subject:"\[PATCH nf 1\/1\] netfilter\: h323,sip\: Fix possible dead loop in nat_rtp_rtcp and nf_nat_sdp_media"

Re: [PATCH nf 1/1] netfilter: h323,sip: Fix possible dead loop in nat_rtp_rtcp and nf_nat_sdp_media

2017-03-02 Thread Liping Zhang

Hi, 2017-03-02 18:18 GMT+08:00 Gao Feng : [...] > The expect class is NF_CT_EXPECT_CLASS_DEFAULT, and proto is > IPPROTO_UDP at the function "expect_rtp_rtcp", > And it makes sure the port is even number. > > But look at the process_gcf, the port is got from the packet data at >

Re: [PATCH nf 1/1] netfilter: h323,sip: Fix possible dead loop in nat_rtp_rtcp and nf_nat_sdp_media

2017-03-02 Thread Liping Zhang

Hi, 2017-03-02 15:57 GMT+08:00 : > From: Gao Feng > > When h323 and sip try to insert expect nodes, they would increase > the port by 2 for loop, and the loop condition is that "port != 0". > So when the start port is odd number, port never increases to zero.

Re: [PATCH nf 1/1] netfilter: h323,sip: Fix possible dead loop in nat_rtp_rtcp and nf_nat_sdp_media

2017-03-02 Thread Gao Feng

Hi Liping, On Thu, Mar 2, 2017 at 7:18 PM, Liping Zhang wrote: > Hi, > 2017-03-02 18:18 GMT+08:00 Gao Feng : > [...] >> The expect class is NF_CT_EXPECT_CLASS_DEFAULT, and proto is >> IPPROTO_UDP at the function "expect_rtp_rtcp", >> And it makes sure the

[PATCH nf 1/1] netfilter: h323,sip: Fix possible dead loop in nat_rtp_rtcp and nf_nat_sdp_media

2017-03-02 Thread fgao

From: Gao Feng When h323 and sip try to insert expect nodes, they would increase the port by 2 for loop, and the loop condition is that "port != 0". So when the start port is odd number, port never increases to zero. Now make port as u32 instead of u_int16_t, and the loop