patch-2.4.20 linux-2.4.20/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
Next file: linux-2.4.20/net/ipv4/netfilter/ip_conntrack_proto_udp.c
Previous file: linux-2.4.20/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
Back to the patch index
Back to the overall index
- Lines: 32
- Date:
Thu Nov 28 15:53:15 2002
- Orig file:
linux-2.4.19/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
- Orig date:
Fri Aug 2 17:39:46 2002
diff -urN linux-2.4.19/net/ipv4/netfilter/ip_conntrack_proto_tcp.c linux-2.4.20/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
@@ -7,6 +7,10 @@
#include <linux/in.h>
#include <linux/ip.h>
#include <linux/tcp.h>
+#include <linux/string.h>
+
+#include <net/tcp.h>
+
#include <linux/netfilter_ipv4/ip_conntrack.h>
#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
#include <linux/netfilter_ipv4/lockhelp.h>
@@ -227,7 +231,19 @@
return 1;
}
+static int tcp_exp_matches_pkt(struct ip_conntrack_expect *exp,
+ struct sk_buff **pskb)
+{
+ struct iphdr *iph = (*pskb)->nh.iph;
+ struct tcphdr *tcph = (struct tcphdr *)((u_int32_t *)iph + iph->ihl);
+ unsigned int datalen;
+
+ datalen = (*pskb)->len - iph->ihl*4 - tcph->doff*4;
+
+ return between(exp->seq, ntohl(tcph->seq), ntohl(tcph->seq) + datalen);
+}
+
struct ip_conntrack_protocol ip_conntrack_protocol_tcp
= { { NULL, NULL }, IPPROTO_TCP, "tcp",
tcp_pkt_to_tuple, tcp_invert_tuple, tcp_print_tuple, tcp_print_conntrack,
- tcp_packet, tcp_new, NULL, NULL };
+ tcp_packet, tcp_new, NULL, tcp_exp_matches_pkt, NULL };
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)