Date: Sat, 03 Aug 2024 23:06:32 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 250357] [tcp] RFC 5961 is not implemented completely Message-ID: <bug-250357-7501-oh2h2ZYPKw@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-250357-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-250357-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D250357 --- Comment #6 from commit-hook@FreeBSD.org --- A commit in branch stable/14 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D1ce8cf6f7bdf5e9f8e497be5e3c54767f= a0a7cf8 commit 1ce8cf6f7bdf5e9f8e497be5e3c54767fa0a7cf8 Author: Michael Tuexen <tuexen@FreeBSD.org> AuthorDate: 2024-07-21 09:37:35 +0000 Commit: Michael Tuexen <tuexen@FreeBSD.org> CommitDate: 2024-08-03 23:05:13 +0000 tcp: improve SEG.ACK validation Implement the improved SEG.ACK validation described in RFC 5961. In addition to that, also detect ghost ACKs, which are ACKs for data that has never been sent. The additional checks are enabled by default, but can be disabled by setting the sysctl-variable net.inet.tcp.insecure_ack to a non-zero value. PR: 250357 Reviewed by: Peter Lei, rscheff (older version) Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D45894 (cherry picked from commit 646c28ea80cb0f9258386626297495b5a0e56db5) share/man/man4/tcp.4 | 5 ++++- sys/netinet/tcp_input.c | 44 +++++++++++++++++++++++++++++++++++++++= ++++ sys/netinet/tcp_stacks/bbr.c | 37 ++++++++++++++++++++++++++++++++++++ sys/netinet/tcp_stacks/rack.c | 39 ++++++++++++++++++++++++++++++++++++++ sys/netinet/tcp_var.h | 8 +++++++- usr.bin/netstat/inet.c | 8 ++++++-- 6 files changed, 137 insertions(+), 4 deletions(-) --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-250357-7501-oh2h2ZYPKw>