On Mon, Nov 26, 2018 at 08:48:37AM -0800, Darrell Ball wrote:
> Ephemeral port fallback is being done for DNAT and the code could be hit in
> some special cases and testing configurations. Also good packets are
> expected to be persistently dropped in this case, which is not a common
> user goal. Regardless, this is incorrect, so filter this out. Also, rename
> the variable used for checking whether ephemeral ports need to be checked.
>
> Reported-at:
> https://mail.openvswitch.org/pipermail/ovs-dev/2018-August/351629.html
> Fixes: 286de2729955 ("dpdk: Userspace Datapath: Introduce NAT Support.")
> Signed-off-by: Darrell Ball <[email protected]>
Does the following change actually have a behavioral difference? I see
that there's a renaming but the code flow change looks to me like it
would have the same behavior before and after. If so, could you please
just leave the code the same?
> - if (!original_ports_tried) {
> - original_ports_tried = true;
> + if (ephemeral_ports_tried) {
> + break;
> + } else {
> + ephemeral_ports_tried = true;
> ct_addr = conn->nat_info->min_addr;
> min_port = MIN_NAT_EPHEMERAL_PORT;
> max_port = MAX_NAT_EPHEMERAL_PORT;
> - } else {
> - break;
> }
Thanks,
Ben.
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
