dect
/
linux-2.6
Archived
13
0
Fork 0
Code Releases Activity
This repository has been archived on 2022-02-17. You can view files and clone it, but cannot push or open issues or pull requests.
linux-2.6/net
History
Jozsef Kadlecsik 874ab9233e netfilter: nf_ct_tcp: TCP simultaneous open support 
The patch below adds supporting TCP simultaneous open to conntrack. The
unused LISTEN state is replaced by a new state (SYN_SENT2) denoting the
second SYN sent from the reply direction in the new case. The state table
is updated and the function tcp_in_window is modified to handle
simultaneous open.

The functionality can fairly easily be tested by socat. A sample tcpdump
recording

23:21:34.244733 IP (tos 0x0, ttl 64, id 49224, offset 0, flags [DF], proto TCP (6), length 60) 192.168.0.254.2020 > 192.168.0.1.2020: S, cksum 0xe75f (correct), 3383710133:3383710133(0) win 5840 <mss 1460,sackOK,timestamp 173445629 0,nop,wscale 7>
23:21:34.244783 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) 192.168.0.1.2020 > 192.168.0.254.2020: R, cksum 0x0253 (correct), 0:0(0) ack 3383710134 win 0
23:21:36.038680 IP (tos 0x0, ttl 64, id 28092, offset 0, flags [DF], proto TCP (6), length 60) 192.168.0.1.2020 > 192.168.0.254.2020: S, cksum 0x704b (correct), 2634546729:2634546729(0) win 5840 <mss 1460,sackOK,timestamp 824213 0,nop,wscale 1>
23:21:36.038777 IP (tos 0x0, ttl 64, id 49225, offset 0, flags [DF], proto TCP (6), length 60) 192.168.0.254.2020 > 192.168.0.1.2020: S, cksum 0xb179 (correct), 3383710133:3383710133(0) ack 2634546730 win 5840 <mss 1460,sackOK,timestamp 173447423 824213,nop,wscale 7>
23:21:36.038847 IP (tos 0x0, ttl 64, id 28093, offset 0, flags [DF], proto TCP (6), length 52) 192.168.0.1.2020 > 192.168.0.254.2020: ., cksum 0xebad (correct), ack 3383710134 win 2920 <nop,nop,timestamp 824213 173447423>

and the corresponding netlink events:

    [NEW] tcp      6 120 SYN_SENT src=192.168.0.254 dst=192.168.0.1 sport=2020 dport=2020 [UNREPLIED] src=192.168.0.1 dst=192.168.0.254 sport=2020 dport=2020
 [UPDATE] tcp      6 120 LISTEN src=192.168.0.254 dst=192.168.0.1 sport=2020 dport=2020 src=192.168.0.1 dst=192.168.0.254 sport=2020 dport=2020
 [UPDATE] tcp      6 60 SYN_RECV src=192.168.0.254 dst=192.168.0.1 sport=2020 dport=2020 src=192.168.0.1 dst=192.168.0.254 sport=2020 dport=2020
 [UPDATE] tcp      6 432000 ESTABLISHED src=192.168.0.254 dst=192.168.0.1 sport=2020 dport=2020 src=192.168.0.1 dst=192.168.0.254 sport=2020 dport=2020 [ASSURED]

The RST packet was dropped in the raw table, thus it did not reach
conntrack.  nfnetlink_conntrack is unpatched so it shows the new SYN_SENT2
state as the old unused LISTEN.

With TCP simultaneous open support we satisfy REQ-2 in RFC 5382  ;-) .

Additional minor correction in this patch is that in order to catch
uninitialized reply directions, "td_maxwin == 0" is used instead of
"td_end == 0" because the former can't be true except in uninitialized
state while td_end may accidentally be equal to zero in the mid of a
connection.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
 		2009-06-02 13:58:56 +02:00
..
9p net/9p: handle correctly interrupted 9P requests 2009-04-05 16:54:53 -05:00
802 net: remove COMPAT_NET_DEV_OPS 2009-05-25 01:53:53 -07:00
8021q net: remove COMPAT_NET_DEV_OPS 2009-05-25 01:53:53 -07:00
appletalk net: remove COMPAT_NET_DEV_OPS 2009-05-25 01:53:53 -07:00
atm Subject: [PATCH] br2684: restore net_dev initialization 2009-05-02 13:49:36 -07:00
ax25 ax25: proc uid file misses header 2009-04-20 02:14:59 -07:00
bluetooth Bluetooth: Don't trigger disconnect timeout for security mode 3 pairing 2009-05-09 18:09:52 -07:00
bridge Merge branch 'master' of git://dev.medozas.de/linux 2009-06-02 13:44:56 +02:00
can can: Network Drop Monitor: Make use of consume_skb() in af_can.c 2009-04-17 01:38:46 -07:00
core gro: Store shinfo in local variable in skb_gro_receive 2009-05-27 03:26:05 -07:00
dcb DCB: fix kfree(skb) 2009-01-04 17:29:21 -08:00
dccp dccp: Do not let initial option overhead shrink the MPS 2009-03-02 03:07:23 -08:00
decnet net: Remove unused parameter from fill method in fib_rules_ops. 2009-05-20 17:26:23 -07:00
dsa dsa: add switch chip cascading support 2009-03-21 19:06:54 -07:00
econet net: convert usage of packet_type to read_mostly 2009-03-10 05:22:43 -07:00
ethernet net: remove COMPAT_NET_DEV_OPS 2009-05-25 01:53:53 -07:00
ipv4 Merge branch 'master' of git://dev.medozas.de/linux 2009-06-02 13:44:56 +02:00
ipv6 Merge branch 'master' of git://dev.medozas.de/linux 2009-06-02 13:44:56 +02:00
ipx ipx: use constant for strings and desciptor 2009-03-21 19:06:51 -07:00
irda irda: Use genl_register_family_with_ops() 2009-05-21 16:50:22 -07:00
iucv af_iucv: Fix merge. 2009-04-23 06:37:16 -07:00
key af_key: remove some pointless conditionals before kfree_skb() 2009-02-26 23:07:32 -08:00
lapb
llc net: remove needless (now buggy) & from dev->dev_addr (part2) 2009-05-17 11:59:53 -07:00
mac80211 wireless: move some utility functions from mac80211 to cfg80211 2009-05-22 14:06:02 -04:00
netfilter netfilter: nf_ct_tcp: TCP simultaneous open support 2009-06-02 13:58:56 +02:00
netlabel netlabel: Use genl_register_family_with_ops() 2009-05-21 16:50:24 -07:00
netlink genetlink: Introduce genl_register_family_with_ops() 2009-05-21 16:50:22 -07:00
netrom net/netrom: Fix socket locking 2009-04-22 00:49:51 -07:00
packet af_packet: Teach to listen for multiple unicast addresses. 2009-05-21 15:13:39 -07:00
phonet trivial: fix typos/grammar errors in Kconfig texts 2009-03-30 15:22:01 +02:00
rds Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-05-18 21:08:20 -07:00
rfkill net/rfkill/rfkill.c: fix build with CONFIG_RFKILL_LEDS=n 2009-05-06 15:14:40 -04:00
rose Revert "rose: zero length frame filtering in af_rose.c" 2009-04-14 20:28:00 -07:00
rxrpc RxRPC: Error handling for rxrpc_alloc_connection() 2009-05-21 15:22:02 -07:00
sched net: txq_trans_update() helper 2009-05-25 22:58:01 -07:00
sctp sctp: add feature bit for SCTP offload in hardware 2009-04-28 01:53:14 -07:00
sunrpc Merge branch 'for-2.6.30' of git://linux-nfs.org/~bfields/linux 2009-05-12 17:11:56 -07:00
tipc tipc: Use genl_register_family_with_ops() 2009-05-21 16:50:23 -07:00
unix New helper - current_umask() 2009-03-31 23:00:26 -04:00
wanrouter wanrouter: fix sparse warnings: context imbalance 2009-02-26 23:13:36 -08:00
wimax Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-05-08 02:48:30 -07:00
wireless nl80211: Eliminate reference to BUS_ID_SIZE. 2009-05-26 21:15:00 -07:00
x25 af_rose/x25: Sanity check the maximum user frame size 2009-03-27 00:28:21 -07:00
xfrm xfrm: wrong hash value for temporary SA 2009-04-27 02:58:59 -07:00
Kconfig net: remove stale reference to fastroute from Kconfig help text 2009-05-07 16:31:01 -07:00
Makefile RDS: Kconfig and Makefile 2009-02-26 23:43:35 -08:00
TUNABLE
compat.c net: socket infrastructure for SO_TIMESTAMPING 2009-02-15 22:43:35 -08:00
nonet.c
socket.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2009-04-06 18:05:43 -07:00
sysctl_net.c net: sysctl_net - use net_eq to compare nets 2009-03-16 16:23:30 +01:00