summaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/in2out.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/plugins/nat/in2out.c')
-rwxr-xr-xsrc/plugins/nat/in2out.c22
1 files changed, 13 insertions, 9 deletions
diff --git a/src/plugins/nat/in2out.c b/src/plugins/nat/in2out.c
index b0dbbc8fa11..5f2f43f7f81 100755
--- a/src/plugins/nat/in2out.c
+++ b/src/plugins/nat/in2out.c
@@ -162,7 +162,7 @@ typedef enum {
/**
* @brief Check if packet should be translated
*
- * Packets aimed at outside interface and external addresss with active session
+ * Packets aimed at outside interface and external address with active session
* should be translated.
*
* @param sm NAT main
@@ -273,6 +273,7 @@ static u32 slow_path (snat_main_t *sm, vlib_buffer_t *b0,
if (PREDICT_FALSE (maximum_sessions_exceeded(sm, thread_index)))
{
b0->error = node->errors[SNAT_IN2OUT_ERROR_MAX_SESSIONS_EXCEEDED];
+ nat_ipfix_logging_max_sessions(sm->max_translations);
return SNAT_IN2OUT_NEXT_DROP;
}
@@ -294,13 +295,6 @@ static u32 slow_path (snat_main_t *sm, vlib_buffer_t *b0,
return SNAT_IN2OUT_NEXT_DROP;
}
- s = nat_session_alloc_or_recycle (sm, u, thread_index);
- if (!s)
- {
- clib_warning ("create NAT session failed");
- return SNAT_IN2OUT_NEXT_DROP;
- }
-
/* First try to match static mapping by local address and port */
if (snat_static_mapping_match (sm, *key0, &key1, 0, 0, 0))
{
@@ -319,9 +313,17 @@ static u32 slow_path (snat_main_t *sm, vlib_buffer_t *b0,
else
{
u->nstaticsessions++;
- s->flags |= SNAT_SESSION_FLAG_STATIC_MAPPING;
}
+ s = nat_session_alloc_or_recycle (sm, u, thread_index);
+ if (!s)
+ {
+ clib_warning ("create NAT session failed");
+ return SNAT_IN2OUT_NEXT_DROP;
+ }
+
+ if (address_index == ~0)
+ s->flags |= SNAT_SESSION_FLAG_STATIC_MAPPING;
s->outside_address_index = address_index;
s->in2out = *key0;
s->out2in = key1;
@@ -1002,6 +1004,7 @@ snat_in2out_unknown_proto (snat_main_t *sm,
if (PREDICT_FALSE (maximum_sessions_exceeded(sm, thread_index)))
{
b->error = node->errors[SNAT_IN2OUT_ERROR_MAX_SESSIONS_EXCEEDED];
+ nat_ipfix_logging_max_sessions(sm->max_translations);
return 0;
}
@@ -1189,6 +1192,7 @@ snat_in2out_lb (snat_main_t *sm,
if (PREDICT_FALSE (maximum_sessions_exceeded (sm, thread_index)))
{
b->error = node->errors[SNAT_IN2OUT_ERROR_MAX_SESSIONS_EXCEEDED];
+ nat_ipfix_logging_max_sessions(sm->max_translations);
return 0;
}