Skip to content

Commit

Permalink
[NETFILTER]: Clear GSO bits for TCP reset packet
Browse files Browse the repository at this point in the history 
The TCP reset packet is copied from the original.  This
includes all the GSO bits which do not apply to the new
packet.  So we should clear those bits.

Spotted by Patrick McHardy.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Herbert Xu authored and David S. Miller committed Feb 13, 2007
1 parent 65610fb commit bbf4a6b
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions net/ipv4/netfilter/ipt_REJECT.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,10 @@ static void send_reset(struct sk_buff *oldskb, int hook)
nskb->mark = 0;
skb_init_secmark(nskb);

skb_shinfo(nskb)->gso_size = 0;
skb_shinfo(nskb)->gso_segs = 0;
skb_shinfo(nskb)->gso_type = 0;

tcph = (struct tcphdr *)((u_int32_t*)nskb->nh.iph + nskb->nh.iph->ihl);

/* Swap source and dest */
Expand Down

0 comments on commit bbf4a6b

Please sign in to comment.