In article <[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]> writes:
> Is it acceptable/expected to be able to have multiple TCP sockets in
> SYN_RECV with the exact same set of local IP, local port, remote IP, and
> remote port? In my perhaps limited understanding of TCP, I don't think it
> is possible to have multiple active connections in such a state, so why does
> Linux allow multiple potential connections to exist in this manner?
> This is with Linux i386 version 2.2.5 (gcc version 2.7.2.3) with syncookies
> enabled. My apologies if this has been addressed in a later kernel, but
> this is a production server that hasn't been rebooted since April 3rd.
> I seem to have 34 exactly duplicate connections from a Windows machine
> trying to create an outbound connection using a local port that it can't
> receive packets on. It never seems to give up and try a different port:
[...]
Ok, I think I have a fix now. I bet you have transparent proxying enabled
in the kernel config?
Index: linux/net/ipv4/syncookies.c
===================================================================
RCS file: /vger/u4/cvs/linux/net/ipv4/syncookies.c,v
retrieving revision 1.7
diff -u -u -r1.7 syncookies.c
--- syncookies.c 1999/03/17 02:34:57 1.7
+++ syncookies.c 1999/08/06 14:54:06
@@ -146,6 +146,9 @@
req->af.v4_req.loc_addr = skb->nh.iph->daddr;
req->af.v4_req.rmt_addr = skb->nh.iph->saddr;
req->class = &or_ipv4; /* for savety */
+#ifdef CONFIG_IP_TRANSPARENT_PROXY
+ req->lcl_port = skb->h.th->dest;
+#endif
req->af.v4_req.opt = NULL;
-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
