From 356f7ae787addc67644f60beaba1dd3d43068750 Mon Sep 17 00:00:00 2001 From: Rohit Zende Date: Tue, 13 Jun 2023 19:05:17 +0000 Subject: [PATCH] VPP-2048 lawful-intercept : convert lawful-intercept to a plugin per https://jira.fd.io/browse/VPP-2048 Type: improvement --- src/plugins/lawful-intercept/CMakeLists.txt | 24 ++++ .../lawful-intercept/lawful_intercept.api | 52 ++++++++ .../lawful-intercept/lawful_intercept.c | 2 +- .../lawful-intercept/lawful_intercept.h | 0 .../lawful-intercept/lawful_intercept_api.c | 115 ++++++++++++++++++ src/{vnet => plugins}/lawful-intercept/node.c | 2 +- src/plugins/lawful-intercept/plugin.c | 22 ++++ src/vnet/CMakeLists.txt | 17 --- 8 files changed, 215 insertions(+), 19 deletions(-) create mode 100644 src/plugins/lawful-intercept/CMakeLists.txt create mode 100644 src/plugins/lawful-intercept/lawful_intercept.api rename src/{vnet => plugins}/lawful-intercept/lawful_intercept.c (98%) rename src/{vnet => plugins}/lawful-intercept/lawful_intercept.h (100%) create mode 100644 src/plugins/lawful-intercept/lawful_intercept_api.c rename src/{vnet => plugins}/lawful-intercept/node.c (99%) create mode 100644 src/plugins/lawful-intercept/plugin.c diff --git a/src/plugins/lawful-intercept/CMakeLists.txt b/src/plugins/lawful-intercept/CMakeLists.txt new file mode 100644 index 000000000000..50c2512f2b22 --- /dev/null +++ b/src/plugins/lawful-intercept/CMakeLists.txt @@ -0,0 +1,24 @@ +# Copyright (c) 2018 Cisco and/or its affiliates. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +add_vpp_plugin(lawful-intercept + SOURCES + lawful_intercept.c + lawful_intercept_api.c + node.c + plugin.c + + + API_FILES + lawful_intercept.api +) diff --git a/src/plugins/lawful-intercept/lawful_intercept.api b/src/plugins/lawful-intercept/lawful_intercept.api new file mode 100644 index 000000000000..05c40037da9a --- /dev/null +++ b/src/plugins/lawful-intercept/lawful_intercept.api @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2015-2016 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +option version = "2.0.1"; +import "vnet/ip/ip_types.api"; + + +/** \brief Create or delete a VXLAN tunnel + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request + @param is_add - Use 1 to create the tunnel, 0 to remove it + @param src_address - Source IP address + @param collector_address - Destination IP address, can be multicast + @param udp_port - UDP port for communication, uint32 +*/ +define lawful_interception_add_del +{ + u32 client_index; + u32 context; + bool is_add [default=true]; + vl_api_address_t src_address; + vl_api_address_t collector_address; + u32 udp_port; +}; + +/* Return enum values for lawful_interception_add_del msg */ +enum lawful_interception_return_val_type +{ + LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__NONE = 0, + LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__COLLECTOR_PORT_ALREADY_CONFIGURED = 1, + LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__COLLECTOR_ALREADY_CONFIGURED = 2, + LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__COLLECTOR_NOT_CONFIGURED = 3, + LAWFUL_INTERCEPTION_RETURN_VAL_TYPE_UNDEFINED = 4, +}; + +define lawful_interception_add_del_reply +{ + u32 context; + i32 retval; +}; \ No newline at end of file diff --git a/src/vnet/lawful-intercept/lawful_intercept.c b/src/plugins/lawful-intercept/lawful_intercept.c similarity index 98% rename from src/vnet/lawful-intercept/lawful_intercept.c rename to src/plugins/lawful-intercept/lawful_intercept.c index fff44fc3a677..c9db71e1d538 100644 --- a/src/vnet/lawful-intercept/lawful_intercept.c +++ b/src/plugins/lawful-intercept/lawful_intercept.c @@ -13,7 +13,7 @@ * limitations under the License. */ -#include +#include "lawful_intercept.h" li_main_t li_main; diff --git a/src/vnet/lawful-intercept/lawful_intercept.h b/src/plugins/lawful-intercept/lawful_intercept.h similarity index 100% rename from src/vnet/lawful-intercept/lawful_intercept.h rename to src/plugins/lawful-intercept/lawful_intercept.h diff --git a/src/plugins/lawful-intercept/lawful_intercept_api.c b/src/plugins/lawful-intercept/lawful_intercept_api.c new file mode 100644 index 000000000000..96fddd0e5570 --- /dev/null +++ b/src/plugins/lawful-intercept/lawful_intercept_api.c @@ -0,0 +1,115 @@ +/* + *------------------------------------------------------------------ + * vxlan_api.c - vxlan api + * + * Copyright (c) 2016 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + *------------------------------------------------------------------ + */ +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "lawful_intercept.h" + +static u16 msg_id_base; + +#define REPLY_MSG_ID_BASE msg_id_base +#include + +static void +vl_api_lawful_interception_add_del_t_handler ( + vl_api_lawful_interception_add_del_t *mp) +{ + vl_api_lawful_interception_add_del_reply_t *rmp; + int rv = LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__NONE; + u32 i = 0; + + li_main_t *lm = &li_main; + ip46_address_t collector; + ip46_address_t src; + u16 udp_port = 0; + ip_address_decode (&mp->src_address, &src); + ip_address_decode (&mp->collector_address, &collector); + bool is_add = mp->is_add; + udp_port = ntohs (mp->udp_port); + + if (is_add) + { + for (i = 0; i < vec_len (lm->collectors); i++) + { + if (lm->collectors[i].as_u32 == collector.ip4.as_u32) + { + if (lm->ports[i] == udp_port) + rv = LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__COLLECTOR_PORT_ALREADY_CONFIGURED; + else + rv = LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__COLLECTOR_ALREADY_CONFIGURED; + } + } + vec_add1 (lm->collectors, collector.ip4); + vec_add1 (lm->ports, udp_port); + vec_add1 (lm->src_addrs, src.ip4); + } + else + { + for (i = 0; i < vec_len (lm->collectors); i++) + { + if ((lm->collectors[i].as_u32 == collector.ip4.as_u32) && + lm->ports[i] == udp_port) + { + vec_delete (lm->collectors, 1, i); + vec_delete (lm->ports, 1, i); + vec_delete (lm->src_addrs, 1, i); + } + } + rv = LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__COLLECTOR_NOT_CONFIGURED; + } + + REPLY_MACRO(VL_API_LAWFUL_INTERCEPTION_ADD_DEL_REPLY); +} + +#include +static clib_error_t * +lawful_interception_api_hookup (vlib_main_t *vm) +{ + api_main_t *am = vlibapi_get_main (); + + vl_api_increase_msg_trace_size (am, VL_API_LAWFUL_INTERCEPTION_ADD_DEL, + 16 * sizeof (u32)); + + /* + * Set up the (msg_name, crc, message-id) table + */ + msg_id_base = setup_message_id_table (); + + return 0; +} + +VLIB_API_INIT_FUNCTION (lawful_interception_api_hookup); + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/lawful-intercept/node.c b/src/plugins/lawful-intercept/node.c similarity index 99% rename from src/vnet/lawful-intercept/node.c rename to src/plugins/lawful-intercept/node.c index c5328e672d01..a8886c60f061 100644 --- a/src/vnet/lawful-intercept/node.c +++ b/src/plugins/lawful-intercept/node.c @@ -17,7 +17,7 @@ #include #include -#include +#include "lawful_intercept.h" #include #include diff --git a/src/plugins/lawful-intercept/plugin.c b/src/plugins/lawful-intercept/plugin.c new file mode 100644 index 000000000000..a95ec8c1f07f --- /dev/null +++ b/src/plugins/lawful-intercept/plugin.c @@ -0,0 +1,22 @@ +/* SPDX-License-Identifier: Apache-2.0 + * Copyright (c) 2022 Cisco Systems, Inc. + * License: Cisco Proprietary Closed Source License - Cisco Internal. + * The software, documentation and any fonts accompanying this License whether + * on disk, in read only memory, on any other media or in any other form (col- + * lectively the “Software”) are licensed, not sold, to you by Cisco, Inc. + * (“Cisco”) for use only under the terms of this License, and Cisco reserves + * all rights not expressly granted to you. The rights granted herein are + * limited to Cisco’s intel- lectual property rights in the Cisco Software and + * do not include any other patents or intellectual property rights. You own + * the media on which the Cisco Software is recorded but Cisco and/or Cisco’s + * licensor(s) retain ownership of the Software itself. + */ + +#include +#include +#include + +VLIB_PLUGIN_REGISTER () = { + .version = VPP_BUILD_VER, + .description = "Lawful interception", +}; \ No newline at end of file diff --git a/src/vnet/CMakeLists.txt b/src/vnet/CMakeLists.txt index 5aada92e8d97..06e339d05f69 100644 --- a/src/vnet/CMakeLists.txt +++ b/src/vnet/CMakeLists.txt @@ -877,23 +877,6 @@ list(APPEND VNET_HEADERS ipfix-export/flow_report_classify.h ) -############################################################################## -# lawful intercept -############################################################################## - -list(APPEND VNET_SOURCES - lawful-intercept/lawful_intercept.c - lawful-intercept/node.c -) - -list(APPEND VNET_MULTIARCH_SOURCES - lawful-intercept/node.c -) - -list(APPEND VNET_HEADERS - lawful-intercept/lawful_intercept.h -) - ############################################################################## # SPAN (port mirroring) ##############################################################################