aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJuraj Sloboda <jsloboda@cisco.com>2017-04-03 08:49:47 +0200
committerJuraj Sloboda <jsloboda@cisco.com>2017-04-12 13:55:14 +0200
commitf3ebb452ca26318b75b8f93569c3c752f05aed25 (patch)
treeef614d9df2013da1ab307b276014a10ad7024a98
parentd89b60491c336172ad07bbcd55bf0ca4fab3d16a (diff)
Support ICMP session timeout in deterministic NAT
Change-Id: I0306bc0ab87908adb79c594c657d579cb34b3ec1 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
-rw-r--r--src/plugins/snat/in2out.c5
-rw-r--r--src/plugins/snat/snat.h4
2 files changed, 8 insertions, 1 deletions
diff --git a/src/plugins/snat/in2out.c b/src/plugins/snat/in2out.c
index 89054a01b64..2dbaeb40355 100644
--- a/src/plugins/snat/in2out.c
+++ b/src/plugins/snat/in2out.c
@@ -2215,6 +2215,11 @@ u32 icmp_match_in2out_det(snat_main_t *sm, vlib_node_runtime_t *node,
goto out;
}
+ u32 now = (u32) vlib_time_now (sm->vlib_main);
+
+ ses0->state = SNAT_SESSION_ICMP_ACTIVE;
+ ses0->expire = now + SNAT_ICMP_TIMEOUT;
+
out:
*p_proto = protocol;
if (ses0)
diff --git a/src/plugins/snat/snat.h b/src/plugins/snat/snat.h
index 49b6e374968..d0ffea7381c 100644
--- a/src/plugins/snat/snat.h
+++ b/src/plugins/snat/snat.h
@@ -32,6 +32,7 @@
#define SNAT_UDP_TIMEOUT 300
#define SNAT_TCP_TRANSITORY_TIMEOUT 240
#define SNAT_TCP_ESTABLISHED_TIMEOUT 7440
+#define SNAT_ICMP_TIMEOUT 60
/* Key */
typedef struct {
@@ -106,7 +107,8 @@ typedef enum {
_(3, TCP_ESTABLISHED, "tcp-established") \
_(4, TCP_FIN_WAIT, "tcp-fin-wait") \
_(5, TCP_CLOSE_WAIT, "tcp-close-wait") \
- _(6, TCP_LAST_ACK, "tcp-last-ack")
+ _(6, TCP_LAST_ACK, "tcp-last-ack") \
+ _(7, ICMP_ACTIVE, "icmp-active")
typedef enum {
#define _(v, N, s) SNAT_SESSION_##N = v,