| commit | 0a4f14ecb6c3a5f403f66c7038812cf07739bb5d | |
| author | Patrick McHardy <kaber@trash.net> | |
| Fri, 19 Feb 2010 17:18:37 +0000 (19 18:18 +0100) | ||
| committer | Greg Kroah-Hartman <gregkh@suse.de> | |
| Thu, 23 Jun 2011 22:24:05 +0000 (23 15:24 -0700) | ||
| tree | 3a7c2ed8d15e13c1cb9201c0a9997ab4cbd78faa | treesnapshot (tar.gz zip) |
| parent | 35fd0fdebf6f26f8c198452b0389d9acc830aec4 | commitdiff |
netfilter: nf_conntrack_reasm: properly handle packets fragmented into a single fragment
commit 9e2dcf72023d1447f09c47d77c99b0c49659e5ce upstream.
When an ICMPV6_PKT_TOOBIG message is received with a MTU below 1280,
all further packets include a fragment header.
Unlike regular defragmentation, conntrack also needs to "reassemble"
those fragments in order to obtain a packet without the fragment
header for connection tracking. Currently nf_conntrack_reasm checks
whether a fragment has either IP6_MF set or an offset != 0, which
makes it ignore those fragments.
Remove the invalid check and make reassembly handle fragment queues
containing only a single fragment.
Reported-and-tested-by: Ulrich Weber <uweber@astaro.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
commit 9e2dcf72023d1447f09c47d77c99b0c49659e5ce upstream.
When an ICMPV6_PKT_TOOBIG message is received with a MTU below 1280,
all further packets include a fragment header.
Unlike regular defragmentation, conntrack also needs to "reassemble"
those fragments in order to obtain a packet without the fragment
header for connection tracking. Currently nf_conntrack_reasm checks
whether a fragment has either IP6_MF set or an offset != 0, which
makes it ignore those fragments.
Remove the invalid check and make reassembly handle fragment queues
containing only a single fragment.
Reported-and-tested-by: Ulrich Weber <uweber@astaro.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
| net/ipv6/netfilter/nf_conntrack_reasm.c | diffblobblamehistory |