summaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/out2in.c
diff options
context:
space:
mode:
authorMatus Fabian <matfabia@cisco.com>2018-09-05 06:01:55 -0700
committerOle Trøan <otroan@employees.org>2018-09-06 07:32:30 +0000
commita7f8b228ff505acc052a77101b12e714ead26536 (patch)
tree44f42ff50c300bfd3c5517de7a4de8e537541c42 /src/plugins/nat/out2in.c
parent05ca4a364366ffd639b6136967330deb249cbe22 (diff)
NAT: fix maximum out of order fragments (VPP-1399)
All fragments should be dropped when max_frag is 1 and 2 non-initial fragments are received before first fragment. Change-Id: Id0c968f45629698e347e8226c5926f27b48b82d6 Signed-off-by: Matus Fabian <matfabia@cisco.com>
Diffstat (limited to 'src/plugins/nat/out2in.c')
-rwxr-xr-xsrc/plugins/nat/out2in.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c
index 5029300dcdb..3d4e9228e67 100755
--- a/src/plugins/nat/out2in.c
+++ b/src/plugins/nat/out2in.c
@@ -1430,7 +1430,7 @@ nat44_out2in_reass_node_fn (vlib_main_t * vm,
{
if (PREDICT_FALSE (reass0->sess_index == (u32) ~0))
{
- if (nat_ip4_reass_add_fragment (reass0, bi0))
+ if (nat_ip4_reass_add_fragment (reass0, bi0, &fragments_to_drop))
{
b0->error = node->errors[SNAT_OUT2IN_ERROR_MAX_FRAG];
nat_log_notice ("maximum fragments per reassembly exceeded");