diff options
author | Mauro Carvalho Chehab <mchehab@redhat.com> | 2012-10-01 14:52:40 -0300 |
---|---|---|
committer | Mauro Carvalho Chehab <mchehab@redhat.com> | 2012-10-01 14:52:40 -0300 |
commit | aaf675f53a7176475f69595827248c8b2556ea8c (patch) | |
tree | 0cb744dec714328c9f89bf85553fb7195107e5d4 /net/netfilter/nf_conntrack_proto_tcp.c | |
parent | 347c4e95845fad1853c0e3da6603a44c5d6122b3 (diff) | |
parent | a0d271cbfed1dd50278c6b06bead3d00ba0a88f9 (diff) | |
download | linux-3.10-aaf675f53a7176475f69595827248c8b2556ea8c.tar.gz linux-3.10-aaf675f53a7176475f69595827248c8b2556ea8c.tar.bz2 linux-3.10-aaf675f53a7176475f69595827248c8b2556ea8c.zip |
Merge tag 'v3.6' into staging/for_v3.7
Linux 3.6
* tag 'v3.6': (562 commits)
Linux 3.6
vfs: dcache: fix deadlock in tree traversal
mtdchar: fix offset overflow detection
thp: avoid VM_BUG_ON page_count(page) false positives in __collapse_huge_page_copy
iommu/amd: Fix wrong assumption in iommu-group specific code
netdev: octeon: fix return value check in octeon_mgmt_init_phy()
ALSA: snd-usb: fix next_packet_size calls for pause case
inetpeer: fix token initialization
qlcnic: Fix scheduling while atomic bug
bnx2: Clean up remaining iounmap
trivial select_parent documentation fix
net: phy: smsc: Implement PHY config_init for LAN87xx
smsc75xx: fix resume after device reset
um: Preinclude include/linux/kern_levels.h
um: Fix IPC on um
netdev: pasemi: fix return value check in pasemi_mac_phy_init()
team: fix return value check
l2tp: fix return value check
USB: Fix race condition when removing host controllers
USB: ohci-at91: fix null pointer in ohci_hcd_at91_overcurrent_irq
...
Diffstat (limited to 'net/netfilter/nf_conntrack_proto_tcp.c')
-rw-r--r-- | net/netfilter/nf_conntrack_proto_tcp.c | 29 |
1 files changed, 10 insertions, 19 deletions
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c index a5ac11ebef3..e046b3756aa 100644 --- a/net/netfilter/nf_conntrack_proto_tcp.c +++ b/net/netfilter/nf_conntrack_proto_tcp.c @@ -158,21 +158,18 @@ static const u8 tcp_conntracks[2][6][TCP_CONNTRACK_MAX] = { * sCL -> sSS */ /* sNO, sSS, sSR, sES, sFW, sCW, sLA, sTW, sCL, sS2 */ -/*synack*/ { sIV, sIV, sIG, sIG, sIG, sIG, sIG, sIG, sIG, sSR }, +/*synack*/ { sIV, sIV, sSR, sIV, sIV, sIV, sIV, sIV, sIV, sSR }, /* * sNO -> sIV Too late and no reason to do anything * sSS -> sIV Client can't send SYN and then SYN/ACK * sS2 -> sSR SYN/ACK sent to SYN2 in simultaneous open - * sSR -> sIG - * sES -> sIG Error: SYNs in window outside the SYN_SENT state - * are errors. Receiver will reply with RST - * and close the connection. - * Or we are not in sync and hold a dead connection. - * sFW -> sIG - * sCW -> sIG - * sLA -> sIG - * sTW -> sIG - * sCL -> sIG + * sSR -> sSR Late retransmitted SYN/ACK in simultaneous open + * sES -> sIV Invalid SYN/ACK packets sent by the client + * sFW -> sIV + * sCW -> sIV + * sLA -> sIV + * sTW -> sIV + * sCL -> sIV */ /* sNO, sSS, sSR, sES, sFW, sCW, sLA, sTW, sCL, sS2 */ /*fin*/ { sIV, sIV, sFW, sFW, sLA, sLA, sLA, sTW, sCL, sIV }, @@ -633,15 +630,9 @@ static bool tcp_in_window(const struct nf_conn *ct, ack = sack = receiver->td_end; } - if (seq == end - && (!tcph->rst - || (seq == 0 && state->state == TCP_CONNTRACK_SYN_SENT))) + if (tcph->rst && seq == 0 && state->state == TCP_CONNTRACK_SYN_SENT) /* - * Packets contains no data: we assume it is valid - * and check the ack value only. - * However RST segments are always validated by their - * SEQ number, except when seq == 0 (reset sent answering - * SYN. + * RST sent answering SYN. */ seq = end = sender->td_end; |