Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > On Tue, Sep 10, 2024 at 11:38:13AM +0200, Florian Westphal wrote: > > This series resolves an esoteric scenario. > > > > Given two tasks sending UDP packets to one another, NAT engine > > can falsely detect a port collision if it happens to pick up > > a reply packet as 'new' rather than 'reply'. > > > > First patch adds extra code to detect this and suppress port > > reallocation in this case. > > > > Second patch extends clash resolution logic to detect such > > a reverse clash (clashing conntrack is reply to existing entry). > > > > Patch 3 adds a test case. > > > > Since this has existed forever and hasn't been reported in two > > decades I'm submitting this for -next. > > -next is now closed, my plan is to place this series in nf.git for the > next PR. Thats fine, I placed this in -next because I thought it was not a real bug that warrents a change this close to release. > nf-next will remain open in this cycle so hopefully we can merge your > updates to reduce memory footprint in the next -rc. Great, that works for me. > I cannot go any faster. Its fine, don't worry.
