From: ldejing <[email protected]>
When icmp error code send back to sender, currently ovs ct can't create
conntrack for the error code properly, this patch mainly fix the bug.
icmp error code test case:
1) packet too big.
2) network unreachable
3) parameter problem
Signed-off-by: ldejing <[email protected]>
---
datapath-windows/ovsext/Conntrack-icmp.c | 6 +++++-
datapath-windows/ovsext/Conntrack.c | 4 ++--
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/datapath-windows/ovsext/Conntrack-icmp.c
b/datapath-windows/ovsext/Conntrack-icmp.c
index 9221f8518..081eb73d9 100644
--- a/datapath-windows/ovsext/Conntrack-icmp.c
+++ b/datapath-windows/ovsext/Conntrack-icmp.c
@@ -78,7 +78,11 @@ OvsConntrackValidateIcmp6Packet(const ICMPHdr *icmp)
return FALSE;
}
- return icmp->type == ICMP6_ECHO_REQUEST;
+ return icmp->type == ICMP6_ECHO_REQUEST ||
+ icmp->type == ICMP6_PACKET_TOO_BIG ||
+ icmp->type == ICMP6_DST_UNREACH ||
+ icmp->type == ICMP6_TIME_EXCEEDED ||
+ icmp->type == ICMP6_PARAM_PROB;
}
OVS_CT_ENTRY *
diff --git a/datapath-windows/ovsext/Conntrack.c
b/datapath-windows/ovsext/Conntrack.c
index 471bf961b..f56349640 100644
--- a/datapath-windows/ovsext/Conntrack.c
+++ b/datapath-windows/ovsext/Conntrack.c
@@ -356,8 +356,8 @@ OvsCtEntryCreate(OvsForwardingContext *fwdCtx,
const ICMPHdr *icmp;
icmp = OvsGetIcmp(curNbl, layers->l4Offset, &storage);
if (!OvsConntrackValidateIcmp6Packet(icmp)) {
- if(icmp) {
- OVS_LOG_TRACE("Invalid ICMP packet detected, icmp->type %u",
+ if (icmp) {
+ OVS_LOG_TRACE("Invalid ICMP6 packet detected, icmp->type %u",
icmp->type);
}
state = OVS_CS_F_INVALID;
--
2.30.1 (Apple Git-130)
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
