[ovs-dev] [PATCH v2] datapath-windows: Include ICMP type and code fields to find a matching ct entry

Tue Jun 27 20:13:05 UTC 2017

On 27 June 2017 at 12:48, Anand Kumar <kumaranand at vmware.com> wrote:

> Hi Guru,
>
> Could you please apply this patch?
>
Applied, thanks for the reminder.

>
> Thanks,
> Anand Kumar
>
> On 6/23/17, 3:04 PM, "Sairam Venugopal" <vsairam at vmware.com> wrote:
>
>     Acked-by: Sairam Venugopal <vsairam at vmware.com>
>
>
>
>
>
>     On 6/23/17, 2:05 PM, "ovs-dev-bounces at openvswitch.org on behalf of
> Anand Kumar" <ovs-dev-bounces at openvswitch.org on behalf of
> kumaranand at vmware.com> wrote:
>
>     >In conntrack lookup, ICMP type and code fields were not being used to
>     >determine a matching entry. As a result, ICMP4_ECHO_REQUEST packet
> could
>     >be tracked as ICMP4_ECHO_REPLY packet and vice versa, which is
> invalid.
>     >
>     >To fix this, add ICMP type and code fields for matching a conntrack
> entry.
>     >
>     >Signed-off-by: Anand Kumar <kumaranand at vmware.com>
>     >Acked-by: Sairam Venugopal <vsairam at vmware.com>
>     >---
>     > datapath-windows/ovsext/Conntrack.c | 16 +++++++---------
>     > 1 file changed, 7 insertions(+), 9 deletions(-)
>     >
>     >diff --git a/datapath-windows/ovsext/Conntrack.c
> b/datapath-windows/ovsext/Conntrack.c
>     >index 07a9583..e97d6ce 100644
>     >--- a/datapath-windows/ovsext/Conntrack.c
>     >+++ b/datapath-windows/ovsext/Conntrack.c
>     >@@ -383,15 +383,13 @@ OvsDetectCtPacket(OvsForwardingContext *fwdCtx,
>     > BOOLEAN
>     > OvsCtKeyAreSame(OVS_CT_KEY ctxKey, OVS_CT_KEY entryKey)
>     > {
>     >-    return ((ctxKey.src.addr.ipv4 == entryKey.src.addr.ipv4) &&
>     >-        (ctxKey.src.addr.ipv4_aligned == entryKey.src.addr.ipv4_aligned)
> &&
>     >-        (ctxKey.src.port == entryKey.src.port) &&
>     >-        (ctxKey.dst.addr.ipv4 == entryKey.dst.addr.ipv4) &&
>     >-        (ctxKey.dst.addr.ipv4_aligned == entryKey.dst.addr.ipv4_aligned)
> &&
>     >-        (ctxKey.dst.port == entryKey.dst.port) &&
>     >-        (ctxKey.dl_type == entryKey.dl_type) &&
>     >-        (ctxKey.nw_proto == entryKey.nw_proto) &&
>     >-        (ctxKey.zone == entryKey.zone));
>     >+    return ((NdisEqualMemory(&ctxKey.src, &entryKey.src,
>     >+                             sizeof(struct ct_endpoint))) &&
>     >+            (NdisEqualMemory(&ctxKey.dst, &entryKey.dst,
>     >+                             sizeof(struct ct_endpoint))) &&
>     >+            (ctxKey.dl_type == entryKey.dl_type) &&
>     >+            (ctxKey.nw_proto == entryKey.nw_proto) &&
>     >+            (ctxKey.zone == entryKey.zone));
>     > }
>     >
>     > static __inline VOID
>     >--
>     >2.9.3.windows.1
>     >
>     >_______________________________________________
>     >dev mailing list
>     >dev at openvswitch.org
>     >https://urldefense.proofpoint.com/v2/url?u=https-
> 3A__mail.openvswitch.org_mailman_listinfo_ovs-2Ddev&d=DwICAg&c=
> uilaK90D4TOVoH58JNXRgQ&r=Z6vowHUOjP5ysP_g372c49Nqc1vEKqHKNBkR5Q5Z7uo&m=
> dZbQHOKOvzZMDRL3iLHrW462Arv61PvgHu7MBbIgGfE&s=J6o8L1w_jhv5yW37xELhRdaqZnN-
> WcG8UAHw4xlXG7I&e=
>
>
>
>
>