[ovs-git] [openvswitch/ovs] 22b65e: OVN: add tcp_reset{} action support

GitHub noreply at github.com
Wed Apr 4 17:11:20 UTC 2018


  Branch: refs/heads/master
  Home:   https://github.com/openvswitch/ovs
  Commit: 22b65e4d3da7f812b7c1dbc3abcaedb8f05dfb96
      https://github.com/openvswitch/ovs/commit/22b65e4d3da7f812b7c1dbc3abcaedb8f05dfb96
  Author: Lorenzo Bianconi <lorenzo.bianconi at redhat.com>
  Date:   2018-04-04 (Wed, 04 Apr 2018)

  Changed paths:
    M include/ovn/actions.h
    M ovn/controller/pinctrl.c
    M ovn/lib/actions.c
    M ovn/ovn-sb.xml
    M ovn/utilities/ovn-trace.c
    M tests/ovn.at

  Log Message:
  -----------
  OVN: add tcp_reset{} action support

tcp_reset action transforms the current TCP segment according to the
following pseudocode:

if (tcp.ack) {
  tcp.seq = tcp.ack;
} else {
  tcp.ack = tcp.seq + length(tcp.payload);
  tcp.seq = 0;
}
tcp.flags = RST;

Then, the action drops all TCP options and payload data, and updates
the TCP checksum. IP ttl is set to 255.
Prerequisite: tcp

Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>


  Commit: c20ab6aa0087b5365e21746df497868bf3343612
      https://github.com/openvswitch/ovs/commit/c20ab6aa0087b5365e21746df497868bf3343612
  Author: Lorenzo Bianconi <lorenzo.bianconi at redhat.com>
  Date:   2018-04-04 (Wed, 04 Apr 2018)

  Changed paths:
    M ovn/northd/ovn-northd.c
    M ovn/ovn-nb.xml
    M tests/ovn.at

  Log Message:
  -----------
  OVN: add tcp_reset action to ovn acl reject support

Whenever the acl reject rule is hit by a TCP segment send back
a TCP RST packet to close the connection using the tcp_reset action.
Moreover add add tcp_reset test case to 'ACL reject rule test'

Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>


Compare: https://github.com/openvswitch/ovs/compare/0056086d7554...c20ab6aa0087


More information about the git mailing list