acl-plugin: take 2 at VPP-991 fix, this time with a test case which verifies it.

[vpp.git] / src / plugins / nat / nat.h

diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h
index f970821..e467fde 100644 (file)
--- a/src/plugins/nat/nat.h
+++ b/src/plugins/nat/nat.h
@@ -95,19 +95,6 @@ typedef struct {
   };
 } snat_user_key_t;
 
-typedef struct {
-  union
-  {
-    struct
-    {
-      ip4_address_t addr;
-      u16 port;
-      u16 fib_index;
-    };
-    u64 as_u64;
-  };
-} snat_worker_key_t;
-
 
 #define foreach_snat_protocol \
   _(UDP, 0, udp, "udp")       \
@@ -224,6 +211,7 @@ typedef struct {
   u32 vrf_id;
   u32 fib_index;
   snat_protocol_t proto;
+  u32 worker_index;
   nat44_lb_addr_port_t *locals;
 } snat_static_mapping_t;
 
@@ -282,12 +270,6 @@ typedef struct snat_main_s {
   clib_bihash_16_8_t out2in_ed;
   clib_bihash_16_8_t in2out_ed;
 
-  /* Non-translated packets worker lookup => src address + VRF */
-  clib_bihash_8_8_t worker_by_in;
-
-  /* Translated packets worker lookup => IP address + port number */
-  clib_bihash_8_8_t worker_by_out;
-
   snat_icmp_match_function_t * icmp_match_in2out_cb;
   snat_icmp_match_function_t * icmp_match_out2in_cb;
 
@@ -347,6 +329,7 @@ typedef struct snat_main_s {
   u8 deterministic;
   u32 translation_buckets;
   u32 translation_memory_size;
+  u32 max_translations;
   u32 user_buckets;
   u32 user_memory_size;
   u32 max_translations_per_user;
@@ -553,4 +536,13 @@ is_interface_addr(snat_main_t *sm, vlib_node_runtime_t *node, u32 sw_if_index0,
     return 0;
 }
 
+always_inline u8
+maximum_sessions_exceeded (snat_main_t *sm, u32 thread_index)
+{
+  if (pool_elts (sm->per_thread_data[thread_index].sessions) >= sm->max_translations)
+    return 1;
+
+  return 0;
+}
+
 #endif /* __included_nat_h__ */