diff options
Diffstat (limited to 'src/plugins/nat/in2out.c')
-rwxr-xr-x | src/plugins/nat/in2out.c | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/src/plugins/nat/in2out.c b/src/plugins/nat/in2out.c index b0dbbc8fa11..5f2f43f7f81 100755 --- a/src/plugins/nat/in2out.c +++ b/src/plugins/nat/in2out.c @@ -162,7 +162,7 @@ typedef enum { /** * @brief Check if packet should be translated * - * Packets aimed at outside interface and external addresss with active session + * Packets aimed at outside interface and external address with active session * should be translated. * * @param sm NAT main @@ -273,6 +273,7 @@ static u32 slow_path (snat_main_t *sm, vlib_buffer_t *b0, if (PREDICT_FALSE (maximum_sessions_exceeded(sm, thread_index))) { b0->error = node->errors[SNAT_IN2OUT_ERROR_MAX_SESSIONS_EXCEEDED]; + nat_ipfix_logging_max_sessions(sm->max_translations); return SNAT_IN2OUT_NEXT_DROP; } @@ -294,13 +295,6 @@ static u32 slow_path (snat_main_t *sm, vlib_buffer_t *b0, return SNAT_IN2OUT_NEXT_DROP; } - s = nat_session_alloc_or_recycle (sm, u, thread_index); - if (!s) - { - clib_warning ("create NAT session failed"); - return SNAT_IN2OUT_NEXT_DROP; - } - /* First try to match static mapping by local address and port */ if (snat_static_mapping_match (sm, *key0, &key1, 0, 0, 0)) { @@ -319,9 +313,17 @@ static u32 slow_path (snat_main_t *sm, vlib_buffer_t *b0, else { u->nstaticsessions++; - s->flags |= SNAT_SESSION_FLAG_STATIC_MAPPING; } + s = nat_session_alloc_or_recycle (sm, u, thread_index); + if (!s) + { + clib_warning ("create NAT session failed"); + return SNAT_IN2OUT_NEXT_DROP; + } + + if (address_index == ~0) + s->flags |= SNAT_SESSION_FLAG_STATIC_MAPPING; s->outside_address_index = address_index; s->in2out = *key0; s->out2in = key1; @@ -1002,6 +1004,7 @@ snat_in2out_unknown_proto (snat_main_t *sm, if (PREDICT_FALSE (maximum_sessions_exceeded(sm, thread_index))) { b->error = node->errors[SNAT_IN2OUT_ERROR_MAX_SESSIONS_EXCEEDED]; + nat_ipfix_logging_max_sessions(sm->max_translations); return 0; } @@ -1189,6 +1192,7 @@ snat_in2out_lb (snat_main_t *sm, if (PREDICT_FALSE (maximum_sessions_exceeded (sm, thread_index))) { b->error = node->errors[SNAT_IN2OUT_ERROR_MAX_SESSIONS_EXCEEDED]; + nat_ipfix_logging_max_sessions(sm->max_translations); return 0; } |