subject:"\[PATCH nf v3\] netfilter\: seqadj\: Fix the wrong ack adjust for the RST packet without ack"

Re: [PATCH nf v3] netfilter: seqadj: Fix the wrong ack adjust for the RST packet without ack

2016-09-22 Thread Pablo Neira Ayuso

On top of Eric's comments. On Thu, Sep 22, 2016 at 10:22:45AM +0800, f...@ikuai8.com wrote: > diff --git a/net/netfilter/nf_conntrack_seqadj.c > b/net/netfilter/nf_conntrack_seqadj.c > index dff0f0c..3bd9c7e 100644 > --- a/net/netfilter/nf_conntrack_seqadj.c > +++

Re: [PATCH nf v3] netfilter: seqadj: Fix the wrong ack adjust for the RST packet without ack

2016-09-21 Thread Eric Dumazet

On Thu, 2016-09-22 at 10:22 +0800, f...@ikuai8.com wrote: > From: Gao Feng > > It is valid that the TCP RST packet which does not set ack flag, and bytes > of ack number are zero. But current seqadj codes would adjust the "0" ack > to invalid ack number. Actually seqadj need to

[PATCH nf v3] netfilter: seqadj: Fix the wrong ack adjust for the RST packet without ack

2016-09-21 Thread fgao

From: Gao Feng It is valid that the TCP RST packet which does not set ack flag, and bytes of ack number are zero. But current seqadj codes would adjust the "0" ack to invalid ack number. Actually seqadj need to check the ack flag before adjust it for these RST packets. The