[PATCH nf 0/2] netfilter: nf_nat: fix yet another bizarre early demux corner case

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

There is another corner case where early demux can end up assigning
the wrong socket to skb->sk.

This extends the existing workaround in nf_nat and the test case
to demonstrate the problem.

Florian Westphal (2):
  netfilter: nf_nat: undo erroneous tcp edemux lookup after port clash
  selftests: netfilter: test nat source port clash resolution
    interaction with tcp early demux

 net/netfilter/nf_nat_proto.c                  | 63 ++++++++++++++++++-
 .../selftests/netfilter/nf_nat_edemux.sh      | 46 +++++++++++---
 2 files changed, 97 insertions(+), 12 deletions(-)

-- 
2.41.0
[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux