95 u32 n_left_from, *from, *to_next;
109 while (n_left_from > 0)
115 while (n_left_from >= 4 && n_left_to_next >= 2)
123 u32 pi0, next0, pass0, lb_index0;
124 u32 pi1, next1, pass1, lb_index1;
140 pi0 = to_next[0] = from[0];
141 pi1 = to_next[1] = from[1];
159 [VLIB_RX], &next1, p1,
208 error_node->
errors[IP4_ERROR_UNICAST_SOURCE_CHECK_FAILS];
210 error_node->
errors[IP4_ERROR_UNICAST_SOURCE_CHECK_FAILS];
213 to_next, n_left_to_next,
214 pi0, pi1, next0, next1);
217 while (n_left_from > 0 && n_left_to_next > 0)
224 u32 pi0, next0, pass0, lb_index0;
273 error_node->
errors[IP4_ERROR_UNICAST_SOURCE_CHECK_FAILS];
276 to_next, n_left_to_next,
307 .name =
"ip4-source-check-via-any",
308 .vector_size =
sizeof (
u32),
326 .name =
"ip4-source-check-via-rx",
327 .vector_size =
sizeof (
u32),
350 u32 sw_if_index, is_del;
352 char *feature_name =
"ip4-source-check-via-rx";
365 else if (
unformat (line_input,
"del"))
367 else if (
unformat (line_input,
"loose"))
368 feature_name =
"ip4-source-check-via-any";
376 if (~0 == sw_if_index)
385 is_del == 0, &config,
sizeof (config));
451 .path =
"set interface ip source-check",
453 .short_help =
"set interface ip source-check <interface> [strict|loose] [del]",
466 u32 table_id, is_add, fib_index;
477 if (
unformat (line_input,
"table %d", &table_id))
479 else if (
unformat (line_input,
"del"))
481 else if (
unformat (line_input,
"add"))
483 else if (
unformat (line_input,
"%U/%d",
540 .path =
"ip urpf-accept",
542 .short_help =
"ip urpf-accept [table <table-id>] [add|del]",
fib_protocol_t fp_proto
protocol type
static int fib_urpf_check_size(index_t ui)
Data-Plane function to check the size of an uRPF list, (i.e.
vnet_main_t * vnet_get_main(void)
static ip4_fib_mtrie_leaf_t ip4_fib_mtrie_lookup_step(const ip4_fib_mtrie_t *m, ip4_fib_mtrie_leaf_t current_leaf, const ip4_address_t *dst_address, u32 dst_address_byte_index)
Lookup step.
u32 index_t
A Data-Path Object is an object that represents actions that are applied to packets are they are swit...
static int fib_urpf_check(index_t ui, u32 sw_if_index)
Data-Plane function to check an input interface against an uRPF list.
u32 * fib_index_by_sw_if_index
Table index indexed by software interface.
unformat_function_t unformat_vnet_sw_interface
vlib_error_t * errors
Vector of errors for this node.
static clib_error_t * set_ip_source_check(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
#define VLIB_INIT_FUNCTION(x)
void fib_table_entry_special_remove(u32 fib_index, const fib_prefix_t *prefix, fib_source_t source)
Remove a 'special' entry from the FIB.
#define vlib_prefetch_buffer_header(b, type)
Prefetch buffer metadata.
Aggregrate type for a prefix.
#define clib_error_return(e, args...)
u32 fib_table_find(fib_protocol_t proto, u32 table_id)
Get the index of the FIB for a Table-ID.
u16 fp_len
The mask length.
static u32 ip4_fib_mtrie_leaf_get_adj_index(ip4_fib_mtrie_leaf_t n)
From the stored slot value extract the LB index value.
static uword ip4_source_check_reachable_via_rx(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
vlib_node_registration_t ip4_input_node
Global ip4 input node.
ip46_address_t fp_addr
The address type is not deriveable from the fp_addr member.
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
static uword ip4_address_is_multicast(ip4_address_t *a)
vlib_node_registration_t ip4_check_source_reachable_via_rx
(constructor) VLIB_REGISTER_NODE (ip4_check_source_reachable_via_rx)
#define vlib_validate_buffer_enqueue_x2(vm, node, next_index, to_next, n_left_to_next, bi0, bi1, next0, next1)
Finish enqueueing two buffers forward in the graph.
VLIB_NODE_FUNCTION_MULTIARCH(ip4_check_source_reachable_via_any, ip4_source_check_reachable_via_any)
#define vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, bi0, next0)
Finish enqueueing one buffer forward in the graph.
#define vlib_get_next_frame(vm, node, next_index, vectors, n_vectors_left)
Get pointer to next frame vector data by (vlib_node_runtime_t, next_index).
ip4_fib_mtrie_t mtrie
Mtrie for fast lookups.
vlib_error_t error
Error code for buffers to be enqueued to error handler.
fib_node_index_t fib_table_entry_special_add(u32 fib_index, const fib_prefix_t *prefix, fib_source_t source, fib_entry_flag_t flags)
Add a 'special' entry to the FIB.
#define VLIB_REGISTER_NODE(x,...)
#define CLIB_PREFETCH(addr, size, type)
clib_error_t * ip4_source_check_init(vlib_main_t *vm)
static ip4_fib_t * ip4_fib_get(u32 index)
Get the FIB at the given index.
static vlib_node_runtime_t * vlib_node_get_runtime(vlib_main_t *vm, u32 node_index)
Get node runtime by node index.
void vlib_put_next_frame(vlib_main_t *vm, vlib_node_runtime_t *r, u32 next_index, u32 n_vectors_left)
Release pointer to next frame vector data.
#define VLIB_CLI_COMMAND(x,...)
u16 cached_next_index
Next frame index that vector arguments were last enqueued to last time this node ran.
index_t lb_urpf
This is the index of the uRPF list for this LB.
static ip4_fib_mtrie_leaf_t ip4_fib_mtrie_lookup_step_one(const ip4_fib_mtrie_t *m, const ip4_address_t *dst_address)
Lookup step number 1.
static load_balance_t * load_balance_get(index_t lbi)
static clib_error_t * ip_source_check_accept(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
static uword ip4_source_check_inline(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame, ip4_source_check_type_t source_check_type)
void vlib_trace_frame_buffers_only(vlib_main_t *vm, vlib_node_runtime_t *node, u32 *buffers, uword n_buffers, uword next_buffer_stride, uword n_buffer_data_bytes_in_trace)
static void * vlib_frame_vector_args(vlib_frame_t *f)
Get pointer to frame vector data.
static_always_inline void * vnet_feature_next_with_data(u32 sw_if_index, u32 *next0, vlib_buffer_t *b0, u32 n_data_bytes)
static uword ip4_source_check_reachable_via_any(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
ip4_main_t ip4_main
Global ip4 main structure.
u16 flags
Copy of main node flags.
vlib_node_registration_t ip4_check_source_reachable_via_any
(constructor) VLIB_REGISTER_NODE (ip4_check_source_reachable_via_any)
#define VLIB_NODE_FLAG_TRACE
static u8 * format_ip4_source_check_trace(u8 *s, va_list *va)
static vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
int vnet_feature_enable_disable(const char *arc_name, const char *node_name, u32 sw_if_index, int enable_disable, void *feature_config, u32 n_feature_config_bytes)