diff options
author | Alexander Chernavin <achernavin@netgate.com> | 2021-05-26 09:55:42 -0400 |
---|---|---|
committer | Ole Tr�an <otroan@employees.org> | 2021-06-16 07:58:39 +0000 |
commit | d52a8921b85057682f2cf5bae7d6353142ba279a (patch) | |
tree | bce1ea4c27b7106a34d1f316e6975925cbaa2959 /src/plugins/nat/nat44-ed | |
parent | b862f1dd52b0f5318d67b4463be90562e57f8278 (diff) |
nat: test all intf addrs in is_interface_addr()
Type: fix
Currently, is_interface_addr() tests if a given IPv4 address belongs to
an interface by a given sw_if_index. However, there are several issues:
* only the first found address on the interface is actually tested,
* sw_if_index is always cached even if the interface hasn't been
assigned any addresses yet.
With this change, is_interface_addr() tests all IPv4 addresses on an
interface by a given sw_if_index and caches sw_if_index only if there
are addresses present.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: If1acc4a534647a5f0ce8e9b565b867c92a016dc3
Diffstat (limited to 'src/plugins/nat/nat44-ed')
-rw-r--r-- | src/plugins/nat/nat44-ed/nat44_ed.h | 3 | ||||
-rw-r--r-- | src/plugins/nat/nat44-ed/nat44_ed_inlines.h | 28 |
2 files changed, 21 insertions, 10 deletions
diff --git a/src/plugins/nat/nat44-ed/nat44_ed.h b/src/plugins/nat/nat44-ed/nat44_ed.h index bbd5a148ed2..2710d29cb9d 100644 --- a/src/plugins/nat/nat44-ed/nat44_ed.h +++ b/src/plugins/nat/nat44-ed/nat44_ed.h @@ -28,6 +28,7 @@ #include <vppinfra/elog.h> #include <vppinfra/bihash_8_8.h> #include <vppinfra/bihash_16_8.h> +#include <vppinfra/hash.h> #include <vppinfra/dlist.h> #include <vppinfra/error.h> #include <vlibapi/api.h> @@ -683,7 +684,7 @@ typedef struct typedef struct { u32 cached_sw_if_index; - u32 cached_ip4_address; + uword *cached_presence_by_ip4_address; } snat_runtime_t; extern snat_main_t snat_main; diff --git a/src/plugins/nat/nat44-ed/nat44_ed_inlines.h b/src/plugins/nat/nat44-ed/nat44_ed_inlines.h index b2b578a5a8b..680bdef1f9f 100644 --- a/src/plugins/nat/nat44-ed/nat44_ed_inlines.h +++ b/src/plugins/nat/nat44-ed/nat44_ed_inlines.h @@ -724,20 +724,30 @@ is_interface_addr (snat_main_t *sm, vlib_node_runtime_t *node, u32 sw_if_index0, u32 ip4_addr) { snat_runtime_t *rt = (snat_runtime_t *) node->runtime_data; - ip4_address_t *first_int_addr; + u8 ip4_addr_exists; if (PREDICT_FALSE (rt->cached_sw_if_index != sw_if_index0)) { - first_int_addr = ip4_interface_first_address ( - sm->ip4_main, sw_if_index0, 0 /* just want the address */); - rt->cached_sw_if_index = sw_if_index0; - if (first_int_addr) - rt->cached_ip4_address = first_int_addr->as_u32; - else - rt->cached_ip4_address = 0; + ip_lookup_main_t *lm = &sm->ip4_main->lookup_main; + ip_interface_address_t *ia; + ip4_address_t *a; + + rt->cached_sw_if_index = ~0; + hash_free (rt->cached_presence_by_ip4_address); + + foreach_ip_interface_address ( + lm, ia, sw_if_index0, 1 /* honor unnumbered */, ({ + a = ip_interface_address_get_address (lm, ia); + hash_set (rt->cached_presence_by_ip4_address, a->as_u32, 1); + rt->cached_sw_if_index = sw_if_index0; + })); + + if (rt->cached_sw_if_index == ~0) + return 0; } - if (PREDICT_FALSE (ip4_addr == rt->cached_ip4_address)) + ip4_addr_exists = !!hash_get (rt->cached_presence_by_ip4_address, ip4_addr); + if (PREDICT_FALSE (ip4_addr_exists)) return 1; else return 0; |