X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fplugins%2Fnat%2Fout2in_ed.c;h=b0e8892f77a59bfd4b93f47a6cf08c3f19c6a51a;hb=25fd8ad03;hp=8eef1e435354b65f962ff47e0926e7d17f065cd7;hpb=6484f4b9cbaf19062444cfe09b39ce1514dd146f;p=vpp.git

diff --git a/src/plugins/nat/out2in_ed.c b/src/plugins/nat/out2in_ed.c
index 8eef1e43535..b0e8892f77a 100644
--- a/src/plugins/nat/out2in_ed.c
+++ b/src/plugins/nat/out2in_ed.c
@@ -19,17 +19,16 @@
 
 #include <vlib/vlib.h>
 #include <vnet/vnet.h>
-#include <vnet/pg/pg.h>
 #include <vnet/ip/ip.h>
 #include <vnet/ethernet/ethernet.h>
 #include <vnet/fib/ip4_fib.h>
-#include <vnet/udp/udp.h>
+#include <vnet/udp/udp_local.h>
 #include <vppinfra/error.h>
 #include <nat/nat.h>
-#include <nat/nat_ipfix_logging.h>
+#include <nat/lib/ipfix_logging.h>
 #include <nat/nat_inlines.h>
 #include <nat/nat44/inlines.h>
-#include <nat/nat_syslog.h>
+#include <nat/lib/nat_syslog.h>
 #include <nat/nat_ha.h>
 #include <nat/nat44/ed_inlines.h>
 
@@ -138,13 +137,13 @@ nat44_o2i_ed_is_idle_session_cb (clib_bihash_kv_16_8_t * kv, void *arg)
       if (snat_is_unk_proto_session (s))
 	goto delete;
 
-      snat_ipfix_logging_nat44_ses_delete (ctx->thread_index,
-					   s->in2out.addr.as_u32,
-					   s->out2in.addr.as_u32,
-					   s->nat_proto,
-					   s->in2out.port,
-					   s->out2in.port,
-					   s->in2out.fib_index);
+      nat_ipfix_logging_nat44_ses_delete (ctx->thread_index,
+					  s->in2out.addr.as_u32,
+					  s->out2in.addr.as_u32,
+					  s->nat_proto,
+					  s->in2out.port,
+					  s->out2in.port,
+					  s->in2out.fib_index);
 
       nat_syslog_nat44_sdel (s->user_index, s->in2out.fib_index,
 			     &s->in2out.addr, s->in2out.port,
@@ -231,7 +230,7 @@ nat_alloc_addr_and_port_exact (snat_address_t * a,
     }
 
   /* Totally out of translations to use... */
-  snat_ipfix_logging_addresses_exhausted (thread_index, 0);
+  nat_ipfix_logging_addresses_exhausted (thread_index, 0);
   return 1;
 }
 
@@ -372,12 +371,12 @@ create_session_for_static_mapping_ed (snat_main_t * sm,
 					       &ctx))
     nat_elog_notice ("in2out-ed key add failed");
 
-  snat_ipfix_logging_nat44_ses_create (thread_index,
-				       s->in2out.addr.as_u32,
-				       s->out2in.addr.as_u32,
-				       s->nat_proto,
-				       s->in2out.port,
-				       s->out2in.port, s->in2out.fib_index);
+  nat_ipfix_logging_nat44_ses_create (thread_index,
+				      s->in2out.addr.as_u32,
+				      s->out2in.addr.as_u32,
+				      s->nat_proto,
+				      s->in2out.port,
+				      s->out2in.port, s->in2out.fib_index);
 
   nat_syslog_nat44_sadd (s->user_index, s->in2out.fib_index,
 			 &s->in2out.addr, s->in2out.port,
@@ -453,6 +452,12 @@ create_bypass_for_fwd (snat_main_t * sm, vlib_buffer_t * b, ip4_header_t * ip,
 	pool_elt_at_index (tsm->sessions,
 			   ed_value_get_session_index (&value));
     }
+  else if (ip->protocol == IP_PROTOCOL_ICMP &&
+	   icmp_type_is_error_message
+	   (vnet_buffer (b)->ip.reass.icmp_type_or_tcp_flags))
+    {
+      return;
+    }
   else
     {
       u32 proto;
@@ -482,7 +487,7 @@ create_bypass_for_fwd (snat_main_t * sm, vlib_buffer_t * b, ip4_header_t * ip,
 	  s->flags |= SNAT_SESSION_FLAG_UNKNOWN_PROTO;
 	  s->out2in.port = ip->protocol;
 	}
-      s->out2in.fib_index = 0;
+      s->out2in.fib_index = rx_fib_index;
       s->in2out.addr = s->out2in.addr;
       s->in2out.port = s->out2in.port;
       s->in2out.fib_index = s->out2in.fib_index;
@@ -497,10 +502,9 @@ create_bypass_for_fwd (snat_main_t * sm, vlib_buffer_t * b, ip4_header_t * ip,
   if (ip->protocol == IP_PROTOCOL_TCP)
     {
       tcp_header_t *tcp = ip4_next_header (ip);
-      if (nat44_set_tcp_session_state_o2i
-	  (sm, now, s, tcp->flags, tcp->ack_number, tcp->seq_number,
-	   thread_index))
-	return;
+      nat44_set_tcp_session_state_o2i (sm, now, s, tcp->flags,
+				       tcp->ack_number, tcp->seq_number,
+				       thread_index);
     }
 
   /* Accounting */
@@ -964,11 +968,14 @@ nat44_ed_out2in_fast_path_node_fn_inline (vlib_main_t * vm,
 	    }
 	  vlib_increment_simple_counter (&sm->counters.fastpath.out2in_ed.tcp,
 					 thread_index, sw_if_index0, 1);
-	  if (nat44_set_tcp_session_state_o2i
-	      (sm, now, s0, vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags,
-	       vnet_buffer (b0)->ip.reass.tcp_ack_number,
-	       vnet_buffer (b0)->ip.reass.tcp_seq_number, thread_index))
-	    goto trace0;
+	  nat44_set_tcp_session_state_o2i (sm, now, s0,
+					   vnet_buffer (b0)->ip.
+					   reass.icmp_type_or_tcp_flags,
+					   vnet_buffer (b0)->ip.
+					   reass.tcp_ack_number,
+					   vnet_buffer (b0)->ip.
+					   reass.tcp_seq_number,
+					   thread_index);
 	}
       else if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment
 	       && udp0->checksum)
@@ -1286,11 +1293,14 @@ nat44_ed_out2in_slow_path_node_fn_inline (vlib_main_t * vm,
 	    }
 	  vlib_increment_simple_counter (&sm->counters.slowpath.out2in_ed.tcp,
 					 thread_index, sw_if_index0, 1);
-	  if (nat44_set_tcp_session_state_o2i
-	      (sm, now, s0, vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags,
-	       vnet_buffer (b0)->ip.reass.tcp_ack_number,
-	       vnet_buffer (b0)->ip.reass.tcp_seq_number, thread_index))
-	    goto trace0;
+	  nat44_set_tcp_session_state_o2i (sm, now, s0,
+					   vnet_buffer (b0)->ip.
+					   reass.icmp_type_or_tcp_flags,
+					   vnet_buffer (b0)->ip.
+					   reass.tcp_ack_number,
+					   vnet_buffer (b0)->ip.
+					   reass.tcp_seq_number,
+					   thread_index);
 	}
       else if (!vnet_buffer (b0)->ip.reass.is_non_first_fragment
 	       && udp0->checksum)