From da34f4add5f141d58670d81d53553986e9a472b4 Mon Sep 17 00:00:00 2001 From: Vladislav Grishenko Date: Thu, 14 Sep 2023 22:14:38 +0500 Subject: nat: add ipfix rate-limiter for nat44-ed, nat44-ei and nat64 This prevents ipfix flood with the repeating events and allows to enable nat64 max_session and max_bibs events. Also fix wrong endian for det44 and nat64 ipfix tests, now should be fine with extended tests enabled. Max session per user event @ nat44-ei requires more precise rate limiter per user address, probably with sparse vec, not handled. Type: improvement Signed-off-by: Vladislav Grishenko Change-Id: Ib20cc1ee3f81e7acc88a415fe83b4e2deae2a836 --- src/plugins/nat/nat64/nat64_db.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/plugins/nat/nat64') diff --git a/src/plugins/nat/nat64/nat64_db.c b/src/plugins/nat/nat64/nat64_db.c index 82ef70de5cf..24f7f571c01 100644 --- a/src/plugins/nat/nat64/nat64_db.c +++ b/src/plugins/nat/nat64/nat64_db.c @@ -82,7 +82,7 @@ nat64_db_bib_entry_create (u32 thread_index, nat64_db_t * db, if (db->bib.bib_entries_num >= db->bib.limit) { db->free_addr_port_cb (db, out_addr, out_port, proto); - //nat_ipfix_logging_max_bibs (thread_index, db->bib.limit); + nat_ipfix_logging_max_bibs (thread_index, db->bib.limit); return 0; } @@ -401,7 +401,7 @@ nat64_db_st_entry_create (u32 thread_index, nat64_db_t * db, if (db->st.st_entries_num >= db->st.limit) { - //nat_ipfix_logging_max_sessions (thread_index, db->st.limit); + nat_ipfix_logging_max_sessions (thread_index, db->st.limit); return 0; } -- cgit 1.2.3-korg