review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Florian Westphal <fw@strlen.de>
	Mon, 18 Oct 2021 12:38:13 +0000 (14:38 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 14 Dec 2021 10:32:36 +0000 (11:32 +0100)
commit	d5cf399a6dc3b35b91fbd2cb002581e2c1970143
tree	d072360b8cca15dae5f702b1bddabbddfc8552c8	tree \| snapshot
parent	83ea620a1be840bf05089a5061fb8323ca42f38c	commit \| diff

selftests: netfilter: add a vrf+conntrack testcase

commit 33b8aad21ac175eba9577a73eb62b0aa141c241c upstream.

Rework the reproducer for the vrf+conntrack regression reported
by Eugene into a selftest and also add a test for ip masquerading
that Lahav fixed recently.

With net or net-next tree, the first test fails and the latter
two pass.

With 09e856d54bda5f28 ("vrf: Reset skb conntrack connection on VRF rcv")
reverted first test passes but the last two fail.

A proper fix needs more work, for time being a revert seems to be
the best choice, snat/masquerade did not work before the fix.

Link: https://lore.kernel.org/netdev/378ca299-4474-7e9a-3d36-2350c8c98995@gmail.com/T/#m95358a31810df7392f541f99d187227bc75c9963
Reported-by: Eugene Crosser <crosser@average.org>
Cc: Lahav Schlesinger <lschlesinger@drivenets.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

tools/testing/selftests/netfilter/Makefile		diff \| blob \| history
tools/testing/selftests/netfilter/conntrack_vrf.sh	[new file with mode: 0644]	blob