From: Patrick McHardy <kaber@trash.net>
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: "Jan Engelhardt" <jengelh@medozas.de>,
"David Howells" <dhowells@redhat.com>,
"Netfilter Developer Mailing List"
<netfilter-devel@vger.kernel.org>,
netdev@vger.kernel.org, "Rafał Maj" <rafal.maj.it@gmail.com>
Subject: Re: sk->sk_socket seems to disappear before connection termination
Date: Thu, 11 Nov 2010 12:00:32 +0100 [thread overview]
Message-ID: <4CDBCCD0.9040807@trash.net> (raw)
In-Reply-To: <1289410679.2860.245.camel@edumazet-laptop>
On 10.11.2010 18:37, Eric Dumazet wrote:
> Le mercredi 10 novembre 2010 à 18:17 +0100, Jan Engelhardt a écrit :
>> On Wednesday 2010-11-10 17:44, Eric Dumazet wrote:
>>>
>>> [ 9920.234680] ipt_LOG: sk=ffff880118bd32c0 sk->sk_socket=ffff88011d0d8c00 file=ffff88011cd4e100
>>> [ 9920.234731] IN= OUT=eth1 SRC=192.168.20.108 DST=192.168.20.110 LEN=52 TOS=0x10 PREC=0x00 TTL=64 ID=63704 DF PROTO=TCP SPT=60088 DPT=22 WINDOW=35 RES=0x00 ACK FIN URGP=0 UID=0 GID=0
>>> [ 9920.235221] ipt_LOG: sk=ffff880078998000 sk->sk_socket=ffff880078c58300 file= (null)
>>> [ 9920.235271] IN= OUT=eth1 SRC=192.168.20.108 DST=192.168.20.110 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=60088 DPT=22 WINDOW=35 RES=0x00 ACK URGP=0
>>>
>>> You can see in my log, that the last packet seems to be from a different
>>> socket ! (sk pointer changed to ffff880078998000 !)
>>
>> Yes, that's it.
>>
>>> Well well well, thats an ACK, in answer to FIN packet received from remote
>>> side.
>>
>> But why is it not handled by sk ffff880118bd32c0 anymore?
>> It does have, after all, the same (addr,port) tuple.
>> And it is sort of a hiccup for xt_owner users.
>
> Its because of TIMEWAIT state : no more socket
>
> We use a special tcp socket (net->ipv4.tcp_sock) in tcp_v4_send_ack()
Yeah, this has always been a problem with the owner match.
I don't think this fixable, it should probably only be used
in a stateful manner.
prev parent reply other threads:[~2010-11-11 11:00 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-10 1:09 sk->sk_socket seems to disappear before connection termination Jan Engelhardt
2010-11-10 5:47 ` Eric Dumazet
2010-11-10 10:53 ` Jan Engelhardt
2010-11-10 16:44 ` Eric Dumazet
2010-11-10 17:17 ` Jan Engelhardt
2010-11-10 17:37 ` Eric Dumazet
2010-11-11 11:00 ` Patrick McHardy [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4CDBCCD0.9040807@trash.net \
--to=kaber@trash.net \
--cc=dhowells@redhat.com \
--cc=eric.dumazet@gmail.com \
--cc=jengelh@medozas.de \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=rafal.maj.it@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.