From patchwork Mon Jan 28 19:31:21 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pablo Neira Ayuso X-Patchwork-Id: 216336 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id CF65A2C0089 for ; Tue, 29 Jan 2013 06:31:56 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753544Ab3A1Tby (ORCPT ); Mon, 28 Jan 2013 14:31:54 -0500 Received: from mail.us.es ([193.147.175.20]:50449 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752950Ab3A1Tbv (ORCPT ); Mon, 28 Jan 2013 14:31:51 -0500 Received: (qmail 11775 invoked from network); 28 Jan 2013 20:31:50 +0100 Received: from unknown (HELO us.es) (192.168.2.12) by us.es with SMTP; 28 Jan 2013 20:31:50 +0100 Received: (qmail 11009 invoked by uid 507); 28 Jan 2013 19:31:50 -0000 X-Qmail-Scanner-Diagnostics: from 127.0.0.1 by antivirus2 (envelope-from , uid 501) with qmail-scanner-2.10 (clamdscan: 0.97.6/16579. spamassassin: 3.3.2. Clear:RC:1(127.0.0.1):SA:0(-98.4/7.5):. Processed in 1.611451 secs); 28 Jan 2013 19:31:50 -0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on antivirus2 X-Spam-Level: X-Spam-Status: No, score=-98.4 required=7.5 tests=BAYES_50,RCVD_IN_PBL, RDNS_DYNAMIC,USER_IN_WHITELIST autolearn=disabled version=3.3.2 X-Envelope-From: pablo@netfilter.org Received: from unknown (HELO antivirus2) (127.0.0.1) by us.es with SMTP; 28 Jan 2013 19:31:48 -0000 Received: from 192.168.1.13 (192.168.1.13) by antivirus2 (F-Secure/fsigk_smtp/407/antivirus2); Mon, 28 Jan 2013 20:31:48 +0100 (CET) X-Virus-Status: clean(F-Secure/fsigk_smtp/407/antivirus2) Received: (qmail 30090 invoked from network); 28 Jan 2013 20:31:48 +0100 Received: from 187.94.78.188.dynamic.jazztel.es (HELO localhost.localdomain) (pneira@us.es@188.78.94.187) by us.es with SMTP; 28 Jan 2013 20:31:48 +0100 From: pablo@netfilter.org To: stable@vger.kernel.org Cc: davem@davemloft.net, netfilter-devel@vger.kernel.org Subject: [stable-3.7 02/14] netfilter: nf_ct_reasm: fix conntrack reassembly expire code Date: Mon, 28 Jan 2013 20:31:21 +0100 Message-Id: <1359401493-6196-3-git-send-email-pablo@netfilter.org> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <1359401493-6196-1-git-send-email-pablo@netfilter.org> References: <1359401493-6196-1-git-send-email-pablo@netfilter.org> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org From: Haibo Xi Commit b836c99fd6c9 (ipv6: unify conntrack reassembly expire code with standard one) use the standard IPv6 reassembly code(ip6_expire_frag_queue) to handle conntrack reassembly expire. In ip6_expire_frag_queue, it invoke dev_get_by_index_rcu to get which device received this expired packet.so we must save ifindex when NF_conntrack get this packet. With this patch applied, I can see ICMP Time Exceeded sent from the receiver when the sender sent out 1/2 fragmented IPv6 packet. Signed-off-by: Haibo Xi Signed-off-by: Pablo Neira Ayuso --- net/ipv6/netfilter/nf_conntrack_reasm.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c index 22c8ea9..3dacecc 100644 --- a/net/ipv6/netfilter/nf_conntrack_reasm.c +++ b/net/ipv6/netfilter/nf_conntrack_reasm.c @@ -311,7 +311,10 @@ found: else fq->q.fragments = skb; - skb->dev = NULL; + if (skb->dev) { + fq->iif = skb->dev->ifindex; + skb->dev = NULL; + } fq->q.stamp = skb->tstamp; fq->q.meat += skb->len; if (payload_len > fq->q.max_size)