: Thursday, December 07, 2017 10:14 AM
To: 王志克; d...@openvswitch.org; Daniele Di Proietto
Subject: Re: [ovs-dev] [PATCH] lib/conntrack: remove unnecessary addr check
for ICMP.
Hi Wang
To speed up the process, I sent an alternative patch here:
https://patchwork.
; Daniele Di Proietto
Subject: Re: [ovs-dev] [PATCH] lib/conntrack: remove unnecessary addr check for
ICMP.
Hi Wang
To speed up the process, I sent an alternative patch here:
https://patchwork.ozlabs.org/patch/845407/
I agree the address sanity check is not correct but I think it should be
Hi Wang
To speed up the process, I sent an alternative patch here:
https://patchwork.ozlabs.org/patch/845407/
I agree the address sanity check is not correct but I think it should be
partially retained
rather than removed. I also think a test was needed.
Pls let me know if it makes sense.
Also
Thanks for looking at this.
In the commit message, can you delineate.
1/ The forward direction packet in terms of src ip, dest ip, L4 attributes
2/ The reverse direction error packet in terms of src ip, dest ip, icmp error
payload
Darrell
On 12/4/17, 10:22 PM, "ovs-dev-boun...@openvswitch.org
From: wangzhike
ICMP response (Unreachable/fragmentationRequired/...) may be created
at devices in the middle, and such packets are tagged as invalid in
user space conntrack. In fact it does not make sense to validate the
src and dest address.
Signed-off-by: wang zhike
---
lib/conntrack.c | 13
