dlist_elt_t *oldest_elt, *elt;
dlist_elt_t *per_reass_list_head_elt;
u32 oldest_index, elt_index;
- clib_bihash_kv_16_8_t kv;
+ clib_bihash_kv_16_8_t kv, value;
k.src.as_u32 = src.as_u32;
k.dst.as_u32 = dst.as_u32;
srm->ip4_reass_head_index,
reass->lru_list_index);
}
+
+ if (reass->flags && NAT_REASS_FLAG_MAX_FRAG_DROP)
+ {
+ reass = 0;
+ goto unlock;
+ }
+
goto unlock;
}
clib_dlist_addtail (srm->ip4_reass_lru_list_pool,
srm->ip4_reass_head_index, oldest_index);
- kv.key[0] = k.as_u64[0];
- kv.key[1] = k.as_u64[1];
- if (clib_bihash_add_del_16_8 (&srm->ip4_reass_hash, &kv, 0))
+ kv.key[0] = reass->key.as_u64[0];
+ kv.key[1] = reass->key.as_u64[1];
+ if (!clib_bihash_search_16_8 (&srm->ip4_reass_hash, &kv, &value))
{
- reass = 0;
- goto unlock;
+ if (value.value == (reass - srm->ip4_reass_pool))
+ {
+ if (clib_bihash_add_del_16_8 (&srm->ip4_reass_hash, &kv, 0))
+ {
+ reass = 0;
+ goto unlock;
+ }
+ }
}
nat_ip4_reass_get_frags_inline (reass, bi_to_drop);
}
int
-nat_ip4_reass_add_fragment (nat_reass_ip4_t * reass, u32 bi)
+nat_ip4_reass_add_fragment (nat_reass_ip4_t * reass, u32 bi,
+ u32 ** bi_to_drop)
{
nat_reass_main_t *srm = &nat_reass_main;
dlist_elt_t *elt;
{
nat_ipfix_logging_max_fragments_ip4 (srm->ip4_max_frag,
&reass->key.src);
+ reass->flags |= NAT_REASS_FLAG_MAX_FRAG_DROP;
+ nat_ip4_reass_get_frags_inline (reass, bi_to_drop);
return -1;
}
srm->ip6_reass_head_index,
reass->lru_list_index);
}
+
+ if (reass->flags && NAT_REASS_FLAG_MAX_FRAG_DROP)
+ {
+ reass = 0;
+ goto unlock;
+ }
+
goto unlock;
}
}
int
-nat_ip6_reass_add_fragment (nat_reass_ip6_t * reass, u32 bi)
+nat_ip6_reass_add_fragment (nat_reass_ip6_t * reass, u32 bi,
+ u32 ** bi_to_drop)
{
nat_reass_main_t *srm = &nat_reass_main;
dlist_elt_t *elt;
{
nat_ipfix_logging_max_fragments_ip6 (srm->ip6_max_frag,
&reass->key.src);
+ reass->flags |= NAT_REASS_FLAG_MAX_FRAG_DROP;
+ nat_ip6_reass_get_frags_inline (reass, bi_to_drop);
return -1;
}
Code Review / vpp.git / blobdiff