linux/tools/testing
Florian Westphal 5bdac418f3 netfilter: nat: fix icmp id randomization
Sven Auhagen reported that a 2nd ping request will fail if 'fully-random'
mode is used.

Reason is that if no proto information is given, min/max are both 0,
so we set the icmp id to 0 instead of chosing a random value between
0 and 65535.

Update test case as well to catch this, without fix this yields:
[..]
ERROR: cannot ping ns1 from ns2 with ip masquerade fully-random (attempt 2)
ERROR: cannot ping ns1 from ns2 with ipv6 masquerade fully-random (attempt 2)

... becaus 2nd ping clashes with existing 'id 0' icmp conntrack and gets
dropped.

Fixes: 203f2e7820 ("netfilter: nat: remove l4proto->unique_tuple")
Reported-by: Sven Auhagen <sven.auhagen@voleatech.de>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2019-04-15 07:31:50 +02:00
..
fault-injection License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ktest These commits have either been sitting in my INBOX or have been 2018-04-11 16:42:27 -07:00
nvdimm device-dax for 5.1 2019-03-16 13:05:32 -07:00
radix-tree radix tree: Don't return retry entries from lookup 2018-12-06 08:26:16 -05:00
scatterlist tools/testing/scatterlist: Test new __sg_alloc_table_from_pages 2017-09-07 10:54:40 +01:00
selftests netfilter: nat: fix icmp id randomization 2019-04-15 07:31:50 +02:00
vsock VSOCK: add tools/testing/vsock/vsock_diag_test 2017-10-05 18:44:17 -07:00