OrgACRN
/
acrn-kernel
mirror of https://github.com/projectacrn/acrn-kernel.git
1
0
Fork 0
Code Issues Releases Wiki Activity
acrn-kernel/net/ipv6/netfilter
History
Eric Dumazet 00cd7bf9f9 netfilter: nf_defrag_ipv6: allow nf_conntrack_frag6_high_thresh increases 
Currently, net.netfilter.nf_conntrack_frag6_high_thresh can only be lowered.

I found this issue while investigating a probable kernel issue
causing flakes in tools/testing/selftests/net/ip_defrag.sh

In particular, these sysctl changes were ignored:
	ip netns exec "${NETNS}" sysctl -w net.netfilter.nf_conntrack_frag6_high_thresh=9000000 >/dev/null 2>&1
	ip netns exec "${NETNS}" sysctl -w net.netfilter.nf_conntrack_frag6_low_thresh=7000000  >/dev/null 2>&1

This change is inline with commit 8361962392 ("net/ipfrag: let ip[6]frag_high_thresh
in ns be higher than in init_net")

Fixes: 8db3d41569bb ("netfilter: nf_defrag_ipv6: use net_generic infra")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2022-08-24 08:06:44 +02:00
..
Kconfig
Makefile
ip6_tables.c
ip6t_NPT.c
ip6t_REJECT.c
ip6t_SYNPROXY.c
ip6t_ah.c
ip6t_eui64.c
ip6t_frag.c
ip6t_hbh.c
ip6t_ipv6header.c
ip6t_mh.c
ip6t_rpfilter.c
ip6t_rt.c
ip6t_srh.c
ip6table_filter.c
ip6table_mangle.c
ip6table_nat.c
ip6table_raw.c
ip6table_security.c
nf_conntrack_reasm.c netfilter: nf_defrag_ipv6: allow nf_conntrack_frag6_high_thresh increases 2022-08-24 08:06:44 +02:00
nf_defrag_ipv6_hooks.c
nf_dup_ipv6.c
nf_reject_ipv6.c netfilter: conntrack: skip verification of zero UDP checksum 2022-05-13 18:56:28 +02:00
nf_socket_ipv6.c
nf_tproxy_ipv6.c
nft_dup_ipv6.c netfilter: nf_tables: do not reduce read-only expressions 2022-03-20 00:29:46 +01:00
nft_fib_ipv6.c netfilter: nft_fib: reverse path filter for policy-based routing on iif 2022-04-11 12:10:09 +02:00
nft_reject_ipv6.c netfilter: nf_tables: do not reduce read-only expressions 2022-03-20 00:29:46 +01:00