From 6825bc11287fd48b9ff2a4236446db5426b78c93 Mon Sep 17 00:00:00 2001 From: Alexander Chernavin Date: Wed, 17 Apr 2019 04:38:04 -0400 Subject: nat: prevent creation when-resolved static mappings on errors When you create two identical NAT44 static mappings using interface name as external address and only local or ext port is different, VALUE_EXIST will be raised but when-resolved static mapping will remain. vpp# nat44 add static mapping tcp local 10.128.0.129 443 external GigabitEthernet0/8/0 8443 vpp# nat44 add static mapping tcp local 10.128.0.129 80 external GigabitEthernet0/8/0 8443 nat44 add static mapping: Mapping already exist. vpp# show nat44 static mappings NAT44 static mappings: tcp local 10.128.0.129:443 external 2.2.2.2:8443 vrf 0 tcp local 10.128.0.129:443 external GigabitEthernet0/8/0:8443 vrf -1 tcp local 10.128.0.129:80 external GigabitEthernet0/8/0:8443 vrf -1 With this commit, when-resolved static mapping is not created if the translation only differs in local or ext port. Change-Id: Ifc960b9dc1371caa2a8d3206a80a0ffd10d293e4 Signed-off-by: Alexander Chernavin --- src/plugins/nat/nat.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/plugins') diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c index 43ef325d591..97e2df1568e 100755 --- a/src/plugins/nat/nat.c +++ b/src/plugins/nat/nat.c @@ -713,7 +713,7 @@ snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, if (!addr_only) { - if (rp->l_port != l_port || rp->e_port != e_port + if ((rp->l_port != l_port && rp->e_port != e_port) || rp->proto != proto) continue; } -- cgit 1.2.3-korg