From bf9a0c8097d47f052efea13a09d3a6c6fc68fb35 Mon Sep 17 00:00:00 2001
From: Elias Rudberg <elias.rudberg@bahnhof.net>
Date: Thu, 2 Jul 2020 21:21:34 +0200
Subject: nat: fix port number selection

Change the port number selection for new NAT sessions so that it
matches how the thread index is calculated from the port number for
out2in packets. Before this change there was a problem when the
largest port number in the range was used, that resulted in the wrong
thread index being selected when out2in packets arrive for that
session.

Type: fix

Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Change-Id: I936c389eb0d5df6168e18e5e44754de1cdad6ad1
Signed-off-by: Klement Sekera <ksekera@cisco.com>
---
 src/plugins/nat/in2out_ed.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'src/plugins/nat/in2out_ed.c')

diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c
index 080f37e7c15..8eafb5ba7ed 100644
--- a/src/plugins/nat/in2out_ed.c
+++ b/src/plugins/nat/in2out_ed.c
@@ -217,14 +217,14 @@ nat_ed_alloc_addr_and_port (snat_main_t * sm, u32 rx_fib_index,
     if (a->fib_index == rx_fib_index)                                        \
       {                                                                      \
         /* first try port suggested by caller */                             \
-        u16 port = clib_net_to_host_u16 (*outside_port);                   \
+        u16 port = clib_net_to_host_u16 (*outside_port);                     \
         u16 port_offset = port - port_thread_offset;                         \
         if (port <= port_thread_offset ||                                    \
             port > port_thread_offset + port_per_thread)                     \
           {                                                                  \
             /* need to pick a different port, suggested port doesn't fit in  \
              * this thread's port range */                                   \
-            port_offset = snat_random_port (1, port_per_thread);             \
+            port_offset = snat_random_port (0, port_per_thread - 1);         \
             port = port_thread_offset + port_offset;                         \
           }                                                                  \
         u16 attempts = port_per_thread;                                      \
@@ -240,8 +240,8 @@ nat_ed_alloc_addr_and_port (snat_main_t * sm, u32 rx_fib_index,
                 ++a->busy_##n##_port_refcounts[port];                        \
                 a->busy_##n##_ports_per_thread[thread_index]++;              \
                 a->busy_##n##_ports++;                                       \
-                *outside_addr = a->addr;                                   \
-                *outside_port = clib_host_to_net_u16 (port);               \
+                *outside_addr = a->addr;                                     \
+                *outside_port = clib_host_to_net_u16 (port);                 \
                 return 0;                                                    \
               }                                                              \
             port_offset = (port_offset + 1) % port_per_thread;               \
-- 
cgit 1.2.3-korg