[ovs-dev] [PATCH 4/6] datapath: backport: openvswitch: fix conntrack netlink event delivery

Jesse Gross jesse at kernel.org
Wed Aug 3 19:19:25 UTC 2016


On Wed, Aug 3, 2016 at 10:08 AM, Pravin B Shelar <pshelar at ovn.org> wrote:
> Upstream commit:
>
>     commit d913d3a763a6f66a862a6eafcf6da89a7905832a
>     Author: Samuel Gauthier <samuel.gauthier at 6wind.com>
>     Date:   Tue Jun 28 17:22:26 2016 +0200
>
>     openvswitch: fix conntrack netlink event delivery
>
>     Only the first and last netlink message for a particular conntrack are
>     actually sent. The first message is sent through nf_conntrack_confirm when
>     the conntrack is committed. The last one is sent when the conntrack is
>     destroyed on timeout. The other conntrack state change messages are not
>     advertised.
>
>     When the conntrack subsystem is used from netfilter, nf_conntrack_confirm
>     is called for each packet, from the postrouting hook, which in turn calls
>     nf_ct_deliver_cached_events to send the state change netlink messages.
>
>     This commit fixes the problem by calling nf_ct_deliver_cached_events in the
>     non-commit case as well.
>
>     Fixes: 7f8a436eaa2c ("openvswitch: Add conntrack action")
>     CC: Joe Stringer <joestringer at nicira.com>
>     CC: Justin Pettit <jpettit at nicira.com>
>     CC: Andy Zhou <azhou at nicira.com>
>     CC: Thomas Graf <tgraf at suug.ch>
>     Signed-off-by: Samuel Gauthier <samuel.gauthier at 6wind.com>
>     Acked-by: Joe Stringer <joe at ovn.org>
>     Signed-off-by: David S. Miller <davem at davemloft.net>
>
> Signed-off-by: Pravin B Shelar <pshelar at ovn.org>

Acked-by: Jesse Gross <jesse at kernel.org>



More information about the dev mailing list