Message ID | 1633793320-26048-1-git-send-email-wenxu@ucloud.cn |
---|---|
State | Superseded |
Headers | show |
Series | [ovs-dev,v6,1/3] conntrack: select correct sport range for well-known origin sport | expand |
Context | Check | Description |
---|---|---|
ovsrobot/apply-robot | success | apply and check: success |
ovsrobot/github-robot-_Build_and_Test | success | github build: passed |
Hi Paolo, Any suggestion for this series? BR wenxu From: wenxu@ucloud.cn Date: 2021-10-09 23:28:38 To: i.maximets@ovn.org,pvalerio@redhat.com Cc: dev@openvswitch.org Subject: [PATCH v6 1/3] conntrack: select correct sport range for well-known origin sport>From: wenxu <wenxu@ucloud.cn> > >Like the kernel datapath. The sport nat range for well-konwn origin >sport should limit in the well-known ports. > >Signed-off-by: wenxu <wenxu@ucloud.cn> >Acked-by: Paolo Valerio <pvalerio@redhat.com> >--- > lib/conntrack.c | 12 ++++++++++-- > 1 file changed, 10 insertions(+), 2 deletions(-) > >diff --git a/lib/conntrack.c b/lib/conntrack.c >index 33a1a92..44f99f3 100644 >--- a/lib/conntrack.c >+++ b/lib/conntrack.c >@@ -2265,8 +2265,16 @@ set_sport_range(const struct nat_action_info_t *ni, const struct conn_key *k, > if (((ni->nat_action & NAT_ACTION_SNAT_ALL) == NAT_ACTION_SRC) || > ((ni->nat_action & NAT_ACTION_DST))) { > *curr = ntohs(k->src.port); >- *min = MIN_NAT_EPHEMERAL_PORT; >- *max = MAX_NAT_EPHEMERAL_PORT; >+ if (*curr < 512) { >+ *min = 1; >+ *max = 511; >+ } else if (*curr < 1024) { >+ *min = 600; >+ *max = 1023; >+ } else { >+ *min = MIN_NAT_EPHEMERAL_PORT; >+ *max = MAX_NAT_EPHEMERAL_PORT; >+ } > } else { > *min = ni->min_port; > *max = ni->max_port; >-- >1.8.3.1 >
diff --git a/lib/conntrack.c b/lib/conntrack.c index 33a1a92..44f99f3 100644 --- a/lib/conntrack.c +++ b/lib/conntrack.c @@ -2265,8 +2265,16 @@ set_sport_range(const struct nat_action_info_t *ni, const struct conn_key *k, if (((ni->nat_action & NAT_ACTION_SNAT_ALL) == NAT_ACTION_SRC) || ((ni->nat_action & NAT_ACTION_DST))) { *curr = ntohs(k->src.port); - *min = MIN_NAT_EPHEMERAL_PORT; - *max = MAX_NAT_EPHEMERAL_PORT; + if (*curr < 512) { + *min = 1; + *max = 511; + } else if (*curr < 1024) { + *min = 600; + *max = 1023; + } else { + *min = MIN_NAT_EPHEMERAL_PORT; + *max = MAX_NAT_EPHEMERAL_PORT; + } } else { *min = ni->min_port; *max = ni->max_port;