aboutsummaryrefslogtreecommitdiffstats
path: root/build-root/deb
diff options
context:
space:
mode:
authorMatthew Smith <mgsmith@netgate.com>2018-03-23 08:30:16 -0500
committerDamjan Marion <dmarion.lists@gmail.com>2018-03-26 11:22:57 +0000
commit487f5474fea738174e1cfe68fe70a2eaf58c5ce2 (patch)
treee7f0f32739adb642489659b2072a7f8a4c7f66fb /build-root/deb
parente5454577961aabfec124f19dc9264897927716f5 (diff)
User session counters stay <= per-user limit
When a user session is allocated/reused, only increase one of the session counters for that user if the counters are below the per-user limit. THis addresses a SEGV that arises after the following sequence of events: - an outside interface IP address is put in a pool - a user exceeds the number of per-user translations by an amount greater than the number of per-user translations (nsessions + nstaticsessions > 100 + 100) - the outside interface IP address is deleted and then added again (observed when using DHCP client, likely happens if address changed via CLI, API also) - the user sends more packets that should be translated When nsessions is > the per-user limit, nat_session_alloc_or_recycle() reclaims the oldest existing user session. When an outside address is deleted, the corresponding user sessions are deleted. If the counters were far above the per-user limit, the deletions wouldn't result in the counters dropping back below the limit. So no session could be reclaimed -> SEGV. Change-Id: I940bafba0fd5385a563e2ce87534688eb9469f12 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Diffstat (limited to 'build-root/deb')
0 files changed, 0 insertions, 0 deletions