I installed 4.4.0-163-generic from xenial -proposed to a xenial VM, with the following uname -rv:
4.4.0-163-generic #191-Ubuntu SMP Wed Sep 11 17:06:27 UTC 2019
From there I enabled a iptsables rule with the CHECKSUM target, for tcp port 8000:
sudo iptables -t mangle -A POSTROUTING -p tcp -m tcp --sport 8000 -j CHECKSUM --checksum-fill
After running that command, dmesg now prints the correct warning against use of the CHECKSUM target:
[ 99.606968] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT
I bound a port to 8000 with netcat, and ran traffic over it. Everything worked fine and was stable with no crashes seen.
This fixes the issue in this bug, and I am happy to mark it as verified.
I installed 4.4.0-163-generic from xenial -proposed to a xenial VM, with the following uname -rv:
4.4.0-163-generic #191-Ubuntu SMP Wed Sep 11 17:06:27 UTC 2019
From there I enabled a iptsables rule with the CHECKSUM target, for tcp port 8000:
sudo iptables -t mangle -A POSTROUTING -p tcp -m tcp --sport 8000 -j CHECKSUM --checksum-fill
After running that command, dmesg now prints the correct warning against use of the CHECKSUM target:
[ 99.606968] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT
I bound a port to 8000 with netcat, and ran traffic over it. Everything worked fine and was stable with no crashes seen.
This fixes the issue in this bug, and I am happy to mark it as verified.