Zang MingJie writes:
> When encounter an invalid packet, all changes made by the packet should
> be reverted. Currently an invalid packet can change the seq number while
> the connection is in SEQ_RECV state.
>
> Signed-off-by: Zang MingJie
> ---
In the future, please submit a test case with
On Tue, Sep 25, 2018 at 1:43 AM Zang MingJie wrote:
>
>
> On Thu, Sep 20, 2018 at 8:47 AM Darrell Ball wrote:
>
>>
>>
>> On Fri, Sep 14, 2018 at 1:46 AM, Zang MingJie
>> wrote:
>>
>>> >> > Did you notice this check ?
>>> >> >
>>> >> > if (src->state < CT_DPIF_TCPS_SYN_SENT) {
>>> >> >
On Thu, Sep 20, 2018 at 8:47 AM Darrell Ball wrote:
>
>
> On Fri, Sep 14, 2018 at 1:46 AM, Zang MingJie
> wrote:
>
>> >> > Did you notice this check ?
>> >> >
>> >> > if (src->state < CT_DPIF_TCPS_SYN_SENT) {
>> >> > /* First packet from this end. Set its state */
>> >>
>> >> Yes,
On Fri, Sep 14, 2018 at 1:46 AM, Zang MingJie wrote:
> >> > Did you notice this check ?
> >> >
> >> > if (src->state < CT_DPIF_TCPS_SYN_SENT) {
> >> > /* First packet from this end. Set its state */
> >>
> >> Yes, this is exactly where we found the problem. If first reply packet
> >>
>> > Did you notice this check ?
>> >
>> > if (src->state < CT_DPIF_TCPS_SYN_SENT) {
>> > /* First packet from this end. Set its state */
>>
>> Yes, this is exactly where we found the problem. If first reply packet
>> is invalid, it masses all following packets.
>
>
>
> Based on your
On Thu, Sep 13, 2018 at 1:55 AM, Zang MingJie wrote:
> On Thu, Sep 13, 2018 at 2:55 AM Darrell Ball wrote:
> >
> > Thanks for looking MingJie
> >
> >
> > On Wed, Sep 12, 2018 at 2:16 AM, Zang MingJie
> wrote:
> >>
> >> When encounter an invalid packet, all changes made by the packet should
>
On Thu, Sep 13, 2018 at 2:55 AM Darrell Ball wrote:
>
> Thanks for looking MingJie
>
>
> On Wed, Sep 12, 2018 at 2:16 AM, Zang MingJie wrote:
>>
>> When encounter an invalid packet, all changes made by the packet should
>> be reverted. Currently an invalid packet can change the seq number while
Thanks for looking MingJie
On Wed, Sep 12, 2018 at 2:16 AM, Zang MingJie wrote:
> When encounter an invalid packet, all changes made by the packet should
> be reverted. Currently an invalid packet can change the seq number while
> the connection is in SEQ_RECV state.
>
Did you notice this
When encounter an invalid packet, all changes made by the packet should
be reverted. Currently an invalid packet can change the seq number while
the connection is in SEQ_RECV state.
Signed-off-by: Zang MingJie
---
lib/conntrack-tcp.c | 10 --
1 file changed, 8 insertions(+), 2
