ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

session: add rule tags

Browse Source 
Change-Id: Id5ebb410f509ac4c83d60e48efd54e00035e5ce6
Signed-off-by: Florin Coras <fcoras@cisco.com>
This commit is contained in:
Florin Coras
2017-11-05 23:07:07 -08:00
committed by Dave Barach
parent a3d933c87f
commit c97a7398fc
14 changed files with 491 additions and 245 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/vat/api_format.c
+19 -7
View File
@@ -21560,19 +21560,21 @@ vl_api_session_rules_details_t_handler (vl_api_session_rules_details_t * mp)
if (mp->is_ip4)
{
print (vam->ofp, "appns %u tp %u scope %d %U/%d %d %U/%d %d action: %d",
print (vam->ofp,
"appns %u tp %u scope %d %U/%d %d %U/%d %d action: %d tag: %s",
mp->appns_index, mp->transport_proto, mp->scope,
format_ip4_address, &mp->lcl_ip, mp->lcl_plen, mp->lcl_port,
format_ip4_address, &mp->rmt_ip, mp->rmt_plen, mp->rmt_port,
mp->action_index);
mp->action_index, mp->tag);
}
else
{
print (vam->ofp, "appns %u tp %u scope %d %U/%d %d %U/%d %d action: %d",
print (vam->ofp,
"appns %u tp %u scope %d %U/%d %d %U/%d %d action: %d tag: %s",
mp->appns_index, mp->transport_proto, mp->scope,
format_ip6_address, &mp->lcl_ip, mp->lcl_plen, mp->lcl_port,
format_ip6_address, &mp->rmt_ip, mp->rmt_plen, mp->rmt_port,
mp->action_index);
mp->action_index, mp->tag);
}
}
@@ -21606,6 +21608,7 @@ vl_api_session_rules_details_t_handler_json (vl_api_session_rules_details_t *
clib_net_to_host_u16 (mp->rmt_port));
vat_json_object_add_uint (node, "lcl_plen", mp->lcl_plen);
vat_json_object_add_uint (node, "rmt_plen", mp->rmt_plen);
vat_json_object_add_string_copy (node, "tag", mp->tag);
if (mp->is_ip4)
{
clib_memcpy (&ip4, mp->lcl_ip, sizeof (ip4));
@@ -21632,7 +21635,7 @@ api_session_rule_add_del (vat_main_t * vam)
ip4_address_t lcl_ip4, rmt_ip4;
ip6_address_t lcl_ip6, rmt_ip6;
u8 is_ip4 = 1, conn_set = 0;
u8 is_add = 1;
u8 is_add = 1, *tag = 0;
int ret;
while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT)
@@ -21649,6 +21652,8 @@ api_session_rule_add_del (vat_main_t * vam)
;
else if (unformat (i, "scope %d", &scope))
;
else if (unformat (i, "tag %_%v%_", &tag))
;
else
if (unformat
(i, "%U/%d %d %U/%d %d", unformat_ip4_address, &lcl_ip4,
@@ -21688,8 +21693,10 @@ api_session_rule_add_del (vat_main_t * vam)
mp->is_ip4 = is_ip4;
mp->transport_proto = proto;
mp->lcl_plen = clib_host_to_net_u16 (lcl_plen);
mp->rmt_plen = clib_host_to_net_u16 (rmt_plen);
mp->lcl_port = clib_host_to_net_u16 ((u16) lcl_port);
mp->rmt_port = clib_host_to_net_u16 ((u16) rmt_port);
mp->lcl_plen = lcl_plen;
mp->rmt_plen = rmt_plen;
mp->action_index = clib_host_to_net_u32 (action);
mp->appns_index = clib_host_to_net_u32 (appns_index);
mp->scope = scope;
@@ -21704,6 +21711,11 @@ api_session_rule_add_del (vat_main_t * vam)
clib_memcpy (mp->lcl_ip, &lcl_ip6, sizeof (lcl_ip6));
clib_memcpy (mp->rmt_ip, &rmt_ip6, sizeof (rmt_ip6));
}
if (tag)
{
clib_memcpy (mp->tag, tag, vec_len (tag));
vec_free (tag);
}
S (mp);
W (ret);
src/vnet/session/application.c
+3 -2
View File
@@ -558,6 +558,7 @@ application_start_stop_proxy_fib_proto (application_t * app, u8 fib_proto,
if (!ip_is_zero (&tc->lcl_ip, 1))
{
memset (&args, 0, sizeof (args));
memset (&lcl_pref, 0, sizeof (lcl_pref));
ip_copy (&lcl_pref.fp_addr, &tc->lcl_ip, is_ip4);
lcl_pref.fp_len = is_ip4 ? 32 : 128;
@@ -572,7 +573,7 @@ application_start_stop_proxy_fib_proto (application_t * app, u8 fib_proto,
args.table_args.rmt_port = 0;
args.table_args.action_index = app->index;
args.table_args.is_add = is_start;
args.table_args.transport_proto = transport_proto;
args.transport_proto = transport_proto;
args.appns_index = app->ns_index;
args.scope = SESSION_RULE_SCOPE_GLOBAL;
return vnet_session_rule_add_del (&args);
@@ -595,7 +596,7 @@ application_start_stop_proxy (application_t * app, u8 transport_proto,
args.table_args.rmt_port = 0;
args.table_args.action_index = app->index;
args.table_args.is_add = is_start;
args.table_args.transport_proto = transport_proto;
args.transport_proto = transport_proto;
args.appns_index = app->ns_index;
args.scope = SESSION_RULE_SCOPE_LOCAL;
vnet_session_rule_add_del (&args);
src/vnet/session/mma_template.c
+10 -10
View File
@@ -94,16 +94,16 @@ RT (mma_rules_table_lookup) (RTT (mma_rules_table) * srt,
u32 rv;
int i;
ASSERT (rule_index != SESSION_RULES_TABLE_INVALID_INDEX);
ASSERT (rule_index != MMA_TABLE_INVALID_INDEX);
rp = RT (mma_rules_table_get_rule) (srt, rule_index);
ASSERT (rp);
if (!RT (rule_is_match_for_key) (key, rp))
return SESSION_RULES_TABLE_INVALID_INDEX;
return MMA_TABLE_INVALID_INDEX;
for (i = 0; i < vec_len (rp->next_indices); i++)
{
rv = RT (mma_rules_table_lookup) (srt, key, rp->next_indices[i]);
if (rv != SESSION_RULES_TABLE_INVALID_INDEX)
if (rv != MMA_TABLE_INVALID_INDEX)
return (rv);
}
return (rp->action_index);
@@ -118,16 +118,16 @@ RT (mma_rules_table_lookup_rule) (RTT (mma_rules_table) * srt,
u32 rv;
int i;
ASSERT (rule_index != SESSION_RULES_TABLE_INVALID_INDEX);
ASSERT (rule_index != MMA_TABLE_INVALID_INDEX);
rp = RT (mma_rules_table_get_rule) (srt, rule_index);
ASSERT (rp);
if (!RT (rule_is_match_for_key) (key, rp))
return SESSION_RULES_TABLE_INVALID_INDEX;
return MMA_TABLE_INVALID_INDEX;
for (i = 0; i < vec_len (rp->next_indices); i++)
{
rv = RT (mma_rules_table_lookup_rule) (srt, key, rp->next_indices[i]);
if (rv != SESSION_RULES_TABLE_INVALID_INDEX)
if (rv != MMA_TABLE_INVALID_INDEX)
return (rv);
}
return rule_index;
@@ -214,15 +214,15 @@ RT (mma_rules_table_del_rule) (RTT (mma_rules_table) * srt,
u32 rv;
int i;
ASSERT (rule_index != SESSION_RULES_TABLE_INVALID_INDEX);
ASSERT (rule_index != MMA_TABLE_INVALID_INDEX);
rp = RT (mma_rules_table_get_rule) (srt, rule_index);
if (!RT (rule_is_match_for_key) (&rule->match, rp))
return SESSION_RULES_TABLE_INVALID_INDEX;
return MMA_TABLE_INVALID_INDEX;
if (RT (rule_is_exact_match) (rule, rp))
{
if (rule_index == srt->root_index)
rp->action_index = SESSION_RULES_TABLE_INVALID_INDEX;
rp->action_index = MMA_TABLE_INVALID_INDEX;
return 1;
}
for (i = 0; i < vec_len (rp->next_indices); i++)
@@ -257,7 +257,7 @@ RT (mma_rules_table_del_rule) (RTT (mma_rules_table) * srt,
else if (rv == 0)
return rv;
}
return SESSION_RULES_TABLE_INVALID_INDEX;
return MMA_TABLE_INVALID_INDEX;
}
/*
src/vnet/session/mma_template.h
+3 -2
View File
@@ -30,7 +30,7 @@
#define __rtt(a, b) _rtt(a,b)
#define RTT(a) __rtt(a, MMA_RT_TYPE)
#define SESSION_RULES_TABLE_INVALID_INDEX ((u32)~0)
#define MMA_TABLE_INVALID_INDEX ((u32)~0)
typedef struct
{
@@ -79,7 +79,8 @@ RT (session_rule_free) (RTT (mma_rules_table) * srt, RTT (mma_rule) * rule);
RTT (mma_rule) *
RT (mma_table_get_rule) (RTT (mma_rules_table) * srt, u32 srt_index);
u32
RT (mma_table_rule_index) (RTT (mma_rules_table) * srt, RTT (mma_rule) * sr);
RT (mma_rules_table_rule_index) (RTT (mma_rules_table) * srt,
RTT (mma_rule) * sr);
#endif /* SRC_VNET_SESSION_MMA_TEMPLATE_H_ */
/*
src/vnet/session/session.api
+2
View File
@@ -395,6 +395,7 @@ autoreply define session_rule_add_del {
u8 is_add;
u32 appns_index;
u8 scope;
u8 tag[64];
};
/** \brief Dump session rules
@@ -439,6 +440,7 @@ define session_rules_details
u32 action_index;
u32 appns_index;
u8 scope;
u8 tag[64];
};
/*
src/vnet/session/session_api.c
+53 -30
View File
@@ -792,6 +792,7 @@ vl_api_session_rule_add_del_t_handler (vl_api_session_rule_add_del_t * mp)
u8 fib_proto;
int rv = 0;
memset (&args, 0, sizeof (args));
fib_proto = mp->is_ip4 ? FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6;
table_args->lcl.fp_len = mp->lcl_plen;
@@ -802,6 +803,8 @@ vl_api_session_rule_add_del_t_handler (vl_api_session_rule_add_del_t * mp)
table_args->rmt_port = clib_net_to_host_u16 (mp->rmt_port);
table_args->action_index = clib_net_to_host_u32 (mp->action_index);
table_args->is_add = mp->is_add;
mp->tag[sizeof (mp->tag) - 1] = 0;
table_args->tag = format (0, "%s", mp->tag);
args.appns_index = clib_net_to_host_u32 (mp->appns_index);
args.scope = mp->scope;
@@ -815,12 +818,13 @@ vl_api_session_rule_add_del_t_handler (vl_api_session_rule_add_del_t * mp)
rv = clib_error_get_code (error);
clib_error_report (error);
}
vec_free (table_args->tag);
REPLY_MACRO (VL_API_SESSION_RULE_ADD_DEL_REPLY);
}
static void
send_session_rule_details4 (mma_rule_16_t * rule, u8 is_local,
u8 transport_proto, u32 appns_index,
u8 transport_proto, u32 appns_index, u8 * tag,
unix_shared_memory_queue_t * q, u32 context)
{
vl_api_session_rules_details_t *rmp = 0;
@@ -846,13 +850,18 @@ send_session_rule_details4 (mma_rule_16_t * rule, u8 is_local,
is_local ? SESSION_RULE_SCOPE_LOCAL : SESSION_RULE_SCOPE_GLOBAL;
rmp->transport_proto = transport_proto;
rmp->appns_index = clib_host_to_net_u32 (appns_index);
if (tag)
{
clib_memcpy (rmp->tag, tag, vec_len (tag));
rmp->tag[vec_len (tag)] = 0;
}
vl_msg_api_send_shmem (q, (u8 *) & rmp);
}
static void
send_session_rule_details6 (mma_rule_40_t * rule, u8 scope,
u8 transport_proto, u32 appns_index,
send_session_rule_details6 (mma_rule_40_t * rule, u8 is_local,
u8 transport_proto, u32 appns_index, u8 * tag,
unix_shared_memory_queue_t * q, u32 context)
{
vl_api_session_rules_details_t *rmp = 0;
@@ -874,46 +883,55 @@ send_session_rule_details6 (mma_rule_40_t * rule, u8 scope,
rmp->lcl_port = clib_host_to_net_u16 (match->lcl_port);
rmp->rmt_port = clib_host_to_net_u16 (match->rmt_port);
rmp->action_index = clib_host_to_net_u32 (rule->action_index);
rmp->scope = scope;
rmp->scope =
is_local ? SESSION_RULE_SCOPE_LOCAL : SESSION_RULE_SCOPE_GLOBAL;
rmp->transport_proto = transport_proto;
rmp->appns_index = clib_host_to_net_u32 (appns_index);
if (tag)
{
clib_memcpy (rmp->tag, tag, vec_len (tag));
rmp->tag[vec_len (tag)] = 0;
}
vl_msg_api_send_shmem (q, (u8 *) & rmp);
}
static void
send_session_rules_table_details (session_rules_table_t * srt, u8 fib_proto,
u8 is_local, u32 appns_index,
u8 tp, u8 is_local, u32 appns_index,
unix_shared_memory_queue_t * q, u32 context)
{
mma_rule_16_t *rule16;
mma_rule_40_t *rule40;
mma_rules_table_16_t *srt16;
mma_rules_table_40_t *srt40;
u8 tp;
u32 ri;
for (tp = 0; tp < TRANSPORT_N_PROTO; tp++)
if (is_local || fib_proto == FIB_PROTOCOL_IP4)
{
if (is_local || fib_proto == FIB_PROTOCOL_IP4)
{
/* *INDENT-OFF* */
srt16 = &srt->session_rules_tables_16[tp];
pool_foreach (rule16, srt16->rules, ({
send_session_rule_details4 (rule16, is_local, tp,
appns_index, q, context);
}));
/* *INDENT-ON* */
}
if (is_local || fib_proto == FIB_PROTOCOL_IP6)
{
/* *INDENT-OFF* */
srt40 = &srt->session_rules_tables_40[tp];
pool_foreach (rule40, srt40->rules, ({
send_session_rule_details6 (rule40, is_local, tp,
appns_index, q, context);
}));
/* *INDENT-ON* */
}
u8 *tag = 0;
/* *INDENT-OFF* */
srt16 = &srt->session_rules_tables_16;
pool_foreach (rule16, srt16->rules, ({
ri = mma_rules_table_rule_index_16 (srt16, rule16);
tag = session_rules_table_rule_tag (srt, ri, 1);
send_session_rule_details4 (rule16, is_local, tp, appns_index, tag,
q, context);
}));
/* *INDENT-ON* */
}
if (is_local || fib_proto == FIB_PROTOCOL_IP6)
{
u8 *tag = 0;
/* *INDENT-OFF* */
srt40 = &srt->session_rules_tables_40;
pool_foreach (rule40, srt40->rules, ({
ri = mma_rules_table_rule_index_40 (srt40, rule40);
tag = session_rules_table_rule_tag (srt, ri, 1);
send_session_rule_details6 (rule40, is_local, tp, appns_index, tag,
q, context);
}));
/* *INDENT-ON* */
}
}
@@ -922,6 +940,7 @@ vl_api_session_rules_dump_t_handler (vl_api_one_map_server_dump_t * mp)
{
unix_shared_memory_queue_t *q = NULL;
session_table_t *st;
u8 tp;
q = vl_api_client_index_to_input_queue (mp->client_index);
if (q == 0)
@@ -929,9 +948,13 @@ vl_api_session_rules_dump_t_handler (vl_api_one_map_server_dump_t * mp)
/* *INDENT-OFF* */
session_table_foreach (st, ({
send_session_rules_table_details (&st->session_rules, st->active_fib_proto,
st->is_local, st->appns_index, q,
mp->context);
for (tp = 0; tp < TRANSPORT_N_PROTO; tp++)
{
send_session_rules_table_details (&st->session_rules[tp],
st->active_fib_proto, tp,
st->is_local, st->appns_index, q,
mp->context);
}
}));
/* *INDENT-ON* */
}
src/vnet/session/session_lookup.c
+98 -60
View File
File diff suppressed because it is too large Load Diff
src/vnet/session/session_lookup.h
+4
View File
@@ -113,6 +113,10 @@ typedef struct _session_rule_add_del_args
* Rule scope flag.
*/
u8 scope;
/**
* Transport protocol for the rule
*/
u8 transport_proto;
} session_rule_add_del_args_t;
clib_error_t *vnet_session_rule_add_del (session_rule_add_del_args_t * args);
src/vnet/session/session_rules_table.c
+221 -94
View File
File diff suppressed because it is too large Load Diff
src/vnet/session/session_rules_table.h
+29 -12
View File
@@ -54,50 +54,67 @@ typedef CLIB_PACKED (struct
}) session_mask_or_match_6_t;
/* *INDENT-ON* */
#define SESSION_RULE_TAG_MAX_LEN 64
#define SESSION_RULES_TABLE_ACTION_DROP (((u32)~0) - 1)
#define SESSION_RULES_TABLE_INVALID_INDEX MMA_TABLE_INVALID_INDEX
typedef struct _session_rules_table_add_del_args
{
u8 transport_proto;
fib_prefix_t lcl;
fib_prefix_t rmt;
u16 lcl_port;
u16 rmt_port;
u32 action_index;
u8 *tag;
u8 is_add;
} session_rule_table_add_del_args_t;
#define SESSION_RULES_TABLE_ACTION_DROP (((u32)~0) - 1)
typedef struct _rule_tag
{
u8 *tag;
} session_rule_tag_t;
typedef struct _session_rules_table_t
{
/**
* Per fib proto and transport proto session rules tables
* Per fib proto session rules tables
*/
mma_rules_table_16_t session_rules_tables_16[TRANSPORT_N_PROTO];
mma_rules_table_40_t session_rules_tables_40[TRANSPORT_N_PROTO];
mma_rules_table_16_t session_rules_tables_16;
mma_rules_table_40_t session_rules_tables_40;
/**
* Hash table that maps tags to rules
*/
uword *rules_by_tag;
/**
* Pool of rules tags
*/
session_rule_tag_t *rule_tags;
/**
* Hash table that maps rule indices to tags
*/
uword *tags_by_rules;
} session_rules_table_t;
void *session_rules_table_get (session_rules_table_t * srt,
u8 transport_proto, u8 fib_proto);
u32 session_rules_table_lookup4 (session_rules_table_t * srt,
u8 transport_proto, ip4_address_t * lcl_ip,
ip4_address_t * lcl_ip,
ip4_address_t * rmt_ip, u16 lcl_port,
u16 rmt_port);
u32 session_rules_table_lookup6 (session_rules_table_t * srt,
u8 transport_proto, ip6_address_t * lcl_ip,
ip6_address_t * lcl_ip,
ip6_address_t * rmt_ip, u16 lcl_port,
u16 rmt_port);
void session_rules_table_cli_dump (vlib_main_t * vm,
session_rules_table_t * srt, u8 fib_proto,
u8 transport_proto);
session_rules_table_t * srt, u8 fib_proto);
void session_rules_table_show_rule (vlib_main_t * vm,
session_rules_table_t * srt,
u8 transport_proto,
ip46_address_t * lcl_ip, u16 lcl_port,
ip46_address_t * rmt_ip, u16 rmt_port,
u8 is_ip4);
clib_error_t *session_rules_table_add_del (session_rules_table_t * srt,
session_rule_table_add_del_args_t *
args);
u8 *session_rules_table_rule_tag (session_rules_table_t * srt, u32 ri,
u8 is_ip4);
void session_rules_table_init (session_rules_table_t * srt);
#endif /* SRC_VNET_SESSION_SESSION_RULES_TABLE_H_ */
/*
src/vnet/session/session_table.c
+4 -1
View File
@@ -70,6 +70,7 @@ void
session_table_init (session_table_t * slt, u8 fib_proto)
{
u8 all = fib_proto > FIB_PROTOCOL_IP6 ? 1 : 0;
int i;
#define _(af,table,parm,value) \
u32 configured_##af##_##table##_table_##parm = value;
@@ -101,7 +102,9 @@ session_table_init (session_table_t * slt, u8 fib_proto)
configured_v6_halfopen_table_buckets,
configured_v6_halfopen_table_memory);
}
session_rules_table_init (&slt->session_rules);
for (i = 0; i < TRANSPORT_N_PROTO; i++)
session_rules_table_init (&slt->session_rules[i]);
}
typedef struct _ip4_session_table_walk_ctx_t
src/vnet/session/session_table.h
+1 -1
View File
@@ -37,7 +37,7 @@ typedef struct _session_lookup_table
/**
* Per fib proto and transport proto session rules tables
*/
session_rules_table_t session_rules;
session_rules_table_t session_rules[TRANSPORT_N_PROTO];
/** Flag that indicates if table has local scope */
u8 is_local;
src/vnet/session/session_test.c
+39 -22
View File
@@ -506,8 +506,7 @@ session_test_rule_table (vlib_main_t * vm, unformat_input_t * input)
action_index - 1);
res =
session_rules_table_lookup4 (srt, TRANSPORT_PROTO_TCP, &lcl_ip, &rmt_ip,
lcl_port, rmt_port);
session_rules_table_lookup4 (srt, &lcl_ip, &rmt_ip, lcl_port, rmt_port);
SESSION_TEST ((res == 1),
"Lookup 1.2.3.4 1234 5.6.7.8 4321, action should " "be 1: %d",
res);
@@ -561,8 +560,7 @@ session_test_rule_table (vlib_main_t * vm, unformat_input_t * input)
* and 3.3.3.3 1234 7.7.7.7 4321
*/
res =
session_rules_table_lookup4 (srt, TRANSPORT_PROTO_TCP, &lcl_ip, &rmt_ip,
lcl_port, rmt_port);
session_rules_table_lookup4 (srt, &lcl_ip, &rmt_ip, lcl_port, rmt_port);
SESSION_TEST ((res == 3),
"Lookup 1.2.3.4 1234 5.6.7.8 4321 action " "should be 3: %d",
res);
@@ -570,15 +568,14 @@ session_test_rule_table (vlib_main_t * vm, unformat_input_t * input)
lcl_lkup.as_u32 = clib_host_to_net_u32 (0x01020204);
rmt_lkup.as_u32 = clib_host_to_net_u32 (0x05060709);
res =
session_rules_table_lookup4 (srt, TRANSPORT_PROTO_TCP, &lcl_lkup,
session_rules_table_lookup4 (srt, &lcl_lkup,
&rmt_lkup, lcl_port, rmt_port);
SESSION_TEST ((res == 1),
"Lookup 1.2.2.4 1234 5.6.7.9 4321, action " "should be 1: %d",
res);
res =
session_rules_table_lookup4 (srt, TRANSPORT_PROTO_TCP, &lcl_ip3, &rmt_ip3,
lcl_port, rmt_port);
session_rules_table_lookup4 (srt, &lcl_ip3, &rmt_ip3, lcl_port, rmt_port);
SESSION_TEST ((res == 6),
"Lookup 3.3.3.3 1234 7.7.7.7 4321, action "
"should be 6 (updated): %d", res);
@@ -598,13 +595,12 @@ session_test_rule_table (vlib_main_t * vm, unformat_input_t * input)
SESSION_TEST ((error == 0), "Add 1.2.3.4/24 * 5.6.7.8/24 * action %d",
action_index - 1);
res =
session_rules_table_lookup4 (srt, TRANSPORT_PROTO_TCP, &lcl_ip, &rmt_ip,
lcl_port, rmt_port);
session_rules_table_lookup4 (srt, &lcl_ip, &rmt_ip, lcl_port, rmt_port);
SESSION_TEST ((res == 7),
"Lookup 1.2.3.4 1234 5.6.7.8 4321, action should"
" be 7 (lpm dst): %d", res);
res =
session_rules_table_lookup4 (srt, TRANSPORT_PROTO_TCP, &lcl_ip, &rmt_ip,
session_rules_table_lookup4 (srt, &lcl_ip, &rmt_ip,
lcl_port + 1, rmt_port);
SESSION_TEST ((res == 7),
"Lookup 1.2.3.4 1235 5.6.7.8 4321, action should " "be 7: %d",
@@ -645,23 +641,21 @@ session_test_rule_table (vlib_main_t * vm, unformat_input_t * input)
action_index - 1);
if (verbose)
session_rules_table_cli_dump (vm, srt, FIB_PROTOCOL_IP4,
TRANSPORT_PROTO_TCP);
session_rules_table_cli_dump (vm, srt, FIB_PROTOCOL_IP4);
res =
session_rules_table_lookup4 (srt, TRANSPORT_PROTO_TCP, &lcl_ip, &rmt_ip,
lcl_port, rmt_port);
session_rules_table_lookup4 (srt, &lcl_ip, &rmt_ip, lcl_port, rmt_port);
SESSION_TEST ((res == 3),
"Lookup 1.2.3.4 1234 5.6.7.8 4321, action should " "be 3: %d",
res);
res =
session_rules_table_lookup4 (srt, TRANSPORT_PROTO_TCP, &lcl_ip, &rmt_ip,
session_rules_table_lookup4 (srt, &lcl_ip, &rmt_ip,
lcl_port + 1, rmt_port);
SESSION_TEST ((res == 9),
"Lookup 1.2.3.4 1235 5.6.7.8 4321, action should " "be 9: %d",
res);
res =
session_rules_table_lookup4 (srt, TRANSPORT_PROTO_TCP, &lcl_ip, &rmt_ip,
session_rules_table_lookup4 (srt, &lcl_ip, &rmt_ip,
lcl_port + 1, rmt_port + 1);
SESSION_TEST ((res == 8),
"Lookup 1.2.3.4 1235 5.6.7.8 4322, action should " "be 8: %d",
@@ -679,8 +673,7 @@ session_test_rule_table (vlib_main_t * vm, unformat_input_t * input)
error = session_rules_table_add_del (srt, &args);
SESSION_TEST ((error == 0), "Del 1.2.0.0/16 1234 5.6.0.0/16 4321");
res =
session_rules_table_lookup4 (srt, TRANSPORT_PROTO_TCP, &lcl_ip, &rmt_ip,
lcl_port, rmt_port);
session_rules_table_lookup4 (srt, &lcl_ip, &rmt_ip, lcl_port, rmt_port);
SESSION_TEST ((res == 3),
"Lookup 1.2.3.4 1234 5.6.7.8 4321, action should " "be 3: %d",
res);
@@ -691,8 +684,7 @@ session_test_rule_table (vlib_main_t * vm, unformat_input_t * input)
error = session_rules_table_add_del (srt, &args);
SESSION_TEST ((error == 0), "Del 1.2.0.0/16 * 5.6.0.0/16 *");
res =
session_rules_table_lookup4 (srt, TRANSPORT_PROTO_TCP, &lcl_ip, &rmt_ip,
lcl_port, rmt_port);
session_rules_table_lookup4 (srt, &lcl_ip, &rmt_ip, lcl_port, rmt_port);
SESSION_TEST ((res == 3),
"Lookup 1.2.3.4 1234 5.6.7.8 4321, action should " "be 3: %d",
res);
@@ -710,8 +702,7 @@ session_test_rule_table (vlib_main_t * vm, unformat_input_t * input)
error = session_rules_table_add_del (srt, &args);
SESSION_TEST ((error == 0), "Del 1.2.3.4/24 1234 5.6.7.5/24");
res =
session_rules_table_lookup4 (srt, TRANSPORT_PROTO_TCP, &lcl_ip, &rmt_ip,
lcl_port, rmt_port);
session_rules_table_lookup4 (srt, &lcl_ip, &rmt_ip, lcl_port, rmt_port);
SESSION_TEST ((res == 2), "Action should be 2: %d", res);
return 0;
@@ -959,6 +950,32 @@ session_test_rules (vlib_main_t * vm, unformat_input_t * input)
&rmt_pref.fp_addr.ip4, lcl_port,
rmt_port, TRANSPORT_PROTO_TCP, 0);
SESSION_TEST ((tc == 0), "optimized lookup should not work (no-rule)");
/*
* Test tags. Add/del rule with tag
*/
args.table_args.is_add = 1;
args.table_args.lcl_port = 1234;
args.table_args.lcl.fp_addr.ip4 = lcl_ip;
args.table_args.lcl.fp_len = 16;
args.table_args.rmt.fp_addr.ip4 = rmt_ip;
args.table_args.rmt.fp_len = 16;
args.table_args.tag = format (0, "test_rule");
error = vnet_session_rule_add_del (&args);
SESSION_TEST ((error == 0), "Add 1.2.3.4/16 1234 5.6.7.8/16 4321 drop "
"tag test_rule");
if (verbose)
{
session_lookup_dump_rules_table (0, FIB_PROTOCOL_IP4,
TRANSPORT_PROTO_TCP);
session_lookup_dump_local_rules_table (0, FIB_PROTOCOL_IP4,
TRANSPORT_PROTO_TCP);
}
args.table_args.is_add = 0;
args.table_args.lcl_port += 1;
SESSION_TEST ((error == 0), "Del 1.2.3.4/32 1234 5.6.7.8/32 4321 drop "
"tag test_rule");
return 0;
}
src/vpp/api/custom_dump.c
+5 -4
View File
@@ -3215,18 +3215,19 @@ static void *vl_api_session_rule_add_del_t_print
u8 *s;
char *proto = mp->transport_proto == 0 ? "tcp" : "udp";
s = format (0, "SCRIPT: session_rule_add_del ");
mp->tag[sizeof (mp->tag) - 1] = 0;
if (mp->is_ip4)
s = format (s, "appns %d scope %d %s %U/%d %d %U/%d %d action %u",
s = format (s, "appns %d scope %d %s %U/%d %d %U/%d %d action %u tag %s",
mp->appns_index, mp->scope, proto, format_ip4_address,
(ip4_address_t *) mp->lcl_ip, mp->lcl_plen,
format_ip4_address, (ip4_address_t *) mp->rmt_ip,
mp->rmt_plen, mp->action_index);
mp->rmt_plen, mp->action_index, mp->tag);
else
s = format (s, "appns %d scope %d %s %U/%d %d %U/%d %d action %u",
s = format (s, "appns %d scope %d %s %U/%d %d %U/%d %d action %u tag %s",
mp->appns_index, mp->scope, proto, format_ip6_address,
(ip6_address_t *) mp->lcl_ip, mp->lcl_plen,
format_ip6_address, (ip6_address_t *) mp->rmt_ip,
mp->rmt_plen, mp->action_index);
mp->rmt_plen, mp->action_index, mp->tag);
FINISH;
}