From: Patrick McHardy <kaber@trash.net>
To: Jorge Bastos <mysql.jorge@decimal.pt>
Cc: netfilter-devel@lists.netfilter.org
Subject: Re: PPTP Problem with 2.6.20-rc1 >=
Date: Sat, 20 Jan 2007 13:18:56 +0100 [thread overview]
Message-ID: <45B208B0.8050707@trash.net> (raw)
In-Reply-To: <087801c73c89$cb5e00b0$0301a8c0@hercules.decimalint.pt>
[-- Attachment #1: Type: text/plain, Size: 1437 bytes --]
Jorge Bastos wrote:
> As Patrick asked me to do, i'm reporting this to this list, below is the
> complete report i did to the users list, and the info patrick told me to
> add.
>
> nf_contrack, and below theres nf_conntrack_expect, i did a grep to show
> only the lines that we need.
> As soon you have a feedback tell me something to the list :P
>
> Jorge
>
>
> cisne:/proc/net# cat nf_conntrack|grep -i 192.168.1.3
> ipv4 2 tcp 6 431984 ESTABLISHED src=192.168.1.3
> dst=84.91.32.190 sport=2521 dport=1723 packets=6 bytes=608
> src=84.91.32.190 dst=195.23.114.78 sport=1723 dport=2521 packets=8
> bytes=580 [ASSURED] mark=0 secmark=0 use=3
> ipv4 2 gre 47 598 timeout=600, stream_timeout=18000
> src=192.168.1.3 dst=84.91.32.190 srckey=0x4000 dstkey=0x280 packets=5
> bytes=285 [UNREPLIED] src=84.91.32.190 dst=195.23.114.78 srckey=0x280
> dstkey=0x4000 packets=0 bytes=0 mark=0 secmark=0 use=1
>
>
> nf_conntrack_expect:
>
> cisne:/proc/net# cat nf_conntrack_expect|grep -i 192.168.1.3
> 288 l3proto = 2 proto=47 src=192.168.1.3 dst=84.91.32.190 srckey=0x8000
> dstkey=0x300
> 253 l3proto = 2 proto=47 src=192.168.1.3 dst=84.91.32.190 srckey=0x4000
> dstkey=0x280
It seems like the connection was not properly recognized as expected,
I guess because parts of the tuple are uninitialized, but compared to
find the correct gre key.
This is not the proper fix, but does this patch make the problem go
away?
[-- Attachment #2: x --]
[-- Type: text/plain, Size: 703 bytes --]
diff --git a/net/netfilter/nf_conntrack_proto_gre.c b/net/netfilter/nf_conntrack_proto_gre.c
index ac193ce..9b0c32d 100644
--- a/net/netfilter/nf_conntrack_proto_gre.c
+++ b/net/netfilter/nf_conntrack_proto_gre.c
@@ -66,8 +66,8 @@ static inline int gre_key_cmpfn(const st
const struct nf_conntrack_tuple *t)
{
return km->tuple.src.l3num == t->src.l3num &&
- !memcmp(&km->tuple.src.u3, &t->src.u3, sizeof(t->src.u3)) &&
- !memcmp(&km->tuple.dst.u3, &t->dst.u3, sizeof(t->dst.u3)) &&
+ km->tuple.src.u3.ip == t->src.u3.ip &&
+ km->tuple.dst.u3.ip == t->dst.u3.ip &&
km->tuple.dst.protonum == t->dst.protonum &&
km->tuple.dst.u.all == t->dst.u.all;
}
next prev parent reply other threads:[~2007-01-20 12:18 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-20 11:54 PPTP Problem with 2.6.20-rc1 >= Jorge Bastos
2007-01-20 12:18 ` Patrick McHardy [this message]
2007-01-20 14:19 ` Jorge Bastos
2007-01-20 14:55 ` Jorge Bastos
2007-01-20 15:45 ` Patrick McHardy
2007-01-20 15:48 ` Jorge Bastos
2007-01-20 15:52 ` Patrick McHardy
2007-01-20 16:13 ` Jorge Bastos
2007-01-24 20:15 ` Patrick McHardy
2007-01-24 21:24 ` Jorge Bastos
2007-01-25 0:14 ` Patrick McHardy
2007-01-25 0:45 ` Jorge Bastos
2007-01-25 16:48 ` Jorge Bastos
2007-01-26 9:24 ` Jorge Bastos
-- strict thread matches above, loose matches on Subject: below --
2007-01-20 19:30 Jorge Bastos
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=45B208B0.8050707@trash.net \
--to=kaber@trash.net \
--cc=mysql.jorge@decimal.pt \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).