]> git.proxmox.com Git - mirror_ovs.git/commit
projects / mirror_ovs.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a720a7f) | patch
conntrack: Lookup only 'UNNAT conns' in 'nat_clean()'.
authorDarrell Ball <dlu998@gmail.com>
Fri, 15 Mar 2019 22:01:19 +0000 (15:01 -0700)
committerBen Pfaff <blp@ovn.org>
Fri, 15 Mar 2019 22:38:51 +0000 (15:38 -0700)
commit901a0dad38207d2ddae14cda6fe0b6d1bb126c8d
tree2bbb407e0e51d49ec338a611b372f69e14913669tree
parenta720a7fa80b2fdf1bb5f5b9e706191a31ae02dcacommit | diff
conntrack: Lookup only 'UNNAT conns' in 'nat_clean()'.

When freeing 'UNNAT conns', lookup only 'UNNAT conns' to
protect against possible address overlap with 'default
conns' during a DOS attempt.  This is very unlikely, but
protection is simple.

Fixes: 286de2729955 ("dpdk: Userspace Datapath: Introduce NAT Support.")
Signed-off-by: Darrell Ball <dlu998@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
lib/conntrack.c diff | blob | blame | history
openvswitch mirror