X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fplugins%2Fnat%2Fout2in.c;h=4589c48aef6463deadcb86a5d81474f7c3a266f5;hb=204591d1bd754f6086edcf8b27a95beab929a78f;hp=a03f780ba5ebed8d71cc1882676009a55f82595e;hpb=8996cb6f77e7ddaf892fef646dfcbe72c47d8b7c;p=vpp.git

diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c
index a03f780ba5e..4589c48aef6 100755
--- a/src/plugins/nat/out2in.c
+++ b/src/plugins/nat/out2in.c
@@ -311,6 +311,43 @@ icmp_get_ed_key(ip4_header_t *ip0, nat_ed_ses_key_t *p_key0)
   return 0;
 }
 
+static void
+create_bypass_for_fwd(snat_main_t * sm, ip4_header_t * ip)
+{
+  nat_ed_ses_key_t key;
+  clib_bihash_kv_16_8_t kv;
+  udp_header_t *udp;
+
+  if (ip->protocol == IP_PROTOCOL_ICMP)
+    {
+      if (icmp_get_ed_key (ip, &key))
+        return;
+    }
+  else if (ip->protocol == IP_PROTOCOL_UDP || ip->protocol == IP_PROTOCOL_TCP)
+    {
+      udp = ip4_next_header(ip);
+      key.r_addr = ip->src_address;
+      key.l_addr = ip->dst_address;
+      key.proto = ip->protocol;
+      key.l_port = udp->dst_port;
+      key.r_port = udp->src_port;
+    }
+  else
+    {
+      key.r_addr = ip->src_address;
+      key.l_addr = ip->dst_address;
+      key.proto = ip->protocol;
+      key.l_port = key.r_port = 0;
+    }
+  key.fib_index = 0;
+  kv.key[0] = key.as_u64[0];
+  kv.key[1] = key.as_u64[1];
+  kv.value = ~0ULL;
+
+  if (clib_bihash_add_del_16_8 (&sm->in2out_ed, &kv, 1))
+    clib_warning ("in2out_ed key add failed");
+}
+
 /**
  * Get address and port values to be used for ICMP packet translation
  * and create session if needed
@@ -382,6 +419,7 @@ u32 icmp_match_out2in_slow(snat_main_t *sm, vlib_node_runtime_t *node,
             }
           else
             {
+              create_bypass_for_fwd(sm, ip0);
               dont_translate = 1;
               goto out;
             }
@@ -1116,7 +1154,10 @@ snat_out2in_node_fn (vlib_main_t * vm,
                       goto trace0;
                     }
                   else
-                    goto trace0;
+                    {
+                      create_bypass_for_fwd(sm, ip0);
+                      goto trace0;
+                    }
                 }
 
               /* Create session initiated by host from external network */
@@ -1283,7 +1324,10 @@ snat_out2in_node_fn (vlib_main_t * vm,
                       goto trace1;
                     }
                   else
-                    goto trace1;
+                    {
+                      create_bypass_for_fwd(sm, ip1);
+                      goto trace1;
+                    }
                 }
 
               /* Create session initiated by host from external network */
@@ -1486,7 +1530,10 @@ snat_out2in_node_fn (vlib_main_t * vm,
                       goto trace00;
                     }
                   else
-                    goto trace00;
+                    {
+                      create_bypass_for_fwd(sm, ip0);
+                      goto trace00;
+                    }
                 }
 
               /* Create session initiated by host from external network */
@@ -1730,7 +1777,10 @@ nat44_out2in_reass_node_fn (vlib_main_t * vm,
                           goto trace0;
                         }
                       else
-                        goto trace0;
+                        {
+                          create_bypass_for_fwd(sm, ip0);
+                          goto trace0;
+                        }
                     }
 
                   /* Create session initiated by host from external network */