From owner-freebsd-net  Sun Feb 25 13: 7:44 2001
Delivered-To: freebsd-net@freebsd.org
Received: from freesbee.wheel.dk (freesbee.wheel.dk [193.162.159.97])
	by hub.freebsd.org (Postfix) with ESMTP id 9262737B401
	for <net@FreeBSD.org>; Sun, 25 Feb 2001 13:07:41 -0800 (PST)
	(envelope-from jesper@skriver.dk)
Received: by freesbee.wheel.dk (Postfix, from userid 1001)
	id 601483E60; Sun, 25 Feb 2001 22:07:40 +0100 (CET)
Date: Sun, 25 Feb 2001 22:07:40 +0100
From: Jesper Skriver <jesper@FreeBSD.org>
To: net@FreeBSD.org
Subject: Check tcp sequence number for all ICMP messages
Message-ID: <20010225220740.A76033@skriver.dk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

We recently introduced a check for tcp sequence numbers when processing
ICMP messages, it has so far only been used for the ICMP messages that
trigger the session to be dropped, but it makes sense to have this check
for all ICMP messages which only act on a single session.

diff below, please review.

Index: tcp_subr.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/tcp_subr.c,v
retrieving revision 1.93
diff -u -r1.93 tcp_subr.c
--- tcp_subr.c	2001/02/23 21:07:06	1.93
+++ tcp_subr.c	2001/02/25 19:36:06
@@ -978,14 +978,12 @@
 	struct tcphdr *th;
 	void (*notify) __P((struct inpcb *, int)) = tcp_notify;
 	tcp_seq tcp_sequence = 0;
-	int tcp_seq_check = 0;
 
 	if (cmd == PRC_QUENCH)
 		notify = tcp_quench;
-	else if (icmp_may_rst && cmd == PRC_UNREACH_ADMIN_PROHIB && ip) {
-		tcp_seq_check = 1;
+	else if (icmp_may_rst && cmd == PRC_UNREACH_ADMIN_PROHIB && ip)
 		notify = tcp_drop_syn_sent;
-	} else if (cmd == PRC_MSGSIZE)
+	else if (cmd == PRC_MSGSIZE)
 		notify = tcp_mtudisc;
 	else if (PRC_IS_REDIRECT(cmd)) {
 		/*
@@ -1005,10 +1003,9 @@
 	if (ip) {
 		th = (struct tcphdr *)((caddr_t)ip 
 				       + (IP_VHL_HL(ip->ip_vhl) << 2));
-		if (tcp_seq_check == 1)
-			tcp_sequence = ntohl(th->th_seq);
+		tcp_sequence = ntohl(th->th_seq);
 		in_pcbnotify(&tcb, sa, th->th_dport, ip->ip_src, th->th_sport,
-			cmd, notify, tcp_sequence, tcp_seq_check);
+			cmd, notify, tcp_sequence, 1);
 	} else
 		in_pcbnotifyall(&tcb, sa, cmd, notify);
 }

/Jesper

-- 
Jesper Skriver, jesper(at)skriver(dot)dk  -  CCIE #5456
Work:    Network manager   @ AS3292 (Tele Danmark DataNetworks)
Private: FreeBSD committer @ AS2109 (A much smaller network ;-)

One Unix to rule them all, One Resolver to find them,
One IP to bring them all and in the zone to bind them.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message