linux/net/ipv4/netfilter
Patrick McHardy a3a9f79e36 netfilter: tcp conntrack: fix unacknowledged data detection with NAT
When NAT helpers change the TCP packet size, the highest seen sequence
number needs to be corrected. This is currently only done upwards, when
the packet size is reduced the sequence number is unchanged. This causes
TCP conntrack to falsely detect unacknowledged data and decrease the
timeout.

Fix by updating the highest seen sequence number in both directions after
packet mangling.

Tested-by: Krzysztof Piotr Oledzki <ole@ans.pl>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2009-06-29 14:07:56 +02:00
..
arp_tables.c
arpt_mangle.c
arptable_filter.c
ip_queue.c
ip_tables.c
ipt_addrtype.c
ipt_ah.c
ipt_CLUSTERIP.c
ipt_ECN.c
ipt_ecn.c
ipt_LOG.c
ipt_MASQUERADE.c
ipt_NETMAP.c
ipt_REDIRECT.c
ipt_REJECT.c
ipt_ULOG.c
iptable_filter.c
iptable_mangle.c
iptable_raw.c
iptable_security.c
Kconfig
Makefile
nf_conntrack_l3proto_ipv4.c
nf_conntrack_l3proto_ipv4_compat.c
nf_conntrack_proto_icmp.c
nf_defrag_ipv4.c
nf_nat_amanda.c
nf_nat_core.c
nf_nat_ftp.c
nf_nat_h323.c
nf_nat_helper.c netfilter: tcp conntrack: fix unacknowledged data detection with NAT 2009-06-29 14:07:56 +02:00
nf_nat_irc.c
nf_nat_pptp.c
nf_nat_proto_common.c
nf_nat_proto_dccp.c
nf_nat_proto_gre.c
nf_nat_proto_icmp.c
nf_nat_proto_sctp.c
nf_nat_proto_tcp.c
nf_nat_proto_udp.c
nf_nat_proto_udplite.c
nf_nat_proto_unknown.c
nf_nat_rule.c
nf_nat_sip.c
nf_nat_snmp_basic.c
nf_nat_standalone.c
nf_nat_tftp.c