Skip to content

Commit

Permalink
Revert "netfilter: conntrack: mark UDP zero checksum as CHECKSUM_UNNE…
Browse files Browse the repository at this point in the history 
…CESSARY"

This reverts commit 5bed9f3.

Gal Presman says:
 this patch broke geneve tunnels, or possibly all udp tunnels?
 A simple test that creates two geneve tunnels and runs tcp iperf fails
 and results in checksum errors (TcpInCsumErrors).

Original commit wanted to fix nf_reject with zero checksum,
so it appears better to change nf reject infra instead.

Fixes: 5bed9f3 ("netfilter: conntrack: mark UDP zero checksum as CHECKSUM_UNNECESSARY")
Reported-by: Gal Pressman <gal@nvidia.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  • Loading branch information
Florian Westphal authored and Pablo Neira Ayuso committed Mar 3, 2022
1 parent ef132dc commit bbfbf7a
Showing 1 changed file with 1 addition and 3 deletions.
4 changes: 1 addition & 3 deletions net/netfilter/nf_conntrack_proto_udp.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,10 +63,8 @@ static bool udp_error(struct sk_buff *skb,
}

/* Packet with no checksum */
if (!hdr->check) {
skb->ip_summed = CHECKSUM_UNNECESSARY;
if (!hdr->check)
return false;
}

/* Checksum invalid? Ignore.
* We skip checking packets on the outgoing path
Expand Down

0 comments on commit bbfbf7a

Please sign in to comment.