From 212ec2af92b148cd3747e6ab424c0080d4a62968 Mon Sep 17 00:00:00 2001 From: Nathan Skrzypczak Date: Tue, 3 Nov 2020 17:44:28 +0100 Subject: cnat: Fix invalid adj_index Type: fix When using sNAT in combination with cnat translations it might happen that the cnat_node_vip.c picks up a translation on a session that has an invalid lb index, thus resulting in a later crash in ip4-load-balance Change-Id: I82607086b2d672a9dcf26bfb82ad7f83e6474562 Signed-off-by: Nathan Skrzypczak --- src/plugins/cnat/cnat_session.h | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) (limited to 'src/plugins/cnat/cnat_session.h') diff --git a/src/plugins/cnat/cnat_session.h b/src/plugins/cnat/cnat_session.h index a1f3486417d..e352fe6e374 100644 --- a/src/plugins/cnat/cnat_session.h +++ b/src/plugins/cnat/cnat_session.h @@ -91,18 +91,36 @@ typedef struct cnat_session_t_ * Timestamp index this session was last used */ u32 cs_ts_index; - /** - * Indicates a return path session that was source NATed - * on the way in. - */ - u32 flags; + + union + { + /** + * session flags if cs_lbi == INDEX_INVALID + */ + u32 flags; + /** + * Persist translation->ct_lb.dpoi_next_node + * when cs_lbi != INDEX_INVALID + */ + u32 ct_index; + }; } value; } cnat_session_t; typedef enum cnat_session_flag_t_ { + /** + * Indicates a return path session that was source NATed + * on the way in. + */ CNAT_SESSION_FLAG_HAS_SNAT = (1 << 0), + /** + * This session source port was allocated, free it on cleanup + */ CNAT_SESSION_FLAG_ALLOC_PORT = (1 << 1), + /** + * This session doesn't have a client, do not attempt to free it + */ CNAT_SESSION_FLAG_NO_CLIENT = (1 << 2), } cnat_session_flag_t; -- cgit 1.2.3-korg