| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20090908130424.GB7273@urbino.open.ch> Date: Tue, 8 Sep 2009 15:04:24 +0200 From: Andreas Jaggi <aj@...n.ch> To: Patrick McHardy <kaber@...sh.net> Cc: Mark Brown <broonie@...nsource.wolfsonmicro.com>, Jing Min Zhao <zhaojingmin@...rs.sourceforge.net>, netdev@...r.kernel.org Subject: Re: H.245v10+ support in nf_conntrack_h323? By using the tcpdumps made during the video conferencing test, I was able to reproduce the problem with tcpreplay. Further investigation (eg. sprinkling a couple printks over nf_conntrack_h323_main.c) showed that the H.245 packet is dropped because the __nf_ct_expect_check() fails with -EMFILE. This because max_expected of the H.245 expect policy is reached. max_expected is set to 'H323_RTP_CHANNEL_MAX * 4 + 2' in nf_conntrack_h323_main.c and H323_RTP_CHANNEL_MAX is defined as '4'. Increasing H323_RTP_CHANNEL_MAX solves the problem that H.245 packets are dropped! Now I would like to propose a patch to fix this permanently, but I don't know what a reasonable value for H323_RTP_CHANNEL_MAX would be (only that the current value is too low for our video conferencing setup). How was the current value of H323_RTP_CHANNEL_MAX determined? And what would be the implications of increasing this value? Andreas -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists