[ovs-dev] [patch v1] conntrack: Fix icmp error address sanity check.
Ben Pfaff
blp at ovn.org
Mon Dec 11 22:43:43 UTC 2017
OK, I made that change and applied it to branch-2.8. It didn't apply
cleanly to 2.7 or 2.6, can you look at that?
On Mon, Dec 11, 2017 at 10:28:32PM +0000, Darrell Ball wrote:
> Yes, it is Ben
>
> Thanks Darrell
>
> On 12/11/17, 2:27 PM, "Ben Pfaff" <blp at ovn.org> wrote:
>
> It fails to apply due to conflicts in system-traffic.at. Is it safe to
> drop that change and apply the rest?
>
> On Mon, Dec 11, 2017 at 10:22:39PM +0000, Darrell Ball wrote:
> > Needs to go back to 2.6; at least the changes in lib/conntrack.c
> >
> > Thanks Darrell
> >
> > On 12/11/17, 2:20 PM, "ovs-dev-bounces at openvswitch.org on behalf of Ben Pfaff" <ovs-dev-bounces at openvswitch.org on behalf of blp at ovn.org> wrote:
> >
> > On Wed, Dec 06, 2017 at 06:04:20PM -0800, Darrell Ball wrote:
> > > An address sanity check is done on icmp error packets to
> > > check that the icmp error payload makes sense w.r.t. the
> > > packet itself.
> > >
> > > The sanity check was partially incorrect since it tried
> > > to verify the source address of the error packet against the
> > > original destination, which does not makes since the error
> > > can be generated by any intermediate node.
> > >
> > > Reported-by: wangzhike <wangzhike at jd.com>
> > > Reported-at: https://urldefense.proofpoint.com/v2/url?u=https-3A__mail.openvswitch.org_pipermail_ovs-2Ddev_2017-2DDecember_341609.html&d=DwICAg&c=uilaK90D4TOVoH58JNXRgQ&r=BVhFA09CGX7JQ5Ih-uZnsw&m=C2QYD5JosF5j-X3I7nmikMajbKHF9WqhgGQZdigkYP8&s=1wKg_9t4kVTzgXsNG4PwRgPDVzKsu1POFWnH6x-eX-U&e=
> > > Fixes: a489b1685 ("conntrack: New userspace connection tracker.")
> > > CC: Daniele Di Proietto <diproiettod at vmware.com>
> > > Signed-off-by: Darrell Ball <dlu998 at gmail.com>
> > > Signed-off-by: wangzhike <wangzhike at jd.com>
> > > Co-authored-by: wangzhike <wangzhike at jd.com>
> >
> > Thanks Darrell and wangzhike, I applied this to master.
> >
> > Let me know if this or the other series I recently applied needs
> > backporting.
> > _______________________________________________
> > dev mailing list
> > dev at openvswitch.org
> > https://urldefense.proofpoint.com/v2/url?u=https-3A__mail.openvswitch.org_mailman_listinfo_ovs-2Ddev&d=DwICAg&c=uilaK90D4TOVoH58JNXRgQ&r=BVhFA09CGX7JQ5Ih-uZnsw&m=C2QYD5JosF5j-X3I7nmikMajbKHF9WqhgGQZdigkYP8&s=DzvbErqrp1sqYj50u5y8oMwBgVZVFjUdhRitCukx98c&e=
> >
> >
>
>
More information about the dev
mailing list