summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexander Chernavin <achernavin@netgate.com>2020-03-19 11:17:52 -0400
committerMatthew Smith <mgsmith@netgate.com>2020-03-31 19:57:54 +0000
commit8c18f85d325d9c10c8ba695e51925a21f173fbb8 (patch)
tree9c15d068b7f606ea38ea15c2ba8ca65b00e087e3
parent5cee0bca5d0f01d3f26e90dee79780382e843d04 (diff)
nat: fix unknown proto translation out2in_ed
An unknown proto packet can be processed as UDP with destination port rewriting which breaks the original packet. With this commit, stop processing unknown proto packets after nat44_ed_out2in_unknown_proto() execution. Type: fix Change-Id: Iea93faf3c282f542d5ee7120c15e1027c1e4abc9 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
-rw-r--r--src/plugins/nat/out2in_ed.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/plugins/nat/out2in_ed.c b/src/plugins/nat/out2in_ed.c
index 69436145a67..adf0ec4f726 100644
--- a/src/plugins/nat/out2in_ed.c
+++ b/src/plugins/nat/out2in_ed.c
@@ -1026,13 +1026,13 @@ nat44_ed_out2in_slow_path_node_fn_inline (vlib_main_t * vm,
s0 =
nat44_ed_out2in_unknown_proto (sm, b0, ip0, rx_fib_index0,
thread_index, now, vm, node);
- other_packets++;
if (!sm->forwarding_enabled)
{
if (!s0)
next0 = NAT_NEXT_DROP;
- goto trace0;
}
+ other_packets++;
+ goto trace0;
}
if (PREDICT_FALSE (proto0 == SNAT_PROTOCOL_ICMP))