snat_det_forward(dm0, &ip0->src_address, &new_addr0, &lo_port0);
- ses0 = snat_det_find_ses_by_in(dm0, &ip0->src_address, tcp0->src);
+ key0.ext_host_addr = ip0->dst_address;
+ key0.ext_host_port = tcp0->dst;
+
+ ses0 = snat_det_find_ses_by_in(dm0, &ip0->src_address, tcp0->src, key0);
if (PREDICT_FALSE(!ses0))
{
- key0.ext_host_addr = ip0->dst_address;
- key0.ext_host_port = tcp0->dst;
for (i0 = 0; i0 < dm0->ports_per_host; i0++)
{
key0.out_port = clib_host_to_net_u16 (lo_port0 +
snat_det_forward(dm1, &ip1->src_address, &new_addr1, &lo_port1);
- ses1 = snat_det_find_ses_by_in(dm1, &ip1->src_address, tcp1->src);
+ key1.ext_host_addr = ip1->dst_address;
+ key1.ext_host_port = tcp1->dst;
+
+ ses1 = snat_det_find_ses_by_in(dm1, &ip1->src_address, tcp1->src, key1);
if (PREDICT_FALSE(!ses1))
{
- key1.ext_host_addr = ip1->dst_address;
- key1.ext_host_port = tcp1->dst;
for (i1 = 0; i1 < dm1->ports_per_host; i1++)
{
key1.out_port = clib_host_to_net_u16 (lo_port1 +
snat_det_forward(dm0, &ip0->src_address, &new_addr0, &lo_port0);
- ses0 = snat_det_find_ses_by_in(dm0, &ip0->src_address, tcp0->src);
+ key0.ext_host_addr = ip0->dst_address;
+ key0.ext_host_port = tcp0->dst;
+
+ ses0 = snat_det_find_ses_by_in(dm0, &ip0->src_address, tcp0->src, key0);
if (PREDICT_FALSE(!ses0))
{
- key0.ext_host_addr = ip0->dst_address;
- key0.ext_host_port = tcp0->dst;
for (i0 = 0; i0 < dm0->ports_per_host; i0++)
{
key0.out_port = clib_host_to_net_u16 (lo_port0 +
snat_det_forward(dm0, &in_addr, &new_addr0, &lo_port0);
- ses0 = snat_det_find_ses_by_in(dm0, &in_addr, in_port);
+ key0.ext_host_addr = ip0->dst_address;
+ key0.ext_host_port = 0;
+
+ ses0 = snat_det_find_ses_by_in(dm0, &in_addr, in_port, key0);
if (PREDICT_FALSE(!ses0))
{
if (PREDICT_FALSE(snat_not_translate_fast(sm, node, sw_if_index0, ip0,
next0 = SNAT_IN2OUT_NEXT_DROP;
goto out;
}
- key0.ext_host_addr = ip0->dst_address;
- key0.ext_host_port = 0;
for (i0 = 0; i0 < dm0->ports_per_host; i0++)
{
key0.out_port = clib_host_to_net_u16 (lo_port0 +
}
always_inline snat_det_session_t *
-snat_det_find_ses_by_in (snat_det_map_t * dm,
- ip4_address_t * in_addr, u16 in_port)
+snat_det_find_ses_by_in (snat_det_map_t * dm, ip4_address_t * in_addr,
+ u16 in_port, snat_det_out_key_t out_key)
{
+ snat_det_session_t *ses;
u32 user_offset;
u16 i;
user_offset = snat_det_user_ses_offset (in_addr, dm->in_plen);
for (i = 0; i < SNAT_DET_SES_PER_USER; i++)
{
- if (dm->sessions[i + user_offset].in_port == in_port)
+ ses = &dm->sessions[i + user_offset];
+ if (ses->in_port == in_port &&
+ ses->out.ext_host_addr.as_u32 == out_key.ext_host_addr.as_u32 &&
+ ses->out.ext_host_port == out_key.ext_host_port)
return &dm->sessions[i + user_offset];
}