NAT: fix maximum out of order fragments (VPP-1399)

All fragments should be dropped when max_frag is 1 and 2 non-initial fragments are received before first fragment. Change-Id: Id0c968f45629698e347e8226c5926f27b48b82d6 Signed-off-by: Matus Fabian <matfabia@cisco.com> (cherry picked from commit a7f8b228ff505acc052a77101b12e714ead26536)
author: Matus Fabian <matfabia@cisco.com> 2018-09-05 06:01:55 -0700
committer: Matus Fabian <matfabia@cisco.com> 2018-09-06 11:43:16 +0000
commit: d783d1d6bf869169df7f3cfc44f110f7869806f3 (patch)
tree: 659080900701341c73f24931b6e8d34c5fa4e222 /src/plugins/nat/nat64_out2in.c
parent: f74b4d2b559b1d5697fd625d9c8e0f76ba5a4463 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/plugins/nat/nat64_out2in.c b/src/plugins/nat/nat64_out2in.c
index f7d4dd417f5..33d6dda17ca 100644
--- a/src/plugins/nat/nat64_out2in.c
+++ b/src/plugins/nat/nat64_out2in.c
@@ -780,7 +780,8 @@ nat64_out2in_reass_node_fn (vlib_main_t * vm, vlib_node_runtime_t * node,
 
 	      if (PREDICT_FALSE (reass0->sess_index == (u32) ~ 0))
 		{
-		  if (nat_ip4_reass_add_fragment (reass0, bi0))
+		  if (nat_ip4_reass_add_fragment
+		      (reass0, bi0, &fragments_to_drop))
 		    {
 		      b0->error = node->errors[NAT64_OUT2IN_ERROR_MAX_FRAG];
 		      next0 = NAT64_OUT2IN_NEXT_DROP;
author	Matus Fabian <matfabia@cisco.com>	2018-09-05 06:01:55 -0700
committer	Matus Fabian <matfabia@cisco.com>	2018-09-06 11:43:16 +0000
commit	d783d1d6bf869169df7f3cfc44f110f7869806f3 (patch)
tree	659080900701341c73f24931b6e8d34c5fa4e222 /src/plugins/nat/nat64_out2in.c
parent	f74b4d2b559b1d5697fd625d9c8e0f76ba5a4463 (diff)