diff options
author | Matus Fabian <matfabia@cisco.com> | 2018-04-04 03:27:43 -0700 |
---|---|---|
committer | Dave Barach <openvpp@barachs.net> | 2018-04-04 13:05:05 +0000 |
commit | 36a62702c5454d0a3f7e7aafc5b95d6ca0a7d703 (patch) | |
tree | 812ee90cbf2e99d0fa86c09abfd2c4d6d137bb1c | |
parent | 4772e7ad53392e5ee78d05061ed18762bd4b8e8e (diff) |
NAT44: prohibit multiple static mappings for a single local address (VPP-1224)
Change-Id: I32b30210c2f1aec10a1b614d04f427662326a3d2
Signed-off-by: Matus Fabian <matfabia@cisco.com>
-rw-r--r-- | src/plugins/nat/nat.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c index a2b4010df0b..9a620472b86 100644 --- a/src/plugins/nat/nat.c +++ b/src/plugins/nat/nat.c @@ -785,6 +785,17 @@ int snat_add_static_mapping(ip4_address_t l_addr, ip4_address_t e_addr, vrf_id = sm->inside_vrf_id; } + if (!out2in_only) + { + m_key.addr = l_addr; + m_key.port = addr_only ? 0 : l_port; + m_key.protocol = addr_only ? 0 : proto; + m_key.fib_index = fib_index; + kv.key = m_key.as_u64; + if (!clib_bihash_search_8_8 (&sm->static_mapping_by_local, &kv, &value)) + return VNET_API_ERROR_VALUE_EXIST; + } + /* Find external address in allocated addresses and reserve port for address and port pair mapping when dynamic translations enabled */ if (!(addr_only || sm->static_mapping_only || out2in_only)) |