netfilter: tcp conntrack: fix unacknowledged data detection with NAT - openslx/kernel-qcow2-linux.git

diff options

author	Patrick McHardy	2009-06-29 14:07:56 +0200
committer	Patrick McHardy	2009-06-29 14:07:56 +0200
commit	a3a9f79e361e864f0e9d75ebe2a0cb43d17c4272 (patch)
tree	e38bb7cc051cf197a813d553713e3071d375a1b9 /include/linux/netfilter
parent	nf_conntrack: Use rcu_barrier() (diff)
download	kernel-qcow2-linux-a3a9f79e361e864f0e9d75ebe2a0cb43d17c4272.tar.gz kernel-qcow2-linux-a3a9f79e361e864f0e9d75ebe2a0cb43d17c4272.tar.xz kernel-qcow2-linux-a3a9f79e361e864f0e9d75ebe2a0cb43d17c4272.zip

netfilter: tcp conntrack: fix unacknowledged data detection with NAT

When NAT helpers change the TCP packet size, the highest seen sequence number needs to be corrected. This is currently only done upwards, when the packet size is reduced the sequence number is unchanged. This causes TCP conntrack to falsely detect unacknowledged data and decrease the timeout. Fix by updating the highest seen sequence number in both directions after packet mangling. Tested-by: Krzysztof Piotr Oledzki <ole@ans.pl> Signed-off-by: Patrick McHardy <kaber@trash.net>

Diffstat (limited to 'include/linux/netfilter')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: