- u8 timeout_type = ACL_TIMEOUT_TCP_TRANSIENT;
- fa_full_session_id_t sess_id;
- sess_id.session_index = pw->fa_conn_list_head[timeout_type];
- if (~0 != sess_id.session_index)
+ fa_full_session_id_t volatile sess_id;
+ int n_recycled = 0;
+
+ /* clean up sessions from purgatory, if we can */
+ sess_id.session_index = pw->fa_conn_list_head[ACL_TIMEOUT_PURGATORY];
+ while ((FA_SESSION_BOGUS_INDEX != sess_id.session_index)
+ && n_recycled < am->fa_max_deleted_sessions_per_interval)
+ {
+ sess_id.thread_index = thread_index;
+ fa_session_t *sess =
+ get_session_ptr (am, sess_id.thread_index, sess_id.session_index);
+ if (sess->link_enqueue_time + fa_session_get_timeout (am, sess) < now)
+ {
+ acl_fa_conn_list_delete_session (am, sess_id, now);
+ /* interface that needs the sessions may not be the interface of the session. */
+ acl_fa_put_session (am, sess->sw_if_index, sess_id);
+ n_recycled++;
+ }
+ else
+ break; /* too early to try to recycle from here, bail out */
+ sess_id.session_index = pw->fa_conn_list_head[ACL_TIMEOUT_PURGATORY];
+ }
+ sess_id.session_index = pw->fa_conn_list_head[ACL_TIMEOUT_TCP_TRANSIENT];
+ if (FA_SESSION_BOGUS_INDEX != sess_id.session_index)