From patchwork Wed Sep 16 00:05:14 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ankur Sharma X-Patchwork-Id: 1364818 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=nutanix.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=nutanix.com header.i=@nutanix.com header.a=rsa-sha256 header.s=proofpoint20171006 header.b=gCMlvH13; dkim-atps=neutral Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4BrgNL4GGqz9sSs for ; Wed, 16 Sep 2020 10:05:38 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id B0B4A8730D; Wed, 16 Sep 2020 00:05:36 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x8LyS1It7fKL; Wed, 16 Sep 2020 00:05:30 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by hemlock.osuosl.org (Postfix) with ESMTP id C837C872E0; Wed, 16 Sep 2020 00:05:29 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 9B2A2C088B; Wed, 16 Sep 2020 00:05:29 +0000 (UTC) X-Original-To: ovs-dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id DD041C0051 for ; Wed, 16 Sep 2020 00:05:27 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id C9EC986CD7 for ; Wed, 16 Sep 2020 00:05:27 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LYYGrqo+vJtM for ; Wed, 16 Sep 2020 00:05:25 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mx0b-002c1b01.pphosted.com (mx0b-002c1b01.pphosted.com [148.163.155.12]) by whitealder.osuosl.org (Postfix) with ESMTPS id 978A386CB7 for ; Wed, 16 Sep 2020 00:05:25 +0000 (UTC) Received: from pps.filterd (m0127843.ppops.net [127.0.0.1]) by mx0b-002c1b01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 08G02I6N009520 for ; Tue, 15 Sep 2020 17:05:24 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : content-type : mime-version; s=proofpoint20171006; bh=WTfNhf/bMIQ+fAel6sXPLTc/f5K1Jy9N2g5ZuTNpTi8=; b=gCMlvH13vSX4Dt7n3iM8tnWDQ2QNTg/e+G/p7V3d0LFnWST3fceC0NTeN8sBtAxb75zi G5c64avaNhiN68iluhx8i9xQrDe5WKCS1DNFBHw7QinR3UnVzyUDQUraUMLooN2WhITa +jwMxLKsud3xSVUDeqmQQC0WtkFzi0524diWVd8Y8jFIgLSyd7kyrOzzCUzQA/UC8WJ3 0AYd/HXox0Kb6CoZF87O2KiGNbE+oWAVL20qOrprONQ5jUMWKRntr0lrfu2J2hZ91ShK JblGtD59aqr0z0Y5Lj0gIK2Ms5UnSNOXXSYPSVynNZtwFbdVs62VdUxc/0d1vTih/4p7 aA== Received: from nam11-co1-obe.outbound.protection.outlook.com (mail-co1nam11lp2169.outbound.protection.outlook.com [104.47.56.169]) by mx0b-002c1b01.pphosted.com with ESMTP id 33k5qkg7hj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 15 Sep 2020 17:05:24 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=U3KYmTux/bnxs4ENWWVVeMhjGuStknpqnLGLqYf6GgoV06SoOqDWliqqVey3A7yoJg7zQKXhbP7CYx4m117PR5BLbOiP1lQb2XZmamTsskFDvwDRTD4WQc4Sm6Hvpvgj3OL4SMEduRbl3myIB64MJs3I9wB83zkB4Mu2vlHxzN54eukI7oN5nTyggjsi2U3lrFfsHWVqdhob+rYLmmvnMM0ippBOFleLckOJEyy/AASRI1dyDtSxYhn+cnBo/ybCoqruYeWavyyg4ClK4SQahr+ix1ZWkBM4vxkZOOmww5kgKsqySpSJC5q6vIcHSMJBPoCBW3oXyAMn5VHtn9mxiw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WTfNhf/bMIQ+fAel6sXPLTc/f5K1Jy9N2g5ZuTNpTi8=; b=lfE244ijsvhc9VCVcUezCjPvZyVadMmDOK0OYV0Hyz3mbUz5crsKt8Lyc39roLQjElfUoN8D6I3SwtY813/BotZ8YrOI/Gv1OvqfzxPhwqozke6xEmXTr6UaGmThMF9Ch2JmB8wAXObeAZTTBNiAZe55OVLmJmsA2FvWKHVOxr5M6luzEh+mXDVeraC1l8Kpzq+uXInBKGy/7rBxoBMzjvIZuf/F2AcBwGLFx2ulo/2u7dfocWM68ejH35x5j8eGKD/WStAAIrPeaixRFmjg4DXJtJzcuynb+LGKGRnntno7iIRW0KTZ0svRXUVRXAqLTQGuBtXytktfN3fA5dZAZw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nutanix.com; dmarc=pass action=none header.from=nutanix.com; dkim=pass header.d=nutanix.com; arc=none Authentication-Results: openvswitch.org; dkim=none (message not signed) header.d=none;openvswitch.org; dmarc=none action=none header.from=nutanix.com; Received: from BY5PR02MB6881.namprd02.prod.outlook.com (2603:10b6:a03:21d::10) by BYAPR02MB4021.namprd02.prod.outlook.com (2603:10b6:a02:f2::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3370.16; Wed, 16 Sep 2020 00:05:22 +0000 Received: from BY5PR02MB6881.namprd02.prod.outlook.com ([fe80::bce2:ddd2:1359:8bb0]) by BY5PR02MB6881.namprd02.prod.outlook.com ([fe80::bce2:ddd2:1359:8bb0%8]) with mapi id 15.20.3370.019; Wed, 16 Sep 2020 00:05:22 +0000 From: Ankur Sharma To: ovs-dev@openvswitch.org Date: Tue, 15 Sep 2020 17:05:14 -0700 Message-Id: <1600214714-97224-3-git-send-email-svc.mail.git@nutanix.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1600214714-97224-1-git-send-email-svc.mail.git@nutanix.com> References: <1600214714-97224-1-git-send-email-svc.mail.git@nutanix.com> X-ClientProxiedBy: BY5PR16CA0020.namprd16.prod.outlook.com (2603:10b6:a03:1a0::33) To BY5PR02MB6881.namprd02.prod.outlook.com (2603:10b6:a03:21d::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from northd.localdomain (192.146.154.98) by BY5PR16CA0020.namprd16.prod.outlook.com (2603:10b6:a03:1a0::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3370.16 via Frontend Transport; Wed, 16 Sep 2020 00:05:22 +0000 X-Mailer: git-send-email 1.8.3.1 X-Originating-IP: [192.146.154.98] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 86086f56-56ee-40d3-3423-08d859d434bb X-MS-TrafficTypeDiagnostic: BYAPR02MB4021: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: x-proofpoint-crosstenant: true X-MS-Oob-TLC-OOBClassifiers: OLM:220; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: FZ0/i7gRtTtTg0jqOdcqH1BZg8QLYTdgGXbVqjCw3Wdjqs7UZ3ppRgdlPYzg8QRPEBjW0vGwkzKFKh08QbxvSVgHBC4CKwZcFI6NVDogATXsIewHFLupp7IbB1YgPri68HUwavE1Gny6X17q9YbImvHGhi2XaBupXAxrb0TFALlvc8iSl32Ggczl6tWJR2hQ4nwofM8g2e85ROxwQoT5vLx5j0xqoW8kvJ9ykslyFisvhiI3Thi4YcFG8FqO1maLNVeDTRTLFPv+I2igvQlL6K0ISgcxxdFDzt/+nGcxUPylTatxP3sBmkpXxHQvaHaS X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR02MB6881.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(39860400002)(396003)(346002)(136003)(366004)(376002)(86362001)(4326008)(36756003)(8936002)(107886003)(83380400001)(8676002)(6666004)(66574015)(66556008)(66476007)(52116002)(66946007)(30864003)(6506007)(316002)(16526019)(6916009)(5660300002)(186003)(478600001)(2906002)(6512007)(6486002)(956004)(26005)(2616005); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData: ZzWssWACG22l21SdvG+x3tN4x/5r0eG8GhFFfxETjaddP9zwHa2/XGWl2PcEIjSx/uprPSy0ToAoA9lQDcIeL31ocYNXAtBjo7zmXaMQc0VHgcGbcdPkqaZ2U+ROXBQVC6/lssajf41+TNXuThltJ1M7dsyWU+ldMOBNiCKxM0l3BLw5VT98dr34XEGK+GfXO/dXC/V02B0I/fffCFu62jqtBNqhJyDZGabOfEARTEZC9jFg7FkoIfmNv/semWZ+XZWbVE5tJENqaN15BMl5vOhlMfdK8QxH3caQ52SndrOllhLh8h2SPu43CoxH6T/y3/hsX5zB7qsWTqyXikx6OLEmTVSg3MsMYP8VT+Zf81yviXDOnTfTP2LtjkzvqsqVSYvtoTuhSzGFQKBovtr3c6301qPk9fySyaXslFlnfGg9rDuEmcc1wjwCvxuqCQgiqu3cxRLKZmC34REHEmDW/SqbtAEqM80jOPxW7zeT0Z/4KbYRCRuYj9X7tvQZjWNRhuTfTOLGwEQo6BgTZHgxnT3k9jYp+jBKOl4nUoKifSKjLHr64LJ20qqQ2YZ93rrPSuIrjbIlWszHH9nw4QtllBseW1N5pDyTl3fzQvfXKTfkCdA02drRqWukHBV4wQxEyFtD1dZLYRj5J3sfuFh2lg== X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-Network-Message-Id: 86086f56-56ee-40d3-3423-08d859d434bb X-MS-Exchange-CrossTenant-AuthSource: BY5PR02MB6881.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Sep 2020 00:05:22.6931 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: FJNtG4VcI3EwW1LqHeF4FU+858TedG9CUWQQ2E2UTfj1uWig3vY5tDofdzq4nslyzEqCWpFeKx+U2eJtji7wUHIaHgNiHcJlmCG/qx9GI7E= X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR02MB4021 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-09-15_14:2020-09-15, 2020-09-15 signatures=0 X-Proofpoint-Spam-Reason: safe Subject: [ovs-dev] [PATCH v3 2/2] NAT: Northd and parser changes to support port X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Ankur Sharma This patch has following changes: a. Northd changes to put port range hash in the logical flow based on configuration. b. Changes to parse the logical flow, which specifies port_range_hash along with port_range for ct_nat action. Example logical flow: ct_snat(10.15.24.135,1-30000, hash) Signed-off-by: Ankur Sharma --- include/ovn/actions.h | 1 + lib/actions.c | 51 +++++++++++++++++++++++++++++++++++++-- northd/ovn-northd.c | 16 +++++++++++++ tests/ovn-northd.at | 31 ++++++++++++++++++++++++ tests/ovn.at | 66 ++++++++++++++++++++++++++++++++++++++++++++------- 5 files changed, 155 insertions(+), 10 deletions(-) diff --git a/include/ovn/actions.h b/include/ovn/actions.h index 636cb4b..101cd7a 100644 --- a/include/ovn/actions.h +++ b/include/ovn/actions.h @@ -235,6 +235,7 @@ struct ovnact_ct_nat { bool exists; uint16_t port_lo; uint16_t port_hi; + char *port_hash; } port_range; uint8_t ltable; /* Logical table ID of next table. */ diff --git a/lib/actions.c b/lib/actions.c index 5fe0a38..c8e0767 100644 --- a/lib/actions.c +++ b/lib/actions.c @@ -707,6 +707,8 @@ parse_ct_nat(struct action_context *ctx, const char *name, if (lexer_match(ctx->lexer, LEX_T_COMMA)) { + cn->port_range.port_hash = NULL; + if (ctx->lexer->token.type != LEX_T_INTEGER || ctx->lexer->token.format != LEX_F_DECIMAL) { lexer_syntax_error(ctx->lexer, "expecting Integer for port " @@ -733,8 +735,40 @@ parse_ct_nat(struct action_context *ctx, const char *name, "greater than range low"); } lexer_get(ctx->lexer); + + if (lexer_match(ctx->lexer, LEX_T_COMMA)) { + if (ctx->lexer->token.type != LEX_T_ID) { + lexer_syntax_error(ctx->lexer, "expecting string for " + "port hash"); + } + + if (strcmp(ctx->lexer->token.s, "hash") && + strcmp(ctx->lexer->token.s, "random")) { + lexer_syntax_error(ctx->lexer, "Invalid value for " + "port hash"); + } + + cn->port_range.port_hash = xstrdup(ctx->lexer->token.s); + lexer_get(ctx->lexer); + } } else { cn->port_range.port_hi = 0; + + if (lexer_match(ctx->lexer, LEX_T_COMMA)) { + if (ctx->lexer->token.type != LEX_T_ID) { + lexer_syntax_error(ctx->lexer, "expecting string for " + "port hash"); + } + + if (strcmp(ctx->lexer->token.s, "hash") && + strcmp(ctx->lexer->token.s, "random")) { + lexer_syntax_error(ctx->lexer, "Invalid value for " + "port hash"); + } + + cn->port_range.port_hash = xstrdup(ctx->lexer->token.s); + lexer_get(ctx->lexer); + } } cn->port_range.exists = true; @@ -777,6 +811,10 @@ format_ct_nat(const struct ovnact_ct_nat *cn, const char *name, struct ds *s) if (cn->port_range.port_hi) { ds_put_format(s, "-%d", cn->port_range.port_hi); } + + if (cn->port_range.port_hash) { + ds_put_format(s, ",%s", cn->port_range.port_hash); + } ds_put_char(s, ')'); } @@ -843,8 +881,17 @@ encode_ct_nat(const struct ovnact_ct_nat *cn, } if (cn->port_range.exists) { - nat->range.proto.min = cn->port_range.port_lo; - nat->range.proto.max = cn->port_range.port_hi; + const char *port_hash = cn->port_range.port_hash; + nat->range.proto.min = cn->port_range.port_lo; + nat->range.proto.max = cn->port_range.port_hi; + + if (port_hash) { + if (!strcmp(port_hash, "hash")) { + nat->flags |= NX_NAT_F_PROTO_HASH; + } else { + nat->flags |= NX_NAT_F_PROTO_RANDOM; + } + } } ofpacts->header = ofpbuf_push_uninit(ofpacts, nat_offset); diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index db14909..2d8bc8b 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -9601,6 +9601,10 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, if (nat->external_port_range[0]) { ds_put_format(&actions, ",%s", nat->external_port_range); + if (nat->external_port_hash[0]) { + ds_put_format(&actions, ",%s", + nat->external_port_hash); + } } ds_put_format(&actions, ");"); } @@ -9638,6 +9642,10 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, if (nat->external_port_range[0]) { ds_put_format(&actions, ",%s", nat->external_port_range); + if (nat->external_port_hash[0]) { + ds_put_format(&actions, ",%s", + nat->external_port_hash); + } } ds_put_format(&actions, ");"); } @@ -9755,6 +9763,10 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, if (nat->external_port_range[0]) { ds_put_format(&actions, ",%s", nat->external_port_range); + if (nat->external_port_hash[0]) { + ds_put_format(&actions, ",%s", + nat->external_port_hash); + } } ds_put_format(&actions, ");"); } @@ -9804,6 +9816,10 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, if (nat->external_port_range[0]) { ds_put_format(&actions, ",%s", nat->external_port_range); + if (nat->external_port_hash[0]) { + ds_put_format(&actions, ",%s", + nat->external_port_hash); + } } ds_put_format(&actions, ");"); } diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index 99a9204..960ce00 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -2010,3 +2010,34 @@ ovn-nbctl --wait=sb set NB_Global . options:ignore_lsp_down=true AT_CHECK([ovn-sbctl lflow-list | grep arp | grep 10\.0\.0\.1], [0], [ignore]) AT_CLEANUP + +AT_SETUP([ovn -- Port Range and Hash in NAT entries]) +AT_SKIP_IF([test $HAVE_PYTHON = no]) +ovn_start + +ovn-nbctl lr-add lr0 +ovn-nbctl lrp-add lr0 lr0-public 00:00:01:01:02:04 192.168.2.1/24 +ovn-nbctl lrp-add lr0 lr0-join 00:00:01:01:02:04 10.10.0.1/24 + +ovn-nbctl set logical_router lr0 options:chassis=ch1 + +ovn-nbctl --portrange lr-nat-add lr0 snat 192.168.2.1 10.0.0.0/24 1-1000 hash +ovn-nbctl --portrange lr-nat-add lr0 dnat_and_snat 192.168.2.4 10.0.0.4 1100-2000 random +ovn-nbctl --portrange lr-nat-add lr0 dnat 192.168.2.5 10.0.0.5 2100-3000 + +ovn-sbctl dump-flows lr0 + +AT_CHECK([ovn-sbctl dump-flows lr0 | grep lr_out_snat | \ +grep "ct_snat(192.168.2.1,1-1000,hash)" | wc -l], [0], [1 +]) +AT_CHECK([ovn-sbctl dump-flows lr0 | grep lr_in_dnat | \ +grep "ct_dnat(10.0.0.4,1100-2000,random)" | wc -l], [0], [1 +]) +AT_CHECK([ovn-sbctl dump-flows lr0 | grep lr_out_snat | \ +grep "ct_snat(192.168.2.4,1100-2000,random)" | wc -l], [0], [1 +]) +AT_CHECK([ovn-sbctl dump-flows lr0 | grep lr_in_dnat | \ +grep "ct_dnat(10.0.0.5,2100-3000)" | wc -l], [0], [1 +]) + +AT_CLEANUP diff --git a/tests/ovn.at b/tests/ovn.at index 41fe577..75b79b0 100644 --- a/tests/ovn.at +++ b/tests/ovn.at @@ -1123,6 +1123,22 @@ ct_dnat(192.168.1.2, 1-3000); formats as ct_dnat(192.168.1.2,1-3000); encodes as ct(commit,table=19,zone=NXM_NX_REG11[0..15],nat(dst=192.168.1.2:1-3000)) has prereqs ip +ct_dnat(192.168.1.2, 1000); + formats as ct_dnat(192.168.1.2,1000); + encodes as ct(commit,table=19,zone=NXM_NX_REG11[0..15],nat(dst=192.168.1.2:1000)) + has prereqs ip +ct_dnat(192.168.1.2, 1-3000, hash); + formats as ct_dnat(192.168.1.2,1-3000,hash); + encodes as ct(commit,table=19,zone=NXM_NX_REG11[0..15],nat(dst=192.168.1.2:1-3000,hash)) + has prereqs ip +ct_dnat(192.168.1.2, 1-3000, random); + formats as ct_dnat(192.168.1.2,1-3000,random); + encodes as ct(commit,table=19,zone=NXM_NX_REG11[0..15],nat(dst=192.168.1.2:1-3000,random)) + has prereqs ip +ct_dnat(192.168.1.2, 1000, hash); + formats as ct_dnat(192.168.1.2,1000,hash); + encodes as ct(commit,table=19,zone=NXM_NX_REG11[0..15],nat(dst=192.168.1.2:1000,hash)) + has prereqs ip ct_dnat(192.168.1.2, 192.168.1.3); Syntax error at `192.168.1.3' expecting Integer for port range. @@ -1136,12 +1152,20 @@ ct_dnat(192.168.1.2, foo); Syntax error at `foo' expecting Integer for port range. ct_dnat(192.168.1.2, 1000-foo); Syntax error at `foo' expecting Integer for port range. -ct_dnat(192.168.1.2, 1000); - formats as ct_dnat(192.168.1.2,1000); - encodes as ct(commit,table=19,zone=NXM_NX_REG11[0..15],nat(dst=192.168.1.2:1000)) - has prereqs ip ct_dnat(192.168.1.2, 1000-100); Syntax error at `100' range high should be greater than range low. +ct_dnat(192.168.1.2, hash); + Syntax error at `hash' expecting Integer for port range. +ct_dnat(192.168.1.2, random); + Syntax error at `random' expecting Integer for port range. +ct_dnat(192.168.1.2, 192.168.1.3, hash); + Syntax error at `192.168.1.3' expecting Integer for port range. +ct_dnat(192.168.1.2, foo, hash); + Syntax error at `foo' expecting Integer for port range. +ct_dnat(192.168.1.2, 1000-foo, hash); + Syntax error at `foo' expecting Integer for port range. +ct_dnat(192.168.1.2, 1000-100, hash); + Syntax error at `100' range high should be greater than range low. # ct_snat ct_snat; @@ -1157,6 +1181,22 @@ ct_snat(192.168.1.2, 1-3000); formats as ct_snat(192.168.1.2,1-3000); encodes as ct(commit,table=19,zone=NXM_NX_REG12[0..15],nat(src=192.168.1.2:1-3000)) has prereqs ip +ct_snat(192.168.1.2, 1000); + formats as ct_snat(192.168.1.2,1000); + encodes as ct(commit,table=19,zone=NXM_NX_REG12[0..15],nat(src=192.168.1.2:1000)) + has prereqs ip +ct_snat(192.168.1.2, 1-3000, hash); + formats as ct_snat(192.168.1.2,1-3000,hash); + encodes as ct(commit,table=19,zone=NXM_NX_REG12[0..15],nat(src=192.168.1.2:1-3000,hash)) + has prereqs ip +ct_snat(192.168.1.2, 1-3000, random); + formats as ct_snat(192.168.1.2,1-3000,random); + encodes as ct(commit,table=19,zone=NXM_NX_REG12[0..15],nat(src=192.168.1.2:1-3000,random)) + has prereqs ip +ct_snat(192.168.1.2, 1000, hash); + formats as ct_snat(192.168.1.2,1000,hash); + encodes as ct(commit,table=19,zone=NXM_NX_REG12[0..15],nat(src=192.168.1.2:1000,hash)) + has prereqs ip ct_snat(192.168.1.2, 192.168.1.3); Syntax error at `192.168.1.3' expecting Integer for port range. @@ -1170,12 +1210,22 @@ ct_snat(192.168.1.2, foo); Syntax error at `foo' expecting Integer for port range. ct_snat(192.168.1.2, 1000-foo); Syntax error at `foo' expecting Integer for port range. -ct_snat(192.168.1.2, 1000); - formats as ct_snat(192.168.1.2,1000); - encodes as ct(commit,table=19,zone=NXM_NX_REG12[0..15],nat(src=192.168.1.2:1000)) - has prereqs ip ct_snat(192.168.1.2, 1000-100); Syntax error at `100' range high should be greater than range low. +ct_snat(192.168.1.2, hash); + Syntax error at `hash' expecting Integer for port range. +ct_snat(192.168.1.2, random); + Syntax error at `random' expecting Integer for port range. +ct_snat(192.168.1.2, 192.168.1.3, hash); + Syntax error at `192.168.1.3' expecting Integer for port range. +ct_snat(192.168.1.2, foo, hash); + Syntax error at `foo' expecting Integer for port range. +ct_snat(192.168.1.2, 1000-foo, hash); + Syntax error at `foo' expecting Integer for port range. +ct_snat(192.168.1.2, 1000-100, hash); + Syntax error at `100' range high should be greater than range low. + + # ct_clear ct_clear; encodes as ct_clear