nat: Revert "nat: respect udp checksum"

This reverts commit 80276a7101f23ddd7207983f48f85422daf2cb7f. The commit in master was found to be wrong, was reverted, and replaced by 16572355c9069e2e8e4836dc6bd6a65feed2d390 This reverts the corresponding commit in stable/1908, to replace with the correct fix. Type: fix Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Change-Id: Idc27c0d81edf2263e523088f7ee7b66655db20f1
author: Andrew Yourtchenko <ayourtch@gmail.com> 2019-11-05 17:34:08 +0000
committer: Andrew Yourtchenko <ayourtch@gmail.com> 2019-11-07 20:08:36 +0000
commit: f073acdcaeeb7ad4b7916e839db8a7fbfefa87b2 (patch)
tree: 4bc32ac3cc3812b4afc6bdfa917178d3a2bb9120 /src/plugins/nat/in2out.c
parent: 1c3c9f0393e4bd3a5902efbc79cb9a4e6737bda2 (diff)
1 files changed, 36 insertions, 74 deletions
diff --git a/src/plugins/nat/in2out.c b/src/plugins/nat/in2out.c
index 802202d7939..c69bc61236b 100755
--- a/src/plugins/nat/in2out.c
+++ b/src/plugins/nat/in2out.c
@@ -1075,11 +1075,12 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
 				 src_address /* changed member */ );
 	  ip0->checksum = ip_csum_fold (sum0);
 
-	  old_port0 = udp0->src_port;
-	  new_port0 = udp0->src_port = s0->out2in.port;
-
 	  if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP))
 	    {
+	      old_port0 = tcp0->src_port;
+	      tcp0->src_port = s0->out2in.port;
+	      new_port0 = tcp0->src_port;
+
 	      sum0 = tcp0->checksum;
 	      sum0 = ip_csum_update (sum0, old_addr0, new_addr0,
 				     ip4_header_t,
@@ -1093,17 +1094,9 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
 	    }
 	  else
 	    {
-	      if (PREDICT_FALSE (udp0->checksum))
-		{
-		  sum0 = udp0->checksum;
-		  sum0 = ip_csum_update (sum0, old_addr0, new_addr0,
-					 ip4_header_t,
-					 dst_address /* changed member */ );
-		  sum0 = ip_csum_update (sum0, old_port0, new_port0,
-					 ip4_header_t /* cheat */ ,
-					 length /* changed member */ );
-		  udp0->checksum = ip_csum_fold (sum0);
-		}
+	      old_port0 = udp0->src_port;
+	      udp0->src_port = s0->out2in.port;
+	      udp0->checksum = 0;
 	      udp_packets++;
 	    }
 
@@ -1271,11 +1264,12 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
 				 src_address /* changed member */ );
 	  ip1->checksum = ip_csum_fold (sum1);
 
-	  old_port1 = udp1->src_port;
-	  new_port1 = udp1->src_port = s1->out2in.port;
-
 	  if (PREDICT_TRUE (proto1 == SNAT_PROTOCOL_TCP))
 	    {
+	      old_port1 = tcp1->src_port;
+	      tcp1->src_port = s1->out2in.port;
+	      new_port1 = tcp1->src_port;
+
 	      sum1 = tcp1->checksum;
 	      sum1 = ip_csum_update (sum1, old_addr1, new_addr1,
 				     ip4_header_t,
@@ -1289,17 +1283,9 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
 	    }
 	  else
 	    {
-	      if (PREDICT_FALSE (udp1->checksum))
-		{
-		  sum1 = udp1->checksum;
-		  sum1 = ip_csum_update (sum1, old_addr1, new_addr1,
-					 ip4_header_t,
-					 dst_address /* changed member */ );
-		  sum1 = ip_csum_update (sum1, old_port1, new_port1,
-					 ip4_header_t /* cheat */ ,
-					 length /* changed member */ );
-		  udp1->checksum = ip_csum_fold (sum1);
-		}
+	      old_port1 = udp1->src_port;
+	      udp1->src_port = s1->out2in.port;
+	      udp1->checksum = 0;
 	      udp_packets++;
 	    }
 
@@ -1502,11 +1488,12 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
 				 src_address /* changed member */ );
 	  ip0->checksum = ip_csum_fold (sum0);
 
-	  old_port0 = udp0->src_port;
-	  new_port0 = udp0->src_port = s0->out2in.port;
-
 	  if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP))
 	    {
+	      old_port0 = tcp0->src_port;
+	      tcp0->src_port = s0->out2in.port;
+	      new_port0 = tcp0->src_port;
+
 	      sum0 = tcp0->checksum;
 	      sum0 = ip_csum_update (sum0, old_addr0, new_addr0,
 				     ip4_header_t,
@@ -1520,17 +1507,9 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
 	    }
 	  else
 	    {
-	      if (PREDICT_FALSE (udp0->checksum))
-		{
-		  sum0 = udp0->checksum;
-		  sum0 = ip_csum_update (sum0, old_addr0, new_addr0,
-					 ip4_header_t,
-					 dst_address /* changed member */ );
-		  sum0 = ip_csum_update (sum0, old_port0, new_port0,
-					 ip4_header_t /* cheat */ ,
-					 length /* changed member */ );
-		  udp0->checksum = ip_csum_fold (sum0);
-		}
+	      old_port0 = udp0->src_port;
+	      udp0->src_port = s0->out2in.port;
+	      udp0->checksum = 0;
 	      udp_packets++;
 	    }
 
@@ -1890,11 +1869,12 @@ VLIB_NODE_FN (nat44_in2out_reass_node) (vlib_main_t * vm,
 
 	  if (PREDICT_FALSE (ip4_is_first_fragment (ip0)))
 	    {
-	      old_port0 = udp0->src_port;
-	      new_port0 = udp0->src_port = s0->out2in.port;
-
 	      if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP))
 		{
+		  old_port0 = tcp0->src_port;
+		  tcp0->src_port = s0->out2in.port;
+		  new_port0 = tcp0->src_port;
+
 		  sum0 = tcp0->checksum;
 		  sum0 = ip_csum_update (sum0, old_addr0, new_addr0,
 					 ip4_header_t,
@@ -1904,16 +1884,11 @@ VLIB_NODE_FN (nat44_in2out_reass_node) (vlib_main_t * vm,
 					 length /* changed member */ );
 		  tcp0->checksum = ip_csum_fold (sum0);
 		}
-	      else if (PREDICT_FALSE (udp0->checksum))
+	      else
 		{
-		  sum0 = udp0->checksum;
-		  sum0 = ip_csum_update (sum0, old_addr0, new_addr0,
-					 ip4_header_t,
-					 dst_address /* changed member */ );
-		  sum0 = ip_csum_update (sum0, old_port0, new_port0,
-					 ip4_header_t /* cheat */ ,
-					 length /* changed member */ );
-		  udp0->checksum = ip_csum_fold (sum0);
+		  old_port0 = udp0->src_port;
+		  udp0->src_port = s0->out2in.port;
+		  udp0->checksum = 0;
 		}
 	    }
 
@@ -2124,11 +2099,11 @@ VLIB_NODE_FN (snat_in2out_fast_node) (vlib_main_t * vm,
 
 	  if (PREDICT_FALSE (new_port0 != udp0->dst_port))
 	    {
-	      old_port0 = udp0->src_port;
-	      udp0->src_port = new_port0;
-
 	      if (PREDICT_TRUE (proto0 == SNAT_PROTOCOL_TCP))
 		{
+		  old_port0 = tcp0->src_port;
+		  tcp0->src_port = new_port0;
+
 		  sum0 = tcp0->checksum;
 		  sum0 = ip_csum_update (sum0, old_addr0, new_addr0,
 					 ip4_header_t,
@@ -2139,16 +2114,11 @@ VLIB_NODE_FN (snat_in2out_fast_node) (vlib_main_t * vm,
 		  mss_clamping (sm, tcp0, &sum0);
 		  tcp0->checksum = ip_csum_fold (sum0);
 		}
-	      else if (udp0->checksum)
+	      else
 		{
-		  sum0 = udp0->checksum;
-		  sum0 = ip_csum_update (sum0, old_addr0, new_addr0,
-					 ip4_header_t,
-					 dst_address /* changed member */ );
-		  sum0 = ip_csum_update (sum0, old_port0, new_port0,
-					 ip4_header_t /* cheat */ ,
-					 length /* changed member */ );
-		  udp0->checksum = ip_csum_fold (sum0);
+		  old_port0 = udp0->src_port;
+		  udp0->src_port = new_port0;
+		  udp0->checksum = 0;
 		}
 	    }
 	  else
@@ -2162,14 +2132,6 @@ VLIB_NODE_FN (snat_in2out_fast_node) (vlib_main_t * vm,
 		  mss_clamping (sm, tcp0, &sum0);
 		  tcp0->checksum = ip_csum_fold (sum0);
 		}
-	      else if (udp0->checksum)
-		{
-		  sum0 = udp0->checksum;
-		  sum0 = ip_csum_update (sum0, old_addr0, new_addr0,
-					 ip4_header_t,
-					 dst_address /* changed member */ );
-		  udp0->checksum = ip_csum_fold (sum0);
-		}
 	    }
 
 	  /* Hairpinning */
author	Andrew Yourtchenko <ayourtch@gmail.com>	2019-11-05 17:34:08 +0000
committer	Andrew Yourtchenko <ayourtch@gmail.com>	2019-11-07 20:08:36 +0000
commit	f073acdcaeeb7ad4b7916e839db8a7fbfefa87b2 (patch)
tree	4bc32ac3cc3812b4afc6bdfa917178d3a2bb9120 /src/plugins/nat/in2out.c
parent	1c3c9f0393e4bd3a5902efbc79cb9a4e6737bda2 (diff)