db/d48/pnat__cli_8c_source.html

 /*
  * Copyright (c) 2021 Cisco and/or its affiliates.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at:
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 #include <stdbool.h>
 #include <vlib/vlib.h>
 #include <vnet/feature/feature.h>
 #include <vnet/ip/ip.h>
 #include <vnet/ip/ip4.h>
 #include <vnet/ip/ip4_packet.h>
 #include <vppinfra/clib_error.h>
 #include <vppinfra/pool.h>
 #include "pnat.h"

 /*
  * This file contains the handlers for the (unsupported) VPP debug CLI.
  */
 u8 *format_pnat_match_tuple(u8 *s, va_list *args) {
     pnat_match_tuple_t *t = va_arg(*args, pnat_match_tuple_t *);
     s = format(s, "{");
     if (t->mask & PNAT_SA)
         s = format(s, "%U", format_ip4_address, &t->src);
     else
         s = format(s, "*");
     if (t->mask & PNAT_SPORT)
         s = format(s, ":%u,", t->sport);
     else
         s = format(s, ":*,");
     if (t->proto > 0)
         s = format(s, "%U,", format_ip_protocol, t->proto);
     else
         s = format(s, "*,");
     if (t->mask & PNAT_DA)
         s = format(s, "%U", format_ip4_address, &t->dst);
     else
         s = format(s, "*");
     if (t->mask & PNAT_DPORT)
         s = format(s, ":%u", t->dport);
     else
         s = format(s, ":*");
     s = format(s, "}");
     return s;
 }
 u8 *format_pnat_rewrite_tuple(u8 *s, va_list *args) {
     pnat_rewrite_tuple_t *t = va_arg(*args, pnat_rewrite_tuple_t *);
     s = format(s, "{");
     if (t->mask & PNAT_SA)
         s = format(s, "%U", format_ip4_address, &t->src);
     else
         s = format(s, "*");
     if (t->mask & PNAT_SPORT)
         s = format(s, ":%u,", t->sport);
     else
         s = format(s, ":*,");
     if (t->mask & PNAT_DA)
         s = format(s, "%U", format_ip4_address, &t->dst);
     else
         s = format(s, "*");
     if (t->mask & PNAT_DPORT)
         s = format(s, ":%u", t->dport);
     else
         s = format(s, ":*");
     if (t->mask & PNAT_COPY_BYTE)
         s = format(s, " copy byte@[%d->%d]", t->from_offset, t->to_offset);
     if (t->mask & PNAT_CLEAR_BYTE)
         s = format(s, " clear byte@[%d]", t->clear_offset);
     s = format(s, "}");
     return s;
 }

 u8 *format_pnat_translation(u8 *s, va_list *args) {
     u32 index = va_arg(*args, u32);
     pnat_translation_t *t = va_arg(*args, pnat_translation_t *);
     s = format(s, "[%d] match: %U rewrite: %U", index, format_pnat_match_tuple,
                &t->match, format_pnat_rewrite_tuple, &t->rewrite);
     return s;
 }

 static u8 *format_pnat_mask(u8 *s, va_list *args) {
     pnat_mask_t t = va_arg(*args, pnat_mask_t);
     if (t & PNAT_SA)
         s = format(s, "SA ");
     if (t & PNAT_SPORT)
         s = format(s, "SP ");
     if (t & PNAT_DA)
         s = format(s, "DA ");
     if (t & PNAT_DPORT)
         s = format(s, "DP");
     return s;
 }

 static u8 *format_pnat_interface(u8 *s, va_list *args) {
     pnat_interface_t *interface = va_arg(*args, pnat_interface_t *);
     s = format(s, "sw_if_index: %d", interface->sw_if_index);
     if (interface->enabled[PNAT_IP4_INPUT]) {
         s = format(s, " input mask: %U", format_pnat_mask,
                    interface->lookup_mask[PNAT_IP4_INPUT]);
     }
     if (interface->enabled[PNAT_IP4_OUTPUT]) {
         s = format(s, " output mask: %U", format_pnat_mask,
                    interface->lookup_mask[PNAT_IP4_OUTPUT]);
     }
     return s;
 }

 uword unformat_pnat_match_tuple(unformat_input_t *input, va_list *args) {
     pnat_match_tuple_t *t = va_arg(*args, pnat_match_tuple_t *);
     u32 dport, sport;
     while (1) {
         if (unformat(input, "src %U", unformat_ip4_address, &t->src))
             t->mask |= PNAT_SA;
         else if (unformat(input, "dst %U", unformat_ip4_address, &t->dst))
             t->mask |= PNAT_DA;
         else if (unformat(input, "sport %d", &sport)) {
             if (sport == 0 || sport > 65535)
                 return 0;
             t->mask |= PNAT_SPORT;
             t->sport = sport;
         } else if (unformat(input, "dport %d", &dport)) {
             if (dport == 0 || dport > 65535)
                 return 0;
             t->mask |= PNAT_DPORT;
             t->dport = dport;
         } else if (unformat(input, "proto %U", unformat_ip_protocol, &t->proto))
             ;
         else
             break;
     }
     return 1;
 }

 uword unformat_pnat_rewrite_tuple(unformat_input_t *input, va_list *args) {
     pnat_rewrite_tuple_t *t = va_arg(*args, pnat_rewrite_tuple_t *);
     u32 dport, sport;
     u32 to_offset, from_offset, clear_offset;

     while (1) {
         if (unformat(input, "src %U", unformat_ip4_address, &t->src))
             t->mask |= PNAT_SA;
         else if (unformat(input, "dst %U", unformat_ip4_address, &t->dst))
             t->mask |= PNAT_DA;
         else if (unformat(input, "sport %d", &sport)) {
             if (sport == 0 || sport > 65535)
                 return 0;
             t->mask |= PNAT_SPORT;
             t->sport = sport;
         } else if (unformat(input, "dport %d", &dport)) {
             if (dport == 0 || dport > 65535)
                 return 0;
             t->mask |= PNAT_DPORT;
             t->dport = dport;
         } else if (unformat(input, "copy-byte-at-offset %d %d", &from_offset,
                             &to_offset)) {
             if (from_offset == to_offset || to_offset > 255 ||
                 from_offset > 255)
                 return 0;
             t->mask |= PNAT_COPY_BYTE;
             t->from_offset = from_offset;
             t->to_offset = to_offset;
         } else if (unformat(input, "clear-byte-at-offset %d", &clear_offset)) {
             if (clear_offset > 255)
                 return 0;
             t->mask |= PNAT_CLEAR_BYTE;
             t->clear_offset = clear_offset;
         } else
             break;
     }
     return 1;
 }

 static clib_error_t *set_pnat_translation_command_fn(vlib_main_t *vm,
                                                      unformat_input_t *input,
                                                      vlib_cli_command_t *cmd) {
     unformat_input_t _line_input, *line_input = &_line_input;
     clib_error_t *error = 0;
     bool in = false, out = false;
     bool match_set = false, rewrite_set = false;
     bool add = true;
     u32 sw_if_index = ~0;
     pnat_match_tuple_t match = {0};
     pnat_rewrite_tuple_t rewrite = {0};

     /* Get a line of input. */
     if (!unformat_user(input, unformat_line_input, line_input))
         return 0;

     while (unformat_check_input(line_input) != UNFORMAT_END_OF_INPUT) {
         if (unformat(line_input, "match %U", unformat_pnat_match_tuple, &match))
             match_set = true;
         else if (unformat(line_input, "rewrite %U", unformat_pnat_rewrite_tuple,
                           &rewrite))
             rewrite_set = true;
         else if (unformat(line_input, "interface %U",
                           unformat_vnet_sw_interface, vnet_get_main(),
                           &sw_if_index))
             ;
         else if (unformat(line_input, "in")) {
             in = true;
         } else if (unformat(line_input, "out")) {
             out = true;
         } else if (unformat(line_input, "del")) {
             add = false;
         } else {
             error = clib_error_return(0, "unknown input `%U'",
                                       format_unformat_error, line_input);
             goto done;
         }
     }
     if (sw_if_index == ~0) {
         error = clib_error_return(0, "interface is required `%U'",
                                   format_unformat_error, line_input);
         goto done;
     }
     if ((in && out) || (!in && !out)) {
         error = clib_error_return(0, "in or out is required `%U'",
                                   format_unformat_error, line_input);
         goto done;
     }
     if (!match_set) {
         error = clib_error_return(0, "missing parameter: match `%U'",
                                   format_unformat_error, line_input);
         goto done;
     }
     if (!rewrite_set) {
         error = clib_error_return(0, "missing parameter: rewrite `%U'",
                                   format_unformat_error, line_input);
         goto done;
     }

     if ((match.dport || match.sport) &&
         (match.proto != 17 && match.proto != 6)) {
         error = clib_error_return(0, "missing protocol (TCP|UDP): match `%U'",
                                   format_unformat_error, line_input);
         goto done;
     }
     pnat_attachment_point_t attachment = in ? PNAT_IP4_INPUT : PNAT_IP4_OUTPUT;

     if (add) {
         u32 binding_index;
         int rv = pnat_binding_add(&match, &rewrite, &binding_index);
         if (rv) {
             error = clib_error_return(0, "Adding binding failed %d", rv);
             goto done;
         }
         rv = pnat_binding_attach(sw_if_index, attachment, binding_index);
         if (rv) {
             pnat_binding_del(binding_index);
             error = clib_error_return(
                 0, "Attaching binding to interface failed %d", rv);
             goto done;
         }
     } else {
         /* Lookup binding and lookup interface if both exists proceed with
          * delete */
         u32 binding_index = pnat_flow_lookup(sw_if_index, attachment, &match);
         if (binding_index == ~0) {
             error = clib_error_return(0, "Binding does not exist");
             goto done;
         }
         pnat_attachment_point_t attachment =
             in ? PNAT_IP4_INPUT : PNAT_IP4_OUTPUT;
         int rv = pnat_binding_detach(sw_if_index, attachment, binding_index);
         if (rv) {
             error = clib_error_return(0, "Detaching binding failed %d %d",
                                       binding_index, rv);
             goto done;
         }
         rv = pnat_binding_del(binding_index);
         if (rv) {
             error = clib_error_return(0, "Deleting translation failed %d %d",
                                       binding_index, rv);
             goto done;
         }
     }

 done:
     unformat_free(line_input);

     return error;
 }

 VLIB_CLI_COMMAND(set_pnat_translation_command, static) = {
     .path = "set pnat translation",
     .short_help = "set pnat translation interface <name> match <5-tuple> "
                   "rewrite <tuple> {in|out} [del]",
     .function = set_pnat_translation_command_fn,
 };

 static clib_error_t *
 show_pnat_translations_command_fn(vlib_main_t *vm, unformat_input_t *input,
                                   vlib_cli_command_t *cmd) {
     pnat_main_t *pm = &pnat_main;
     pnat_translation_t *s;
     clib_error_t *error = 0;

     /* Get a line of input. */
     pool_foreach(s, pm->translations) {
         vlib_cli_output(vm, "%U", format_pnat_translation, s - pm->translations,
                         s);
     }
     return error;
 }

 VLIB_CLI_COMMAND(show_pnat_translations_command, static) = {
     .path = "show pnat translations",
     .short_help = "show pnat translations",
     .function = show_pnat_translations_command_fn,
 };

 static clib_error_t *show_pnat_interfaces_command_fn(vlib_main_t *vm,
                                                      unformat_input_t *input,
                                                      vlib_cli_command_t *cmd) {
     pnat_main_t *pm = &pnat_main;
     pnat_interface_t *interface;
     clib_error_t *error = 0;

     /* Get a line of input. */
     pool_foreach(interface, pm->interfaces) {
         vlib_cli_output(vm, "%U", format_pnat_interface, interface);
     }
     return error;
 }

 VLIB_CLI_COMMAND(show_pnat_interfaces_command, static) = {
     .path = "show pnat interfaces",
     .short_help = "show pnat interfaces",
     .function = show_pnat_interfaces_command_fn,
 };
pnat.h

pnat_flow_lookup
u32 pnat_flow_lookup(u32 sw_if_index, pnat_attachment_point_t attachment, pnat_match_tuple_t *match)
Definition: pnat.c:310

format_ip_protocol
format_function_t format_ip_protocol
Definition: format.h:45

unformat_ip_protocol
unformat_function_t unformat_ip_protocol
Definition: format.h:46

from_offset
u8 from_offset
Definition: pnat.api:55

format_pnat_match_tuple
u8 * format_pnat_match_tuple(u8 *s, va_list *args)
Definition: pnat_cli.c:29

pnat_interface_t::sw_if_index
u32 sw_if_index
Definition: pnat.h:71

show_pnat_interfaces_command_fn
static clib_error_t * show_pnat_interfaces_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
Definition: pnat_cli.c:321

pool_foreach
#define pool_foreach(VAR, POOL)
Iterate through pool.
Definition: pool.h:534

pnat_translation_t::rewrite
pnat_rewrite_tuple_t rewrite
Definition: pnat.h:66

clear_offset
u8 clear_offset
Definition: pnat.api:57

pool.h
Fixed length block allocator.

format_pnat_interface
static u8 * format_pnat_interface(u8 *s, va_list *args)
Definition: pnat_cli.c:103

unformat_pnat_rewrite_tuple
uword unformat_pnat_rewrite_tuple(unformat_input_t *input, va_list *args)
Definition: pnat_cli.c:143

unformat_user
uword unformat_user(unformat_input_t *input, unformat_function_t *func,...)
Definition: unformat.c:989

unformat_vnet_sw_interface
unformat_function_t unformat_vnet_sw_interface
Definition: interface_funcs.h:459

format_pnat_mask
static u8 * format_pnat_mask(u8 *s, va_list *args)
Definition: pnat_cli.c:90

ip.h

u8
unsigned char u8
Definition: types.h:56

u32
unsigned int u32
Definition: types.h:88

PNAT_DPORT
Definition: pnat.api:26

pnat_binding_detach
int pnat_binding_detach(u32 sw_if_index, pnat_attachment_point_t attachment, u32 binding_index)
Definition: pnat.c:364

format_ip4_address
format_function_t format_ip4_address
Definition: format.h:73

unformat_ip4_address
unformat_function_t unformat_ip4_address
Definition: format.h:68

pnat_main_t
Definition: pnat.h:82

format
description fragment has unexpected format
Definition: map.api:433

PNAT_IP4_INPUT
Definition: pnat.api:33

clib_error_return
#define clib_error_return(e, args...)
Definition: error.h:99

vnet_get_main
vnet_main_t * vnet_get_main(void)
Definition: pnat_test_stubs.h:56

pnat_attachment_point_t
vl_api_pnat_attachment_point_t pnat_attachment_point_t
Definition: pnat.h:30

PNAT_SPORT
Definition: pnat.api:25

rv
int __clib_unused rv
Definition: application.c:491

PNAT_SA
Definition: pnat.api:23

pnat_mask_t
vl_api_pnat_mask_t pnat_mask_t
Definition: pnat.h:29

unformat_line_input
unformat_function_t unformat_line_input
Definition: format.h:275

set_pnat_translation_command_fn
static clib_error_t * set_pnat_translation_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
Definition: pnat_cli.c:182

error
Definition: cJSON.c:88

pnat_main_t::translations
pnat_translation_t * translations
Definition: pnat.h:92

sw_if_index
vl_api_interface_index_t sw_if_index
Definition: wireguard.api:34

ip4_packet.h

PNAT_IP4_OUTPUT
Definition: pnat.api:34

unformat_input_t
struct _unformat_input_t unformat_input_t

pnat_interface_t
Definition: pnat.h:70

sport
u16 sport
Definition: pnat.api:43

vm
vlib_main_t * vm
X-connect all packets from the HOST to the PHY.
Definition: nat44_ei.c:3047

feature.h

show_pnat_translations_command_fn
static clib_error_t * show_pnat_translations_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
Definition: pnat_cli.c:301

pnat_rewrite_tuple_t
vl_api_pnat_rewrite_tuple_t pnat_rewrite_tuple_t
Definition: pnat.h:28

UNFORMAT_END_OF_INPUT
#define UNFORMAT_END_OF_INPUT
Definition: format.h:137

index
u32 index
Definition: flow_types.api:221

PNAT_COPY_BYTE
Definition: pnat.api:27

unformat_pnat_match_tuple
uword unformat_pnat_match_tuple(unformat_input_t *input, va_list *args)
Definition: pnat_cli.c:117

pnat_translation_t::match
pnat_match_tuple_t match
Definition: pnat.h:65

dport
u16 dport
Definition: pnat.api:44

vlib.h

VLIB_CLI_COMMAND
#define VLIB_CLI_COMMAND(x,...)
Definition: cli.h:163

pnat_match_tuple_t
vl_api_pnat_match_tuple_t pnat_match_tuple_t
Definition: pnat.h:27

clib_error.h

vlib_cli_output
void vlib_cli_output(vlib_main_t *vm, char *fmt,...)
Definition: cli.c:716

pnat_binding_del
int pnat_binding_del(u32 index)
Definition: pnat.c:392

pnat_binding_add
int pnat_binding_add(pnat_match_tuple_t *match, pnat_rewrite_tuple_t *rewrite, u32 *index)
Definition: pnat.c:271

format_pnat_translation
u8 * format_pnat_translation(u8 *s, va_list *args)
Definition: pnat_cli.c:82

PNAT_CLEAR_BYTE
Definition: pnat.api:28

PNAT_DA
Definition: pnat.api:24

clib_error_t
Definition: clib_error.h:21

vlib_main_t
Definition: main.h:102

uword
u64 uword
Definition: types.h:112

unformat_free
static void unformat_free(unformat_input_t *i)
Definition: format.h:155

pnat_translation_t
Definition: pnat.h:48

vlib_cli_command_t
Definition: cli.h:92

format_unformat_error
u8 * format_unformat_error(u8 *s, va_list *va)
Definition: unformat.c:91

pnat_main_t::interfaces
pnat_interface_t * interfaces
Definition: pnat.h:88

format_pnat_rewrite_tuple
u8 * format_pnat_rewrite_tuple(u8 *s, va_list *args)
Definition: pnat_cli.c:55

to_offset
u8 to_offset
Definition: pnat.api:56

pnat_main
pnat_main_t pnat_main
Definition: pnat.c:32

unformat
uword unformat(unformat_input_t *i, const char *fmt,...)
Definition: unformat.c:978

unformat_check_input
static uword unformat_check_input(unformat_input_t *i)
Definition: format.h:163

ip4.h

rewrite
rewrite
Definition: pnat.api:158

pnat_binding_attach
int pnat_binding_attach(u32 sw_if_index, pnat_attachment_point_t attachment, u32 binding_index)
Definition: pnat.c:329