ALG infra is added with support for FTP and TFTP.
Both V4 and V6 are supported.  Also, NAT is supported.

Three passive ftp system tests are added to complete testing
coverage of ftp for the userspace datapath, as the existing
coverage of passive ftp was limited to one part of one test
for V4 only.
Another system test is added covering tftp with NAT which
was not previously exercised.

v10->v11: Fix two copyright date ranges that got reverted
          in a snapshot revert.

v9->v10: Address code review comments (Ben) including
         introducing a new function conn_key_cmp() as
         a new patch.

v8->v9: Fix strcasestr as it may be used beyond just
        building for Windows.

v7->v8: Cleanup

v6->v7: Add strcasestr for Windows support.

v5->v6: Re-instated include inadvertently removed.
        Improve 2 of the new system tests in terms of
        potential races.

v4->v5: Address Ben's code review comments.
        First 3 patches were committed.

v3->v4: Fix tftp with NAT.
        Add a system test covering tftp with NAT.

v2->v3: Fix v4 passive ftp with NAT.
        Fix V6 passive ftp; parse check was broken.
        Add 3 tests covering v4/v6 passive ftp to
        complete ALG coverage in the system tests.
        
        Code review caught a memory leak of the alg
        string such as "ftp" that could occurs during
        nat tuple exhaustion. This is a pathological
        user error case whose fix was tested by
        instrumentated simulation.
        Code review also pointed out that a connection
        context copy was unclear; this was moved to the
        caller where all allocation and error cleanup is
        done.
        Added several lock annotations that were missing 
        from the original conntrack code and nat code.
        Other review comments were fixed.

v1->v2:
        Mostly the addition of V6 FTP and TFTP support.

        Removed define for unused FTP server port 20.

        Add overflow checks for port numbers.
        
        Instead of bypassing FTP bounce exploit with
        auto-correct, explicitly flag packet as invalid.

        Seq number overflow and underflow checks added.

Darrell Ball (7):
  string: Implement strcasestr for Windows.
  Userspace Datapath: Introduce conn_key_cmp().
  Userspace Datapath: Add ALG infra and FTP.
  Userspace Datapath: Add TFTP support.
  System tests: Enable ALGs for userspace.
  System tests: Add 4 new ftp and tftp tests.
  NEWS: Announce userspace datapath ALG support.

 NEWS                             |    1 +
 include/sparse/netinet/in.h      |    3 +-
 lib/conntrack-private.h          |   40 +-
 lib/conntrack.c                  | 1123 +++++++++++++++++++++++++++++++++++---
 lib/conntrack.h                  |   10 +-
 lib/string.c                     |   22 +-
 lib/string.h.in                  |    3 +-
 tests/system-traffic.at          |  242 ++++++++
 tests/system-userspace-macros.at |    7 +-
 9 files changed, 1357 insertions(+), 94 deletions(-)

-- 
1.9.1

_______________________________________________
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Reply via email to