Definition: buffer_node.h:218

vlib_get_next_frame
#define vlib_get_next_frame(vm, node, next_index, vectors, n_vectors_left)
Get pointer to next frame vector data by (vlib_node_runtime_t, next_index).
Definition: node_funcs.h:364

vlib_buffer_t::error
vlib_error_t error
Error code for buffers to be enqueued to error handler.
Definition: buffer.h:135

nat_ed_ses_key_t
Definition: nat.h:60

clib_bihash_kv_8_8_t::value
u64 value
the value
Definition: bihash_8_8.h:36

snat_main_per_thread_data_t::users
snat_user_t * users
Definition: nat.h:284

nat_log_debug
#define nat_log_debug(...)
Definition: nat.h:526

snat_proto_to_ip_proto
static u8 snat_proto_to_ip_proto(snat_protocol_t snat_proto)
Definition: nat_inlines.h:40

snat_session_key_t::port
u16 port
Definition: nat.h:52

vm
vlib_main_t * vm
Definition: buffer.c:294

nat_ed_ses_key_t::l_addr
ip4_address_t l_addr
Definition: nat.h:65

snat_main_s
Definition: nat.h:318

vlib_buffer_t
Definition: buffer.h:98

snat_runtime_t
Definition: nat.h:474

nat44_session_update_counters
static void nat44_session_update_counters(snat_session_t *s, f64 now, uword bytes)
Definition: nat_inlines.h:224

clib_bihash_kv_8_8_t
8 octet key, 8 octet key value pair
Definition: bihash_8_8.h:33

snat_session_key_t::addr
ip4_address_t addr
Definition: nat.h:51

vlib_put_next_frame
void vlib_put_next_frame(vlib_main_t *vm, vlib_node_runtime_t *r, u32 next_index, u32 n_vectors_left)
Release pointer to next frame vector data.
Definition: main.c:454

make_ed_kv
static void make_ed_kv(clib_bihash_kv_16_8_t *kv, ip4_address_t *l_addr, ip4_address_t *r_addr, u8 proto, u32 fib_index, u16 l_port, u16 r_port)
Definition: nat_inlines.h:243

nat_ed_ses_key_t::r_addr
ip4_address_t r_addr
Definition: nat.h:66

nat44_set_tcp_session_state_i2o
static int nat44_set_tcp_session_state_i2o(snat_main_t *sm, snat_session_t *ses, tcp_header_t *tcp, u32 thread_index)
Set TCP session state.
Definition: nat_inlines.h:174

vlib_node_runtime_t::cached_next_index
u16 cached_next_index
Next frame index that vector arguments were last enqueued to last time this node ran.
Definition: node.h:492

pool_put_index
#define pool_put_index(p, i)
Free pool element with given index.
Definition: pool.h:296

clib_bihash_kv_16_8_t
Definition: bihash_16_8.h:32

nat44_session_update_lru
static void nat44_session_update_lru(snat_main_t *sm, snat_session_t *s, u32 thread_index)
Per-user LRU list maintenance.
Definition: nat_inlines.h:233

snat_user_key_t::as_u64
u64 as_u64
Definition: nat.h:97

snat_user_key_t::addr
ip4_address_t addr
Definition: nat.h:94

clib_dlist_remove
static void clib_dlist_remove(dlist_elt_t *pool, u32 index)
Definition: dlist.h:99

nat.h

format_snat_session
format_function_t format_snat_session
Definition: nat.h:471

ip_proto_to_snat_proto
static u32 ip_proto_to_snat_proto(u8 ip_proto)
The NAT inline functions.
Definition: nat_inlines.h:25

user_session_increment
static void user_session_increment(snat_main_t *sm, snat_user_t *u, u8 is_static)
Definition: nat_inlines.h:132

vec_len
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
Definition: vec_bootstrap.h:142

snat_main_per_thread_data_t
Definition: nat.h:271

vlib_main_t
Definition: main.h:59

uword
u64 uword
Definition: types.h:112

snat_main_s::per_thread_data
snat_main_per_thread_data_t * per_thread_data
Definition: nat.h:331

snat_protocol_t
snat_protocol_t
Definition: nat.h:107

is_interface_addr
static u8 is_interface_addr(snat_main_t *sm, vlib_node_runtime_t *node, u32 sw_if_index0, u32 ip4_addr)
Definition: nat_inlines.h:68

snat_user_key_t::fib_index
u32 fib_index
Definition: nat.h:95

NAT44_SES_I2O_FIN_ACK
#define NAT44_SES_I2O_FIN_ACK
Definition: nat.h:134

snat_user_key_t
Definition: nat.h:89

nat_send_all_to_node
static void nat_send_all_to_node(vlib_main_t *vm, u32 *bi_vector, vlib_node_runtime_t *node, vlib_error_t *error, u32 next)
Definition: nat_inlines.h:103

addr
vhost_vring_addr_t addr
Definition: vhost-user.h:83

ip4_address_t::as_u32
u32 as_u32
Definition: ip4_packet.h:56

NAT44_SES_O2I_FIN_ACK
#define NAT44_SES_O2I_FIN_ACK
Definition: nat.h:135

snat_main_per_thread_data_t::sessions
snat_session_t * sessions
Definition: nat.h:287

snat_runtime_t::cached_ip4_address
u32 cached_ip4_address
Definition: nat.h:476

vlib_get_buffer
static vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
Definition: buffer_funcs.h:57

clib_bihash_kv_16_8_t::key
u64 key[2]
Definition: bihash_16_8.h:34

snat_session_key_t::fib_index
u16 fib_index
Definition: nat.h:53

pool_elts
static uword pool_elts(void *v)
Number of active elements in a pool.
Definition: pool.h:128