subject:"\[PATCH nf 1\/1\] netfilter\: expect\: Make sure the max_expected limit is effective"

RE: [PATCH nf 1/1] netfilter: expect: Make sure the max_expected limit is effective

2017-03-24 Thread Gao Feng

Hi Pablo, > -Original Message- > From: Pablo Neira Ayuso [mailto:pa...@netfilter.org] > Sent: Friday, March 24, 2017 7:43 PM > To: gfree.w...@foxmail.com > Cc: netfilter-devel@vger.kernel.org; Gao Feng <f...@ikuai8.com> > Subject: Re: [PATCH nf 1/1] netf

Re: [PATCH nf 1/1] netfilter: expect: Make sure the max_expected limit is effective

2017-03-24 Thread Pablo Neira Ayuso

On Fri, Mar 24, 2017 at 09:38:37AM +0800, gfree.w...@foxmail.com wrote: > From: Gao Feng > > Because the type of expecting, the member of nf_conn_help, is u8, it > would overflow after reach U8_MAX(255). So it doesn't work when we > configure the max_expected exceeds 255 with

[PATCH nf 1/1] netfilter: expect: Make sure the max_expected limit is effective

2017-03-23 Thread gfree . wind

From: Gao Feng Because the type of expecting, the member of nf_conn_help, is u8, it would overflow after reach U8_MAX(255). So it doesn't work when we configure the max_expected exceeds 255 with expect policy. Now add the check for max_expected. Return the -EINVAL when it