Commit 763ecff1 authored by Yasuyuki Kozakai's avatar Yasuyuki Kozakai Committed by David S. Miller

[NETFILTER]: nf_conntrack: attach conntrack to locally generated ICMPv6 error

Locally generated ICMPv6 errors should be associated with the conntrack
of the original packet. Since the conntrack entry may not be in the hash
tables (for the first packet), it must be manually attached.
Signed-off-by: default avatarYasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 08857fa7
...@@ -42,6 +42,7 @@ ...@@ -42,6 +42,7 @@
#include <linux/net.h> #include <linux/net.h>
#include <linux/skbuff.h> #include <linux/skbuff.h>
#include <linux/init.h> #include <linux/init.h>
#include <linux/netfilter.h>
#ifdef CONFIG_SYSCTL #ifdef CONFIG_SYSCTL
#include <linux/sysctl.h> #include <linux/sysctl.h>
...@@ -255,6 +256,7 @@ static int icmpv6_push_pending_frames(struct sock *sk, struct flowi *fl, struct ...@@ -255,6 +256,7 @@ static int icmpv6_push_pending_frames(struct sock *sk, struct flowi *fl, struct
struct icmpv6_msg { struct icmpv6_msg {
struct sk_buff *skb; struct sk_buff *skb;
int offset; int offset;
uint8_t type;
}; };
static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb) static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
...@@ -266,6 +268,8 @@ static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, st ...@@ -266,6 +268,8 @@ static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, st
csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset, csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset,
to, len, csum); to, len, csum);
skb->csum = csum_block_add(skb->csum, csum, odd); skb->csum = csum_block_add(skb->csum, csum, odd);
if (!(msg->type & ICMPV6_INFOMSG_MASK))
nf_ct_attach(skb, org_skb);
return 0; return 0;
} }
...@@ -403,6 +407,7 @@ void icmpv6_send(struct sk_buff *skb, int type, int code, __u32 info, ...@@ -403,6 +407,7 @@ void icmpv6_send(struct sk_buff *skb, int type, int code, __u32 info,
msg.skb = skb; msg.skb = skb;
msg.offset = skb->nh.raw - skb->data; msg.offset = skb->nh.raw - skb->data;
msg.type = type;
len = skb->len - msg.offset; len = skb->len - msg.offset;
len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) -sizeof(struct icmp6hdr)); len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) -sizeof(struct icmp6hdr));
...@@ -500,6 +505,7 @@ static void icmpv6_echo_reply(struct sk_buff *skb) ...@@ -500,6 +505,7 @@ static void icmpv6_echo_reply(struct sk_buff *skb)
msg.skb = skb; msg.skb = skb;
msg.offset = 0; msg.offset = 0;
msg.type = ICMPV6_ECHO_REPLY;
err = ip6_append_data(sk, icmpv6_getfrag, &msg, skb->len + sizeof(struct icmp6hdr), err = ip6_append_data(sk, icmpv6_getfrag, &msg, skb->len + sizeof(struct icmp6hdr),
sizeof(struct icmp6hdr), hlimit, tclass, NULL, &fl, sizeof(struct icmp6hdr), hlimit, tclass, NULL, &fl,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment