Re: [PATCH] Fix NAT TCP sequence adjustment

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Phil Oester <kernel@linuxace.com>
To: Patrick McHardy <kaber@trash.net>
Cc: Harald Welte <laforge@netfilter.org>,
	Rusty Russell <rusty@rustcorp.com.au>,
	netfilter-devel@lists.netfilter.org
Subject: Re: [PATCH] Fix NAT TCP sequence adjustment
Date: Wed, 20 Apr 2005 10:24:06 -0700	[thread overview]
Message-ID: <20050420172406.GB7057@linuxace.com> (raw)
In-Reply-To: <42667E51.3060005@trash.net>

On Wed, Apr 20, 2005 at 06:07:45PM +0200, Patrick McHardy wrote:
> IIRC I've seen an FTP client that continued issueing commands during a
> transfer, but I don't remeber which one exactly.

At this moment, multi-file FTP is broken for all clients -- should we fix
this first, and worry about potential statistical outliers later?

> >So with this assumption, the above example becomes impossible - the 999500
> >retransmit would have been dealt with prior to a new correction_pos being
> >set.
> 
> You forget about the network, which can duplicate, delay and reorder
> packets. If we don't handle this is it will screw up the state.

I'm aware of that, but again I claim that it is irrelevant in this case
because the PORT commands will not be processed out of order (even if the
data packets are), and thus the adjustments will occur sequentially.

> >This is a very FTP-centric view, but can you think of other protocols 
> >helpers
> >which would not follow this sequential pattern?
> 
> No, but this function should do the right thing anyway.

Agreed, but IMHO my approach is currently the best available fix for a problem
which is affecting many people.  If further testing shows it can be improved,
that is great -- but I certainly don't think it's any worse than the current
broken behaviour.

> >>This brings us to a different problem,
> >>the sequence number at which the correction occured should be
> >>stored, not the first sequence number contained in the packet.
> >>But this can be done in a seperate fix.
> >
> >Given the above assumption, I don't think this is a concern.
> 
> It is. Assume a FTP control packet that contains a PORT command
> at some offset. The MTU changes and the packet is retransmitted
> as three seperate packets, with the PORT command contained in the
> third packet. The second packet will be incorrectly adjusted.
> Probably not a common condition, but easy to handle correctly,
> so why not.

Ok, another statistical outlier which can be thought about later.

Phil

next prev parent reply	other threads:[~2005-04-20 17:24 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-04-02 20:24 [PATCH] Fix NAT TCP sequence adjustment Phil Oester
2005-04-03 12:26 ` Milos Wimmer
2005-04-03 19:26 ` Patrick McHardy
2005-04-03 23:53   ` Phil Oester
2005-04-04  4:40     ` Phil Oester
2005-04-04  8:27       ` Patrick McHardy
2005-04-04 20:47         ` Phil Oester
2005-04-05  7:32           ` Patrick McHardy
2005-04-05 13:33             ` Patch lifetime " Amin Azez
2005-04-10 20:49               ` Harald Welte
2005-04-06  4:48           ` Phil Oester
2005-04-18  1:42             ` Patrick McHardy
2005-04-19  0:58               ` Phil Oester
2005-04-20 15:03                 ` Patrick McHardy
2005-04-20 15:53                   ` Phil Oester
2005-04-20 16:07                     ` Patrick McHardy
2005-04-20 17:24                       ` Phil Oester [this message]
2005-04-20 17:50                         ` Patrick McHardy
2005-04-20 18:25                           ` Phil Oester
2005-04-20 21:39                             ` Martijn Lievaart
2005-04-21  1:41                               ` Patrick McHardy
2005-04-21  1:38                             ` Patrick McHardy
2005-04-21 12:31                               ` Milos Wimmer
2005-04-21 12:32                                 ` Patrick McHardy
2005-04-21 13:31                               ` Jonas Berlin
2005-04-21 23:01                                 ` Patrick McHardy
2005-04-27  0:44         ` Rusty Russell
2005-04-27 10:27           ` Patrick McHardy
2005-05-31  9:17 ` Rusty Russell
2005-05-31 13:02   ` Patrick McHardy
2005-05-31 13:48     ` Rusty Russell
2005-05-31 14:35       ` Patrick McHardy

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20050420172406.GB7057@linuxace.com \
    --to=kernel@linuxace.com \
    --cc=kaber@trash.net \
    --cc=laforge@netfilter.org \
    --cc=netfilter-devel@lists.netfilter.org \
    --cc=rusty@rustcorp.com.au \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.