NAT added FIB entries have a preference lower than API/CLI

[vpp.git] / src / plugins / nat / nat_reass.c

diff --git a/src/plugins/nat/nat_reass.c b/src/plugins/nat/nat_reass.c
old mode 100644 (file)
new mode 100755 (executable)
index a97d8f0..eb1b492
--- a/src/plugins/nat/nat_reass.c
+++ b/src/plugins/nat/nat_reass.c
@@ -19,6 +19,7 @@
 
 #include <vnet/vnet.h>
 #include <nat/nat_reass.h>
+#include <nat/nat_ipfix_logging.h>
 
 nat_reass_main_t nat_reass_main;
 
@@ -227,7 +228,7 @@ nat_ip4_reass_find_or_create (ip4_address_t src, ip4_address_t dst,
   dlist_elt_t *oldest_elt, *elt;
   dlist_elt_t *per_reass_list_head_elt;
   u32 oldest_index, elt_index;
-  clib_bihash_kv_16_8_t kv;
+  clib_bihash_kv_16_8_t kv, value;
 
   k.src.as_u32 = src.as_u32;
   k.dst.as_u32 = dst.as_u32;
@@ -272,12 +273,18 @@ nat_ip4_reass_find_or_create (ip4_address_t src, ip4_address_t dst,
       clib_dlist_addtail (srm->ip4_reass_lru_list_pool,
                          srm->ip4_reass_head_index, oldest_index);
 
-      kv.key[0] = k.as_u64[0];
-      kv.key[1] = k.as_u64[1];
-      if (clib_bihash_add_del_16_8 (&srm->ip4_reass_hash, &kv, 0))
+      kv.key[0] = reass->key.as_u64[0];
+      kv.key[1] = reass->key.as_u64[1];
+      if (!clib_bihash_search_16_8 (&srm->ip4_reass_hash, &kv, &value))
        {
-         reass = 0;
-         goto unlock;
+         if (value.value == (reass - srm->ip4_reass_pool))
+           {
+             if (clib_bihash_add_del_16_8 (&srm->ip4_reass_hash, &kv, 0))
+               {
+                 reass = 0;
+                 goto unlock;
+               }
+           }
        }
 
       nat_ip4_reass_get_frags_inline (reass, bi_to_drop);
@@ -305,6 +312,7 @@ nat_ip4_reass_find_or_create (ip4_address_t src, ip4_address_t dst,
   reass->sess_index = (u32) ~ 0;
   reass->thread_index = (u32) ~ 0;
   reass->last_heard = now;
+  reass->frag_n = 0;
 
   if (clib_bihash_add_del_16_8 (&srm->ip4_reass_hash, &kv, 1))
     {
@@ -325,7 +333,11 @@ nat_ip4_reass_add_fragment (nat_reass_ip4_t * reass, u32 bi)
   u32 elt_index;
 
   if (reass->frag_n >= srm->ip4_max_frag)
-    return -1;
+    {
+      nat_ipfix_logging_max_fragments_ip4 (srm->ip4_max_frag,
+                                          &reass->key.src);
+      return -1;
+    }
 
   clib_spinlock_lock_if_init (&srm->ip4_reass_lock);
 
@@ -517,7 +529,11 @@ nat_ip6_reass_add_fragment (nat_reass_ip6_t * reass, u32 bi)
   u32 elt_index;
 
   if (reass->frag_n >= srm->ip6_max_frag)
-    return -1;
+    {
+      nat_ipfix_logging_max_fragments_ip6 (srm->ip6_max_frag,
+                                          &reass->key.src);
+      return -1;
+    }
 
   clib_spinlock_lock_if_init (&srm->ip6_reass_lock);
 
@@ -718,7 +734,7 @@ show_nat_reass_command_fn (vlib_main_t * vm, unformat_input_t * input,
 {
   vlib_cli_output (vm, "NAT IPv4 virtual fragmentation reassembly is %s",
                   nat_reass_is_drop_frag (0) ? "DISABLED" : "ENABLED");
-  vlib_cli_output (vm, " max-reasssemblies %u", nat_reass_get_max_reass (0));
+  vlib_cli_output (vm, " max-reassemblies %u", nat_reass_get_max_reass (0));
   vlib_cli_output (vm, " max-fragments %u", nat_reass_get_max_frag (0));
   vlib_cli_output (vm, " timeout %usec", nat_reass_get_timeout (0));
   vlib_cli_output (vm, " reassemblies:");
@@ -726,7 +742,7 @@ show_nat_reass_command_fn (vlib_main_t * vm, unformat_input_t * input,
 
   vlib_cli_output (vm, "NAT IPv6 virtual fragmentation reassembly is %s",
                   nat_reass_is_drop_frag (1) ? "DISABLED" : "ENABLED");
-  vlib_cli_output (vm, " max-reasssemblies %u", nat_reass_get_max_reass (1));
+  vlib_cli_output (vm, " max-reassemblies %u", nat_reass_get_max_reass (1));
   vlib_cli_output (vm, " max-fragments %u", nat_reass_get_max_frag (1));
   vlib_cli_output (vm, " timeout %usec", nat_reass_get_timeout (1));
   vlib_cli_output (vm, " reassemblies:");