22 #undef __included_bihash_template_h__ 57 }) v4_connection_key_t;
85 kv->
key[1] = (
u64) proto << 32 | (
u64) rmt_port << 16 | (
u64) lcl_port;
94 kv->
key[1] = (
u64) proto << 32 | (
u64) lcl_port;
102 kv->
key[1] = (
u64) proto << 32;
109 make_v4_ss_kv (kv, &tc->lcl_ip.ip4, &tc->rmt_ip.ip4, tc->lcl_port,
110 tc->rmt_port, tc->proto);
114 make_v6_ss_kv (session_kv6_t * kv, ip6_address_t * lcl, ip6_address_t * rmt,
117 kv->
key[0] = lcl->as_u64[0];
118 kv->
key[1] = lcl->as_u64[1];
119 kv->
key[2] = rmt->as_u64[0];
120 kv->
key[3] = rmt->as_u64[1];
121 kv->
key[4] = (
u64) proto << 32 | (
u64) rmt_port << 16 | (
u64) lcl_port;
130 kv->
key[0] = lcl->as_u64[0];
131 kv->
key[1] = lcl->as_u64[1];
134 kv->
key[4] = (
u64) proto << 32 | (
u64) lcl_port;
142 kv->
key[0] = lcl->as_u64[0];
143 kv->
key[1] = lcl->as_u64[1];
146 kv->
key[4] = (
u64) proto << 32;
154 make_v6_ss_kv (kv, &tc->lcl_ip.ip6, &tc->rmt_ip.ip6, tc->lcl_port,
155 tc->rmt_port, tc->proto);
164 if (
vec_len (fib_index_to_table_index[fib_proto]) > fib_index &&
165 fib_index_to_table_index[fib_proto][fib_index] != ~0)
167 table_index = fib_index_to_table_index[fib_proto][fib_index];
176 fib_index_to_table_index[fib_proto][fib_index] = table_index;
177 st->active_fib_proto = fib_proto;
195 if (
vec_len (fib_index_to_table_index[fib_proto]) <= tc->fib_index)
204 if (
vec_len (fib_index_to_table_index[fib_proto]) <= fib_index)
212 if (
vec_len (fib_index_to_table_index[fib_proto]) <= fib_index)
214 return fib_index_to_table_index[fib_proto][fib_index];
242 return clib_bihash_add_del_16_8 (&st->v4_session_hash, &kv4,
249 return clib_bihash_add_del_48_8 (&st->v6_session_hash, &kv6,
268 sep->transport_proto);
270 return clib_bihash_add_del_16_8 (&st->v4_session_hash, &kv4, 1);
275 sep->transport_proto);
277 return clib_bihash_add_del_48_8 (&st->v6_session_hash, &kv6, 1);
295 sep->transport_proto);
296 return clib_bihash_add_del_16_8 (&st->v4_session_hash, &kv4, 0);
301 sep->transport_proto);
302 return clib_bihash_add_del_48_8 (&st->v6_session_hash, &kv6, 0);
321 sep->transport_proto);
322 return clib_bihash_add_del_16_8 (&st->v4_session_hash, &kv4, 0);
327 sep->transport_proto);
328 return clib_bihash_add_del_48_8 (&st->v6_session_hash, &kv6, 0);
353 return clib_bihash_add_del_16_8 (&st->v4_session_hash, &kv4,
359 return clib_bihash_add_del_48_8 (&st->v6_session_hash, &kv6,
387 switch (action_index)
410 fib_proto, transport_proto);
431 u32 action_index, app_index;
443 ip6_address_t * lcl,
u16 lcl_port,
444 ip6_address_t * rmt,
u16 rmt_port)
447 u32 action_index, app_index;
483 sep->transport_proto);
484 rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4);
490 srt = &st->session_rules[sep->transport_proto];
503 sep->transport_proto);
504 rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6);
511 srt = &st->session_rules[sep->transport_proto];
559 srt = &st->session_rules[sep->transport_proto];
569 sep->transport_proto);
570 rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4);
581 rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4);
594 rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4);
604 srt = &st->session_rules[sep->transport_proto];
611 sep->transport_proto);
612 rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6);
622 kv6.
key[0] = kv6.
key[1] = 0;
623 rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6);
629 kv6.
key[0] = kv6.
key[1] = 0;
635 kv6.
key[4] = kv6.
key[5] = 0;
636 rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6);
654 rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4);
664 rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4);
677 rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4);
703 rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6);
710 kv6.
key[0] = kv6.
key[1] = 0;
711 rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6);
717 kv6.
key[0] = kv6.
key[1] = 0;
721 rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6);
750 sep->transport_proto, 0);
753 sep->transport_proto, 0);
769 sep->transport_proto,
773 sep->transport_proto,
792 return clib_bihash_add_del_16_8 (&st->v4_half_open_hash, &kv4,
799 return clib_bihash_add_del_48_8 (&st->v6_half_open_hash, &kv6,
817 return clib_bihash_add_del_16_8 (&st->v4_half_open_hash, &kv4,
823 return clib_bihash_add_del_48_8 (&st->v6_half_open_hash, &kv6,
842 make_v4_ss_kv (&kv4, &tc->lcl_ip.ip4, &tc->rmt_ip.ip4, tc->lcl_port,
843 tc->rmt_port, tc->proto);
844 rv = clib_bihash_search_inline_16_8 (&st->v4_half_open_hash, &kv4);
850 make_v6_ss_kv (&kv6, &tc->lcl_ip.ip6, &tc->rmt_ip.ip6, tc->lcl_port,
851 tc->rmt_port, tc->proto);
852 rv = clib_bihash_search_inline_48_8 (&st->v6_half_open_hash, &kv6);
916 rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4);
932 rv = clib_bihash_search_inline_16_8 (&st->v4_half_open_hash, &kv4);
940 rmt, lcl_port, rmt_port);
998 rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4);
1009 rv = clib_bihash_search_inline_16_8 (&st->v4_half_open_hash, &kv4);
1017 rmt, lcl_port, rmt_port);
1069 rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4);
1077 rmt, lcl_port, rmt_port);
1122 ip6_address_t * rmt,
u16 lcl_port,
1137 rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6);
1152 rv = clib_bihash_search_inline_48_8 (&st->v6_half_open_hash, &kv6);
1158 rmt, lcl_port, rmt_port);
1198 ip6_address_t * rmt,
u16 lcl_port,
u16 rmt_port,
1212 rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6);
1221 rv = clib_bihash_search_inline_48_8 (&st->v6_half_open_hash, &kv6);
1227 rmt, lcl_port, rmt_port);
1274 rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6);
1280 rmt, lcl_port, rmt_port);
1297 ip46_address_t * rmt,
u16 lcl_port,
u16 rmt_port,
1302 lcl_port, rmt_port, proto);
1305 lcl_port, rmt_port, proto);
1319 return VNET_API_ERROR_APP_INVALID_NS;
1321 if (args->scope > 3)
1322 return VNET_API_ERROR_INVALID_VALUE;
1324 if (args->transport_proto != TRANSPORT_PROTO_TCP
1325 && args->transport_proto != TRANSPORT_PROTO_UDP)
1326 return VNET_API_ERROR_INVALID_VALUE;
1330 fib_proto = args->table_args.rmt.fp_proto;
1333 srt = &st->session_rules[args->transport_proto];
1339 clib_memset (&args->table_args.lcl, 0, sizeof (args->table_args.lcl));
1340 args->table_args.lcl.fp_proto = args->table_args.rmt.fp_proto;
1341 args->table_args.lcl_port = 0;
1343 srt = &st->session_rules[args->transport_proto];
1359 for (fp = 0; fp <
ARRAY_LEN (fib_index_to_table_index); fp++)
1373 v4_connection_key_t *
key = (v4_connection_key_t *) kvp->
key;
1387 &key->dst, clib_net_to_host_u16 (key->dst_port));
1388 s =
format (s,
"%-40v%-30v", str, app_name);
1397 clib_net_to_host_u16 (key->src_port));
1398 s =
format (s,
"%-30v%-30v", str, app_name);
1403 typedef struct _ip4_session_table_show_ctx_t
1446 u32 proto = ~0, lcl_port, rmt_port,
action = 0, lcl_plen = 0, rmt_plen = 0;
1448 ip46_address_t lcl_ip, rmt_ip;
1449 u8 is_ip4 = 1, conn_set = 0;
1450 u8 fib_proto, is_add = 1, *ns_id = 0;
1465 else if (
unformat (input,
"appns %_%v%_", &ns_id))
1467 else if (
unformat (input,
"scope global"))
1469 else if (
unformat (input,
"scope local"))
1471 else if (
unformat (input,
"scope all"))
1476 &lcl_ip.ip4, &lcl_plen, &lcl_port,
1484 &lcl_ip.ip6, &lcl_plen, &lcl_port,
1491 else if (
unformat (input,
"action %d", &action))
1493 else if (
unformat (input,
"tag %_%v%_", &tag))
1505 if (is_add && !conn_set && action == ~0)
1510 if (!is_add && !tag && !conn_set)
1538 .transport_proto =
proto,
1539 .table_args.lcl.fp_addr = lcl_ip,
1540 .table_args.lcl.fp_len = lcl_plen,
1541 .table_args.lcl.fp_proto = fib_proto,
1542 .table_args.rmt.fp_addr = rmt_ip,
1543 .table_args.rmt.fp_len = rmt_plen,
1544 .table_args.rmt.fp_proto = fib_proto,
1545 .table_args.lcl_port = lcl_port,
1546 .table_args.rmt_port = rmt_port,
1547 .table_args.action_index =
action,
1548 .table_args.is_add = is_add,
1549 .table_args.tag = tag,
1550 .appns_index = appns_index,
1563 .path =
"session rule",
1564 .short_help =
"session rule [add|del] appns <ns_id> proto <proto> " 1565 "<lcl-ip/plen> <lcl-port> <rmt-ip/plen> <rmt-port> action <action>",
1600 ip46_address_t lcl_ip, rmt_ip;
1601 u8 is_ip4 = 1, show_one = 0;
1605 u8 *ns_id = 0, fib_proto;
1615 else if (
unformat (input,
"appns %_%v%_", &ns_id))
1617 else if (
unformat (input,
"scope global"))
1619 else if (
unformat (input,
"scope local"))
1622 &lcl_ip.ip4, &lcl_plen, &lcl_port,
1630 &lcl_ip.ip6, &lcl_plen, &lcl_port,
1642 if (transport_proto == ~0)
1662 if (scope == 1 || scope == 0)
1665 fib_index = is_ip4 ? app_ns->ip4_fib_index : app_ns->ip6_fib_index;
1694 .path =
"show session rules",
1695 .short_help =
"show session rules [<proto> appns <id> <lcl-ip/plen> " 1696 "<lcl-port> <rmt-ip/plen> <rmt-port> scope <scope>]",
#define vec_validate(V, I)
Make sure vector is long enough for given index (no header, unspecified alignment) ...
#define SESSION_DROP_HANDLE
u32 connection_index
Index of the transport connection associated to the session.
static session_t * session_lookup_action_to_session(u32 action_index, u8 fib_proto, u8 transport_proto)
session_t * session_lookup_listener(u32 table_index, session_endpoint_t *sep)
Lookup listener, exact or proxy (inaddr_any:0) match.
int session_lookup_del_connection(transport_connection_t *tc)
Delete transport connection from session table.
static session_table_t * session_table_get_or_alloc_for_connection(transport_connection_t *tc)
session_table_t * session_table_alloc(void)
void session_lookup_show_table_entries(vlib_main_t *vm, session_table_t *table, u8 type, u8 is_local)
#define SESSION_RULES_TABLE_ACTION_DROP
u8 * format_transport_proto_short(u8 *s, va_list *args)
clib_bihash_kv_48_8_t session_kv6_t
void session_rules_table_cli_dump(vlib_main_t *vm, session_rules_table_t *srt, u8 fib_proto)
#define SESSION_TABLE_INVALID_INDEX
static u8 transport_connection_fib_proto(transport_connection_t *tc)
u64 session_lookup_endpoint_listener(u32 table_index, session_endpoint_t *sep, u8 use_rules)
Lookup listener for session endpoint in table.
static clib_error_t * session_rule_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
static session_table_t * session_table_get_for_fib_index(u32 fib_proto, u32 fib_index)
struct _session_rules_table_t session_rules_table_t
transport_connection_t * session_lookup_connection_wt6(u32 fib_index, ip6_address_t *lcl, ip6_address_t *rmt, u16 lcl_port, u16 rmt_port, u8 proto, u32 thread_index, u8 *result)
Lookup connection with ip6 and transport layer information.
static u8 session_lookup_action_index_is_valid(u32 action_index)
#define session_cli_return_if_not_enabled()
u32 app_namespace_index(app_namespace_t *app_ns)
session_t * session_lookup_rules_table_session6(session_table_t *st, u8 proto, ip6_address_t *lcl, u16 lcl_port, ip6_address_t *rmt, u16 rmt_port)
UNUSED.
vl_api_ip_port_and_mask_t dst_port
static session_t * session_lookup_app_listen_session(u32 app_index, u8 fib_proto, u8 transport_proto)
session_t * session_lookup_safe4(u32 fib_index, ip4_address_t *lcl, ip4_address_t *rmt, u16 lcl_port, u16 rmt_port, u8 proto)
Lookup session with ip4 and transport layer information.
clib_memset(h->entries, 0, sizeof(h->entries[0]) *entries)
void session_lookup_set_tables_appns(app_namespace_t *app_ns)
Mark (global) tables as pertaining to app ns.
static clib_error_t * show_session_rules_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
u32 session_lookup_get_index_for_fib(u32 fib_proto, u32 fib_index)
int session_lookup_del_session_endpoint2(session_endpoint_t *sep)
static transport_proto_t session_get_transport_proto(session_t *s)
session_t * session_lookup_listener_wildcard(u32 table_index, session_endpoint_t *sep)
Lookup listener wildcard match.
static session_t * session_get(u32 si, u32 thread_index)
u32 session_rules_table_lookup4(session_rules_table_t *srt, ip4_address_t *lcl_ip, ip4_address_t *rmt_ip, u16 lcl_port, u16 rmt_port)
static void make_v6_listener_kv(session_kv6_t *kv, ip6_address_t *lcl, u16 lcl_port, u8 proto)
session_t * session_lookup_safe6(u32 fib_index, ip6_address_t *lcl, ip6_address_t *rmt, u16 lcl_port, u16 rmt_port, u8 proto)
Lookup session with ip6 and transport layer information.
static session_t * session_lookup_listener4_i(session_table_t *st, ip4_address_t *lcl, u16 lcl_port, u8 proto, u8 use_wildcard)
u64 session_lookup_half_open_handle(transport_connection_t *tc)
static void make_v6_ss_kv_from_tc(session_kv6_t *kv, transport_connection_t *tc)
application_t * application_get_if_valid(u32 app_index)
enum fib_protocol_t_ fib_protocol_t
Protocol Type.
transport_connection_t * session_lookup_connection6(u32 fib_index, ip6_address_t *lcl, ip6_address_t *rmt, u16 lcl_port, u16 rmt_port, u8 proto)
Lookup connection with ip6 and transport layer information.
transport_connection_t * session_lookup_connection_wt4(u32 fib_index, ip4_address_t *lcl, ip4_address_t *rmt, u16 lcl_port, u16 rmt_port, u8 proto, u32 thread_index, u8 *result)
Lookup connection with ip4 and transport layer information.
description fragment has unexpected format
static void make_v6_ss_kv(session_kv6_t *kv, ip6_address_t *lcl, ip6_address_t *rmt, u16 lcl_port, u16 rmt_port, u8 proto)
#define clib_error_return(e, args...)
static int ip4_session_table_show(clib_bihash_kv_16_8_t *kvp, void *arg)
static void make_v6_proxy_kv(session_kv6_t *kv, ip6_address_t *lcl, u8 proto)
#define HALF_OPEN_LOOKUP_INVALID_VALUE
#define SESSION_INVALID_HANDLE
int session_lookup_del_half_open(transport_connection_t *tc)
transport_connection_t * session_lookup_connection4(u32 fib_index, ip4_address_t *lcl, ip4_address_t *rmt, u16 lcl_port, u16 rmt_port, u8 proto)
Lookup connection with ip4 and transport layer information.
vl_api_fib_path_type_t type
void session_table_init(session_table_t *slt, u8 fib_proto)
Initialize session table hash tables.
u32 app_namespace_get_fib_index(app_namespace_t *app_ns, u8 fib_proto)
static session_type_t session_type_from_proto_and_ip(transport_proto_t proto, u8 is_ip4)
static session_t * session_get_from_handle(session_handle_t handle)
struct _session_rule_add_del_args session_rule_add_del_args_t
void session_lookup_dump_rules_table(u32 fib_index, u8 fib_proto, u8 transport_proto)
const u8 * application_name_from_index(u32 app_index)
Returns app name for app-index.
static app_namespace_t * app_namespace_get_default(void)
int vnet_session_rule_add_del(session_rule_add_del_args_t *args)
static session_t * session_get_from_handle_safe(u64 handle)
Get session from handle and 'lock' pool resize if not in same thread.
int session_lookup_del_session(session_t *s)
app_namespace_t * app_namespace_get(u32 index)
#define SESSION_INVALID_INDEX
typedef CLIB_PACKED(struct { union { struct { ip4_address_t src;ip4_address_t dst;u16 src_port;u16 dst_port;u32 proto;};u64 as_u64[2];};})
u32 session_rules_table_lookup6(session_rules_table_t *srt, ip6_address_t *lcl_ip, ip6_address_t *rmt_ip, u16 lcl_port, u16 rmt_port)
vl_api_ip_port_and_mask_t src_port
u64 session_lookup_local_endpoint(u32 table_index, session_endpoint_t *sep)
Look up endpoint in local session table.
static session_table_t * session_table_get_for_connection(transport_connection_t *tc)
static u32 * fib_index_to_table_index[2]
Generate typed init functions for multiple hash table styles...
static transport_connection_t * transport_get_connection(transport_proto_t tp, u32 conn_index, u8 thread_index)
session_t * app_worker_first_listener(app_worker_t *app, u8 fib_proto, u8 transport_proto)
#define SESSION_RULES_TABLE_INVALID_INDEX
session_table_t * app_namespace_get_local_table(app_namespace_t *app_ns)
#define vec_free(V)
Free vector's memory (no header).
int session_lookup_del_session_endpoint(u32 table_index, session_endpoint_t *sep)
#define clib_warning(format, args...)
u8 ip4_is_local_host(ip4_address_t *ip4_address)
Don't register connection in lookup.
struct _transport_connection transport_connection_t
u8 ip6_is_local_host(ip6_address_t *ip6_address)
int session_lookup_add_session_endpoint(u32 table_index, session_endpoint_t *sep, u64 value)
struct _app_namespace app_namespace_t
#define VLIB_CLI_COMMAND(x,...)
session_table_t * session_table_get(u32 table_index)
static void make_v4_proxy_kv(session_kv4_t *kv, ip4_address_t *lcl, u8 proto)
struct _ip4_session_table_show_ctx_t ip4_session_table_show_ctx_t
void vlib_cli_output(vlib_main_t *vm, char *fmt,...)
uword unformat_transport_proto(unformat_input_t *input, va_list *args)
static u64 session_lookup_action_to_handle(u32 action_index)
void ip4_session_table_walk(clib_bihash_16_8_t *hash, ip4_session_table_walk_fn_t fn, void *arg)
#define SESSION_RULES_TABLE_ACTION_ALLOW
static void make_v4_listener_kv(session_kv4_t *kv, ip4_address_t *lcl, u16 lcl_port, u8 proto)
static vlib_main_t * vlib_get_main(void)
u8 thread_index
Index of the thread that allocated the session.
void session_rules_table_show_rule(vlib_main_t *vm, session_rules_table_t *srt, ip46_address_t *lcl_ip, u16 lcl_port, ip46_address_t *rmt_ip, u16 rmt_port, u8 is_ip4)
u8 * format_ip4_session_lookup_kvp(u8 *s, va_list *args)
#define SESSION_RULE_TAG_MAX_LEN
static transport_connection_t * transport_get_half_open(transport_proto_t tp, u32 conn_index)
static session_table_t * session_table_get_or_alloc(u8 fib_proto, u32 fib_index)
app_worker_t * app_worker_get(u32 wrk_index)
vl_api_mac_event_action_t action
void session_lookup_init(void)
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
void session_lookup_dump_local_rules_table(u32 table_index, u8 fib_proto, u8 transport_proto)
app_worker_t * application_get_default_worker(application_t *app)
session_t * session_lookup_listener6(u32 fib_index, ip6_address_t *lcl, u16 lcl_port, u8 proto, u8 use_wildcard)
struct _session_lookup_table session_table_t
transport_connection_t * session_lookup_connection(u32 fib_index, ip46_address_t *lcl, ip46_address_t *rmt, u16 lcl_port, u16 rmt_port, u8 proto, u8 is_ip4)
int session_rules_table_add_del(session_rules_table_t *srt, session_rule_table_add_del_args_t *args)
Add/delete session rule.
int session_lookup_add_connection(transport_connection_t *tc, u64 value)
Add transport connection to a session table.
u32 session_table_index(session_table_t *slt)
static void make_v4_ss_kv(session_kv4_t *kv, ip4_address_t *lcl, ip4_address_t *rmt, u16 lcl_port, u16 rmt_port, u8 proto)
session_t * session_lookup_rules_table_session4(session_table_t *st, u8 proto, ip4_address_t *lcl, u16 lcl_port, ip4_address_t *rmt, u16 rmt_port)
UNUSED.
app_namespace_t * app_namespace_get_from_id(const u8 *ns_id)
struct _session_endpoint session_endpoint_t
#define vec_validate_init_empty(V, I, INIT)
Make sure vector is long enough for given index and initialize empty space (no header, unspecified alignment)
static transport_connection_t * transport_get_listener(transport_proto_t tp, u32 conn_index)
static session_t * session_lookup_listener6_i(session_table_t *st, ip6_address_t *lcl, u16 lcl_port, u8 proto, u8 ip_wildcard)
int session_lookup_add_half_open(transport_connection_t *tc, u64 value)
session_t * session_lookup_listener4(u32 fib_index, ip4_address_t *lcl, u16 lcl_port, u8 proto, u8 use_wildcard)
u8 * format_transport_proto(u8 *s, va_list *args)
static void make_v4_ss_kv_from_tc(session_kv4_t *kv, transport_connection_t *tc)
static session_t * listen_session_get(u32 ls_index)
transport_connection_t * session_lookup_half_open_connection(u64 handle, u8 proto, u8 is_ip4)
clib_bihash_kv_16_8_t session_kv4_t