From 30d857cd07785461f993ec4a935d99af75673f4a Mon Sep 17 00:00:00 2001 From: Juraj Sloboda Date: Wed, 5 Apr 2017 15:59:21 +0200 Subject: Handle multiple flows with the same client port in deterministic NAT Handle situation when client tries to connect to multiple hosts/ports from the same client port. Extend matching to include remote host/port when searching for existing session and create session for each flow even when originating from the same client port. Change-Id: I4f54ded930e59e7196843c6bc1d2d2386c57cd3c Signed-off-by: Juraj Sloboda --- src/plugins/snat/snat_det.h | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'src/plugins/snat/snat_det.h') diff --git a/src/plugins/snat/snat_det.h b/src/plugins/snat/snat_det.h index 42ce87608b5..45e36829a20 100644 --- a/src/plugins/snat/snat_det.h +++ b/src/plugins/snat/snat_det.h @@ -125,16 +125,20 @@ snat_det_get_ses_by_out (snat_det_map_t * dm, ip4_address_t * in_addr, } always_inline snat_det_session_t * -snat_det_find_ses_by_in (snat_det_map_t * dm, - ip4_address_t * in_addr, u16 in_port) +snat_det_find_ses_by_in (snat_det_map_t * dm, ip4_address_t * in_addr, + u16 in_port, snat_det_out_key_t out_key) { + snat_det_session_t *ses; u32 user_offset; u16 i; user_offset = snat_det_user_ses_offset (in_addr, dm->in_plen); for (i = 0; i < SNAT_DET_SES_PER_USER; i++) { - if (dm->sessions[i + user_offset].in_port == in_port) + ses = &dm->sessions[i + user_offset]; + if (ses->in_port == in_port && + ses->out.ext_host_addr.as_u32 == out_key.ext_host_addr.as_u32 && + ses->out.ext_host_port == out_key.ext_host_port) return &dm->sessions[i + user_offset]; } -- cgit 1.2.3-korg