From 26c9d4b0cd9c53054d1174bc15aaf8c07e9a8f93 Mon Sep 17 00:00:00 2001 From: Klement Sekera Date: Sun, 5 Apr 2020 17:07:32 +0200 Subject: nat: don't drop packet for expired session If session is expired, the packet which we just received might be a one, which legitimely creates a new session, process it in slow path instead to decide the outcome. Type: fix Signed-off-by: Klement Sekera Change-Id: I45628f52d37ae9dee5e8aa58171ff0b86f91f5dd --- src/plugins/nat/in2out_ed.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/plugins/nat/in2out_ed.c') diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c index 4be76372a49..6ca1e6ecb4d 100644 --- a/src/plugins/nat/in2out_ed.c +++ b/src/plugins/nat/in2out_ed.c @@ -982,8 +982,8 @@ nat44_ed_in2out_fast_path_node_fn_inline (vlib_main_t * vm, nat_free_session_data (sm, s0, thread_index, 0); nat44_delete_session (sm, s0, thread_index); - b0->error = node->errors[NAT_IN2OUT_ED_ERROR_SESS_EXPIRED]; - next0 = NAT_NEXT_DROP; + // session no longer exists, go slow path + next0 = def_slow; goto trace0; } -- cgit 1.2.3-korg