From owner-cvs-src@FreeBSD.ORG Wed Mar 7 23:22:00 2007 Return-Path: X-Original-To: cvs-src@FreeBSD.org Delivered-To: cvs-src@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 68B1D16A404; Wed, 7 Mar 2007 23:22:00 +0000 (UTC) (envelope-from qingli@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41]) by mx1.freebsd.org (Postfix) with ESMTP id 5948213C491; Wed, 7 Mar 2007 23:22:00 +0000 (UTC) (envelope-from qingli@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id l27NM0Wf076174; Wed, 7 Mar 2007 23:22:00 GMT (envelope-from qingli@repoman.freebsd.org) Received: (from qingli@localhost) by repoman.freebsd.org (8.13.6/8.13.4/Submit) id l27NLxB2076173; Wed, 7 Mar 2007 23:21:59 GMT (envelope-from qingli) Message-Id: <200703072321.l27NLxB2076173@repoman.freebsd.org> From: Qing Li Date: Wed, 7 Mar 2007 23:21:59 +0000 (UTC) To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: HEAD Cc: Subject: cvs commit: src/sys/netinet tcp_input.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Mar 2007 23:22:00 -0000 qingli 2007-03-07 23:21:59 UTC FreeBSD src repository Modified files: sys/netinet tcp_input.c Log: This patch is provided to fix a couple of deployment issues observed in the field. In one situation, one end of the TCP connection sends a back-to-back RST packet, with delayed ack, the last_ack_sent variable has not been update yet. When tcp_insecure_rst is turned off, the code treats the RST as invalid because last_ack_sent instead of rcv_nxt is compared against th_seq. Apparently there is some kind of firewall that sits in between the two ends and that RST packet is the only RST packet received. With short lived HTTP connections, the symptom is a large accumulation of connections over a short period of time . The +/-(1) factor is to take care of implementations out there that generate RST packets with these types of sequence numbers. This behavior has also been observed in live environments. Reviewed by: silby, Mike Karels MFC after: 1 week Revision Changes Path 1.316 +7 -5 src/sys/netinet/tcp_input.c