[ovs-dev] [PATCH branch-2.8] conntrack: Fix ICMPv4 error data L4 length check.

Ben Pfaff blp at ovn.org
Mon Sep 23 20:50:11 UTC 2019


On Mon, Sep 23, 2019 at 12:00:33PM +0530, Vishal Deep Ajmera wrote:
> From: Darrell Ball <dlu998 at gmail.com>
> 
> The ICMPv4 error data L4 length check was found to be too strict for TCP,
> expecting a minimum of 20 rather than 8 bytes.  This worked by
> hapenstance for other inner protocols.  The approach is to explicitly
> handle the ICMPv4 error data L4 length check and to do this for all
> supported inner protocols in the same way.  Making the code common
> between protocols also allows the existing ICMPv4 related UDP tests to
> cover TCP and ICMP inner protocol cases.
> Note that ICMPv6 does not have an 8 byte limit for error L4 data.

Applied, thanks!


More information about the dev mailing list