From b639b593372612fd3a55b3137b4fdd62df775d96 Mon Sep 17 00:00:00 2001 From: Andrew Yourtchenko Date: Wed, 9 Aug 2017 11:28:02 +0200 Subject: acl-plugin: all TCP sessions treated as transient (VPP-932) The packet that was creating the session was not tracked, consequently the TCP flags seen within the session record never got the value for the session to get treated as being in the established state. Test-escape, so add the TCP tests which test the three phases of the TCP session life and make them all pass. Change-Id: Ib048bc30c809a7f03be2de7e8361c2c281270348 Signed-off-by: Andrew Yourtchenko (cherry picked from commit 754370f1b55d4102d21dd94676f2bda3170c7df0) --- src/plugins/acl/fa_node.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/plugins/acl/fa_node.c b/src/plugins/acl/fa_node.c index 74079a2d4c3..1eeaa8c8df5 100644 --- a/src/plugins/acl/fa_node.c +++ b/src/plugins/acl/fa_node.c @@ -871,7 +871,7 @@ acl_fa_try_recycle_session (acl_main_t * am, int is_input, u16 thread_index, u32 } } -static void +static fa_session_t * acl_fa_add_session (acl_main_t * am, int is_input, u32 sw_if_index, u64 now, fa_5tuple_t * p5tuple) { @@ -915,6 +915,7 @@ acl_fa_add_session (acl_main_t * am, int is_input, u32 sw_if_index, u64 now, clib_mem_set_heap (oldheap); pw->fa_session_adds_by_sw_if_index[sw_if_index]++; clib_smp_atomic_add(&am->fa_session_total_adds, 1); + return sess; } static int @@ -1079,8 +1080,10 @@ acl_fa_node_fn (vlib_main_t * vm, if (acl_fa_can_add_session (am, is_input, sw_if_index0)) { - acl_fa_add_session (am, is_input, sw_if_index0, now, - &kv_sess); + fa_session_t *sess = acl_fa_add_session (am, is_input, sw_if_index0, now, + &kv_sess); + acl_fa_track_session (am, is_input, sw_if_index0, now, + sess, &fa_5tuple); pkts_new_session += 1; } else -- cgit 1.2.3-korg