[PR] net/tcp: support OTW ack seq check [nuttx]

via GitHub Sun, 28 Dec 2025 21:57:16 -0800


wenquan2015 opened a new pull request, #17711:
URL: https://github.com/apache/nuttx/pull/17711


   
   ## Summary
   
   check tcp header ack seq is acceptable according rfc793 
   
   ## Impact
   
   tcp
   
   ## Testing
   test1:syn-recved, receive unacceptable ack, send reset
   ```
   from scapy.all import *
   import time
   
   targetip="10.0.1.2"
   targetport=5000
   
pkt=IP(dst=targetip)/TCP(sport=12345,dport=targetport,seq=1526396415,flags="S")
   ret=sr1(pkt)
   
   time.sleep(0.1)
   
   pkt=IP(dst=targetip)/TCP(sport=12345,dport=targetport,seq=ret.ack, 
ack=ret.seq+6,flags="A")
   send(pkt)
   ```
   test1 result:
   ```
   13:41:24.087735 IP 10.0.1.1.12345 > 10.0.1.2.5000: Flags [S], seq 
1526396415, win 8192, length 0
   13:41:24.096871 IP 10.0.1.2.5000 > 10.0.1.1.12345: Flags [S.], seq 
1282192172, ack 1526396416, win 16384, options [mss 1460], length 0
   13:41:24.217580 IP 10.0.1.1.12345 > 10.0.1.2.5000: Flags [.], ack 6, win 
8192, length 0
   13:41:24.226862 IP 10.0.1.2.5000 > 10.0.1.1.12345: Flags [R.], seq 6, ack 1, 
win 0, length 0
   ```
   test1: In finwait2, receive unacceptable ack, response an ack
   ```
   from scapy.all import *
   import time
   targetip="10.0.1.2"
   targetport=5000
   pkt=IP(dst=targetip)/TCP(sport=12345,dport=targetport,seq=1287545596, 
flags="S")
   ret=sr1(pkt)
   
   data_ack = IP(dst=targetip)/TCP(
       sport=12345,
       dport=targetport,
       flags="A",
       seq= ret.ack,
       ack= ret.seq + 1
   )
   
   ret=sr1(data_ack)
   
   finpkt=IP(dst=targetip)/TCP(sport=12345,dport=targetport,seq=ret.ack, 
ack=ret.seq+1, flags="A")
   send(finpkt)
   errackpkt=IP(dst=targetip)/TCP(sport=12345,dport=targetport,seq=ret.ack, 
ack=ret.seq+65535, flags="A")/"aaa"
   send(errackpkt)
   ```
   test2 result:
   ```
   13:51:21.726043 IP 10.0.1.1.12345 > 10.0.1.2.5000: Flags [S], seq 
1287545596, win 8192, length 0
   13:51:21.735224 IP 10.0.1.2.5000 > 10.0.1.1.12345: Flags [S.], seq 
1282192172, ack 1287545597, win 16384, options [mss 1460], length 0
   13:51:21.758669 IP 10.0.1.1.12345 > 10.0.1.2.5000: Flags [.], ack 1, win 
8192, length 0
   13:51:31.775353 IP 10.0.1.2.5000 > 10.0.1.1.12345: Flags [F.], seq 1, ack 1, 
win 16384, length 0
   13:51:31.790697 IP 10.0.1.1.12345 > 10.0.1.2.5000: Flags [.], ack 2, win 
8192, length 0
   13:51:31.813148 IP 10.0.1.1.12345 > 10.0.1.2.5000: Flags [.], seq 1:4, ack 
65536, win 8192, length 3
   13:51:31.815022 IP 10.0.1.2.5000 > 10.0.1.1.12345: Flags [.], ack 1, win 
16384, length 0
   
   ```
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

[PR] net/tcp: support OTW ack seq check [nuttx]

Reply via email to