aboutsummaryrefslogtreecommitdiff
path: root/sys/contrib/ipfilter/netinet/ip_state.c
diff options
context:
space:
mode:
authorDarren Reed <darrenr@FreeBSD.org>2006-12-24 02:18:36 +0000
committerDarren Reed <darrenr@FreeBSD.org>2006-12-24 02:18:36 +0000
commit4012ba6ec7016acab09e35bef06304188f29287c (patch)
tree07d69b8c9e81d21414a40a87953f84af809840e4 /sys/contrib/ipfilter/netinet/ip_state.c
parent83e3f6ad3e2e5e962f2737a0061a57b5c8cecda5 (diff)
downloadsrc-4012ba6ec7016acab09e35bef06304188f29287c.tar.gz
src-4012ba6ec7016acab09e35bef06304188f29287c.zip
TCP Window scaling was being recognised but the recorded settings were being
clobbered and thus effectively disabled. MFC after: 7 days
Notes
Notes: svn path=/head/; revision=165515
Diffstat (limited to 'sys/contrib/ipfilter/netinet/ip_state.c')
-rw-r--r--sys/contrib/ipfilter/netinet/ip_state.c26
1 files changed, 7 insertions, 19 deletions
diff --git a/sys/contrib/ipfilter/netinet/ip_state.c b/sys/contrib/ipfilter/netinet/ip_state.c
index 5a877a616c27..ae17dbb0c88e 100644
--- a/sys/contrib/ipfilter/netinet/ip_state.c
+++ b/sys/contrib/ipfilter/netinet/ip_state.c
@@ -1358,21 +1358,16 @@ ipstate_t *is;
if (flags == (TH_SYN|TH_ACK)) {
is->is_s0[source] = ntohl(tcp->th_ack);
is->is_s0[!source] = ntohl(tcp->th_seq) + 1;
- if ((TCP_OFF(tcp) > (sizeof(tcphdr_t) >> 2)) &&
- (tdata->td_winflags & TCP_WSCALE_SEEN)) {
+ if ((TCP_OFF(tcp) > (sizeof(tcphdr_t) >> 2))) {
if (fr_tcpoptions(fin, tcp, fdata) == -1)
fin->fin_flx |= FI_BAD;
- if (!(fdata->td_winflags & TCP_WSCALE_SEEN)) {
- fdata->td_winscale = 0;
- tdata->td_winscale = 0;
- }
}
if ((fin->fin_out != 0) && (is->is_pass & FR_NEWISN))
fr_checknewisn(fin, is);
} else if (flags == TH_SYN) {
is->is_s0[source] = ntohl(tcp->th_seq) + 1;
if ((TCP_OFF(tcp) > (sizeof(tcphdr_t) >> 2))) {
- if (fr_tcpoptions(fin, tcp, tdata) == -1)
+ if (fr_tcpoptions(fin, tcp, fdata) == -1)
fin->fin_flx |= FI_BAD;
}
@@ -1479,17 +1474,8 @@ int flags;
* the receiver also does window scaling)
*/
if (!(tcpflags & TH_SYN) && (fdata->td_winflags & TCP_WSCALE_FIRST)) {
- if (tdata->td_winflags & TCP_WSCALE_SEEN) {
- fdata->td_winflags &= ~TCP_WSCALE_FIRST;
- fdata->td_maxwin = win;
- } else {
- fdata->td_winscale = 0;
- fdata->td_winflags &= ~(TCP_WSCALE_FIRST|
- TCP_WSCALE_SEEN);
- tdata->td_winscale = 0;
- tdata->td_winflags &= ~(TCP_WSCALE_FIRST|
- TCP_WSCALE_SEEN);
- }
+ fdata->td_winflags &= ~TCP_WSCALE_FIRST;
+ fdata->td_maxwin = win;
}
end = seq + dsize;
@@ -1532,7 +1518,7 @@ int flags;
(SEQ_GE(seq, fdata->td_end - maxwin)) &&
/* XXX what about big packets */
#define MAXACKWINDOW 66000
- (-ackskew <= (MAXACKWINDOW << fdata->td_winscale)) &&
+ (-ackskew <= (MAXACKWINDOW)) &&
( ackskew <= (MAXACKWINDOW << fdata->td_winscale))) {
inseq = 1;
/*
@@ -1578,6 +1564,8 @@ int flags;
}
}
+ /* TRACE(inseq, fdata, tdata, seq, end, ack, ackskew, win, maxwin) */
+
if (inseq) {
/* if ackskew < 0 then this should be due to fragmented
* packets. There is no way to know the length of the
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-01 05:33:29 +0000