aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/nat
diff options
context:
space:
mode:
authorMatus Fabian <matfabia@cisco.com>2018-03-07 03:17:57 -0800
committerOle Trøan <otroan@employees.org>2018-03-07 14:18:11 +0000
commite4e34c23fe7050c26967997fdb8f555c51fd3961 (patch)
treefb31d66e1883e4ad248043ddb1b5465c3e489327 /src/plugins/nat
parent4b65ddf42899a8d23126857c5722c8b909212b3e (diff)
NAT44: allow to configure one interface only as output or input feature (VPP-1192)
following is not possible: set interface nat44 out GigabitEthernet0/3/0 output-feature set interface nat44 out GigabitEthernet0/3/0 Change-Id: I1592cc18390881fda66f98316700886b8f5295f0 Signed-off-by: Matus Fabian <matfabia@cisco.com>
Diffstat (limited to 'src/plugins/nat')
-rw-r--r--src/plugins/nat/nat.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c
index 959abd7ebbf..2ed65a13974 100644
--- a/src/plugins/nat/nat.c
+++ b/src/plugins/nat/nat.c
@@ -1428,6 +1428,12 @@ int snat_interface_add_del (u32 sw_if_index, u8 is_inside, int is_del)
if (sm->out2in_dpo && !is_inside)
return VNET_API_ERROR_UNSUPPORTED;
+ pool_foreach (i, sm->output_feature_interfaces,
+ ({
+ if (i->sw_if_index == sw_if_index)
+ return VNET_API_ERROR_VALUE_EXIST;
+ }));
+
if (sm->static_mapping_only && !(sm->static_mapping_connection_tracking))
feature_name = is_inside ? "nat44-in2out-fast" : "nat44-out2in-fast";
else
@@ -1579,6 +1585,12 @@ int snat_interface_add_del_output_feature (u32 sw_if_index,
(sm->static_mapping_only && !(sm->static_mapping_connection_tracking)))
return VNET_API_ERROR_UNSUPPORTED;
+ pool_foreach (i, sm->interfaces,
+ ({
+ if (i->sw_if_index == sw_if_index)
+ return VNET_API_ERROR_VALUE_EXIST;
+ }));
+
if (is_inside)
{
vnet_feature_enable_disable ("ip4-unicast", "nat44-hairpin-dst",