NAT: Fixed issues with dropping reverse packets with output-feature.

[vpp.git] / src / plugins / nat / nat.c

diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c
index 2e1aa77..4f5a8a6 100755 (executable)
--- a/src/plugins/nat/nat.c
+++ b/src/plugins/nat/nat.c
@@ -322,6 +322,9 @@ nat_user_get_or_create (snat_main_t * sm, ip4_address_t * addr, u32 fib_index,
       /* add user */
       if (clib_bihash_add_del_8_8 (&tsm->user_hash, &kv, 1))
        nat_log_warn ("user_hash keay add failed");
+
+      vlib_set_simple_counter (&sm->total_users, thread_index, 0,
+                              pool_elts (tsm->users));
     }
   else
     {
@@ -397,6 +400,8 @@ nat_session_alloc_or_recycle (snat_main_t * sm, snat_user_t * u,
                          per_user_translation_list_elt - tsm->list_pool);
 
       s->user_index = u - tsm->users;
+      vlib_set_simple_counter (&sm->total_sessions, thread_index, 0,
+                              pool_elts (tsm->sessions));
     }
 
   return s;
@@ -471,6 +476,9 @@ nat_ed_session_alloc (snat_main_t * sm, snat_user_t * u, u32 thread_index,
                              s->per_user_list_head_index,
                              per_user_translation_list_elt - tsm->list_pool);
        }
+
+      vlib_set_simple_counter (&sm->total_sessions, thread_index, 0,
+                              pool_elts (tsm->sessions));
     }
 
   return s;
@@ -1567,6 +1575,8 @@ nat44_lb_static_mapping_add_del_local (ip4_address_t e_addr, u16 e_port,
   }));
   /* *INDENT-ON* */
 
+  ASSERT (vec_len (locals) > 1);
+
   local = pool_elt_at_index (m->locals, locals[0]);
   local->prefix = local->probability;
   for (i = 1; i < vec_len (locals); i++)
@@ -1958,6 +1968,10 @@ snat_interface_add_del_output_feature (u32 sw_if_index,
   snat_interface_t *i;
   snat_address_t *ap;
   snat_static_mapping_t *m;
+  nat_outside_fib_t *outside_fib;
+  u32 fib_index = fib_table_get_index_for_sw_if_index (FIB_PROTOCOL_IP4,
+                                                      sw_if_index);
+
 
   if (sm->deterministic ||
       (sm->static_mapping_only && !(sm->static_mapping_connection_tracking)))
@@ -1971,6 +1985,34 @@ snat_interface_add_del_output_feature (u32 sw_if_index,
   }));
   /* *INDENT-ON* */
 
+  if (!is_inside)
+    {
+      /* *INDENT-OFF* */
+      vec_foreach (outside_fib, sm->outside_fibs)
+        {
+          if (outside_fib->fib_index == fib_index)
+            {
+              if (is_del)
+                {
+                  outside_fib->refcount--;
+                  if (!outside_fib->refcount)
+                    vec_del1 (sm->outside_fibs, outside_fib - sm->outside_fibs);
+                }
+              else
+                outside_fib->refcount++;
+              goto feature_set;
+            }
+        }
+      /* *INDENT-ON* */
+      if (!is_del)
+       {
+         vec_add2 (sm->outside_fibs, outside_fib, 1);
+         outside_fib->refcount = 1;
+         outside_fib->fib_index = fib_index;
+       }
+    }
+
+feature_set:
   if (is_inside)
     {
       if (sm->endpoint_dependent)
@@ -2207,6 +2249,16 @@ snat_init (vlib_main_t * vm)
 
   nat_dpo_module_init ();
 
+  /* Init counters */
+  sm->total_users.name = "total-users";
+  sm->total_users.stat_segment_name = "/nat44/total-users";
+  vlib_validate_simple_counter (&sm->total_users, 0);
+  vlib_zero_simple_counter (&sm->total_users, 0);
+  sm->total_sessions.name = "total-sessions";
+  sm->total_sessions.stat_segment_name = "/nat44/total-sessions";
+  vlib_validate_simple_counter (&sm->total_sessions, 0);
+  vlib_zero_simple_counter (&sm->total_sessions, 0);
+
   /* Init IPFIX logging */
   snat_ipfix_logging_init (vm);