nat: fix segv if out of ports in ed mode

Type: fix Change-Id: Ife726d2f6baaa3516c209011183f39670cf6a55d Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
author: Alexander Chernavin <achernavin@netgate.com> 2020-05-14 03:35:47 -0400
committer: Ole Trøan <otroan@employees.org> 2020-05-14 12:08:43 +0000
commit: 88120824acc299a0aec17ce4c208dbc8be394779 (patch)
tree: d4575d5ed919152b7ad638043206b110ee097c58 /src/plugins/nat
parent: dbd366b239c0506b0d9984e7481967e038f10a23 (diff)
2 files changed, 47 insertions, 1 deletions
diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c
index 45d9fd0b32c..0f1500f5e06 100644
--- a/src/plugins/nat/in2out_ed.c
+++ b/src/plugins/nat/in2out_ed.c
@@ -386,7 +386,6 @@ slow_path_ed (snat_main_t * sm,
 	{
 	  nat_elog_notice ("addresses exhausted");
 	  b->error = node->errors[NAT_IN2OUT_ED_ERROR_OUT_OF_PORTS];
-	  nat_free_session_data (sm, s, thread_index, 0);
 	  nat_ed_session_delete (sm, s, thread_index, 1);
 	  return NAT_NEXT_DROP;
 	}
diff --git a/src/plugins/nat/test/test_nat.py b/src/plugins/nat/test/test_nat.py
index 2ba7a9b78f3..1b3c7e7a8b1 100644
--- a/src/plugins/nat/test/test_nat.py
+++ b/src/plugins/nat/test/test_nat.py
@@ -4712,6 +4712,53 @@ class TestNAT44EndpointDependent(MethodHolder):
         sessions = self.statistics.get_counter('/nat44/total-sessions')
         self.assertEqual(sessions[0][0], 3)
 
+    def test_dynamic_out_of_ports(self):
+        """ NAT44 dynamic translation test: out of ports """
+
+        flags = self.config_flags.NAT_IS_INSIDE
+        self.vapi.nat44_interface_add_del_feature(
+            sw_if_index=self.pg0.sw_if_index,
+            flags=flags, is_add=1)
+        self.vapi.nat44_interface_add_del_feature(
+            sw_if_index=self.pg1.sw_if_index,
+            is_add=1)
+
+        nat_config = self.vapi.nat_show_config()
+        self.assertEqual(1, nat_config.endpoint_dependent)
+
+        # in2out and no NAT addresses added
+        err_old = self.statistics.get_err_counter(
+            '/err/nat44-ed-in2out-slowpath/out of ports')
+
+        pkts = self.create_stream_in(self.pg0, self.pg1)
+        self.pg0.add_stream(pkts)
+        self.pg_enable_capture(self.pg_interfaces)
+        self.pg_start()
+        self.pg1.get_capture(0, timeout=1)
+
+        err_new = self.statistics.get_err_counter(
+            '/err/nat44-ed-in2out-slowpath/out of ports')
+
+        self.assertEqual(err_new - err_old, len(pkts))
+
+        # in2out after NAT addresses added
+        self.nat44_add_address(self.nat_addr)
+
+        err_old = self.statistics.get_err_counter(
+            '/err/nat44-ed-in2out-slowpath/out of ports')
+
+        pkts = self.create_stream_in(self.pg0, self.pg1)
+        self.pg0.add_stream(pkts)
+        self.pg_enable_capture(self.pg_interfaces)
+        self.pg_start()
+        capture = self.pg1.get_capture(len(pkts))
+        self.verify_capture_out(capture)
+
+        err_new = self.statistics.get_err_counter(
+            '/err/nat44-ed-in2out-slowpath/out of ports')
+
+        self.assertEqual(err_new, err_old)
+
     def test_dynamic_output_feature_vrf(self):
         """ NAT44 dynamic translation test: output-feature, VRF"""
author	Alexander Chernavin <achernavin@netgate.com>	2020-05-14 03:35:47 -0400
committer	Ole Trøan <otroan@employees.org>	2020-05-14 12:08:43 +0000
commit	88120824acc299a0aec17ce4c208dbc8be394779 (patch)
tree	d4575d5ed919152b7ad638043206b110ee097c58 /src/plugins/nat
parent	dbd366b239c0506b0d9984e7481967e038f10a23 (diff)