review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Florian Westphal <fw@strlen.de>
	Mon, 18 Oct 2021 12:38:13 +0000 (14:38 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 8 Nov 2021 10:24:01 +0000 (11:24 +0100)
commit	33b8aad21ac175eba9577a73eb62b0aa141c241c
tree	e3b6322d9d2ac8d6e5ddeb4b00cf80e0cd143693	tree \| snapshot
parent	c45231a7668d6b632534f692b10592ea375b55b0	commit \| diff

selftests: netfilter: add a vrf+conntrack testcase

Rework the reproducer for the vrf+conntrack regression reported
by Eugene into a selftest and also add a test for ip masquerading
that Lahav fixed recently.

With net or net-next tree, the first test fails and the latter
two pass.

With 09e856d54bda5f28 ("vrf: Reset skb conntrack connection on VRF rcv")
reverted first test passes but the last two fail.

A proper fix needs more work, for time being a revert seems to be
the best choice, snat/masquerade did not work before the fix.

Link: https://lore.kernel.org/netdev/378ca299-4474-7e9a-3d36-2350c8c98995@gmail.com/T/#m95358a31810df7392f541f99d187227bc75c9963
Reported-by: Eugene Crosser <crosser@average.org>
Cc: Lahav Schlesinger <lschlesinger@drivenets.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

tools/testing/selftests/netfilter/Makefile		diff \| blob \| history
tools/testing/selftests/netfilter/conntrack_vrf.sh	[new file with mode: 0755]	blob