[ovs-dev] [PATCH v2] datapath-windows: Include ICMP type and code fields to find a matching ct entry
Sairam Venugopal
vsairam at vmware.com
Fri Jun 23 22:04:42 UTC 2017
Acked-by: Sairam Venugopal <vsairam at vmware.com>
On 6/23/17, 2:05 PM, "ovs-dev-bounces at openvswitch.org on behalf of Anand Kumar" <ovs-dev-bounces at openvswitch.org on behalf of kumaranand at vmware.com> wrote:
>In conntrack lookup, ICMP type and code fields were not being used to
>determine a matching entry. As a result, ICMP4_ECHO_REQUEST packet could
>be tracked as ICMP4_ECHO_REPLY packet and vice versa, which is invalid.
>
>To fix this, add ICMP type and code fields for matching a conntrack entry.
>
>Signed-off-by: Anand Kumar <kumaranand at vmware.com>
>Acked-by: Sairam Venugopal <vsairam at vmware.com>
>---
> datapath-windows/ovsext/Conntrack.c | 16 +++++++---------
> 1 file changed, 7 insertions(+), 9 deletions(-)
>
>diff --git a/datapath-windows/ovsext/Conntrack.c b/datapath-windows/ovsext/Conntrack.c
>index 07a9583..e97d6ce 100644
>--- a/datapath-windows/ovsext/Conntrack.c
>+++ b/datapath-windows/ovsext/Conntrack.c
>@@ -383,15 +383,13 @@ OvsDetectCtPacket(OvsForwardingContext *fwdCtx,
> BOOLEAN
> OvsCtKeyAreSame(OVS_CT_KEY ctxKey, OVS_CT_KEY entryKey)
> {
>- return ((ctxKey.src.addr.ipv4 == entryKey.src.addr.ipv4) &&
>- (ctxKey.src.addr.ipv4_aligned == entryKey.src.addr.ipv4_aligned) &&
>- (ctxKey.src.port == entryKey.src.port) &&
>- (ctxKey.dst.addr.ipv4 == entryKey.dst.addr.ipv4) &&
>- (ctxKey.dst.addr.ipv4_aligned == entryKey.dst.addr.ipv4_aligned) &&
>- (ctxKey.dst.port == entryKey.dst.port) &&
>- (ctxKey.dl_type == entryKey.dl_type) &&
>- (ctxKey.nw_proto == entryKey.nw_proto) &&
>- (ctxKey.zone == entryKey.zone));
>+ return ((NdisEqualMemory(&ctxKey.src, &entryKey.src,
>+ sizeof(struct ct_endpoint))) &&
>+ (NdisEqualMemory(&ctxKey.dst, &entryKey.dst,
>+ sizeof(struct ct_endpoint))) &&
>+ (ctxKey.dl_type == entryKey.dl_type) &&
>+ (ctxKey.nw_proto == entryKey.nw_proto) &&
>+ (ctxKey.zone == entryKey.zone));
> }
>
> static __inline VOID
>--
>2.9.3.windows.1
>
>_______________________________________________
>dev mailing list
>dev at openvswitch.org
>https://urldefense.proofpoint.com/v2/url?u=https-3A__mail.openvswitch.org_mailman_listinfo_ovs-2Ddev&d=DwICAg&c=uilaK90D4TOVoH58JNXRgQ&r=Z6vowHUOjP5ysP_g372c49Nqc1vEKqHKNBkR5Q5Z7uo&m=dZbQHOKOvzZMDRL3iLHrW462Arv61PvgHu7MBbIgGfE&s=J6o8L1w_jhv5yW37xELhRdaqZnN-WcG8UAHw4xlXG7I&e=
More information about the dev
mailing list