From 75cef51a1e22ae81b0ac95c72b4c42567afd88f6 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Thu, 15 Jul 2010 17:09:04 +0200 Subject: [PATCH] --- yaml --- r: 203968 b: refs/heads/master c: fac42a9a922fe5eb87cac0b597010afb81e7ffe9 h: refs/heads/master v: v3 --- [refs] | 2 +- trunk/net/netfilter/nf_conntrack_proto_tcp.c | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/[refs] b/[refs] index d5c2ce746c61..5aee8d5c63e6 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: cca5cf91c789f3301cc2541a79c323c53be5a8e1 +refs/heads/master: fac42a9a922fe5eb87cac0b597010afb81e7ffe9 diff --git a/trunk/net/netfilter/nf_conntrack_proto_tcp.c b/trunk/net/netfilter/nf_conntrack_proto_tcp.c index 802dbffae8b4..c4c885dca3bd 100644 --- a/trunk/net/netfilter/nf_conntrack_proto_tcp.c +++ b/trunk/net/netfilter/nf_conntrack_proto_tcp.c @@ -585,8 +585,16 @@ static bool tcp_in_window(const struct nf_conn *ct, * Let's try to use the data from the packet. */ sender->td_end = end; + win <<= sender->td_scale; sender->td_maxwin = (win == 0 ? 1 : win); sender->td_maxend = end + sender->td_maxwin; + /* + * We haven't seen traffic in the other direction yet + * but we have to tweak window tracking to pass III + * and IV until that happens. + */ + if (receiver->td_maxwin == 0) + receiver->td_end = receiver->td_maxend = sack; } } else if (((state->state == TCP_CONNTRACK_SYN_SENT && dir == IP_CT_DIR_ORIGINAL) @@ -680,7 +688,7 @@ static bool tcp_in_window(const struct nf_conn *ct, /* * Update receiver data. */ - if (after(end, sender->td_maxend)) + if (receiver->td_maxwin != 0 && after(end, sender->td_maxend)) receiver->td_maxwin += end - sender->td_maxend; if (after(sack + win, receiver->td_maxend - 1)) { receiver->td_maxend = sack + win;