-
Notifications
You must be signed in to change notification settings - Fork 23
/
rte_table_netflow.h
162 lines (127 loc) · 4.95 KB
/
rte_table_netflow.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
#ifndef __INCLUDE_RTE_TABLE_NETFLOW_H__
#define __INCLUDE_RTE_TABLE_NETFLOW_H__
#ifdef __cplusplus
extern "C" {
#endif
/**
* @file
* RTE Table Netflow
*
* array indexing, Lookup key is the array entry index.
*
***/
#include <stdint.h>
#include <sys/time.h>
#include <rte_ip.h>
#include <rte_udp.h>
#include <rte_tcp.h>
#include <rte_spinlock.h>
#include "rte_table.h"
#define MAX_ENTRY 2 * 1024 * 1024
/* ***************************************** */
#define FLOW_VERSION_5 5
#define V5FLOWS_PER_PAK 30
struct flow_ver5_hdr {
u_int16_t version; /* Current version=5*/
u_int16_t count; /* The number of records in PDU. */
u_int32_t sysUptime; /* Current time in msecs since router booted */
u_int32_t unix_secs; /* Current seconds since 0000 UTC 1970 */
u_int32_t unix_nsecs; /* Residual nanoseconds since 0000 UTC 1970 */
u_int32_t flow_sequence; /* Sequence number of total flows seen */
u_int8_t engine_type; /* Type of flow switching engine (RP,VIP,etc.)*/
u_int8_t engine_id; /* Slot number of the flow switching engine */
u_int16_t sampleRate; /* Packet capture sample rate */
};
struct flow_ver5_rec {
u_int32_t srcaddr; /* Source IP Address */
u_int32_t dstaddr; /* Destination IP Address */
u_int32_t nexthop; /* Next hop router's IP Address */
u_int16_t input; /* Input interface index */
u_int16_t output; /* Output interface index */
u_int32_t dPkts; /* Packets sent in Duration (milliseconds between 1st
& last packet in this flow)*/
u_int32_t dOctets; /* Octets sent in Duration (milliseconds between 1st
& last packet in this flow)*/
u_int32_t first; /* SysUptime at start of flow */
u_int32_t last; /* and of last packet of the flow */
u_int16_t srcport; /* TCP/UDP source port number (.e.g, FTP, Telnet, etc.,or equivalent) */
u_int16_t dstport; /* TCP/UDP destination port number (.e.g, FTP, Telnet, etc.,or equivalent) */
u_int8_t pad1; /* pad to word boundary */
u_int8_t tcp_flags; /* Cumulative OR of tcp flags */
u_int8_t proto; /* IP protocol, e.g., 6=TCP, 17=UDP, etc... */
u_int8_t tos; /* IP Type-of-Service */
u_int16_t src_as; /* source peer/origin Autonomous System */
u_int16_t dst_as; /* dst peer/origin Autonomous System */
u_int8_t src_mask; /* source route's mask bits */
u_int8_t dst_mask; /* destination route's mask bits */
u_int16_t pad2; /* pad to word boundary */
};
typedef struct single_flow_ver5_rec {
struct flow_ver5_hdr flowHeader;
struct flow_ver5_rec flowRecord[V5FLOWS_PER_PAK+1 /* safe against buffer overflows */];
} NetFlow5Record;
typedef struct rte_table_hashBucket {
uint8_t magic; /**< magic code for validation */
uint8_t bucket_expired; /**< force bucket to expire */
uint8_t vlanId;
uint8_t proto;
uint32_t ip_src; /**< saved in network order */
uint32_t ip_dst; /**< saved in network order */
uint16_t port_src; /**< saved in network order */
uint16_t port_dst; /**< saved in network order */
uint8_t src2dstTos, dst2srcTos;
uint8_t src2dstTcpFlags, dst2srcTcpFlags;
uint8_t pad1, pad2;
uint64_t bytesSent, pktSent; /**< saved in host order */
uint64_t bytesRcvd, pktRcvd; /**< saved in host order */
struct timeval firstSeenRcvd, lastSeenRcvd; /**< sizeof(timeval) = 16 Bytes */
struct timeval firstSeenSent, lastSeenSent;
struct rte_table_hashBucket *next;
} hashBucket_t;
/** Netflow table key format */
union rte_table_netflow_key {
struct {
uint8_t pad0;
uint8_t vlanId;
uint8_t pad1;
uint8_t proto;
uint32_t ip_src;
uint32_t ip_dst;
uint16_t port_src;
uint16_t port_dst;
};
__m128i xmm;
};
/** Hash function (rte_hash_crc_4bytes) */
typedef uint32_t (*rte_table_netflow_op_hash)(
uint32_t key,
uint32_t seed);
/** Netflow table parameters */
struct rte_table_netflow_params {
/** Number of array entries. Has to be a power of two. */
uint32_t n_entries;
/** Byte offset within input */
uint32_t offset;
/** Hash function */
rte_table_netflow_op_hash f_hash;
/** Seed value for the hash function */
uint64_t seed;
};
struct rte_table_netflow {
/* Input parameters */
uint32_t entry_size;
uint32_t n_entries;
rte_table_netflow_op_hash f_hash;
uint64_t seed;
/* Spinlock for entry */
rte_spinlock_t lock[MAX_ENTRY];
/* Internal table */
hashBucket_t *array[0] __rte_cache_aligned;
} __rte_cache_aligned;
/** Netflow table operations */
extern struct rte_table_ops rte_table_netflow_ops;
void *rte_table_netflow_create(void *, int, uint32_t);
#ifdef __cplusplus
}
#endif
#endif