Re: [PATCH] TCP window tracking over-window handling

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Phil Oester <kernel@linuxace.com>
To: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Cc: netfilter-devel@lists.netfilter.org, Patrick McHardy <kaber@trash.net>
Subject: Re: [PATCH] TCP window tracking over-window handling
Date: Wed, 2 Feb 2005 08:00:09 -0800	[thread overview]
Message-ID: <20050202160009.GB30465@linuxace.com> (raw)
In-Reply-To: <Pine.LNX.4.58.0502021017590.24272@blackhole.kfki.hu>

On Wed, Feb 02, 2005 at 10:46:01AM +0100, Jozsef Kadlecsik wrote:
> That implies then that the receiver is broken as well, by accepting and
> ack-ing out of window segments. But it is true, we anticipate the
> behaviour of the receiver here, which we shouldn't.

The receiver was a linux 2.6.10 box, so not an uncommon OS ;-)  The original
problem was noted by clients on Win2K and WinXP against the same FTP server.

> The current code follows closely TCP/IP Illustrated vol 2, p. 954: Trim
> Segment so Data is Within Window.
> 
> Do you know the OS of the communicating parties? Weren't window scaling or
> SACK negotiated?

The FTP server was an NT 4.0 box running IIS 3.0 ftp service.  As noted
above, receiver was the Linux firewall itself.  There was no window
scaling or SACK involved.  

> With your proposed patch, we'd actually drop the oow segment. Could you
> check that it won't cause problems (besides more logging generated :-)?

I agree -- the oow segment is dropped, but this at least doesn't break
the communication.  Without this patch, I cannot complete a large (5mb)
download from this server.  With this patch, it never fails.

Reviewing the ipfilter code, it doesn't seem the author included this check.
So what was the rationale for including it in the netfilter version?  I
can't think of what it is protecting us from.

Phil

next prev parent reply	other threads:[~2005-02-02 16:00 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-01-28 23:43 [PATCH] TCP window tracking over-window handling Phil Oester
2005-02-02  9:46 ` Jozsef Kadlecsik
2005-02-02 16:00   ` Phil Oester [this message]
2005-02-02 20:44     ` Jozsef Kadlecsik
2005-02-02 22:35       ` Phil Oester
2005-02-07 10:32       ` Jozsef Kadlecsik
2005-02-07 16:25         ` Phil Oester

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20050202160009.GB30465@linuxace.com \
    --to=kernel@linuxace.com \
    --cc=kaber@trash.net \
    --cc=kadlec@blackhole.kfki.hu \
    --cc=netfilter-devel@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.