ed_key.fib_index = 0;
ed_kv.key[0] = ed_key.as_u64[0];
ed_kv.key[1] = ed_key.as_u64[1];
- if (clib_bihash_add_del_16_8 (&sm->in2out_ed, &ed_kv, 0))
+ if (clib_bihash_add_del_16_8 (&sm->in2out_ed, &ed_kv, 0) &&
+ s->state != SNAT_SESSION_TCP_CLOSED)
clib_warning ("in2out_ed key del failed");
return;
}
}
ed_kv.key[0] = ed_key.as_u64[0];
ed_kv.key[1] = ed_key.as_u64[1];
- if (clib_bihash_add_del_16_8 (&sm->out2in_ed, &ed_kv, 0))
+ if (clib_bihash_add_del_16_8 (&sm->out2in_ed, &ed_kv, 0) &&
+ s->state != SNAT_SESSION_TCP_CLOSED)
clib_warning ("out2in_ed key del failed");
ed_key.l_addr = s->in2out.addr;
}
ed_kv.key[0] = ed_key.as_u64[0];
ed_kv.key[1] = ed_key.as_u64[1];
- if (clib_bihash_add_del_16_8 (&sm->in2out_ed, &ed_kv, 0))
+ if (clib_bihash_add_del_16_8 (&sm->in2out_ed, &ed_kv, 0) &&
+ s->state != SNAT_SESSION_TCP_CLOSED)
clib_warning ("in2out_ed key del failed");
}
s->in2out.fib_index);
/* Twice NAT address and port for external host */
- if (is_twice_nat_session (s))
+ if (is_twice_nat_session (s) && s->state != SNAT_SESSION_TCP_CLOSED)
{
for (i = 0; i < vec_len (sm->twice_nat_addresses); i++)
{
/* Session lookup tables */
kv.key = s->in2out.as_u64;
- if (clib_bihash_add_del_8_8 (&tsm->in2out, &kv, 0))
+ if (clib_bihash_add_del_8_8 (&tsm->in2out, &kv, 0) &&
+ s->state != SNAT_SESSION_TCP_CLOSED)
clib_warning ("in2out key del failed");
kv.key = s->out2in.as_u64;
- if (clib_bihash_add_del_8_8 (&tsm->out2in, &kv, 0))
+ if (clib_bihash_add_del_8_8 (&tsm->out2in, &kv, 0) &&
+ s->state != SNAT_SESSION_TCP_CLOSED)
clib_warning ("out2in key del failed");
if (snat_is_session_static (s))
return;
- if (s->outside_address_index != ~0)
+ if (s->outside_address_index != ~0 && s->state != SNAT_SESSION_TCP_CLOSED)
snat_free_outside_address_and_port (sm->addresses, thread_index,
&s->out2in, s->outside_address_index);
}
s->flags = 0;
s->total_bytes = 0;
s->total_pkts = 0;
+ s->state = 0;
+ s->ext_host_addr.as_u32 = 0;
+ s->ext_host_port = 0;
+ s->ext_host_nat_addr.as_u32 = 0;
+ s->ext_host_nat_port = 0;
}
else
{
sw_if_index, 0, 0, 0);
vnet_feature_enable_disable ("ip4-unicast", feature_name,
sw_if_index, 1, 0, 0);
+ if (!is_inside)
+ vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning",
+ sw_if_index, 1, 0, 0);
}
else
{
vnet_feature_enable_disable ("ip4-unicast", feature_name,
sw_if_index, 0, 0, 0);
pool_put (sm->interfaces, i);
+ if (is_inside)
+ vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning",
+ sw_if_index, 0, 0, 0);
}
}
else
sw_if_index, 0, 0, 0);
vnet_feature_enable_disable ("ip4-unicast", feature_name,
sw_if_index, 1, 0, 0);
+ if (!is_inside)
+ vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning",
+ sw_if_index, 0, 0, 0);
goto set_flags;
}
i->flags = 0;
vnet_feature_enable_disable ("ip4-unicast", feature_name, sw_if_index, 1, 0, 0);
+ if (is_inside && !sm->out2in_dpo)
+ vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning",
+ sw_if_index, 1, 0, 0);
+
set_flags:
if (is_inside)
- i->flags |= NAT_INTERFACE_FLAG_IS_INSIDE;
+ {
+ i->flags |= NAT_INTERFACE_FLAG_IS_INSIDE;
+ return 0;
+ }
else
i->flags |= NAT_INTERFACE_FLAG_IS_OUTSIDE;
/* Add/delete external addresses to FIB */
fib:
- if (is_inside && !sm->out2in_dpo)
- {
- vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning",
- sw_if_index, !is_del, 0, 0);
- return 0;
- }
-
vec_foreach (ap, sm->addresses)
snat_add_del_addr_to_fib(&ap->addr, 32, sw_if_index, !is_del);
else
{
if (sess->ext_host_addr.as_u32)
- s = format (s, " external host %U\n",
- format_ip4_address, &sess->ext_host_addr);
+ s = format (s, " external host %U:%u\n",
+ format_ip4_address, &sess->ext_host_addr,
+ clib_net_to_host_u16 (sess->ext_host_port));
}
s = format (s, " last heard %.2f\n", sess->last_heard);
s = format (s, " total pkts %d, total bytes %lld\n",
sess->total_pkts, sess->total_bytes);
+ if (sess->in2out.protocol == SNAT_PROTOCOL_TCP)
+ {
+ s = format (s, " state %s\n",
+ sess->state == SNAT_SESSION_TCP_CLOSED ? "closed" : "open");
+ }
if (snat_is_session_static (sess))
s = format (s, " static translation\n");
else
nat44_lb_addr_port_t *local;
if (m->addr_only)
- s = format (s, "local %U external %U vrf %d %s",
+ s = format (s, "local %U external %U vrf %d %s %s",
format_ip4_address, &m->local_addr,
format_ip4_address, &m->external_addr,
m->vrf_id,
m->twice_nat == TWICE_NAT ? "twice-nat" :
- m->twice_nat == TWICE_NAT_SELF ? "self-twice-nat" : "");
+ m->twice_nat == TWICE_NAT_SELF ? "self-twice-nat" : "",
+ m->out2in_only ? "out2in-only" : "");
else
{
if (vec_len (m->locals))
Code Review / vpp.git / blobdiff