[PATCH] Fix NAT TCP sequence adjustment
Rusty Russell
rusty at rustcorp.com.au
Tue May 31 11:17:24 CEST 2005
On Sat, 2005-04-02 at 12:24 -0800, Phil Oester wrote:
> In adjust_tcp_sequence, we track the sequence number of any adjustments
> in the correction_pos variable. The seq stored is based upon the left
> side of the window of the NAT box -- not of the original sender.
>
> Later, in ip_nat_seq_adjust, we compare the correction_pos variable to
> the seq of the original sender to determine whether this is a new packet
> or a retransmission (i.e. should we apply offset_before or offset_after).
> So we are comparing the post-adjustment seq to a pre-adjustment seq.
This is tested in the testsuite, and sure enough, now the patch
resulting from this discussion has been applied, it fails. Well done:
your fix broke FTP worse than the original problem, it seems.
I *did* ask for a test here, and this is what the testsuite is *for*.
And now it works on x86_64, there's no excuse.
Grrr...
Rusty.
--
A bad analogy is like a leaky screwdriver -- Richard Braakman
More information about the netfilter-devel
mailing list