git.samba.org - sfrench/cifs-2.6.git/commit

author	Amerigo Wang <amwang@redhat.com>
	Tue, 18 Sep 2012 16:50:09 +0000 (16:50 +0000)
committer	David S. Miller <davem@davemloft.net>
	Wed, 19 Sep 2012 21:23:28 +0000 (17:23 -0400)
commit	b836c99fd6c9dfe52a69fa0ba36ec918f80ce02a
tree	cb3459103371712b73c8b7695cf05d8f936480a2	tree
parent	c038a767cd697238b09f7a4ea5a504b4891774e9	commit \| diff

ipv6: unify conntrack reassembly expire code with standard one

Two years ago, Shan Wei tried to fix this:
http://patchwork.ozlabs.org/patch/43905/

The problem is that RFC2460 requires an ICMP Time
Exceeded -- Fragment Reassembly Time Exceeded message should be
sent to the source of that fragment, if the defragmentation
times out.

"
   If insufficient fragments are received to complete reassembly of a
   packet within 60 seconds of the reception of the first-arriving
   fragment of that packet, reassembly of that packet must be
   abandoned and all the fragments that have been received for that
   packet must be discarded.  If the first fragment (i.e., the one
   with a Fragment Offset of zero) has been received, an ICMP Time
   Exceeded -- Fragment Reassembly Time Exceeded message should be
   sent to the source of that fragment.
"

As Herbert suggested, we could actually use the standard IPv6
reassembly code which follows RFC2460.

With this patch applied, I can see ICMP Time Exceeded sent
from the receiver when the sender sent out 3/4 fragmented
IPv6 UDP packet.

Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Michal Kubeček <mkubecek@suse.cz>
Cc: David Miller <davem@davemloft.net>
Cc: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
Cc: Patrick McHardy <kaber@trash.net>
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Signed-off-by: Cong Wang <amwang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/net/ipv6.h		diff \| blob \| history
net/ipv6/netfilter/nf_conntrack_reasm.c		diff \| blob \| history
net/ipv6/reassembly.c		diff \| blob \| history