FD.io VPP  v16.09
Vector Packet Processing
ip4_source_check.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2015 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 /*
16  * ip/ip4_source_check.c: IP v4 check source address (unicast RPF check)
17  *
18  * Copyright (c) 2008 Eliot Dresselhaus
19  *
20  * Permission is hereby granted, free of charge, to any person obtaining
21  * a copy of this software and associated documentation files (the
22  * "Software"), to deal in the Software without restriction, including
23  * without limitation the rights to use, copy, modify, merge, publish,
24  * distribute, sublicense, and/or sell copies of the Software, and to
25  * permit persons to whom the Software is furnished to do so, subject to
26  * the following conditions:
27  *
28  * The above copyright notice and this permission notice shall be
29  * included in all copies or substantial portions of the Software.
30  *
31  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
32  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
33  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
34  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
35  * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
36  * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
37  * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
38  */
39 
40 #include <vnet/ip/ip.h>
41 
42 typedef struct {
43  u8 packet_data[64];
44 } ip4_source_check_trace_t;
45 
46 static u8 * format_ip4_source_check_trace (u8 * s, va_list * va)
47 {
48  CLIB_UNUSED (vlib_main_t * vm) = va_arg (*va, vlib_main_t *);
49  CLIB_UNUSED (vlib_node_t * node) = va_arg (*va, vlib_node_t *);
50  ip4_source_check_trace_t * t = va_arg (*va, ip4_source_check_trace_t *);
51 
52  s = format (s, "%U",
53  format_ip4_header,
54  t->packet_data, sizeof (t->packet_data));
55 
56  return s;
57 }
58 
59 typedef enum {
60  IP4_SOURCE_CHECK_NEXT_DROP,
61  IP4_SOURCE_CHECK_N_NEXT,
62 } ip4_source_check_next_t;
63 
64 typedef enum {
65  IP4_SOURCE_CHECK_REACHABLE_VIA_RX,
66  IP4_SOURCE_CHECK_REACHABLE_VIA_ANY,
67 } ip4_source_check_type_t;
68 
69 typedef union {
70  struct {
71  u32 no_default_route : 1;
72  u32 fib_index : 31;
73  };
74  u32 as_u32[1];
75 } ip4_source_check_config_t;
76 
77 always_inline uword
78 ip4_source_check_inline (vlib_main_t * vm,
79  vlib_node_runtime_t * node,
80  vlib_frame_t * frame,
81  ip4_source_check_type_t source_check_type)
82 {
83  ip4_main_t * im = &ip4_main;
84  ip_lookup_main_t * lm = &im->lookup_main;
85  ip_config_main_t * cm = &lm->rx_config_mains[VNET_UNICAST];
86  u32 n_left_from, * from, * to_next;
87  u32 next_index;
88  vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip4_input_node.index);
89 
90  from = vlib_frame_vector_args (frame);
91  n_left_from = frame->n_vectors;
92  next_index = node->cached_next_index;
93 
94  if (node->flags & VLIB_NODE_FLAG_TRACE)
95  vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
96  /* stride */ 1,
97  sizeof (ip4_source_check_trace_t));
98 
99  while (n_left_from > 0)
100  {
101  u32 n_left_to_next;
102 
103  vlib_get_next_frame (vm, node, next_index,
104  to_next, n_left_to_next);
105 
106  while (n_left_from >= 4 && n_left_to_next >= 2)
107  {
108  vlib_buffer_t * p0, * p1;
109  ip4_header_t * ip0, * ip1;
110  ip4_fib_mtrie_t * mtrie0, * mtrie1;
111  ip4_fib_mtrie_leaf_t leaf0, leaf1;
112  ip4_source_check_config_t * c0, * c1;
113  ip_adjacency_t * adj0, * adj1;
114  u32 pi0, next0, pass0, adj_index0;
115  u32 pi1, next1, pass1, adj_index1;
116 
117  /* Prefetch next iteration. */
118  {
119  vlib_buffer_t * p2, * p3;
120 
121  p2 = vlib_get_buffer (vm, from[2]);
122  p3 = vlib_get_buffer (vm, from[3]);
123 
124  vlib_prefetch_buffer_header (p2, LOAD);
125  vlib_prefetch_buffer_header (p3, LOAD);
126 
127  CLIB_PREFETCH (p2->data, sizeof (ip0[0]), LOAD);
128  CLIB_PREFETCH (p3->data, sizeof (ip1[0]), LOAD);
129  }
130 
131  pi0 = to_next[0] = from[0];
132  pi1 = to_next[1] = from[1];
133  from += 2;
134  to_next += 2;
135  n_left_from -= 2;
136  n_left_to_next -= 2;
137 
138  p0 = vlib_get_buffer (vm, pi0);
139  p1 = vlib_get_buffer (vm, pi1);
140 
141  ip0 = vlib_buffer_get_current (p0);
142  ip1 = vlib_buffer_get_current (p1);
143 
144  c0 = vnet_get_config_data (&cm->config_main,
145  &p0->current_config_index,
146  &next0,
147  sizeof (c0[0]));
148  c1 = vnet_get_config_data (&cm->config_main,
149  &p1->current_config_index,
150  &next1,
151  sizeof (c1[0]));
152 
153  mtrie0 = &vec_elt_at_index (im->fibs, c0->fib_index)->mtrie;
154  mtrie1 = &vec_elt_at_index (im->fibs, c1->fib_index)->mtrie;
155 
156  leaf0 = leaf1 = IP4_FIB_MTRIE_LEAF_ROOT;
157 
158  leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 0);
159  leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, &ip1->src_address, 0);
160 
161  leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 1);
162  leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, &ip1->src_address, 1);
163 
164  leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 2);
165  leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, &ip1->src_address, 2);
166 
167  leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 3);
168  leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, &ip1->src_address, 3);
169 
170  adj_index0 = ip4_fib_mtrie_leaf_get_adj_index (leaf0);
171  adj_index1 = ip4_fib_mtrie_leaf_get_adj_index (leaf1);
172 
173  ASSERT (adj_index0 == ip4_fib_lookup_with_table (im, c0->fib_index,
174  &ip0->src_address,
175  c0->no_default_route));
176  ASSERT (adj_index1 == ip4_fib_lookup_with_table (im, c1->fib_index,
177  &ip1->src_address,
178  c1->no_default_route));
179 
180  adj0 = ip_get_adjacency (lm, adj_index0);
181  adj1 = ip_get_adjacency (lm, adj_index1);
182 
183  /* Pass multicast. */
184  pass0 = ip4_address_is_multicast (&ip0->src_address) || ip0->src_address.as_u32 == clib_host_to_net_u32(0xFFFFFFFF);
185  pass1 = ip4_address_is_multicast (&ip1->src_address) || ip1->src_address.as_u32 == clib_host_to_net_u32(0xFFFFFFFF);
186 
187  pass0 |= (adj0->lookup_next_index == IP_LOOKUP_NEXT_REWRITE
188  && (source_check_type == IP4_SOURCE_CHECK_REACHABLE_VIA_ANY
189  || vnet_buffer (p0)->sw_if_index[VLIB_RX] == adj0->rewrite_header.sw_if_index));
190  pass1 |= (adj1->lookup_next_index == IP_LOOKUP_NEXT_REWRITE
191  && (source_check_type == IP4_SOURCE_CHECK_REACHABLE_VIA_ANY
192  || vnet_buffer (p1)->sw_if_index[VLIB_RX] == adj1->rewrite_header.sw_if_index));
193 
194  next0 = (pass0 ? next0 : IP4_SOURCE_CHECK_NEXT_DROP);
195  next1 = (pass1 ? next1 : IP4_SOURCE_CHECK_NEXT_DROP);
196 
197  p0->error = error_node->errors[IP4_ERROR_UNICAST_SOURCE_CHECK_FAILS];
198  p1->error = error_node->errors[IP4_ERROR_UNICAST_SOURCE_CHECK_FAILS];
199 
200  vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
201  to_next, n_left_to_next,
202  pi0, pi1, next0, next1);
203  }
204 
205  while (n_left_from > 0 && n_left_to_next > 0)
206  {
207  vlib_buffer_t * p0;
208  ip4_header_t * ip0;
209  ip4_fib_mtrie_t * mtrie0;
210  ip4_fib_mtrie_leaf_t leaf0;
211  ip4_source_check_config_t * c0;
212  ip_adjacency_t * adj0;
213  u32 pi0, next0, pass0, adj_index0;
214 
215  pi0 = from[0];
216  to_next[0] = pi0;
217  from += 1;
218  to_next += 1;
219  n_left_from -= 1;
220  n_left_to_next -= 1;
221 
222  p0 = vlib_get_buffer (vm, pi0);
223  ip0 = vlib_buffer_get_current (p0);
224 
225  c0 = vnet_get_config_data (&cm->config_main,
226  &p0->current_config_index,
227  &next0,
228  sizeof (c0[0]));
229 
230  mtrie0 = &vec_elt_at_index (im->fibs, c0->fib_index)->mtrie;
231 
232  leaf0 = IP4_FIB_MTRIE_LEAF_ROOT;
233 
234  leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 0);
235 
236  leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 1);
237 
238  leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 2);
239 
240  leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 3);
241 
242  adj_index0 = ip4_fib_mtrie_leaf_get_adj_index (leaf0);
243 
244  ASSERT (adj_index0 == ip4_fib_lookup_with_table (im, c0->fib_index,
245  &ip0->src_address,
246  c0->no_default_route));
247  adj0 = ip_get_adjacency (lm, adj_index0);
248 
249  /* Pass multicast. */
250  pass0 = ip4_address_is_multicast (&ip0->src_address) || ip0->src_address.as_u32 == clib_host_to_net_u32(0xFFFFFFFF);
251 
252  pass0 |= (adj0->lookup_next_index == IP_LOOKUP_NEXT_REWRITE
253  && (source_check_type == IP4_SOURCE_CHECK_REACHABLE_VIA_ANY
254  || vnet_buffer (p0)->sw_if_index[VLIB_RX] == adj0->rewrite_header.sw_if_index));
255 
256  next0 = (pass0 ? next0 : IP4_SOURCE_CHECK_NEXT_DROP);
257  p0->error = error_node->errors[IP4_ERROR_UNICAST_SOURCE_CHECK_FAILS];
258 
259  vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
260  to_next, n_left_to_next,
261  pi0, next0);
262  }
263 
264  vlib_put_next_frame (vm, node, next_index, n_left_to_next);
265  }
266 
267  return frame->n_vectors;
268 }
269 
270 static uword
271 ip4_source_check_reachable_via_any (vlib_main_t * vm,
272  vlib_node_runtime_t * node,
273  vlib_frame_t * frame)
274 {
275  return ip4_source_check_inline (vm, node, frame, IP4_SOURCE_CHECK_REACHABLE_VIA_ANY);
276 }
277 
278 static uword
279 ip4_source_check_reachable_via_rx (vlib_main_t * vm,
280  vlib_node_runtime_t * node,
281  vlib_frame_t * frame)
282 {
283  return ip4_source_check_inline (vm, node, frame, IP4_SOURCE_CHECK_REACHABLE_VIA_RX);
284 }
285 
286 VLIB_REGISTER_NODE (ip4_check_source_reachable_via_any) = {
287  .function = ip4_source_check_reachable_via_any,
288  .name = "ip4-source-check-via-any",
289  .vector_size = sizeof (u32),
290 
291  .n_next_nodes = IP4_SOURCE_CHECK_N_NEXT,
292  .next_nodes = {
293  [IP4_SOURCE_CHECK_NEXT_DROP] = "error-drop",
294  },
295 
296  .format_buffer = format_ip4_header,
297  .format_trace = format_ip4_source_check_trace,
298 };
299 
300 VLIB_NODE_FUNCTION_MULTIARCH (ip4_check_source_reachable_via_any,
301  ip4_source_check_reachable_via_any)
302 
303 VLIB_REGISTER_NODE (ip4_check_source_reachable_via_rx) = {
304  .function = ip4_source_check_reachable_via_rx,
305  .name = "ip4-source-check-via-rx",
306  .vector_size = sizeof (u32),
307 
308  .n_next_nodes = IP4_SOURCE_CHECK_N_NEXT,
309  .next_nodes = {
310  [IP4_SOURCE_CHECK_NEXT_DROP] = "error-drop",
311  },
312 
313  .format_buffer = format_ip4_header,
314  .format_trace = format_ip4_source_check_trace,
315 };
316 
317 VLIB_NODE_FUNCTION_MULTIARCH (ip4_check_source_reachable_via_rx,
318  ip4_source_check_reachable_via_rx)
319 
320 static clib_error_t *
321 set_ip_source_check (vlib_main_t * vm,
322  unformat_input_t * input,
323  vlib_cli_command_t * cmd)
324 {
325  vnet_main_t * vnm = vnet_get_main();
326  ip4_main_t * im = &ip4_main;
327  ip_lookup_main_t * lm = &im->lookup_main;
328  ip_config_main_t * rx_cm = &lm->rx_config_mains[VNET_UNICAST];
329  clib_error_t * error = 0;
330  u32 sw_if_index, is_del, ci;
331  ip4_source_check_config_t config;
332  u32 feature_index;
333 
334  sw_if_index = ~0;
335 
336  if (! unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
337  {
338  error = clib_error_return (0, "unknown interface `%U'",
339  format_unformat_error, input);
340  goto done;
341  }
342 
343  is_del = 0;
344  config.no_default_route = 0;
345  config.fib_index = im->fib_index_by_sw_if_index[sw_if_index];
346  feature_index = im->ip4_unicast_rx_feature_source_reachable_via_rx;
347  if (unformat (input, "del"))
348  is_del = 1;
349 
350  ci = rx_cm->config_index_by_sw_if_index[sw_if_index];
351  ci = (is_del
352  ? vnet_config_del_feature
353  : vnet_config_add_feature)
354  (vm, &rx_cm->config_main,
355  ci,
356  feature_index,
357  &config,
358  sizeof (config));
359  rx_cm->config_index_by_sw_if_index[sw_if_index] = ci;
360 
361  done:
362  return error;
363 }
364 
365 VLIB_CLI_COMMAND (set_interface_ip_source_check_command, static) = {
366  .path = "set interface ip source-check",
367  .function = set_ip_source_check,
368  .short_help = "Set IP4/IP6 interface unicast source check",
369 };
370 
371 /* Dummy init function to get us linked in. */
372 clib_error_t * ip4_source_check_init (vlib_main_t * vm)
373 { return 0; }
374 
375 VLIB_INIT_FUNCTION (ip4_source_check_init);
vlib_put_next_frame
void vlib_put_next_frame(vlib_main_t *vm, vlib_node_runtime_t *r, u32 next_index, u32 n_vectors_left)
Release pointer to next frame vector data.
Definition: main.c:457
CLIB_UNUSED
#define CLIB_UNUSED(x)
Definition: clib.h:79
ip_config_main_t::config_index_by_sw_if_index
u32 * config_index_by_sw_if_index
Definition: lookup.h:369
unformat
uword unformat(unformat_input_t *i, char *fmt,...)
Definition: unformat.c:966
ip4_fib_mtrie_t
Definition: ip4_mtrie.h:118
vlib_buffer_t::current_config_index
u32 current_config_index
Used by feature subgraph arcs to visit enabled feature nodes.
Definition: buffer.h:121
ip4_header_t::src_address
ip4_address_t src_address
Definition: ip4_packet.h:138
ip_adjacency_t::lookup_next_index
ip_lookup_next_t lookup_next_index
Definition: lookup.h:180
ip_adjacency_t
IP unicast adjacency.
Definition: lookup.h:164
vnet_config_del_feature
u32 vnet_config_del_feature(vlib_main_t *vm, vnet_config_main_t *cm, u32 config_string_heap_index, u32 feature_index, void *feature_config, u32 n_feature_config_bytes)
Definition: config.c:300
ip_lookup_main_t::rx_config_mains
ip_config_main_t rx_config_mains[VNET_N_CAST]
rx/tx interface/feature configuration.
Definition: lookup.h:452
ip4_main_t::lookup_main
ip_lookup_main_t lookup_main
Definition: ip4.h:115
ip4_main_t::fib_index_by_sw_if_index
u32 * fib_index_by_sw_if_index
Table index indexed by software interface.
Definition: ip4.h:123
unformat_vnet_sw_interface
unformat_function_t unformat_vnet_sw_interface
Definition: interface_funcs.h:184
vlib_node_runtime_t::errors
vlib_error_t * errors
Definition: node.h:418
vlib_frame_t
Definition: node.h:332
vlib_node_runtime_t
Definition: node.h:412
vnet_get_main
vnet_main_t * vnet_get_main(void)
Definition: misc.c:45
VLIB_INIT_FUNCTION
#define VLIB_INIT_FUNCTION(x)
Definition: init.h:111
always_inline
#define always_inline
Definition: clib.h:84
vlib_buffer_get_current
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
Definition: buffer.h:187
ip4_fib_mtrie_leaf_t
u32 ip4_fib_mtrie_leaf_t
Definition: ip4_mtrie.h:52
vec_elt_at_index
#define vec_elt_at_index(v, i)
Get vector value at index i checking that i is in bounds.
Definition: vec_bootstrap.h:174
ip4_fib_lookup_with_table
u32 ip4_fib_lookup_with_table(ip4_main_t *im, u32 fib_index, ip4_address_t *dst, u32 disable_default_route)
Definition: ip4_forward.c:58
unformat_user
uword unformat_user(unformat_input_t *input, unformat_function_t *func,...)
Definition: unformat.c:977
ip_config_main_t
Definition: lookup.h:366
IP4_SOURCE_CHECK_REACHABLE_VIA_RX
Definition: ip4_source_check.c:65
ip4_fib_mtrie_leaf_get_adj_index
static u32 ip4_fib_mtrie_leaf_get_adj_index(ip4_fib_mtrie_leaf_t n)
Definition: ip4_mtrie.h:66
ip4_source_check_reachable_via_rx
static uword ip4_source_check_reachable_via_rx(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: ip4_source_check.c:279
ip4_source_check_config_t
Definition: ip4_source_check.c:69
ip4_source_check_next_t
ip4_source_check_next_t
Definition: ip4_source_check.c:59
ip4_input_node
vlib_node_registration_t ip4_input_node
Global ip4 input node.
Definition: ip4_input.c:388
vnet_get_config_data
static void * vnet_get_config_data(vnet_config_main_t *cm, u32 *config_index, u32 *next_index, u32 n_data_bytes)
Definition: config.h:122
ip4_address_is_multicast
static uword ip4_address_is_multicast(ip4_address_t *a)
Definition: ip4_packet.h:263
vlib_validate_buffer_enqueue_x2
#define vlib_validate_buffer_enqueue_x2(vm, node, next_index, to_next, n_left_to_next, bi0, bi1, next0, next1)
Finish enqueueing two buffers forward in the graph.
Definition: buffer_node.h:70
ip4_fib_mtrie_lookup_step
static ip4_fib_mtrie_leaf_t ip4_fib_mtrie_lookup_step(ip4_fib_mtrie_t *m, ip4_fib_mtrie_leaf_t current_leaf, ip4_address_t *dst_address, u32 dst_address_byte_index)
Definition: ip4_mtrie.h:145
VLIB_NODE_FUNCTION_MULTIARCH
VLIB_NODE_FUNCTION_MULTIARCH(ip4_check_source_reachable_via_any, ip4_source_check_reachable_via_any)
(constructor) VLIB_REGISTER_NODE (ip4_check_source_reachable_via_rx)
Definition: ip4_source_check.c:300
vlib_validate_buffer_enqueue_x1
#define vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, bi0, next0)
Finish enqueueing one buffer forward in the graph.
Definition: buffer_node.h:130
vlib_get_next_frame
#define vlib_get_next_frame(vm, node, next_index, vectors, n_vectors_left)
Get pointer to next frame vector data by (vlib_node_runtime_t, next_index).
Definition: node_funcs.h:348
vlib_buffer_t::error
vlib_error_t error
Error code for buffers to be enqueued to error handler.
Definition: buffer.h:118
ip4_source_check_config_t::fib_index
u32 fib_index
Definition: ip4_source_check.c:72
vlib_frame_t::n_vectors
u16 n_vectors
Definition: node.h:344
IP4_SOURCE_CHECK_N_NEXT
Definition: ip4_source_check.c:61
CLIB_PREFETCH
#define CLIB_PREFETCH(addr, size, type)
Definition: cache.h:82
ip4_source_check_init
clib_error_t * ip4_source_check_init(vlib_main_t *vm)
Definition: ip4_source_check.c:372
ip4_source_check_trace_t::packet_data
u8 packet_data[64]
Definition: ip4_source_check.c:43
ip4_main_t::ip4_unicast_rx_feature_source_reachable_via_rx
u32 ip4_unicast_rx_feature_source_reachable_via_rx
Built-in unicast feature path indice, see ip_feature_init_cast()
Definition: ip4.h:148
vlib_node_get_runtime
static vlib_node_runtime_t * vlib_node_get_runtime(vlib_main_t *vm, u32 node_index)
Get node runtime by node index.
Definition: node_funcs.h:88
vlib_buffer_t
Definition: buffer.h:73
ip_lookup_main_t
Definition: lookup.h:399
ip4_source_check_config_t::no_default_route
u32 no_default_route
Definition: ip4_source_check.c:71
vnet_main_t
Definition: vnet.h:59
vlib_node_runtime_t::cached_next_index
u16 cached_next_index
Definition: node.h:462
ASSERT
#define ASSERT(truth)
Definition: error_bootstrap.h:69
IP4_FIB_MTRIE_LEAF_ROOT
#define IP4_FIB_MTRIE_LEAF_ROOT
Definition: ip4_mtrie.h:55
format_ip4_header
format_function_t format_ip4_header
Definition: format.h:78
u32
unsigned int u32
Definition: types.h:88
ip4_main_t::fibs
ip4_fib_t * fibs
Vector of FIBs.
Definition: ip4.h:118
format_unformat_error
u8 * format_unformat_error(u8 *s, va_list *va)
Definition: unformat.c:91
vnet_buffer
#define vnet_buffer(b)
Definition: buffer.h:335
format
u8 * format(u8 *s, char *fmt,...)
Definition: format.c:418
ip4_main_t
IPv4 main type.
Definition: ip4.h:114
IP4_SOURCE_CHECK_REACHABLE_VIA_ANY
Definition: ip4_source_check.c:66
VLIB_NODE_FLAG_TRACE
#define VLIB_NODE_FLAG_TRACE
Definition: node.h:259
vnet_config_add_feature
u32 vnet_config_add_feature(vlib_main_t *vm, vnet_config_main_t *cm, u32 config_string_heap_index, u32 feature_index, void *feature_config, u32 n_feature_config_bytes)
Definition: config.c:239
uword
u64 uword
Definition: types.h:112
clib_error_t
Definition: error.h:75
ip4_source_check_inline
static uword ip4_source_check_inline(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame, ip4_source_check_type_t source_check_type)
Definition: ip4_source_check.c:78
vlib_trace_frame_buffers_only
void vlib_trace_frame_buffers_only(vlib_main_t *vm, vlib_node_runtime_t *node, u32 *buffers, uword n_buffers, uword next_buffer_stride, uword n_buffer_data_bytes_in_trace)
Definition: trace.c:45
VLIB_CLI_COMMAND
VLIB_CLI_COMMAND(set_interface_ip_source_and_port_range_check_command, static)
u8
unsigned char u8
Definition: types.h:56
ip4_source_check_trace_t
Definition: ip4_source_check.c:42
vlib_main_t
Definition: main.h:59
ip4_source_check_type_t
ip4_source_check_type_t
Definition: ip4_source_check.c:64
vlib_node_t
Definition: node.h:215
vlib_frame_vector_args
static void * vlib_frame_vector_args(vlib_frame_t *f)
Get pointer to frame vector data.
Definition: node_funcs.h:251
vlib_cli_command_t
Definition: cli.h:91
ip4_source_check_reachable_via_any
static uword ip4_source_check_reachable_via_any(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: ip4_source_check.c:271
vlib_prefetch_buffer_header
#define vlib_prefetch_buffer_header(b, type)
Prefetch buffer metadata.
Definition: buffer.h:163
VLIB_REGISTER_NODE
#define VLIB_REGISTER_NODE(x,...)
Definition: node.h:143
ip4_main
ip4_main_t ip4_main
Global ip4 main structure.
Definition: ip4_forward.c:1578
vlib_buffer_t::data
u8 data[0]
Packet data.
Definition: buffer.h:151
IP_LOOKUP_NEXT_REWRITE
This packet is to be rewritten and forwarded to the next processing node.
Definition: lookup.h:78
IP4_SOURCE_CHECK_NEXT_DROP
Definition: ip4_source_check.c:60
vlib_node_runtime_t::flags
u16 flags
Definition: node.h:452
ip4_check_source_reachable_via_any
vlib_node_registration_t ip4_check_source_reachable_via_any
(constructor) VLIB_REGISTER_NODE (ip4_check_source_reachable_via_any)
Definition: ip4_source_check.c:286
clib_error_return
#define clib_error_return(e, args...)
Definition: error.h:111
ip4_address_t::as_u32
u32 as_u32
Definition: ip4_packet.h:54
unformat_input_t
struct _unformat_input_t unformat_input_t
format_ip4_source_check_trace
static u8 * format_ip4_source_check_trace(u8 *s, va_list *va)
Definition: ip4_source_check.c:46
ip4_header_t
Definition: ip4_packet.h:104
vlib_get_buffer
static vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
Definition: buffer_funcs.h:69
ip_config_main_t::config_main
vnet_config_main_t config_main
Definition: lookup.h:367
VLIB_RX
Definition: defs.h:46
ip_get_adjacency
static ip_adjacency_t * ip_get_adjacency(ip_lookup_main_t *lm, u32 adj_index)
Definition: lookup.h:480