56 "NAT44_OUT2IN: sw_if_index %d, next index %d, session index %d",
68 s =
format (s,
"NAT44_OUT2IN_FAST: sw_if_index %d, next index %d",
73 #define foreach_snat_out2in_error \ 74 _(UNSUPPORTED_PROTOCOL, "unsupported protocol") \ 75 _(OUT2IN_PACKETS, "good out2in packets processed") \ 76 _(OUT_OF_PORTS, "out of ports") \ 77 _(BAD_ICMP_TYPE, "unsupported ICMP type") \ 78 _(NO_TRANSLATION, "no translation") \ 79 _(MAX_SESSIONS_EXCEEDED, "maximum sessions exceeded") \ 80 _(DROP_FRAGMENT, "drop fragment") \ 81 _(MAX_REASS, "maximum reassemblies exceeded") \ 82 _(MAX_FRAG, "maximum fragments per reassembly exceeded")\ 83 _(TCP_PACKETS, "TCP packets") \ 84 _(UDP_PACKETS, "UDP packets") \ 85 _(ICMP_PACKETS, "ICMP packets") \ 86 _(OTHER_PACKETS, "other protocol packets") \ 87 _(FRAGMENTS, "fragments") \ 88 _(CACHED_FRAGMENTS, "cached fragments") \ 89 _(PROCESSED_FRAGMENTS, "processed fragments") 93 #define _(sym,str) SNAT_OUT2IN_ERROR_##sym, 100 #define _(sym,string) string, 114 #ifndef CLIB_MARCH_VARIANT 121 u64 sess_timeout_time;
128 if (ctx->
now >= sess_timeout_time)
130 s_kv.
key = s->in2out.as_u64;
131 if (clib_bihash_add_del_8_8 (&tsm->
in2out, &s_kv, 0))
135 s->in2out.addr.as_u32,
136 s->out2in.addr.as_u32,
140 s->in2out.fib_index);
143 &s->in2out.addr, s->in2out.port,
144 &s->out2in.addr, s->out2in.port,
147 nat_ha_sdel (&s->out2in.addr, s->out2in.port, &s->ext_host_addr,
148 s->ext_host_port, s->out2in.protocol, s->out2in.fib_index,
177 static inline snat_session_t *
183 u32 thread_index,
f64 now)
194 b0->
error = node->
errors[SNAT_OUT2IN_ERROR_MAX_SESSIONS_EXCEEDED];
229 kv0.
key = s->in2out.as_u64;
231 if (clib_bihash_add_or_overwrite_stale_8_8
236 kv0.
key = s->out2in.as_u64;
238 if (clib_bihash_add_or_overwrite_stale_8_8
245 s->in2out.addr.as_u32,
246 s->out2in.addr.as_u32,
249 s->out2in.port, s->in2out.fib_index);
252 &s->in2out.addr, s->in2out.port, &s->out2in.addr,
253 s->out2in.port, s->in2out.protocol);
255 nat_ha_sadd (&s->in2out.addr, s->in2out.port, &s->out2in.addr,
256 s->out2in.port, &s->ext_host_addr, s->ext_host_port,
257 &s->ext_host_nat_addr, s->ext_host_nat_port,
258 s->in2out.protocol, s->in2out.fib_index, s->flags,
264 #ifndef CLIB_MARCH_VARIANT 269 icmp46_header_t *icmp0;
274 icmp46_header_t *inner_icmp0;
293 case SNAT_PROTOCOL_ICMP:
294 inner_icmp0 = (icmp46_header_t *) l4_header;
298 case SNAT_PROTOCOL_UDP:
299 case SNAT_PROTOCOL_TCP:
303 return SNAT_OUT2IN_ERROR_UNSUPPORTED_PROTOCOL;
329 u8 * p_dont_translate,
void *d,
void *e)
331 icmp46_header_t *icmp0;
336 snat_session_t *s0 = 0;
337 u8 dont_translate = 0;
353 b0->
error = node->
errors[SNAT_OUT2IN_ERROR_UNSUPPORTED_PROTOCOL];
367 (sm, key0, &sm0, 1, &is_addr_only, 0, 0, 0, &identity_nat))
378 b0->
error = node->
errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
390 (icmp0->type != ICMP4_echo_request
393 b0->
error = node->
errors[SNAT_OUT2IN_ERROR_BAD_ICMP_TYPE];
417 icmp0->type != ICMP4_echo_request &&
420 b0->
error = node->
errors[SNAT_OUT2IN_ERROR_BAD_ICMP_TYPE];
432 *p_value = s0->in2out;
433 *p_dont_translate = dont_translate;
435 *(snat_session_t **) d = s0;
440 #ifndef CLIB_MARCH_VARIANT 459 u8 * p_dont_translate,
void *d,
void *e)
461 icmp46_header_t *icmp0;
466 u8 dont_translate = 0;
485 (sm, key0, &sm0, 1, &is_addr_only, 0, 0, 0, 0))
493 b0->
error = node->
errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
499 (icmp0->type != ICMP4_echo_request || !is_addr_only) &&
502 b0->
error = node->
errors[SNAT_OUT2IN_ERROR_BAD_ICMP_TYPE];
511 *p_dont_translate = dont_translate;
516 #ifndef CLIB_MARCH_VARIANT 521 icmp46_header_t * icmp0,
525 u32 next0,
u32 thread_index,
void *d,
void *e)
532 icmp46_header_t *inner_icmp0;
534 u32 new_addr0, old_addr0;
535 u16 old_id0, new_id0;
543 &protocol, &sm0, &dont_translate, d,
558 if (checksum0 != 0 && checksum0 != 0xffff)
574 if (icmp0->checksum == 0)
575 icmp0->checksum = 0xffff;
586 sum0 = icmp0->checksum;
607 sum0 = icmp0->checksum;
614 case SNAT_PROTOCOL_ICMP:
615 inner_icmp0 = (icmp46_header_t *) l4_header;
622 sum0 = icmp0->checksum;
627 case SNAT_PROTOCOL_UDP:
628 case SNAT_PROTOCOL_TCP:
633 sum0 = icmp0->checksum;
652 icmp46_header_t * icmp0,
657 u32 thread_index, snat_session_t ** p_s0)
659 next0 =
icmp_out2in (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
660 next0, thread_index, p_s0, 0);
661 snat_session_t *s0 = *p_s0;
682 u32 old_addr, new_addr;
709 u32 n_left_from, *from, *to_next;
711 u32 pkts_processed = 0;
715 u32 tcp_packets = 0, udp_packets = 0, icmp_packets = 0, other_packets =
719 n_left_from = frame->n_vectors;
720 next_index = node->cached_next_index;
722 while (n_left_from > 0)
728 while (n_left_from >= 4 && n_left_to_next >= 2)
734 u32 sw_if_index0, sw_if_index1;
737 u32 new_addr0, old_addr0;
738 u16 new_port0, old_port0;
739 u32 new_addr1, old_addr1;
740 u16 new_port1, old_port1;
743 icmp46_header_t *icmp0, *icmp1;
745 u32 rx_fib_index0, rx_fib_index1;
747 snat_session_t *s0 = 0, *s1 = 0;
749 u8 identity_nat0, identity_nat1;
766 to_next[0] = bi0 = from[0];
767 to_next[1] = bi1 = from[1];
782 icmp0 = (icmp46_header_t *) udp0;
792 ICMP4_time_exceeded_ttl_exceeded_in_transit,
807 node->errors[SNAT_OUT2IN_ERROR_UNSUPPORTED_PROTOCOL];
825 (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
826 next0, now, thread_index, &s0);
838 if (clib_bihash_search_8_8
844 (sm, key0, &sm0, 1, 0, 0, 0, 0, &identity_nat0))
853 (UDP_DST_PORT_dhcp_to_client))))
862 node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
898 old_port0 = tcp0->dst_port;
899 tcp0->dst_port = s0->in2out.port;
900 new_port0 = tcp0->dst_port;
902 sum0 = tcp0->checksum;
930 && (b0->
flags & VLIB_BUFFER_IS_TRACED)))
948 icmp1 = (icmp46_header_t *) udp1;
958 ICMP4_time_exceeded_ttl_exceeded_in_transit,
973 node->errors[SNAT_OUT2IN_ERROR_UNSUPPORTED_PROTOCOL];
991 (sm, b1, ip1, icmp1, sw_if_index1, rx_fib_index1, node,
992 next1, now, thread_index, &s1);
1004 if (clib_bihash_search_8_8
1010 (sm, key1, &sm1, 1, 0, 0, 0, 0, &identity_nat1))
1018 clib_host_to_net_u16
1019 (UDP_DST_PORT_dhcp_to_client))))
1028 node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
1064 old_port1 = tcp1->dst_port;
1065 tcp1->dst_port = s1->in2out.port;
1066 new_port1 = tcp1->dst_port;
1068 sum1 = tcp1->checksum;
1096 && (b1->
flags & VLIB_BUFFER_IS_TRACED)))
1112 to_next, n_left_to_next,
1113 bi0, bi1, next0, next1);
1116 while (n_left_from > 0 && n_left_to_next > 0)
1124 u32 new_addr0, old_addr0;
1125 u16 new_port0, old_port0;
1128 icmp46_header_t *icmp0;
1132 snat_session_t *s0 = 0;
1142 n_left_to_next -= 1;
1151 icmp0 = (icmp46_header_t *) udp0;
1166 node->errors[SNAT_OUT2IN_ERROR_UNSUPPORTED_PROTOCOL];
1178 ICMP4_time_exceeded_ttl_exceeded_in_transit,
1194 (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
1195 next0, now, thread_index, &s0);
1207 if (clib_bihash_search_8_8
1213 (sm, key0, &sm0, 1, 0, 0, 0, 0, &identity_nat0))
1221 clib_host_to_net_u16
1222 (UDP_DST_PORT_dhcp_to_client))))
1231 node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
1267 old_port0 = tcp0->dst_port;
1268 tcp0->dst_port = s0->in2out.port;
1269 new_port0 = tcp0->dst_port;
1271 sum0 = tcp0->checksum;
1299 && (b0->
flags & VLIB_BUFFER_IS_TRACED)))
1315 to_next, n_left_to_next,
1323 SNAT_OUT2IN_ERROR_OUT2IN_PACKETS,
1326 SNAT_OUT2IN_ERROR_TCP_PACKETS, tcp_packets);
1328 SNAT_OUT2IN_ERROR_UDP_PACKETS, udp_packets);
1330 SNAT_OUT2IN_ERROR_ICMP_PACKETS, icmp_packets);
1332 SNAT_OUT2IN_ERROR_OTHER_PACKETS,
1335 SNAT_OUT2IN_ERROR_FRAGMENTS, fragments);
1337 return frame->n_vectors;
1342 .name =
"nat44-out2in",
1343 .vector_size =
sizeof (
u32),
1368 u32 n_left_from, *from, *to_next;
1370 u32 pkts_processed = 0, cached_fragments = 0;
1376 u32 *fragments_to_drop = 0;
1377 u32 *fragments_to_loopback = 0;
1380 n_left_from = frame->n_vectors;
1381 next_index = node->cached_next_index;
1383 while (n_left_from > 0)
1389 while (n_left_from > 0 && n_left_to_next > 0)
1391 u32 bi0, sw_if_index0, proto0, rx_fib_index0, new_addr0, old_addr0;
1396 nat_reass_ip4_t *reass0;
1399 icmp46_header_t *icmp0;
1402 snat_session_t *s0 = 0;
1403 u16 old_port0, new_port0;
1413 n_left_to_next -= 1;
1426 b0->
error = node->errors[SNAT_OUT2IN_ERROR_DROP_FRAGMENT];
1433 icmp0 = (icmp46_header_t *) udp0;
1440 1, &fragments_to_drop);
1445 b0->
error = node->errors[SNAT_OUT2IN_ERROR_MAX_REASS];
1455 (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
1456 next0, now, thread_index, &s0);
1461 reass0->sess_index = s0 - per_thread_data->
sessions;
1464 reass0->thread_index = thread_index;
1466 &fragments_to_loopback);
1478 if (clib_bihash_search_8_8
1479 (&per_thread_data->
out2in, &kv0, &value0))
1484 (sm, key0, &sm0, 1, 0, 0, 0, 0, &identity_nat0))
1493 clib_host_to_net_u16
1494 (UDP_DST_PORT_dhcp_to_client))))
1503 node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
1510 &fragments_to_loopback);
1526 node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
1530 reass0->sess_index = s0 - per_thread_data->
sessions;
1531 reass0->thread_index = thread_index;
1537 reass0->sess_index = value0.
value;
1548 (thread_index, reass0, bi0, &fragments_to_drop))
1550 b0->
error = node->errors[SNAT_OUT2IN_ERROR_MAX_FRAG];
1552 (
"maximum fragments per reassembly exceeded");
1560 reass0->sess_index);
1578 old_port0 = tcp0->dst_port;
1579 tcp0->dst_port = s0->in2out.port;
1580 new_port0 = tcp0->dst_port;
1582 sum0 = tcp0->checksum;
1609 && (b0->
flags & VLIB_BUFFER_IS_TRACED)))
1630 to_next, n_left_to_next,
1634 if (n_left_from == 0 &&
vec_len (fragments_to_loopback))
1641 sizeof (
u32) * len);
1660 SNAT_OUT2IN_ERROR_PROCESSED_FRAGMENTS,
1663 SNAT_OUT2IN_ERROR_CACHED_FRAGMENTS,
1667 &node->errors[SNAT_OUT2IN_ERROR_DROP_FRAGMENT],
1672 return frame->n_vectors;
1677 .name =
"nat44-out2in-reass",
1678 .vector_size =
sizeof (
u32),
1701 u32 n_left_from, *from, *to_next;
1703 u32 pkts_processed = 0;
1707 n_left_from = frame->n_vectors;
1708 next_index = node->cached_next_index;
1710 while (n_left_from > 0)
1716 while (n_left_from > 0 && n_left_to_next > 0)
1724 u32 new_addr0, old_addr0;
1725 u16 new_port0, old_port0;
1728 icmp46_header_t *icmp0;
1739 n_left_to_next -= 1;
1746 icmp0 = (icmp46_header_t *) udp0;
1758 ICMP4_time_exceeded_ttl_exceeded_in_transit,
1771 next0 =
icmp_out2in (sm, b0, ip0, icmp0, sw_if_index0,
1772 rx_fib_index0, node, next0, ~0, 0, 0);
1782 b0->
error = node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
1787 new_port0 = sm0.
port;
1802 old_port0 = tcp0->dst_port;
1803 tcp0->dst_port = new_port0;
1805 sum0 = tcp0->checksum;
1826 sum0 = tcp0->checksum;
1838 && (b0->
flags & VLIB_BUFFER_IS_TRACED)))
1850 to_next, n_left_to_next,
1858 SNAT_OUT2IN_ERROR_OUT2IN_PACKETS,
1860 return frame->n_vectors;
1865 .name =
"nat44-out2in-fast",
1866 .vector_size =
sizeof (
u32),
vlib_node_registration_t snat_out2in_fast_node
(constructor) VLIB_REGISTER_NODE (snat_out2in_fast_node)
u32 flags
buffer flags: VLIB_BUFFER_FREE_LIST_INDEX_MASK: bits used to store free list index, VLIB_BUFFER_IS_TRACED: trace this buffer.
static ip_csum_t ip_incremental_checksum_buffer(vlib_main_t *vm, vlib_buffer_t *first_buffer, u32 first_buffer_offset, u32 n_bytes_to_checksum, ip_csum_t sum)
#define snat_is_session_static(s)
Check if SNAT session is created from static mapping.
int nat_ip4_reass_add_fragment(u32 thread_index, nat_reass_ip4_t *reass, u32 bi, u32 **bi_to_drop)
Cache fragment.
u32 icmp_match_out2in_slow(snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e)
Get address and port values to be used for ICMP packet translation and create session if needed...
static u8 * format_snat_out2in_fast_trace(u8 *s, va_list *args)
static u32 nat44_session_get_timeout(snat_main_t *sm, snat_session_t *s)
static u32 icmp_out2in_slow_path(snat_main_t *sm, vlib_buffer_t *b0, ip4_header_t *ip0, icmp46_header_t *icmp0, u32 sw_if_index0, u32 rx_fib_index0, vlib_node_runtime_t *node, u32 next0, f64 now, u32 thread_index, snat_session_t **p_s0)
static_always_inline u8 icmp_is_error_message(icmp46_header_t *icmp)
#define clib_memcpy_fast(a, b, c)
static f64 vlib_time_now(vlib_main_t *vm)
u32 fib_table_get_index_for_sw_if_index(fib_protocol_t proto, u32 sw_if_index)
Get the index of the FIB bound to the interface.
#define nat_log_warn(...)
void nat_ha_sadd(ip4_address_t *in_addr, u16 in_port, ip4_address_t *out_addr, u16 out_port, ip4_address_t *eh_addr, u16 eh_port, ip4_address_t *ehn_addr, u16 ehn_port, u8 proto, u32 fib_index, u16 flags, u32 thread_index, u8 is_resync)
Create session add HA event.
u32 * fib_index_by_sw_if_index
Table index indexed by software interface.
#define VLIB_NODE_FN(node)
vlib_error_t * errors
Vector of errors for this node.
int nat44_o2i_is_idle_session_cb(clib_bihash_kv_8_8_t *kv, void *arg)
static uword vlib_buffer_length_in_chain(vlib_main_t *vm, vlib_buffer_t *b)
Get length in bytes of the buffer chain.
struct _tcp_header tcp_header_t
#define vec_reset_length(v)
Reset vector length to zero NULL-pointer tolerant.
static int ip4_is_fragment(const ip4_header_t *i)
snat_session_t * nat_session_alloc_or_recycle(snat_main_t *sm, snat_user_t *u, u32 thread_index, f64 now)
Allocate new NAT session or recycle last used.
u32 ip4_fib_table_get_index_for_sw_if_index(u32 sw_if_index)
#define static_always_inline
static uword ip4_header_checksum_is_valid(ip4_header_t *i)
#define vlib_prefetch_buffer_header(b, type)
Prefetch buffer metadata.
#define vec_elt_at_index(v, i)
Get vector value at index i checking that i is in bounds.
#define NAT_REASS_FLAG_ED_DONT_TRANSLATE
static void * ip4_next_header(ip4_header_t *i)
#define foreach_snat_out2in_error
static u8 maximum_sessions_exceeded(snat_main_t *sm, u32 thread_index)
int snat_static_mapping_match(snat_main_t *sm, snat_session_key_t match, snat_session_key_t *mapping, u8 by_external, u8 *is_addr_only, twice_nat_type_t *twice_nat, lb_nat_type_t *lb, ip4_address_t *ext_host_addr, u8 *is_identity_nat)
Match NAT44 static mapping.
void snat_free_outside_address_and_port(snat_address_t *addresses, u32 thread_index, snat_session_key_t *k)
Free outside address and port pair.
static void nat44_delete_session(snat_main_t *sm, snat_session_t *ses, u32 thread_index)
vlib_error_t error
Error code for buffers to be enqueued to error handler.
snat_user_t * nat_user_get_or_create(snat_main_t *sm, ip4_address_t *addr, u32 fib_index, u32 thread_index)
Find or create NAT user.
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
snat_static_mapping_t * static_mappings
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
void nat_syslog_nat44_apmadd(u32 ssubix, u32 sfibix, ip4_address_t *isaddr, u16 isport, ip4_address_t *xsaddr, u16 xsport, snat_protocol_t proto)
clib_bihash_8_8_t static_mapping_by_external
vl_api_address_union_t src_address
#define vlib_validate_buffer_enqueue_x2(vm, node, next_index, to_next, n_left_to_next, bi0, bi1, next0, next1)
Finish enqueueing two buffers forward in the graph.
vlib_node_registration_t snat_out2in_node
(constructor) VLIB_REGISTER_NODE (snat_out2in_node)
#define vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, bi0, next0)
Finish enqueueing one buffer forward in the graph.
#define vlib_get_next_frame(vm, node, next_index, vectors, n_vectors_left)
Get pointer to next frame vector data by (vlib_node_runtime_t, next_index).
#define nat_log_notice(...)
static void vlib_node_increment_counter(vlib_main_t *vm, u32 node_index, u32 counter_index, u64 increment)
The fine-grained event logger allows lightweight, thread-safe event logging at minimum cost...
void snat_ipfix_logging_nat44_ses_delete(u32 thread_index, u32 src_ip, u32 nat_src_ip, snat_protocol_t snat_proto, u16 src_port, u16 nat_src_port, u32 vrf_id)
Generate NAT44 session delete event.
static void nat44_delete_user_with_no_session(snat_main_t *sm, snat_user_t *u, u32 thread_index)
#define VLIB_REGISTER_NODE(x,...)
u8 nat_reass_is_drop_frag(u8 is_ip6)
Get status of virtual fragmentation reassembly.
#define CLIB_PREFETCH(addr, size, type)
#define vec_free(V)
Free vector's memory (no header).
static_always_inline void vnet_feature_next(u32 *next0, vlib_buffer_t *b0)
void icmp4_error_set_vnet_buffer(vlib_buffer_t *b, u8 type, u8 code, u32 data)
static void nat44_session_update_counters(snat_session_t *s, f64 now, uword bytes, u32 thread_index)
8 octet key, 8 octet key value pair
void vlib_put_next_frame(vlib_main_t *vm, vlib_node_runtime_t *r, u32 next_index, u32 n_vectors_left)
Release pointer to next frame vector data.
snat_icmp_match_function_t * icmp_match_out2in_cb
static void nat44_session_update_lru(snat_main_t *sm, snat_session_t *s, u32 thread_index)
Per-user LRU list maintenance.
vlib_node_registration_t nat44_out2in_reass_node
(constructor) VLIB_REGISTER_NODE (nat44_out2in_reass_node)
void nat_syslog_nat44_apmdel(u32 ssubix, u32 sfibix, ip4_address_t *isaddr, u16 isport, ip4_address_t *xsaddr, u16 xsport, snat_protocol_t proto)
void nat_ha_sdel(ip4_address_t *out_addr, u16 out_port, ip4_address_t *eh_addr, u16 eh_port, u8 proto, u32 fib_index, u32 thread_index)
Create session delete HA event.
static void * vlib_add_trace(vlib_main_t *vm, vlib_node_runtime_t *r, vlib_buffer_t *b, u32 n_data_bytes)
#define vec_elt(v, i)
Get vector value at index i.
u32 out2in_reass_node_index
format_function_t format_nat44_reass_trace
static int ip4_is_first_fragment(const ip4_header_t *i)
static u32 ip_proto_to_snat_proto(u8 ip_proto)
The NAT inline functions.
static void user_session_increment(snat_main_t *sm, snat_user_t *u, u8 is_static)
static snat_session_t * create_session_for_static_mapping(snat_main_t *sm, vlib_buffer_t *b0, snat_session_key_t in2out, snat_session_key_t out2in, vlib_node_runtime_t *node, u32 thread_index, f64 now)
Create session for static mapping.
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
static char * snat_out2in_error_strings[]
static int nat_out2in_sm_unknown_proto(snat_main_t *sm, vlib_buffer_t *b, ip4_header_t *ip, u32 rx_fib_index)
VLIB buffer representation.
snat_main_per_thread_data_t * per_thread_data
static void * vlib_frame_vector_args(vlib_frame_t *f)
Get pointer to frame vector data.
#define ip_csum_update(sum, old, new, type, field)
static u8 is_interface_addr(snat_main_t *sm, vlib_node_runtime_t *node, u32 sw_if_index0, u32 ip4_addr)
static_always_inline snat_out2in_error_t icmp_get_key(ip4_header_t *ip0, snat_session_key_t *p_key0)
static u8 * format_snat_out2in_trace(u8 *s, va_list *args)
nat_reass_ip4_t * nat_ip4_reass_find_or_create(ip4_address_t src, ip4_address_t dst, u16 frag_id, u8 proto, u8 reset_timeout, u32 **bi_to_drop)
Find or create reassembly.
snat_address_t * addresses
u32 out2in_fast_node_index
#define SNAT_SESSION_FLAG_STATIC_MAPPING
static void nat_send_all_to_node(vlib_main_t *vm, u32 *bi_vector, vlib_node_runtime_t *node, vlib_error_t *error, u32 next)
static int ip4_header_bytes(const ip4_header_t *i)
void nat_ip4_reass_get_frags(nat_reass_ip4_t *reass, u32 **bi)
Get cached fragments.
NAT plugin virtual fragmentation reassembly.
#define VLIB_NODE_FLAG_TRACE
#define CLIB_CACHE_LINE_BYTES
u32 icmp_out2in(snat_main_t *sm, vlib_buffer_t *b0, ip4_header_t *ip0, icmp46_header_t *icmp0, u32 sw_if_index0, u32 rx_fib_index0, vlib_node_runtime_t *node, u32 next0, u32 thread_index, void *d, void *e)
int nat44_i2o_is_idle_session_cb(clib_bihash_kv_8_8_t *kv, void *arg)
snat_session_t * sessions
static vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
static u16 ip_csum_fold(ip_csum_t c)
u32 icmp_match_out2in_fast(snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e)
Get address and port values to be used for ICMP packet translation.
static openssl_per_thread_data_t * per_thread_data
void snat_ipfix_logging_nat44_ses_create(u32 thread_index, u32 src_ip, u32 nat_src_ip, snat_protocol_t snat_proto, u16 src_port, u16 nat_src_port, u32 vrf_id)
Generate NAT44 session create event.