X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fplugins%2Fnat%2Fout2in_ed.c;h=fbb7d069dbb3ffbfaa97293cf9fe31661f3d7fa7;hb=refs%2Fchanges%2F01%2F26101%2F2;hp=91b8d5a8aaec1e2237c0924e240011b11fb26a0a;hpb=855938073f4f0c377488652f4204d3869151b010;p=vpp.git

diff --git a/src/plugins/nat/out2in_ed.c b/src/plugins/nat/out2in_ed.c
index 91b8d5a8aae..fbb7d069dbb 100644
--- a/src/plugins/nat/out2in_ed.c
+++ b/src/plugins/nat/out2in_ed.c
@@ -203,8 +203,6 @@ create_session_for_static_mapping_ed (snat_main_t * sm,
   snat_session_key_t eh_key;
   nat44_is_idle_session_ctx_t ctx;
 
-  nat44_session_try_cleanup (&l_key.addr, l_key.fib_index, thread_index, now);
-
   if (PREDICT_FALSE (nat44_maximum_sessions_exceeded (sm, thread_index)))
     {
       b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED];
@@ -215,6 +213,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm,
   u = nat_user_get_or_create (sm, &l_key.addr, l_key.fib_index, thread_index);
   if (!u)
     {
+      b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED];
       nat_elog_warn ("create NAT user failed");
       return 0;
     }
@@ -222,6 +221,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm,
   s = nat_ed_session_alloc (sm, u, thread_index, now);
   if (!s)
     {
+      b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_USER_SESS_EXCEEDED];
       nat44_delete_user_with_no_session (sm, u, thread_index);
       nat_elog_warn ("create NAT session failed");
       return 0;
@@ -615,6 +615,7 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm,
 				  thread_index);
       if (!u)
 	{
+	  b->error = node->errors[NAT_OUT2IN_ED_ERROR_CANNOT_CREATE_USER];
 	  nat_elog_warn ("create NAT user failed");
 	  return 0;
 	}
@@ -623,6 +624,7 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm,
       s = nat_ed_session_alloc (sm, u, thread_index, now);
       if (!s)
 	{
+	  b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_USER_SESS_EXCEEDED];
 	  nat44_delete_user_with_no_session (sm, u, thread_index);
 	  nat_elog_warn ("create NAT session failed");
 	  return 0;
@@ -764,6 +766,22 @@ nat44_ed_out2in_fast_path_node_fn_inline (vlib_main_t * vm,
 	    }
 	  s0 = pool_elt_at_index (tsm->sessions, value0.value);
 
+	  // drop if session expired
+	  u64 sess_timeout_time;
+	  sess_timeout_time = s0->last_heard +
+	    (f64) nat44_session_get_timeout (sm, s0);
+	  if (now >= sess_timeout_time)
+	    {
+	      // delete session
+	      nat_free_session_data (sm, s0, thread_index, 0);
+	      nat44_delete_session (sm, s0, thread_index);
+
+	      b0->error = node->errors[NAT_OUT2IN_ED_ERROR_SESS_EXPIRED];
+	      next0 = NAT_NEXT_DROP;
+	      goto trace0;
+	    }
+	  //
+
 	  old_addr0 = ip0->dst_address.as_u32;
 	  new_addr0 = ip0->dst_address.as_u32 = s0->in2out.addr.as_u32;
 	  vnet_buffer (b0)->sw_if_index[VLIB_TX] = s0->in2out.fib_index;