diff options
author | Willy Tarreau <w@1wt.eu> | 2007-03-14 16:44:31 -0700 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2007-04-25 22:25:56 -0700 |
commit | 8f5bd99071212cd16b3449d16639971a44540d51 (patch) | |
tree | 359a4e81830ff71dbd8b3e2e694a68a1fe99b043 | |
parent | e7ac05f3407a3fb5a1b2ff5d5554899eaa0a10a3 (diff) | |
download | op-kernel-dev-8f5bd99071212cd16b3449d16639971a44540d51.zip op-kernel-dev-8f5bd99071212cd16b3449d16639971a44540d51.tar.gz |
[NETFILTER]: TCP conntrack: accept RST|PSH as valid
This combination has been encountered on an IBM AS/400 in response
to packets sent to a closed session. There is no particular reason
to mark it invalid.
Signed-off-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/netfilter/nf_conntrack_proto_tcp.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c index 9e49631..926e302 100644 --- a/net/netfilter/nf_conntrack_proto_tcp.c +++ b/net/netfilter/nf_conntrack_proto_tcp.c @@ -774,6 +774,7 @@ static u8 tcp_valid_flags[(TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG) + 1] = [TH_SYN|TH_ACK] = 1, [TH_SYN|TH_ACK|TH_PUSH] = 1, [TH_RST] = 1, + [TH_RST|TH_PUSH] = 1, [TH_RST|TH_ACK] = 1, [TH_RST|TH_ACK|TH_PUSH] = 1, [TH_FIN|TH_ACK] = 1, |