[ovs-git] [openvswitch/ovs] 413ebd: conntrack: Lookup only 'UNNAT conns' in 'nat_clean...
Ben Pfaff
noreply at github.com
Fri Mar 15 22:58:15 UTC 2019
Branch: refs/heads/branch-2.10
Home: https://github.com/openvswitch/ovs
Commit: 413ebd402247d5ac6f524478028e2bea2651c39b
https://github.com/openvswitch/ovs/commit/413ebd402247d5ac6f524478028e2bea2651c39b
Author: Darrell Ball <dlu998 at gmail.com>
Date: 2019-03-15 (Fri, 15 Mar 2019)
Changed paths:
M lib/conntrack.c
Log Message:
-----------
conntrack: Lookup only 'UNNAT conns' in 'nat_clean()'.
When freeing 'UNNAT conns', lookup only 'UNNAT conns' to
protect against possible address overlap with 'default
conns' during a DOS attempt. This is very unlikely, but
protection is simple.
Fixes: 286de2729955 ("dpdk: Userspace Datapath: Introduce NAT Support.")
Signed-off-by: Darrell Ball <dlu998 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
More information about the git
mailing list