linux

History

Jozsef Kadlecsik 17311393f9 [NETFILTER]: nf_conntrack_tcp: fix connection reopening With your description I could reproduce the bug and actually you were completely right: the code above is incorrect. Somehow I was able to misread RFC1122 and mixed the roles :-(: When a connection is >>closed actively<<, it MUST linger in TIME-WAIT state for a time 2xMSL (Maximum Segment Lifetime). However, it MAY >>accept<< a new SYN from the remote TCP to reopen the connection directly from TIME-WAIT state, if it: [...] The fix is as follows: if the receiver initiated an active close, then the sender may reopen the connection - otherwise try to figure out if we hold a dead connection. Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> Tested-by: Krzysztof Piotr Oledzki <ole@ans.pl> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>		2007-10-11 14:35:52 -07:00
..
core.c	[NET]: Make /proc/net per network namespace	2007-10-10 16:49:06 -07:00
Kconfig	[NETFILTER]: x_tables: add xt_time match	2007-10-10 16:53:40 -07:00
Makefile	[NETFILTER]: x_tables: add xt_time match	2007-10-10 16:53:40 -07:00
nf_conntrack_amanda.c
nf_conntrack_core.c	[NETFILTER]: nf_conntrack: kill unique ID	2007-10-10 16:53:36 -07:00
nf_conntrack_ecache.c
nf_conntrack_expect.c	[NETFILTER]: Make netfilter code use the seq_open_private	2007-10-10 16:55:34 -07:00
nf_conntrack_extend.c
nf_conntrack_ftp.c
nf_conntrack_h323_asn1.c
nf_conntrack_h323_main.c
nf_conntrack_h323_types.c
nf_conntrack_helper.c	netfilter endian regressions	2007-07-26 11:11:56 -07:00
nf_conntrack_irc.c
nf_conntrack_l3proto_generic.c
nf_conntrack_netbios_ns.c
nf_conntrack_netlink.c	[NETFILTER]: nf_conntrack_netlink: add support to related connections	2007-10-10 16:53:37 -07:00
nf_conntrack_pptp.c
nf_conntrack_proto.c
nf_conntrack_proto_generic.c
nf_conntrack_proto_gre.c	[NETFILTER]: ctnetlink: use netlink policy	2007-10-10 16:53:35 -07:00
nf_conntrack_proto_sctp.c
nf_conntrack_proto_tcp.c	[NETFILTER]: nf_conntrack_tcp: fix connection reopening	2007-10-11 14:35:52 -07:00
nf_conntrack_proto_udp.c	[NETFILTER]: ctnetlink: use netlink policy	2007-10-10 16:53:35 -07:00
nf_conntrack_proto_udplite.c	[NETFILTER]: ctnetlink: use netlink policy	2007-10-10 16:53:35 -07:00
nf_conntrack_sane.c
nf_conntrack_sip.c	[NETFILTER]: nf_conntrack_sip: fix SIP-URI parsing	2007-08-14 13:14:35 -07:00
nf_conntrack_standalone.c	[NETFILTER]: Make netfilter code use the seq_open_private	2007-10-10 16:55:34 -07:00
nf_conntrack_tftp.c
nf_internals.h
nf_log.c
nf_queue.c
nf_sockopt.c	[NET]: Disable netfilter sockopts when not in the initial network namespace	2007-10-10 16:49:13 -07:00
nf_sysctl.c
nfnetlink.c	[NET]: make netlink user -> kernel interface synchronious	2007-10-10 21:15:29 -07:00
nfnetlink_log.c	[NETFILTER]: Make netfilter code use the seq_open_private	2007-10-10 16:55:34 -07:00
nfnetlink_queue.c	[NETFILTER]: Make netfilter code use the seq_open_private	2007-10-10 16:55:34 -07:00
x_tables.c	[NET]: Make /proc/net per network namespace	2007-10-10 16:49:06 -07:00
xt_CLASSIFY.c
xt_comment.c
xt_connbytes.c
xt_connlimit.c	netfilter endian regressions	2007-07-26 11:11:56 -07:00
xt_CONNMARK.c
xt_connmark.c
xt_CONNSECMARK.c
xt_conntrack.c
xt_dccp.c
xt_DSCP.c
xt_dscp.c
xt_esp.c
xt_hashlimit.c	[NET]: Make /proc/net per network namespace	2007-10-10 16:49:06 -07:00
xt_helper.c
xt_length.c
xt_limit.c
xt_mac.c
xt_MARK.c
xt_mark.c
xt_multiport.c
xt_NFLOG.c
xt_NFQUEUE.c
xt_NOTRACK.c
xt_physdev.c	[NETFILTER]: Clean up duplicate includes in net/netfilter/	2007-07-24 15:31:05 -07:00
xt_pkttype.c
xt_policy.c
xt_quota.c
xt_realm.c
xt_sctp.c
xt_SECMARK.c
xt_state.c
xt_statistic.c
xt_string.c
xt_TCPMSS.c
xt_tcpmss.c
xt_tcpudp.c	[NETFILTER]: xt_tcpudp: fix wrong struct in udp_checkentry	2007-08-30 22:36:43 -07:00
xt_time.c	[NETFILTER]: x_tables: add xt_time match	2007-10-10 16:53:40 -07:00
xt_TRACE.c
xt_u32.c	[NETFILTER]: netfilter: xt_u32 bug correction	2007-08-14 13:13:28 -07:00