[netfilter-core] Re: [PATCH] ip_conntrack_proto_tcp
Patrick McHardy
kaber at trash.net
Fri Nov 11 14:58:01 CET 2005
Pablo Neira wrote:
> Vlad Drukker wrote:
>
>>Attached patch for ip_conntrack to account TCP sessions started with SYN
>>+PUSH flags. Looks weird, but some HW vendors do TCP their own way.
>>
>>Let's earn some points from RFC 1025.
>
> I see this patch like a sort of workaround to make broken devices with
> the TCP connection tracking, right? In that case, I don't think that
> it's a good idea polluting our code with workarounds for every existing
> broken device. The HW vendors must fix their devices.
Unfortunately this is unlikely to happen, and if Linux itself
accepts SYN|PSH, I don't see a reason why ip_conntrack shouldn't
as well.
More information about the netfilter-devel
mailing list