Re: [PATCH net-next,v3 03/14] ipvs: Handle inverse and icmp headers in i

lvs-devel

Re: [PATCH net-next,v3 03/14] ipvs: Handle inverse and icmp headers in i

To:	Alex Gartrell <agartrell@xxxxxx>
Subject:	Re: [PATCH net-next,v3 03/14] ipvs: Handle inverse and icmp headers in ip_vs_leave
Cc:	horms@xxxxxxxxxxxx, lvs-devel@xxxxxxxxxxxxxxx, alexgartrell@xxxxxxxxx, kernel-team@xxxxxx
From:	Julian Anastasov <ja@xxxxxx>
Date:	Wed, 26 Aug 2015 15:29:18 +0300 (EEST)

        Hello,

On Tue, 25 Aug 2015, Alex Gartrell wrote:

> -     if ((svc->port == FTPPORT) && (pptr[1] != FTPPORT))
> +     if (svc->port == FTPPORT && dport != FTPPORT)
>               return NF_ACCEPT;

        Not sure if we have chance for this merge window
but only small things for patches 3 and 4 need to be fixed:

Patch 1: OK
Patch 2: OK

Patch 3:
        - We need to prevent ICMP-to-ICMP in ip_vs_leave:

        if (svc->port == FTPPORT && dport != FTPPORT)
                return NF_ACCEPT;

+       if (ip_vs_iph_icmp(iph))
+               return NF_DROP;

Patch 4:
        - I now see that first IP_VS_DBG_PKT in ip_vs_try_to_schedule
needs iph->off instead of 0.

Patch 5: OK
Patch 6: OK
Patch 7: OK
Patch 8: OK
Patch 9: OK
Patch 10: OK
Patch 11: OK
Patch 12: OK
Patch 13: OK
Patch 14: OK

Regards

--
Julian Anastasov <ja@xxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCH net-next,v3 01/14] ipvs: replace ip_vs_fill_ip4hdr with ip_vs_fill_iph_skb_off, Alex Gartrell [PATCH net-next,v3 05/14] ipvs: drop inverse argument to conn_{in,out}_get, Alex Gartrell [PATCH net-next,v3 03/14] ipvs: Handle inverse and icmp headers in ip_vs_leave, Alex Gartrell Re: [PATCH net-next,v3 03/14] ipvs: Handle inverse and icmp headers in ip_vs_leave, Julian Anastasov <= [PATCH net-next,v3 04/14] ipvs: pull out ip_vs_try_to_schedule function, Alex Gartrell [PATCH net-next,v3 07/14] ipvs: add schedule_icmp sysctl, Alex Gartrell [PATCH net-next,v3 09/14] ipvs: sh: support scheduling icmp/inverse packets consistently, Alex Gartrell [PATCH net-next,v3 06/14] ipvs: Make ip_vs_schedule aware of inverse iph'es, Alex Gartrell [PATCH net-next,v3 14/14] ipvs: support scheduling inverse and icmp SCTP packets, Alex Gartrell [PATCH net-next,v3 02/14] ipvs: Add hdr_flags to iphdr, Alex Gartrell [PATCH net-next,v3 11/14] ipvs: ensure that ICMP cannot be sent in reply to ICMP, Alex Gartrell [PATCH net-next,v3 12/14] ipvs: support scheduling inverse and icmp TCP packets, Alex Gartrell [PATCH net-next,v3 13/14] ipvs: support scheduling inverse and icmp UDP packets, Alex Gartrell [PATCH net-next,v3 10/14] ipvs: attempt to schedule icmp packets, Alex Gartrell

Previous by Date:	[PATCH net-next,v3 08/14] ipvs: Use outer header in ip_vs_bypass_xmit_v6, Alex Gartrell
Next by Date:	[PATCH net-next,v4 07/14] ipvs: add schedule_icmp sysctl, Alex Gartrell
Previous by Thread:	[PATCH net-next,v3 03/14] ipvs: Handle inverse and icmp headers in ip_vs_leave, Alex Gartrell
Next by Thread:	[PATCH net-next,v3 04/14] ipvs: pull out ip_vs_try_to_schedule function, Alex Gartrell
Indexes:	[Date] [Thread] [Top] [All Lists]