tech-net: ip filter keep state bug

Subject: ip filter keep state bug
To: None <tech-net@netbsd.org, darrenr@pobox.com>
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
List: tech-net
Date: 05/29/2002 20:31:50

----Next_Part(Wed_May_29_20:31:50_2002_285)--
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

hi.

with recent -current, "keep state" doesn't work
for clients that sends syn without window scale option.
attached patch fixes it.
can I commit this?
thanks.

---
YAMAMOTO Takashi<yamt@mwd.biglobe.ne.jp>

----Next_Part(Wed_May_29_20:31:50_2002_285)--
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="ip_state.c.diff"

Index: ip_state.c
===================================================================
RCS file: /cvs/cvsroot/syssrc/sys/netinet/ip_state.c,v
retrieving revision 1.38
diff -u -r1.38 ip_state.c
--- ip_state.c	2002/05/02 17:13:30	1.38
+++ ip_state.c	2002/05/29 11:00:39
@@ -698,8 +698,11 @@
 			is->is_maxsend = is->is_send;
 
 			if ((tcp->th_flags & TH_SYN) &&
-			    ((tcp->th_off << 2) >= (sizeof(*tcp) + 4)))
-				is->is_swscale = fr_tcpoptions(tcp);
+			    ((tcp->th_off << 2) >= (sizeof(*tcp) + 4))) {
+				int wscale = fr_tcpoptions(tcp);
+				if (wscale >= 0)
+					is->is_swscale = wscale;
+			}
 		}
 
 		is->is_maxdwin = 1;

----Next_Part(Wed_May_29_20:31:50_2002_285)----