Hi,
For a long time I have had to use the equivalent of the following
patch:
--- firewall.c.orig Sat Jun 5 19:00:14 1999
+++ firewall.c Fri Jul 2 18:03:25 1999
@@ -800,7 +800,7 @@
if (ip_pkt->protocol == IPPROTO_TCP) {
struct tcphdr *tcp = (struct tcphdr *)((char *)ip_pkt + 4*ip_pkt->ihl);
#if 1
- int tcp_data_len = len - (4*ip_pkt->ihl + tcp->doff*4);
+ int tcp_data_len = ntohs(ip_pkt->tot_len) - (4*ip_pkt->ihl + tcp->doff*4);
#else
int tcp_data_len = len - (4*ip_pkt->ihl + sizeof(struct tcphdr));
#endif
Otherwise, tcp.live checks do not work most of the time, i.e. closed
connections are not detected and quickly dropped from the queue.
I don't know if this is the right fix or it is just a Band-Aid, what I
know is that len is sometimes wrong and does not represent the correct
length.
I had been using this for a long time since kernel 2.1.something but
the maintainer change and my own lazyness made me forget about the
thing. Now I upgraded to 0.99.1 and had to reapply the fix, so I
thought I'd rather resubscribe to this list (I was before but got
mysteriously unsubscribed) and report it.
Is this the right fix?
Julio
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
