]> git.proxmox.com Git - mirror_ubuntu-focal-kernel.git/commit
projects / mirror_ubuntu-focal-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cd79c3c) | patch
selftests: netfilter: add a vrf+conntrack testcase
authorFlorian Westphal <fw@strlen.de>
Mon, 18 Oct 2021 12:38:13 +0000 (14:38 +0200)
committerStefan Bader <stefan.bader@canonical.com>
Thu, 3 Feb 2022 17:57:45 +0000 (18:57 +0100)
commitc6c0e946b1aafdfeb1e79c31dd6e4c83f4a258d2
treea18a821dc36abd4793d272927099a0348b35c995tree
parentcd79c3cffb1a391c56eb015291812d0250653034commit | diff
selftests: netfilter: add a vrf+conntrack testcase

BugLink: https://bugs.launchpad.net/bugs/1957007
commit 33b8aad21ac175eba9577a73eb62b0aa141c241c upstream.

Rework the reproducer for the vrf+conntrack regression reported
by Eugene into a selftest and also add a test for ip masquerading
that Lahav fixed recently.

With net or net-next tree, the first test fails and the latter
two pass.

With 09e856d54bda5f28 ("vrf: Reset skb conntrack connection on VRF rcv")
reverted first test passes but the last two fail.

A proper fix needs more work, for time being a revert seems to be
the best choice, snat/masquerade did not work before the fix.

Link: https://lore.kernel.org/netdev/378ca299-4474-7e9a-3d36-2350c8c98995@gmail.com/T/#m95358a31810df7392f541f99d187227bc75c9963
Reported-by: Eugene Crosser <crosser@average.org>
Cc: Lahav Schlesinger <lschlesinger@drivenets.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
tools/testing/selftests/netfilter/Makefile diff | blob | blame | history
tools/testing/selftests/netfilter/conntrack_vrf.sh [new file with mode: 0644] blob
Ubuntu Focal Linux kernel mirror