Thanks for the info and the quick response.
} (BTW: the bug is that our Masq stuff seems to not handle TCP options
} during normal data flow, and this is a big problem.)
OK, throw me details and I'll see what I can do...
Ok, here is one example, and using it you should be able to easily
find the other similar bug cases:
In net/ipv4/ip_masq.c, in ip_fw_masquerade() we come upon this snippet
of code:
/*
* Adjust packet accordingly to protocol
*/
if (iph->protocol == IPPROTO_UDP)
{
recalc_check((struct udphdr *)portptr,iph->saddr,iph->daddr,size);
} else {
struct tcphdr *th = (struct tcphdr *)portptr;
skb->csum = csum_partial((void *)(th + 1), size - sizeof(*th), 0);
th->check = 0;
th->check = tcp_v4_check(th, size, iph->saddr, iph->daddr,
csum_partial((char *)th, sizeof(*th),
skb->csum));
}
The code inside the else clause should be changed to account for TCP
options, perhaps something like:
skb->csum = csum_partial(((unsigned char *)th) + th->doff << 2,
(size - (th->doff << 2)), 0);
th->check = 0;
th->check = tcp_v4_check(th, size, iph->saddr, iph->daddr,
csum_partial((char *)th, (th->doff<<2),
skb->csum));
You get the idea. If you have any questions, just toss them this
way.
[and your people never did come back to me after I filled in the forms for
an eval microserver :-) ]
I just took care of this. ;-)
Later,
David S. Miller
davem@dm.cobaltmicro.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu