[PATCH] TCP RST after firewall redirect fix (against 2.1.119)

Paul Rusty Russell (Paul.Russell@rustcorp.com.au)
Tue, 01 Sep 1998 19:57:06 +0930

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Keith Owens: "IPv4 address calculators"
Previous message: Paul Rusty Russell: "[PATCH] Overzealous name sanity check in ip_fw.c breaks int'l chars"

This fix is trivially correct (and verified that it fixes the problem
of redirects sourcing from the correct place).

[NB: Fixing this enables a cool firewalling hack whereby people can
redirect unwanted TCP connections to an unused port to get
`Connection refused']

--- linux/net/ipv4/ip_output.c.~1~ Tue Aug 4 12:28:06 1998
+++ linux/net/ipv4/ip_output.c Tue Sep 1 18:42:18 1998
@@ -612,7 +612,7 @@
* Check for slow path.
*/
if (length > rt->u.dst.pmtu || ipc->opt != NULL)
- return ip_build_xmit_slow(sk,getfrag,frag,length,ipc,rt,rt->rt_src,flags);
+ return ip_build_xmit_slow(sk,getfrag,frag,length,ipc,rt,srcip,flags);

/*
* Do path mtu discovery if needed.

-- .sig lost in the mail.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Keith Owens: "IPv4 address calculators"
Previous message: Paul Rusty Russell: "[PATCH] Overzealous name sanity check in ip_fw.c breaks int'l chars"