netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Wei Yongjun <yjwei@cn.fujitsu.com>
To: Patrick McHardy <kaber@trash.net>, netdev@vger.kernel.org
Subject: [QUESTION] nf_defrag_ipv4: what does net/ipv4/netfilter/nf_defrag_ipv4.c used for?
Date: Fri, 12 Jun 2009 14:01:40 +0800	[thread overview]
Message-ID: <4A31EF44.90107@cn.fujitsu.com> (raw)

Hi
  Can someome tell me what does net/ipv4/netfilter/nf_defrag_ipv4.c
used for? When I looking the source of nf_defrag_ipv4, I found something
strange.

  If NF_DEFRAG_IPV4 is not selected when compile kernel, the normal
path of ipv4 fragment process is like this:

                      ____________________
 IPv4 Fragment  ---> |  NF_IP_PRE_ROUTING |--> routing input -> ip_defrag()
                     |____________________|

 But is NF_DEFRAG_IPV4=y, the ipv4 fragment process is like this:
 
                      ____________________
 IPv4 Fragment  ---> |  NF_IP_PRE_ROUTING | -> ip_defrag()
                     |____________________|

The only thing nf_defrag_ipv4 do is not select input route.

This cause problem that if the defragment is timeout, the ICMP fragment
timeout can not be sent out, because the input skb has no route
information.

void icmp_send(struct sk_buff *skb_in, int type, int code, __be32 info)
{
      ...
      struct rtable *rt = skb_in->rtable;
      ...
      if (!rt)
          goto out;           <--- fail in this step
      ...
}


Any idea for this?




                 reply	other threads:[~2009-06-12  6:05 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4A31EF44.90107@cn.fujitsu.com \
    --to=yjwei@cn.fujitsu.com \
    --cc=kaber@trash.net \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).