q3k
/
linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
linux/net/ipv4
History
Shan Wei e9017b5518 IP: Send an ICMP "Fragment Reassembly Timeout" message when enabling connection track 
No matter whether connection track is enabled, an end host should send 
an ICMPv4 "Fragment Reassembly Timeout" message when defrag timeout. 
The reasons are following two points:  

1. RFC 792 says:
   >>>> >> > >   If a host reassembling a fragmented datagram cannot complete the
   >>>> >> > >   reassembly due to missing fragments within its time limit it
   >>>> >> > >   discards the datagram, and it may send a time exceeded message.
   >>>> >> > > 
   >>>> >> > >   If fragment zero is not available then no time exceeded need be
   >>>> >> > >   sent at all.
   >>>> >> > > 
   >>>> >> > > Read more: http://www.faqs.org/rfcs/rfc792.html#ixzz0aOXRD7Wp

2. Patrick McHardy also agrees with this opinion.   :-)   
   About the discussion of this opinion, refer to http://patchwork.ozlabs.org/patch/41649

The patch fixed the problem like this:
When enabling connection track, fragments are received at PRE_ROUTING HOOK.
If they are failed to reassemble, ip_expire() will be called. 
Before sending an ICMP "Fragment Reassembly Timeout" message, 
the patch searches router table to get the destination entry only for host type.

The patch has been tested on both host type and route type.

Signed-off-by: Shan Wei <shanwei@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2010-01-23 01:57:42 -08:00
..
netfilter netfilter: fix crashes in bridge netfilter caused by fragment jumps 2009-12-15 16:59:59 +01:00
Kconfig nfs: new subdir Documentation/filesystems/nfs 2009-10-27 19:34:04 -04:00
Makefile IPVS: Move IPVS to net/netfilter/ipvs 2008-10-07 08:38:24 +11:00
af_inet.c net: check kern before calling security subsystem 2009-11-05 22:18:18 -08:00
ah4.c xfrm: Use the user specified truncation length in ESP and AH 2009-11-25 15:48:41 -08:00
arp.c ipv4: allow warming up the ARP cache with request type gratuitous ARP 2010-01-19 02:12:34 -08:00
cipso_ipv4.c ipv4: Define cipso_v4_delopt static 2009-10-07 14:45:58 -07:00
datagram.c inet: rename some inet_sock fields 2009-10-18 18:52:53 -07:00
devinet.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-01-10 22:55:03 -08:00
esp4.c xfrm: Use the user specified truncation length in ESP and AH 2009-11-25 15:48:41 -08:00
fib_frontend.c net: spread __net_init, __net_exit 2010-01-17 19:16:02 -08:00
fib_hash.c ipv4: fib table algorithm performance improvement 2009-10-05 00:21:56 -07:00
fib_lookup.h ipv4: cleanup - remove two unused parameters from fib_semantic_match(). 2009-05-18 15:16:37 -07:00
fib_rules.c net: Allow fib_rule_unregister to batch 2009-12-03 12:22:55 -08:00
fib_semantics.c ipv4: Use less conflicting local var name in change_nexthops() loop macro. 2010-01-15 01:16:40 -08:00
fib_trie.c ipv4: fib table algorithm performance improvement 2009-10-05 00:21:56 -07:00
icmp.c icmp: move icmp_err_convert[] to .rodata 2010-01-23 01:21:28 -08:00
igmp.c net: spread __net_init, __net_exit 2010-01-17 19:16:02 -08:00
inet_connection_sock.c tcp: account SYN-ACK timeouts & retransmissions 2010-01-17 19:09:39 -08:00
inet_diag.c netlink: With opcode INET_DIAG_BC_S_LE dport was compared in inet_diag_bc_run() 2010-01-19 14:12:20 -08:00
inet_fragment.c inet fragments: fix sparse warning: context imbalance 2009-02-26 23:13:35 -08:00
inet_hashtables.c tcp: Fix a connect() race with timewait sockets 2009-12-08 20:17:51 -08:00
inet_lro.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
inet_timewait_sock.c [PATCH] tcp: documents timewait refcnt tricks 2009-12-08 20:19:53 -08:00
inetpeer.c inetpeer: Optimize inet_getid() 2009-11-13 20:46:58 -08:00
ip_forward.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
ip_fragment.c IP: Send an ICMP "Fragment Reassembly Timeout" message when enabling connection track 2010-01-23 01:57:42 -08:00
ip_gre.c net: spread __net_init, __net_exit 2010-01-17 19:16:02 -08:00
ip_input.c net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
ip_options.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
ip_output.c ip: fix mc_loop checks for tunnels with multicast outer addresses 2010-01-06 20:37:01 -08:00
ip_sockglue.c tcp: Generalized TTL Security Mechanism 2010-01-11 16:28:01 -08:00
ipcomp.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
ipconfig.c Merge branch 'for-2.6.33' of git://linux-nfs.org/~bfields/linux 2009-12-16 10:43:34 -08:00
ipip.c net: spread __net_init, __net_exit 2010-01-17 19:16:02 -08:00
ipmr.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-11-17 00:05:02 -08:00
netfilter.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
proc.c net: constify MIB name tables 2010-01-23 01:21:27 -08:00
protocol.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
raw.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-10-29 21:28:59 -07:00
route.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-01-23 00:31:06 -08:00
syncookies.c net: Add rtnetlink init_rcvwnd to set the TCP initial receive window 2009-12-23 14:13:30 -08:00
sysctl_net_ipv4.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
tcp.c tcp: Slightly optimize tcp_sendmsg 2009-12-23 14:13:29 -08:00
tcp_bic.c tcp: add helper for AI algorithm 2009-03-02 03:00:15 -08:00
tcp_cong.c Networking: use CAP_NET_ADMIN when deciding to call request_module 2009-08-14 11:18:34 +10:00
tcp_cubic.c tcp: add helper for AI algorithm 2009-03-02 03:00:15 -08:00
tcp_diag.c tcp: diag: Dont report negative values for rx queue 2009-12-03 16:06:13 -08:00
tcp_highspeed.c
tcp_htcp.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tcp_hybla.c tcp: Fix tcp_hybla zero congestion window growth with small rho and large cwnd. 2008-10-07 15:58:17 -07:00
tcp_illinois.c
tcp_input.c tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
tcp_ipv4.c net: spread __net_init, __net_exit 2010-01-17 19:16:02 -08:00
tcp_lp.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tcp_minisocks.c tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
tcp_output.c net: Add rtnetlink init_rcvwnd to set the TCP initial receive window 2009-12-23 14:13:30 -08:00
tcp_probe.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tcp_scalable.c tcp: add helper for AI algorithm 2009-03-02 03:00:15 -08:00
tcp_timer.c tcp: account SYN-ACK timeouts & retransmissions 2010-01-17 19:09:39 -08:00
tcp_vegas.c tcp: tcp_vegas ssthresh bugfix 2009-05-25 22:44:59 -07:00
tcp_vegas.h
tcp_veno.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tcp_westwood.c
tcp_yeah.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tunnel4.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
udp.c net: spread __net_init, __net_exit 2010-01-17 19:16:02 -08:00
udp_impl.h net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
udplite.c net: spread __net_init, __net_exit 2010-01-17 19:16:02 -08:00
xfrm4_input.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
xfrm4_mode_beet.c ipsec: Interfamily IPSec BEET 2008-08-06 02:39:30 -07:00
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
xfrm4_output.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
xfrm4_policy.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
xfrm4_state.c xfrm: remove useless forward declarations 2008-11-25 01:05:54 -08:00
xfrm4_tunnel.c