Ilya Maximets <[email protected]> writes:
> On 12/23/20 12:23 PM, [email protected] wrote:
>> From: Tonghao Zhang <[email protected]>
>>
>> The same icmp packet may traverse conntrack module more than once.
>> Or same icmp packets traverse contranck module in orderly.
>>
>> Don't change stats to CS_ESTABLISHED before receiving reply or related
>> packets.
>>
>> Fixes: b269a1229df2 ("conntrack: Track ICMP type and code.")
>> Cc: Daniele Di Proietto <[email protected]>
>> Signed-off-by: Tonghao Zhang <[email protected]>
>> ---
>
> Hi, Aaron. Could you, please, take a look at this patch?
Will do.
>> lib/conntrack-icmp.c | 5 ++++-
>> 1 file changed, 4 insertions(+), 1 deletion(-)
>>
>> diff --git a/lib/conntrack-icmp.c b/lib/conntrack-icmp.c
>> index 9b7263011..7e24d90a5 100644
>> --- a/lib/conntrack-icmp.c
>> +++ b/lib/conntrack-icmp.c
>> @@ -59,13 +59,16 @@ icmp_conn_update(struct conntrack *ct, struct conn
>> *conn_,
>> struct dp_packet *pkt OVS_UNUSED, bool reply, long long
>> now)
>> {
>> struct conn_icmp *conn = conn_icmp_cast(conn_);
>> + enum ct_update_res ret = CT_UPDATE_VALID;
>>
>> if (reply && conn->state == ICMPS_FIRST) {
>> conn->state = ICMPS_REPLY;
>> + } else if (conn->state == ICMPS_FIRST) {
>> + ret = CT_UPDATE_VALID_NEW;
>> }
>>
>> conn_update_expiration(ct, &conn->up, icmp_timeouts[conn->state], now);
>> - return CT_UPDATE_VALID;
>> + return ret;
>> }
>>
>> static bool
>>
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
