Type: fix
Currently, there might be a crash in NAT ED mode:
* if a session for an unknown proto packet cannot be created in2out,
* if a session for an unknown proto packet cannot be found out2in.
With this change, translate packets only if a session is given in NAT
ED mode.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Iafb332db1ae9a3e76435964ad636037d1b8a51e8
if (!s0)
next[0] = NAT_NEXT_DROP;
- if (NAT_ED_TRNSL_ERR_SUCCESS !=
- (translation_error = nat_6t_flow_buf_translate (
- sm, b0, ip0, &s0->i2o, proto0, is_output_feature)))
+ if (NAT_NEXT_DROP != next[0] && s0 &&
+ NAT_ED_TRNSL_ERR_SUCCESS !=
+ (translation_error = nat_6t_flow_buf_translate (
+ sm, b0, ip0, &s0->i2o, proto0, is_output_feature)))
{
goto trace0;
}
if (!s0)
next[0] = NAT_NEXT_DROP;
}
- if (NAT_NEXT_DROP != next[0] &&
+ if (NAT_NEXT_DROP != next[0] && s0 &&
NAT_ED_TRNSL_ERR_SUCCESS !=
(translation_error = nat_6t_flow_buf_translate (
sm, b0, ip0, &s0->o2i, proto0, 0 /* is_output_feature */)))
Code Review / vpp.git / commitdiff