| To: | Patrick McHardy <kaber@xxxxxxxxx> |
|---|---|
| Subject: | Re: [PATCH] Prevent crash on ip_conntrack removal |
| From: | "David S. Miller" <davem@xxxxxxxxxx> |
| Date: | Sun, 22 Aug 2004 22:03:31 -0700 |
| Cc: | laforge@xxxxxxxxxxxxx, okir@xxxxxxx, netdev@xxxxxxxxxxx, netfilter-devel@xxxxxxxxxxxxxxxxxxx |
| In-reply-to: | <41289859.2040803@trash.net> |
| References: | <20040818091352.GB6507@suse.de> <20040819101159.GC3921@sunbeam.de.gnumonks.org> <20040819071846.2d0d6120.davem@redhat.com> <4124BF7E.7090304@trash.net> <20040819081428.5243e314.davem@redhat.com> <412765DC.30600@trash.net> <20040821221344.6dbc98ed.davem@redhat.com> <41289859.2040803@trash.net> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
On Sun, 22 Aug 2004 14:58:01 +0200 Patrick McHardy <kaber@xxxxxxxxx> wrote: > The first fragment (offset=0) is given to ip_defrag by conntrack > at PRE_ROUTING, without a dst_entry. Then conntrack is unloaded. > Further fragments are now queued in ip_local_deliver. When the > packet is reassembled and "continues" its way from > ip_local_deliver, it doesn't have a dst_entry. > > The opposite way is of course also possible, packets queued in > ip_local_deliver can jump and appear in the PRE_ROUTING hook > when conntrack is loaded, but that way doesn't seem to cause > problems. Thanks for the explanation Patrick. Let me brain storm on this on Monday (tomorrow). |
| Previous by Date: | Re: [PATCH 2.6]: Missing dev_put in qdisc_create error path, David S. Miller |
|---|---|
| Next by Date: | Re: Billing 1: WAS (Re: [PATCH 2/4] deferred drop, __parent workaround, reshape_fail , netdev@oss.sgi.com ,, sandr8 |
| Previous by Thread: | Re: [PATCH] Prevent crash on ip_conntrack removal, Patrick McHardy |
| Next by Thread: | Re: [PATCH] Prevent crash on ip_conntrack removal, David Stevens |
| Indexes: | [Date] [Thread] [Top] [All Lists] |