95 u32 n_left_from, *from, *to_next;
109 while (n_left_from > 0)
115 while (n_left_from >= 4 && n_left_to_next >= 2)
123 u32 pi0, next0, pass0, lb_index0;
124 u32 pi1, next1, pass1, lb_index1;
140 pi0 = to_next[0] = from[0];
141 pi1 = to_next[1] = from[1];
202 error_node->
errors[IP4_ERROR_UNICAST_SOURCE_CHECK_FAILS];
204 error_node->
errors[IP4_ERROR_UNICAST_SOURCE_CHECK_FAILS];
207 to_next, n_left_to_next,
208 pi0, pi1, next0, next1);
211 while (n_left_from > 0 && n_left_to_next > 0)
218 u32 pi0, next0, pass0, lb_index0;
264 error_node->
errors[IP4_ERROR_UNICAST_SOURCE_CHECK_FAILS];
267 to_next, n_left_to_next,
295 .name =
"ip4-source-check-via-any",
296 .vector_size =
sizeof (
u32),
310 .name =
"ip4-source-check-via-rx",
311 .vector_size =
sizeof (
u32),
333 char *feature_name =
"ip4-source-check-via-rx";
346 else if (
unformat (line_input,
"del"))
348 else if (
unformat (line_input,
"loose"))
349 feature_name =
"ip4-source-check-via-any";
357 if (~0 == sw_if_index)
366 is_del == 0, &config,
sizeof (config));
432 .path =
"set interface ip source-check",
434 .short_help =
"set interface ip source-check <interface> [strict|loose] [del]",
458 if (
unformat (line_input,
"table %d", &table_id))
460 else if (
unformat (line_input,
"del"))
462 else if (
unformat (line_input,
"add"))
464 else if (
unformat (line_input,
"%U/%d",
521 .path =
"ip urpf-accept",
523 .short_help =
"ip urpf-accept [table <table-id>] [add|del]",
528 #ifndef CLIB_MARCH_VARIANT fib_protocol_t fp_proto
protocol type
static int fib_urpf_check_size(index_t ui)
Data-Plane function to check the size of an uRPF list, (i.e.
vnet_main_t * vnet_get_main(void)
static ip4_fib_mtrie_leaf_t ip4_fib_mtrie_lookup_step(const ip4_fib_mtrie_t *m, ip4_fib_mtrie_leaf_t current_leaf, const ip4_address_t *dst_address, u32 dst_address_byte_index)
Lookup step.
u32 index_t
A Data-Path Object is an object that represents actions that are applied to packets are they are swit...
static int fib_urpf_check(index_t ui, u32 sw_if_index)
Data-Plane function to check an input interface against an uRPF list.
u32 * fib_index_by_sw_if_index
Table index indexed by software interface.
unformat_function_t unformat_vnet_sw_interface
#define VLIB_NODE_FN(node)
static uword ip4_address_is_multicast(const ip4_address_t *a)
vlib_error_t * errors
Vector of errors for this node.
static clib_error_t * set_ip_source_check(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
vl_api_interface_index_t sw_if_index
#define VLIB_INIT_FUNCTION(x)
void fib_table_entry_special_remove(u32 fib_index, const fib_prefix_t *prefix, fib_source_t source)
Remove a 'special' entry from the FIB.
#define vlib_prefetch_buffer_header(b, type)
Prefetch buffer metadata.
Aggregate type for a prefix.
#define clib_error_return(e, args...)
u32 fib_table_find(fib_protocol_t proto, u32 table_id)
Get the index of the FIB for a Table-ID.
u16 fp_len
The mask length.
static u32 ip4_fib_mtrie_leaf_get_adj_index(ip4_fib_mtrie_leaf_t n)
From the stored slot value extract the LB index value.
vlib_error_t error
Error code for buffers to be enqueued to error handler.
static_always_inline void * vnet_feature_next_with_data(u32 *next0, vlib_buffer_t *b0, u32 n_data_bytes)
vlib_node_registration_t ip4_input_node
Global ip4 input node.
ip46_address_t fp_addr
The address type is not deriveable from the fp_addr member.
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
vlib_node_registration_t ip4_check_source_reachable_via_rx
(constructor) VLIB_REGISTER_NODE (ip4_check_source_reachable_via_rx)
#define vlib_validate_buffer_enqueue_x2(vm, node, next_index, to_next, n_left_to_next, bi0, bi1, next0, next1)
Finish enqueueing two buffers forward in the graph.
#define vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, bi0, next0)
Finish enqueueing one buffer forward in the graph.
#define vlib_get_next_frame(vm, node, next_index, vectors, n_vectors_left)
Get pointer to next frame vector data by (vlib_node_runtime_t, next_index).
ip4_fib_mtrie_t mtrie
Mtrie for fast lookups.
fib_node_index_t fib_table_entry_special_add(u32 fib_index, const fib_prefix_t *prefix, fib_source_t source, fib_entry_flag_t flags)
Add a 'special' entry to the FIB.
#define VLIB_REGISTER_NODE(x,...)
#define CLIB_PREFETCH(addr, size, type)
clib_error_t * ip4_source_check_init(vlib_main_t *vm)
static ip4_fib_t * ip4_fib_get(u32 index)
Get the FIB at the given index.
static vlib_node_runtime_t * vlib_node_get_runtime(vlib_main_t *vm, u32 node_index)
Get node runtime by node index.
void vlib_put_next_frame(vlib_main_t *vm, vlib_node_runtime_t *r, u32 next_index, u32 n_vectors_left)
Release pointer to next frame vector data.
vlib_main_t vlib_node_runtime_t * node
#define VLIB_CLI_COMMAND(x,...)
u16 cached_next_index
Next frame index that vector arguments were last enqueued to last time this node ran.
index_t lb_urpf
This is the index of the uRPF list for this LB.
static ip4_fib_mtrie_leaf_t ip4_fib_mtrie_lookup_step_one(const ip4_fib_mtrie_t *m, const ip4_address_t *dst_address)
Lookup step number 1.
static load_balance_t * load_balance_get(index_t lbi)
static clib_error_t * ip_source_check_accept(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
static uword ip4_source_check_inline(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame, ip4_source_check_type_t source_check_type)
void vlib_trace_frame_buffers_only(vlib_main_t *vm, vlib_node_runtime_t *node, u32 *buffers, uword n_buffers, uword next_buffer_stride, uword n_buffer_data_bytes_in_trace)
VLIB buffer representation.
static void * vlib_frame_vector_args(vlib_frame_t *f)
Get pointer to frame vector data.
ip4_main_t ip4_main
Global ip4 main structure.
vlib_main_t vlib_node_runtime_t vlib_frame_t * frame
u16 flags
Copy of main node flags.
vlib_node_registration_t ip4_check_source_reachable_via_any
(constructor) VLIB_REGISTER_NODE (ip4_check_source_reachable_via_any)
#define VLIB_NODE_FLAG_TRACE
static u8 * format_ip4_source_check_trace(u8 *s, va_list *va)
static vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
int vnet_feature_enable_disable(const char *arc_name, const char *node_name, u32 sw_if_index, int enable_disable, void *feature_config, u32 n_feature_config_bytes)