nat: fix error counters

Type: fix

Change-Id: I021b1427362f4bdba1c0ebc9863c9143dd6b3cb7
Signed-off-by: Klement Sekera <ksekera@cisco.com>

diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c
index ca737d5..4e7432d 100644 (file)
--- a/src/plugins/nat/in2out_ed.c
+++ b/src/plugins/nat/in2out_ed.c
@@ -282,6 +282,7 @@ slow_path_ed (snat_main_t * sm,
       if (!is_sm)
        snat_free_outside_address_and_port (sm->addresses,
                                            thread_index, &key1);
+      b->error = node->errors[NAT_IN2OUT_ED_ERROR_CANNOT_CREATE_USER];
       return NAT_NEXT_DROP;
     }
 
@@ -293,6 +294,7 @@ slow_path_ed (snat_main_t * sm,
       if (!is_sm)
        snat_free_outside_address_and_port (sm->addresses,
                                            thread_index, &key1);
+      b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_USER_SESS_EXCEEDED];
       return NAT_NEXT_DROP;
     }
 
@@ -712,6 +714,7 @@ nat44_ed_in2out_unknown_proto (snat_main_t * sm,
                                  thread_index);
       if (!u)
        {
+         b->error = node->errors[NAT_IN2OUT_ED_ERROR_CANNOT_CREATE_USER];
          nat_elog_warn ("create NAT user failed");
          return 0;
        }
@@ -780,6 +783,7 @@ nat44_ed_in2out_unknown_proto (snat_main_t * sm,
       s = nat_ed_session_alloc (sm, u, thread_index, now);
       if (!s)
        {
+         b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_USER_SESS_EXCEEDED];
          nat44_delete_user_with_no_session (sm, u, thread_index);
          nat_elog_warn ("create NAT session failed");
          return 0;
@@ -959,6 +963,7 @@ nat44_ed_in2out_fast_path_node_fn_inline (vlib_main_t * vm,
              nat_free_session_data (sm, s0, thread_index, 0);
              nat44_delete_session (sm, s0, thread_index);
 
+             b0->error = node->errors[NAT_IN2OUT_ED_ERROR_SESS_EXPIRED];
              next0 = NAT_NEXT_DROP;
              goto trace0;
            }

diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c
index bc2f8c0..1f63237 100755 (executable)
--- a/src/plugins/nat/nat.c
+++ b/src/plugins/nat/nat.c
@@ -490,7 +490,11 @@ nat_user_get_or_create (snat_main_t * sm, ip4_address_t * addr, u32 fib_index,
 
       /* add user */
       if (clib_bihash_add_del_8_8 (&tsm->user_hash, &kv, 1))
-       nat_elog_warn ("user_hash keay add failed");
+       {
+         nat_elog_warn ("user_hash key add failed");
+         nat44_delete_user_with_no_session (sm, u, thread_index);
+         return NULL;
+       }
 
       vlib_set_simple_counter (&sm->total_users, thread_index, 0,
                               pool_elts (tsm->users));

diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h
index 647bec0..8df3b9a 100644 (file)
--- a/src/plugins/nat/nat.h
+++ b/src/plugins/nat/nat.h
@@ -219,10 +219,13 @@ _(UNSUPPORTED_PROTOCOL, "unsupported protocol")         \
 _(IN2OUT_PACKETS, "good in2out packets processed")      \
 _(OUT_OF_PORTS, "out of ports")                         \
 _(BAD_ICMP_TYPE, "unsupported ICMP type")               \
+_(SESS_EXPIRED, "session expired")                      \
 _(MAX_SESSIONS_EXCEEDED, "maximum sessions exceeded")   \
+_(MAX_USER_SESS_EXCEEDED, "max user sessions exceeded") \
 _(DROP_FRAGMENT, "drop fragment")                       \
 _(MAX_REASS, "maximum reassemblies exceeded")           \
 _(MAX_FRAG, "maximum fragments per reassembly exceeded")\
+_(CANNOT_CREATE_USER, "cannot create NAT user")         \
 _(NON_SYN, "non-SYN packet try to create session")      \
 _(TCP_PACKETS, "TCP packets")                           \
 _(UDP_PACKETS, "UDP packets")                           \
@@ -246,10 +249,13 @@ _(OUT2IN_PACKETS, "good out2in packets processed")      \
 _(OUT_OF_PORTS, "out of ports")                         \
 _(BAD_ICMP_TYPE, "unsupported ICMP type")               \
 _(NO_TRANSLATION, "no translation")                     \
+_(SESS_EXPIRED, "session expired")                      \
 _(MAX_SESSIONS_EXCEEDED, "maximum sessions exceeded")   \
+_(MAX_USER_SESS_EXCEEDED, "max user sessions exceeded") \
 _(DROP_FRAGMENT, "drop fragment")                       \
 _(MAX_REASS, "maximum reassemblies exceeded")           \
 _(MAX_FRAG, "maximum fragments per reassembly exceeded")\
+_(CANNOT_CREATE_USER, "cannot create NAT user")         \
 _(NON_SYN, "non-SYN packet try to create session")      \
 _(TCP_PACKETS, "TCP packets")                           \
 _(UDP_PACKETS, "UDP packets")                           \

diff --git a/src/plugins/nat/out2in_ed.c b/src/plugins/nat/out2in_ed.c
index 420b7b7..fbb7d06 100644 (file)
--- a/src/plugins/nat/out2in_ed.c
+++ b/src/plugins/nat/out2in_ed.c
@@ -213,6 +213,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm,
   u = nat_user_get_or_create (sm, &l_key.addr, l_key.fib_index, thread_index);
   if (!u)
     {
+      b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED];
       nat_elog_warn ("create NAT user failed");
       return 0;
     }
@@ -220,6 +221,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm,
   s = nat_ed_session_alloc (sm, u, thread_index, now);
   if (!s)
     {
+      b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_USER_SESS_EXCEEDED];
       nat44_delete_user_with_no_session (sm, u, thread_index);
       nat_elog_warn ("create NAT session failed");
       return 0;
@@ -613,6 +615,7 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm,
                                  thread_index);
       if (!u)
        {
+         b->error = node->errors[NAT_OUT2IN_ED_ERROR_CANNOT_CREATE_USER];
          nat_elog_warn ("create NAT user failed");
          return 0;
        }
@@ -621,6 +624,7 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm,
       s = nat_ed_session_alloc (sm, u, thread_index, now);
       if (!s)
        {
+         b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_USER_SESS_EXCEEDED];
          nat44_delete_user_with_no_session (sm, u, thread_index);
          nat_elog_warn ("create NAT session failed");
          return 0;
@@ -772,6 +776,7 @@ nat44_ed_out2in_fast_path_node_fn_inline (vlib_main_t * vm,
              nat_free_session_data (sm, s0, thread_index, 0);
              nat44_delete_session (sm, s0, thread_index);
 
+             b0->error = node->errors[NAT_OUT2IN_ED_ERROR_SESS_EXPIRED];
              next0 = NAT_NEXT_DROP;
              goto trace0;
            }