netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH net-next v2] openvswitch: add seqadj extension when NAT is used.
@ 2019-03-25 18:58 Flavio Leitner
  2019-03-26 16:29 ` Pravin Shelar
  2019-03-26 19:48 ` David Miller
  0 siblings, 2 replies; 3+ messages in thread
From: Flavio Leitner @ 2019-03-25 18:58 UTC (permalink / raw)
  To: netdev; +Cc: Joe Stringer, Pravin B Shelar, dev, netfilter-devel

When the conntrack is initialized, there is no helper attached
yet so the nat info initialization (nf_nat_setup_info) skips
adding the seqadj ext.

A helper is attached later when the conntrack is not confirmed
but is going to be committed. In this case, if NAT is needed then
adds the seqadj ext as well.

Fixes: 16ec3d4fbb96 ("openvswitch: Fix cached ct with helper.")
Signed-off-by: Flavio Leitner <fbl@sysclose.org>
---
 net/openvswitch/conntrack.c | 6 ++++++
 1 file changed, 6 insertions(+)

Changelog:
v2 - removed nfct_help(ct) check as it is not necessary.

diff --git a/net/openvswitch/conntrack.c b/net/openvswitch/conntrack.c
index 51080004677e..845b83598e0d 100644
--- a/net/openvswitch/conntrack.c
+++ b/net/openvswitch/conntrack.c
@@ -990,6 +990,12 @@ static int __ovs_ct_lookup(struct net *net, struct sw_flow_key *key,
 							    GFP_ATOMIC);
 			if (err)
 				return err;
+
+			/* helper installed, add seqadj if NAT is required */
+			if (info->nat && !nfct_seqadj(ct)) {
+				if (!nfct_seqadj_ext_add(ct))
+					return -EINVAL;
+			}
 		}
 
 		/* Call the helper only if:
-- 
2.20.1




^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH net-next v2] openvswitch: add seqadj extension when NAT is used.
  2019-03-25 18:58 [PATCH net-next v2] openvswitch: add seqadj extension when NAT is used Flavio Leitner
@ 2019-03-26 16:29 ` Pravin Shelar
  2019-03-26 19:48 ` David Miller
  1 sibling, 0 replies; 3+ messages in thread
From: Pravin Shelar @ 2019-03-26 16:29 UTC (permalink / raw)
  To: Flavio Leitner
  Cc: Linux Kernel Network Developers, Joe Stringer, ovs dev, netfilter-devel

On Mon, Mar 25, 2019 at 11:58 AM Flavio Leitner <fbl@sysclose.org> wrote:
>
> When the conntrack is initialized, there is no helper attached
> yet so the nat info initialization (nf_nat_setup_info) skips
> adding the seqadj ext.
>
> A helper is attached later when the conntrack is not confirmed
> but is going to be committed. In this case, if NAT is needed then
> adds the seqadj ext as well.
>
> Fixes: 16ec3d4fbb96 ("openvswitch: Fix cached ct with helper.")
> Signed-off-by: Flavio Leitner <fbl@sysclose.org>
> ---
>  net/openvswitch/conntrack.c | 6 ++++++
>  1 file changed, 6 insertions(+)
>
> Changelog:
> v2 - removed nfct_help(ct) check as it is not necessary.
>
> diff --git a/net/openvswitch/conntrack.c b/net/openvswitch/conntrack.c
> index 51080004677e..845b83598e0d 100644
> --- a/net/openvswitch/conntrack.c
> +++ b/net/openvswitch/conntrack.c
> @@ -990,6 +990,12 @@ static int __ovs_ct_lookup(struct net *net, struct sw_flow_key *key,
>                                                             GFP_ATOMIC);
>                         if (err)
>                                 return err;
> +
> +                       /* helper installed, add seqadj if NAT is required */
> +                       if (info->nat && !nfct_seqadj(ct)) {
> +                               if (!nfct_seqadj_ext_add(ct))
> +                                       return -EINVAL;
> +                       }
>                 }
>
>                 /* Call the helper only if:

Acked-by: Pravin B Shelar <pshelar@ovn.org>

Thanks,
Pravin.

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH net-next v2] openvswitch: add seqadj extension when NAT is used.
  2019-03-25 18:58 [PATCH net-next v2] openvswitch: add seqadj extension when NAT is used Flavio Leitner
  2019-03-26 16:29 ` Pravin Shelar
@ 2019-03-26 19:48 ` David Miller
  1 sibling, 0 replies; 3+ messages in thread
From: David Miller @ 2019-03-26 19:48 UTC (permalink / raw)
  To: fbl; +Cc: netdev, joe, pshelar, dev, netfilter-devel

From: Flavio Leitner <fbl@sysclose.org>
Date: Mon, 25 Mar 2019 15:58:31 -0300

> When the conntrack is initialized, there is no helper attached
> yet so the nat info initialization (nf_nat_setup_info) skips
> adding the seqadj ext.
> 
> A helper is attached later when the conntrack is not confirmed
> but is going to be committed. In this case, if NAT is needed then
> adds the seqadj ext as well.
> 
> Fixes: 16ec3d4fbb96 ("openvswitch: Fix cached ct with helper.")
> Signed-off-by: Flavio Leitner <fbl@sysclose.org>

Applied.

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-03-26 19:48 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-03-25 18:58 [PATCH net-next v2] openvswitch: add seqadj extension when NAT is used Flavio Leitner
2019-03-26 16:29 ` Pravin Shelar
2019-03-26 19:48 ` David Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).