nat: deny adding intf addr if static-mapping-only

If static-mapping-only is enabled, NAT pool cannot be configured, only
static mappings. There're two ways to add addresses to the NAT pool:
by address range, or by first found address from an interface.
NAT44_ADD_DEL_ADDRESS_RANGE already tests if dynamic mappings are
available but NAT44_ADD_DEL_INTERFACE_ADDR doesn't. If
static-mapping-only is enabled, adding addresses by range is rejected
but by interface not.

With this change, if static-mapping-only is enabled, do not allow to
add addresses to the NAT pool both ways.

Type: fix
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ifc055ea9a71a5e579388833a2990aef21bf7ed29

diff --git a/src/plugins/nat/nat44_api.c b/src/plugins/nat/nat44_api.c
index 05a7971..a5e2919 100644 (file)
--- a/src/plugins/nat/nat44_api.c
+++ b/src/plugins/nat/nat44_api.c
@@ -1157,6 +1157,12 @@ static void
   int rv = 0;
   u8 is_del;
 
+  if (sm->static_mapping_only)
+    {
+      rv = VNET_API_ERROR_FEATURE_DISABLED;
+      goto send_reply;
+    }
+
   is_del = !mp->is_add;
 
   VALIDATE_SW_IF_INDEX (mp);
@@ -1165,6 +1171,8 @@ static void
                                   mp->flags & NAT_API_IS_TWICE_NAT);
 
   BAD_SW_IF_INDEX_LABEL;
+
+send_reply:
   REPLY_MACRO (VL_API_NAT44_ADD_DEL_INTERFACE_ADDR_REPLY);
 }