diff options
author | Klement Sekera <ksekera@cisco.com> | 2020-03-24 12:20:46 +0100 |
---|---|---|
committer | Ole Trøan <otroan@employees.org> | 2020-03-25 08:19:39 +0000 |
commit | 4cfb0bf1b87d7a89898c20dfb9b145876c08fe02 (patch) | |
tree | 098fcb1e9d22ce75dd40ca66d9248649d086681b | |
parent | b1bd8760ce9b1416c8a7f12e411cfcf60de2929f (diff) |
nat: fix error counters
Type: fix
Change-Id: I021b1427362f4bdba1c0ebc9863c9143dd6b3cb7
Signed-off-by: Klement Sekera <ksekera@cisco.com>
-rw-r--r-- | src/plugins/nat/in2out_ed.c | 5 | ||||
-rwxr-xr-x | src/plugins/nat/nat.c | 6 | ||||
-rw-r--r-- | src/plugins/nat/nat.h | 6 | ||||
-rw-r--r-- | src/plugins/nat/out2in_ed.c | 5 |
4 files changed, 21 insertions, 1 deletions
diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c index ca737d56663..4e7432d8228 100644 --- a/src/plugins/nat/in2out_ed.c +++ b/src/plugins/nat/in2out_ed.c @@ -282,6 +282,7 @@ slow_path_ed (snat_main_t * sm, if (!is_sm) snat_free_outside_address_and_port (sm->addresses, thread_index, &key1); + b->error = node->errors[NAT_IN2OUT_ED_ERROR_CANNOT_CREATE_USER]; return NAT_NEXT_DROP; } @@ -293,6 +294,7 @@ slow_path_ed (snat_main_t * sm, if (!is_sm) snat_free_outside_address_and_port (sm->addresses, thread_index, &key1); + b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_USER_SESS_EXCEEDED]; return NAT_NEXT_DROP; } @@ -712,6 +714,7 @@ nat44_ed_in2out_unknown_proto (snat_main_t * sm, thread_index); if (!u) { + b->error = node->errors[NAT_IN2OUT_ED_ERROR_CANNOT_CREATE_USER]; nat_elog_warn ("create NAT user failed"); return 0; } @@ -780,6 +783,7 @@ nat44_ed_in2out_unknown_proto (snat_main_t * sm, s = nat_ed_session_alloc (sm, u, thread_index, now); if (!s) { + b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_USER_SESS_EXCEEDED]; nat44_delete_user_with_no_session (sm, u, thread_index); nat_elog_warn ("create NAT session failed"); return 0; @@ -959,6 +963,7 @@ nat44_ed_in2out_fast_path_node_fn_inline (vlib_main_t * vm, nat_free_session_data (sm, s0, thread_index, 0); nat44_delete_session (sm, s0, thread_index); + b0->error = node->errors[NAT_IN2OUT_ED_ERROR_SESS_EXPIRED]; next0 = NAT_NEXT_DROP; goto trace0; } diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c index bc2f8c0e1fe..1f63237fb45 100755 --- a/src/plugins/nat/nat.c +++ b/src/plugins/nat/nat.c @@ -490,7 +490,11 @@ nat_user_get_or_create (snat_main_t * sm, ip4_address_t * addr, u32 fib_index, /* add user */ if (clib_bihash_add_del_8_8 (&tsm->user_hash, &kv, 1)) - nat_elog_warn ("user_hash keay add failed"); + { + nat_elog_warn ("user_hash key add failed"); + nat44_delete_user_with_no_session (sm, u, thread_index); + return NULL; + } vlib_set_simple_counter (&sm->total_users, thread_index, 0, pool_elts (tsm->users)); diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h index 647bec0cd07..8df3b9a9cd3 100644 --- a/src/plugins/nat/nat.h +++ b/src/plugins/nat/nat.h @@ -219,10 +219,13 @@ _(UNSUPPORTED_PROTOCOL, "unsupported protocol") \ _(IN2OUT_PACKETS, "good in2out packets processed") \ _(OUT_OF_PORTS, "out of ports") \ _(BAD_ICMP_TYPE, "unsupported ICMP type") \ +_(SESS_EXPIRED, "session expired") \ _(MAX_SESSIONS_EXCEEDED, "maximum sessions exceeded") \ +_(MAX_USER_SESS_EXCEEDED, "max user sessions exceeded") \ _(DROP_FRAGMENT, "drop fragment") \ _(MAX_REASS, "maximum reassemblies exceeded") \ _(MAX_FRAG, "maximum fragments per reassembly exceeded")\ +_(CANNOT_CREATE_USER, "cannot create NAT user") \ _(NON_SYN, "non-SYN packet try to create session") \ _(TCP_PACKETS, "TCP packets") \ _(UDP_PACKETS, "UDP packets") \ @@ -246,10 +249,13 @@ _(OUT2IN_PACKETS, "good out2in packets processed") \ _(OUT_OF_PORTS, "out of ports") \ _(BAD_ICMP_TYPE, "unsupported ICMP type") \ _(NO_TRANSLATION, "no translation") \ +_(SESS_EXPIRED, "session expired") \ _(MAX_SESSIONS_EXCEEDED, "maximum sessions exceeded") \ +_(MAX_USER_SESS_EXCEEDED, "max user sessions exceeded") \ _(DROP_FRAGMENT, "drop fragment") \ _(MAX_REASS, "maximum reassemblies exceeded") \ _(MAX_FRAG, "maximum fragments per reassembly exceeded")\ +_(CANNOT_CREATE_USER, "cannot create NAT user") \ _(NON_SYN, "non-SYN packet try to create session") \ _(TCP_PACKETS, "TCP packets") \ _(UDP_PACKETS, "UDP packets") \ diff --git a/src/plugins/nat/out2in_ed.c b/src/plugins/nat/out2in_ed.c index 420b7b7a863..fbb7d069dbb 100644 --- a/src/plugins/nat/out2in_ed.c +++ b/src/plugins/nat/out2in_ed.c @@ -213,6 +213,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm, u = nat_user_get_or_create (sm, &l_key.addr, l_key.fib_index, thread_index); if (!u) { + b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED]; nat_elog_warn ("create NAT user failed"); return 0; } @@ -220,6 +221,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm, s = nat_ed_session_alloc (sm, u, thread_index, now); if (!s) { + b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_USER_SESS_EXCEEDED]; nat44_delete_user_with_no_session (sm, u, thread_index); nat_elog_warn ("create NAT session failed"); return 0; @@ -613,6 +615,7 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm, thread_index); if (!u) { + b->error = node->errors[NAT_OUT2IN_ED_ERROR_CANNOT_CREATE_USER]; nat_elog_warn ("create NAT user failed"); return 0; } @@ -621,6 +624,7 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm, s = nat_ed_session_alloc (sm, u, thread_index, now); if (!s) { + b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_USER_SESS_EXCEEDED]; nat44_delete_user_with_no_session (sm, u, thread_index); nat_elog_warn ("create NAT session failed"); return 0; @@ -772,6 +776,7 @@ nat44_ed_out2in_fast_path_node_fn_inline (vlib_main_t * vm, nat_free_session_data (sm, s0, thread_index, 0); nat44_delete_session (sm, s0, thread_index); + b0->error = node->errors[NAT_OUT2IN_ED_ERROR_SESS_EXPIRED]; next0 = NAT_NEXT_DROP; goto trace0; } |