key1.protocol = key0->protocol;
- u = nat_user_get_or_create (sm, &ip0->src_address, rx_fib_index0,
- thread_index);
- if (!u)
- {
- nat_log_warn ("create NAT user failed");
- return SNAT_IN2OUT_NEXT_DROP;
- }
-
/* First try to match static mapping by local address and port */
if (snat_static_mapping_match (sm, *key0, &key1, 0, 0, 0, 0))
{
else
is_sm = 1;
+ u = nat_user_get_or_create (sm, &ip0->src_address, rx_fib_index0,
+ thread_index);
+ if (!u)
+ {
+ nat_log_warn ("create NAT user failed");
+ return SNAT_IN2OUT_NEXT_DROP;
+ }
+
s = nat_session_alloc_or_recycle (sm, u, thread_index);
if (!s)
{
+ nat44_delete_user_with_no_session (sm, u, thread_index);
nat_log_warn ("create NAT session failed");
return SNAT_IN2OUT_NEXT_DROP;
}
s = nat_session_alloc_or_recycle (sm, u, thread_index);
if (!s)
{
+ nat44_delete_user_with_no_session (sm, u, thread_index);
nat_log_warn ("create NAT session failed");
return SNAT_IN2OUT_NEXT_DROP;
}
s = nat_session_alloc_or_recycle (sm, u, thread_index);
if (!s)
{
+ nat44_delete_user_with_no_session (sm, u, thread_index);
nat_log_warn ("create NAT session failed");
return 0;
}
/* add user */
if (clib_bihash_add_del_8_8 (&tsm->user_hash, &kv, 1))
nat_log_warn ("user_hash keay add failed");
+
+ clib_warning("%U %d", format_ip4_address, addr, fib_index);
}
else
{
nat_free_session_data (sm, s, tsm - sm->per_thread_data);
nat44_delete_session (sm, s, tsm - sm->per_thread_data);
- if (!addr_only)
+ if (!addr_only && !sm->endpoint_dependent)
break;
}
}
nat_free_session_data (sm, s, tsm - sm->per_thread_data);
nat44_delete_session (sm, s, tsm - sm->per_thread_data);
- if (!addr_only)
+ if (!addr_only && !sm->endpoint_dependent)
break;
}
- if (addr_only && (u->nstaticsessions == 0) && (u->nsessions == 0))
- {
- pool_put (tsm->users, u);
- clib_bihash_add_del_8_8 (&tsm->user_hash, &kv, 0);
- }
}
}
}
/* *INDENT-OFF* */
vec_foreach (tsm, sm->per_thread_data)
- vec_foreach (u, tsm->users)
- send_nat44_user_details (u, reg, mp->context);
+ {
+ pool_foreach (u, tsm->users,
+ ({
+ send_nat44_user_details (u, reg, mp->context);
+ }));
+ }
/* *INDENT-ON* */
}
}
}
+always_inline void
+nat44_delete_user_with_no_session (snat_main_t * sm, snat_user_t * u,
+ u32 thread_index)
+{
+ clib_bihash_kv_8_8_t kv;
+ snat_user_key_t u_key;
+ snat_main_per_thread_data_t *tsm = vec_elt_at_index (sm->per_thread_data,
+ thread_index);
+
+ if (u->nstaticsessions == 0 && u->nsessions == 0)
+ {
+ u_key.addr.as_u32 = u->addr.as_u32;
+ u_key.fib_index = u->fib_index;
+ kv.key = u_key.as_u64;
+ pool_put_index (tsm->list_pool, u->sessions_per_user_list_head_index);
+ pool_put (tsm->users, u);
+ clib_bihash_add_del_8_8 (&tsm->user_hash, &kv, 0);
+ }
+}
+
always_inline void
nat44_delete_session (snat_main_t * sm, snat_session_t * ses,
u32 thread_index)
snat_user_t *u;
nat_log_debug ("session deleted %U", format_snat_session, tsm, ses);
+
+ clib_dlist_remove (tsm->list_pool, ses->per_user_index);
+ pool_put_index (tsm->list_pool, ses->per_user_index);
+ pool_put (tsm->sessions, ses);
+
u_key.addr = ses->in2out.addr;
u_key.fib_index = ses->in2out.fib_index;
kv.key = u_key.as_u64;
u->nstaticsessions--;
else
u->nsessions--;
+
+ nat44_delete_user_with_no_session (sm, u, thread_index);
}
- clib_dlist_remove (tsm->list_pool, ses->per_user_index);
- pool_put_index (tsm->list_pool, ses->per_user_index);
- pool_put (tsm->sessions, ses);
}
/** \brief Set TCP session state.
s = nat_session_alloc_or_recycle (sm, u, thread_index);
if (!s)
{
+ nat44_delete_user_with_no_session (sm, u, thread_index);
nat_log_warn ("create NAT session failed");
return 0;
}
s = nat_session_alloc_or_recycle (sm, u, thread_index);
if (!s)
{
+ nat44_delete_user_with_no_session (sm, u, thread_index);
nat_log_warn ("create NAT session failed");
return 0;
}
s = nat_session_alloc_or_recycle (sm, u, thread_index);
if (!s)
{
+ nat44_delete_user_with_no_session (sm, u, thread_index);
nat_log_warn ("create NAT session failed");
return;
}
s = nat_session_alloc_or_recycle (sm, u, thread_index);
if (!s)
{
+ nat44_delete_user_with_no_session (sm, u, thread_index);
nat_log_warn ("create NAT session failed");
return 0;
}
self.vapi.nat_set_reass()
self.vapi.nat_set_reass(is_ip6=1)
+ self.verify_no_nat44_user()
def nat44_add_static_mapping(self, local_ip, external_ip='0.0.0.0',
local_port=0, external_port=0, vrf_id=0,
# postNAPTDestinationTransportPort
self.assertEqual(struct.pack("!H", dst_port), record[228])
+ def verify_no_nat44_user(self):
+ """ Verify that there is no NAT44 user """
+ users = self.vapi.nat44_user_dump()
+ self.assertEqual(len(users), 0)
+
class TestNAT44(MethodHolder):
""" NAT44 Test Cases """
sessions = self.vapi.nat44_user_session_dump(self.pg0.remote_ip4n, 0)
self.assertEqual(nsessions - len(sessions), 2)
+ self.vapi.nat44_del_session(sessions[0].inside_ip_address,
+ sessions[0].inside_port,
+ sessions[0].protocol)
+
+ self.verify_no_nat44_user()
+
def test_set_get_reass(self):
""" NAT44 set/get virtual fragmentation reassembly """
reas_cfg1 = self.vapi.nat_get_reass()
Code Review / vpp.git / commitdiff