* [PATCH 001/001] QoS and/or fair queueing: Stateless NAT BUG
@ 2010-07-09 16:35 rpartearroyo
2010-07-09 17:19 ` Rodrigo Partearroyo González
0 siblings, 1 reply; 5+ messages in thread
From: rpartearroyo @ 2010-07-09 16:35 UTC (permalink / raw
To: Eric Dumazet
Cc: Herbert Xu, Linux Kernel Mailing List, Iratxo Pichel Ortiz,
Noelia Morón, netdev
Hi all,
I have been testing Stateless NAT and found that ICMP packets with length
less than 20 bytes were not correctly NAT'ed. I have found a BUG that
makes taking into account IP header length twice, so ICMP packets smaller
than 20 bytes were being dropped.
Proposed formal patch is below, as suggested by Eric Dumazet, thanks.
It is taken from 2.6.34.1 stable version.
Signed-off-by: Rodrigo Partearroyo González <rpartearroyo@albentia.com>
---
diff -uprN a/net/sched/act_nat.c b/net/sched/act_nat.c
--- a/net/sched/act_nat.c 2010-07-09 18:25:18.000000000 +0200
+++ b/net/sched/act_nat.c 2010-07-09 18:26:16.000000000 +0200
@@ -202,7 +202,7 @@ static int tcf_nat(struct sk_buff *skb,
{
struct icmphdr *icmph;
- if (!pskb_may_pull(skb, ihl + sizeof(*icmph) + sizeof(*iph)))
+ if (!pskb_may_pull(skb, ihl + sizeof(*icmph)))
goto drop;
icmph = (void *)(skb_network_header(skb) + ihl);
@@ -223,7 +223,7 @@ static int tcf_nat(struct sk_buff *skb,
if (skb_cloned(skb) &&
!skb_clone_writable(skb,
- ihl + sizeof(*icmph) +
sizeof(*iph)) &&
+ ihl + sizeof(*icmph) ) &&
pskb_expand_head(skb, 0, 0, GFP_ATOMIC))
goto drop;
---
--
Rodrigo Partearroyo González
Albentia Systems S.A.
http://www.albentia.com
C\Margarita Salas 22
Parque Tecnológico de Leganés
Leganés (28918)
Madrid
Spain
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH 001/001] QoS and/or fair queueing: Stateless NAT BUG
2010-07-09 16:35 rpartearroyo
@ 2010-07-09 17:19 ` Rodrigo Partearroyo González
0 siblings, 0 replies; 5+ messages in thread
From: Rodrigo Partearroyo González @ 2010-07-09 17:19 UTC (permalink / raw
To: Eric Dumazet
Cc: Herbert Xu, Linux Kernel Mailing List, Iratxo Pichel Ortiz,
Noelia Morón, netdev
Seems like the mailer corrupted the patch. Sorry, I resend it.
Thanks Eric.
On Viernes, 9 de Julio de 2010 18:35:59 rpartearroyo@albentia.com escribió:
> Hi all,
> I have been testing Stateless NAT and found that ICMP packets with length
> less than 20 bytes were not correctly NAT'ed. I have found a BUG that
> makes taking into account IP header length twice, so ICMP packets smaller
> than 20 bytes were being dropped.
>
> Proposed formal patch is below, as suggested by Eric Dumazet, thanks.
> It is taken from 2.6.34.1 stable version.
>
Signed-off-by: Rodrigo Partearroyo González <rpartearroyo@albentia.com>
---
diff -uprN a/net/sched/act_nat.c b/net/sched/act_nat.c
--- a/net/sched/act_nat.c 2010-07-09 18:25:18.000000000 +0200
+++ b/net/sched/act_nat.c 2010-07-09 18:26:16.000000000 +0200
@@ -202,7 +202,7 @@ static int tcf_nat(struct sk_buff *skb,
{
struct icmphdr *icmph;
- if (!pskb_may_pull(skb, ihl + sizeof(*icmph) + sizeof(*iph)))
+ if (!pskb_may_pull(skb, ihl + sizeof(*icmph)))
goto drop;
icmph = (void *)(skb_network_header(skb) + ihl);
@@ -223,7 +223,7 @@ static int tcf_nat(struct sk_buff *skb,
if (skb_cloned(skb) &&
!skb_clone_writable(skb,
- ihl + sizeof(*icmph) + sizeof(*iph)) &&
+ ihl + sizeof(*icmph) ) &&
pskb_expand_head(skb, 0, 0, GFP_ATOMIC))
goto drop;
---
--
Rodrigo Partearroyo González
R&D Engineer
Albentia Systems S.A.
http://www.albentia.com
+34 914400213
C\Margarita Salas 22
Parque Tecnológico de Leganés
Leganés (28918)
Madrid
Spain
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH 001/001] QoS and/or fair queueing: Stateless NAT BUG
@ 2010-07-09 17:37 Rodrigo Partearroyo González
2010-07-09 17:52 ` David Miller
2010-07-09 17:54 ` Eric Dumazet
0 siblings, 2 replies; 5+ messages in thread
From: Rodrigo Partearroyo González @ 2010-07-09 17:37 UTC (permalink / raw
To: Eric Dumazet
Cc: Herbert Xu, Linux Kernel Mailing List, Iratxo Pichel Ortiz,
Noelia Morón, netdev
Hi all,
I have been testing Stateless NAT and found that ICMP packets with length
less than 20 bytes were not correctly NAT'ed. I have found a BUG that
makes taking into account IP header length twice, so ICMP packets smaller
than 20 bytes were being dropped.
Proposed formal patch is below, as suggested by Eric Dumazet, thanks.
It is taken from 2.6.34.1 stable version.
Signed-off-by: Rodrigo Partearroyo González <rpartearroyo@albentia.com>
---
diff -uprN a/net/sched/act_nat.c b/net/sched/act_nat.c
--- a/net/sched/act_nat.c 2010-07-09 18:25:18.000000000 +0200
+++ b/net/sched/act_nat.c 2010-07-09 18:26:16.000000000 +0200
@@ -202,7 +202,7 @@ static int tcf_nat(struct sk_buff *skb,
{
struct icmphdr *icmph;
- if (!pskb_may_pull(skb, ihl + sizeof(*icmph) + sizeof(*iph)))
+ if (!pskb_may_pull(skb, ihl + sizeof(*icmph)))
goto drop;
icmph = (void *)(skb_network_header(skb) + ihl);
@@ -223,7 +223,7 @@ static int tcf_nat(struct sk_buff *skb,
if (skb_cloned(skb) &&
!skb_clone_writable(skb,
- ihl + sizeof(*icmph) + sizeof(*iph)) &&
+ ihl + sizeof(*icmph)) &&
pskb_expand_head(skb, 0, 0, GFP_ATOMIC))
goto drop;
---
Rodrigo Partearroyo González
R&D Engineer
Albentia Systems S.A.
http://www.albentia.com
+34 914400213
C\Margarita Salas 22
Parque Tecnológico de Leganés
Leganés (28918)
Madrid
Spain
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH 001/001] QoS and/or fair queueing: Stateless NAT BUG
2010-07-09 17:37 [PATCH 001/001] QoS and/or fair queueing: Stateless NAT BUG Rodrigo Partearroyo González
@ 2010-07-09 17:52 ` David Miller
2010-07-09 17:54 ` Eric Dumazet
1 sibling, 0 replies; 5+ messages in thread
From: David Miller @ 2010-07-09 17:52 UTC (permalink / raw
To: rpartearroyo; +Cc: eric.dumazet, herbert, linux-kernel, ipichel, nmoron, netdev
From: Rodrigo Partearroyo González <rpartearroyo@albentia.com>
Date: Fri, 9 Jul 2010 19:37:16 +0200
> Hi all,
> I have been testing Stateless NAT and found that ICMP packets with length
> less than 20 bytes were not correctly NAT'ed. I have found a BUG that
> makes taking into account IP header length twice, so ICMP packets smaller
> than 20 bytes were being dropped.
>
> Proposed formal patch is below, as suggested by Eric Dumazet, thanks.
> It is taken from 2.6.34.1 stable version.
>
> Signed-off-by: Rodrigo Partearroyo González <rpartearroyo@albentia.com>
Applied, thanks.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH 001/001] QoS and/or fair queueing: Stateless NAT BUG
2010-07-09 17:37 [PATCH 001/001] QoS and/or fair queueing: Stateless NAT BUG Rodrigo Partearroyo González
2010-07-09 17:52 ` David Miller
@ 2010-07-09 17:54 ` Eric Dumazet
1 sibling, 0 replies; 5+ messages in thread
From: Eric Dumazet @ 2010-07-09 17:54 UTC (permalink / raw
To: Rodrigo Partearroyo González
Cc: Herbert Xu, Linux Kernel Mailing List, Iratxo Pichel Ortiz,
Noelia Morón, netdev
Le vendredi 09 juillet 2010 à 19:37 +0200, Rodrigo Partearroyo González
a écrit :
> Hi all,
> I have been testing Stateless NAT and found that ICMP packets with length
> less than 20 bytes were not correctly NAT'ed. I have found a BUG that
> makes taking into account IP header length twice, so ICMP packets smaller
> than 20 bytes were being dropped.
>
> Proposed formal patch is below, as suggested by Eric Dumazet, thanks.
> It is taken from 2.6.34.1 stable version.
>
> Signed-off-by: Rodrigo Partearroyo González <rpartearroyo@albentia.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
> ---
> diff -uprN a/net/sched/act_nat.c b/net/sched/act_nat.c
> --- a/net/sched/act_nat.c 2010-07-09 18:25:18.000000000 +0200
> +++ b/net/sched/act_nat.c 2010-07-09 18:26:16.000000000 +0200
> @@ -202,7 +202,7 @@ static int tcf_nat(struct sk_buff *skb,
> {
> struct icmphdr *icmph;
>
> - if (!pskb_may_pull(skb, ihl + sizeof(*icmph) + sizeof(*iph)))
> + if (!pskb_may_pull(skb, ihl + sizeof(*icmph)))
> goto drop;
>
> icmph = (void *)(skb_network_header(skb) + ihl);
> @@ -223,7 +223,7 @@ static int tcf_nat(struct sk_buff *skb,
>
> if (skb_cloned(skb) &&
> !skb_clone_writable(skb,
> - ihl + sizeof(*icmph) + sizeof(*iph)) &&
> + ihl + sizeof(*icmph)) &&
> pskb_expand_head(skb, 0, 0, GFP_ATOMIC))
> goto drop;
>
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2010-07-09 17:54 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-07-09 17:37 [PATCH 001/001] QoS and/or fair queueing: Stateless NAT BUG Rodrigo Partearroyo González
2010-07-09 17:52 ` David Miller
2010-07-09 17:54 ` Eric Dumazet
-- strict thread matches above, loose matches on Subject: below --
2010-07-09 16:35 rpartearroyo
2010-07-09 17:19 ` Rodrigo Partearroyo González
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).