summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xsrc/plugins/nat/out2in.c8
-rw-r--r--test/test_nat.py26
2 files changed, 34 insertions, 0 deletions
diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c
index 9cace08c565..52f2023efe1 100755
--- a/src/plugins/nat/out2in.c
+++ b/src/plugins/nat/out2in.c
@@ -1443,6 +1443,12 @@ nat44_out2in_reass_node_fn (vlib_main_t * vm,
node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
next0 = SNAT_OUT2IN_NEXT_DROP;
}
+ else
+ {
+ reass0->flags |= NAT_REASS_FLAG_ED_DONT_TRANSLATE;
+ nat_ip4_reass_get_frags (reass0,
+ &fragments_to_loopback);
+ }
goto trace0;
}
@@ -1474,6 +1480,8 @@ nat44_out2in_reass_node_fn (vlib_main_t * vm,
}
else
{
+ if (reass0->flags & NAT_REASS_FLAG_ED_DONT_TRANSLATE)
+ goto trace0;
if (PREDICT_FALSE (reass0->sess_index == (u32) ~ 0))
{
if (nat_ip4_reass_add_fragment
diff --git a/test/test_nat.py b/test/test_nat.py
index 22e8903caf5..bc476239975 100644
--- a/test/test_nat.py
+++ b/test/test_nat.py
@@ -3339,6 +3339,32 @@ class TestNAT44(MethodHolder):
self.frag_in_order(proto=IP_PROTOS.udp)
self.frag_in_order(proto=IP_PROTOS.icmp)
+ def test_frag_forwarding(self):
+ """ NAT44 forwarding fragment test """
+ self.vapi.nat44_add_interface_addr(self.pg1.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
+ self.vapi.nat44_forwarding_enable_disable(1)
+
+ data = "A" * 16 + "B" * 16 + "C" * 3
+ pkts = self.create_stream_frag(self.pg1,
+ self.pg0.remote_ip4,
+ 4789,
+ 4789,
+ data,
+ proto=IP_PROTOS.udp)
+ self.pg1.add_stream(pkts)
+ self.pg_enable_capture(self.pg_interfaces)
+ self.pg_start()
+ frags = self.pg0.get_capture(len(pkts))
+ p = self.reass_frags_and_verify(frags,
+ self.pg1.remote_ip4,
+ self.pg0.remote_ip4)
+ self.assertEqual(p[UDP].sport, 4789)
+ self.assertEqual(p[UDP].dport, 4789)
+ self.assertEqual(data, p[Raw].load)
+
def test_reass_hairpinning(self):
""" NAT44 fragments hairpinning """