Skip to content
Snippets Groups Projects
Commit e306e373 authored by Florian Westphal's avatar Florian Westphal Committed by Pablo Neira Ayuso
Browse files

kselftest: add test for nfqueue induced conntrack race 

The netfilter race happens when two packets with the same tuple are DNATed
and enqueued with nfqueue in the postrouting hook.

Once one of the packet is reinjected it may be DNATed again to a different
destination, but the conntrack entry remains the same and the return packet
was dropped.

Based on earlier patch from Antonio Ojea.

Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1766


Co-developed-by: default avatarAntonio Ojea <aojea@google.com>
Signed-off-by: default avatarAntonio Ojea <aojea@google.com>
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 8af79d3e
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment