summaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/nat_reass.h
diff options
context:
space:
mode:
authorMatus Fabian <matfabia@cisco.com>2018-09-05 06:01:55 -0700
committerOle Trøan <otroan@employees.org>2018-09-06 07:32:30 +0000
commita7f8b228ff505acc052a77101b12e714ead26536 (patch)
tree44f42ff50c300bfd3c5517de7a4de8e537541c42 /src/plugins/nat/nat_reass.h
parent05ca4a364366ffd639b6136967330deb249cbe22 (diff)
NAT: fix maximum out of order fragments (VPP-1399)
All fragments should be dropped when max_frag is 1 and 2 non-initial fragments are received before first fragment. Change-Id: Id0c968f45629698e347e8226c5926f27b48b82d6 Signed-off-by: Matus Fabian <matfabia@cisco.com>
Diffstat (limited to 'src/plugins/nat/nat_reass.h')
-rw-r--r--src/plugins/nat/nat_reass.h12
1 files changed, 10 insertions, 2 deletions
diff --git a/src/plugins/nat/nat_reass.h b/src/plugins/nat/nat_reass.h
index 4a9137e3255..5b18d1bd7b9 100644
--- a/src/plugins/nat/nat_reass.h
+++ b/src/plugins/nat/nat_reass.h
@@ -30,6 +30,8 @@
#define NAT_MAX_FRAG_DEFAULT 5
#define NAT_REASS_HT_LOAD_FACTOR (0.75)
+#define NAT_REASS_FLAG_MAX_FRAG_DROP 1
+
typedef struct
{
union
@@ -57,6 +59,7 @@ typedef CLIB_PACKED(struct
f64 last_heard;
u32 frags_per_reass_list_head_index;
u8 frag_n;
+ u8 flags;
}) nat_reass_ip4_t;
/* *INDENT-ON* */
@@ -86,6 +89,7 @@ typedef CLIB_PACKED(struct
f64 last_heard;
u32 frags_per_reass_list_head_index;
u8 frag_n;
+ u8 flags;
}) nat_reass_ip6_t;
/* *INDENT-ON* */
@@ -222,10 +226,12 @@ nat_reass_ip4_t *nat_ip4_reass_find_or_create (ip4_address_t src,
*
* @param reass Reassembly data.
* @param bi Buffer index.
+ * @param bi_to_drop Fragments to drop.
*
* @returns 0 on success, non-zero value otherwise.
*/
-int nat_ip4_reass_add_fragment (nat_reass_ip4_t * reass, u32 bi);
+int nat_ip4_reass_add_fragment (nat_reass_ip4_t * reass, u32 bi,
+ u32 ** bi_to_drop);
/**
* @brief Get cached fragments.
@@ -271,10 +277,12 @@ nat_reass_ip6_t *nat_ip6_reass_find_or_create (ip6_address_t src,
*
* @param reass Reassembly data.
* @param bi Buffer index.
+ * @param bi_to_drop Fragments to drop.
*
* @returns 0 on success, non-zero value otherwise.
*/
-int nat_ip6_reass_add_fragment (nat_reass_ip6_t * reass, u32 bi);
+int nat_ip6_reass_add_fragment (nat_reass_ip6_t * reass, u32 bi,
+ u32 ** bi_to_drop);
/**
* @brief Get cached fragments.