Re: ipf - RST packet w. sequence num.

To: tech-net%netbsd.org@localhost
Subject: Re: ipf - RST packet w. sequence num.
From: rudolf <netbsd%eq.cz@localhost>
Date: Wed, 25 Nov 2009 23:07:26 +0100

der Mouse wrote:

["incorrect"]

01:01:00.704813 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 
64) IP0.65522 > IP2.18000: S, cksum 0xbef6 (correct), 2749057555:2749057555(0) win 
32768 <mss 1460,nop,wscale 3,sackOK,nop,nop,nop,nop,timestamp 1 0>
01:01:00.844241 IP (tos 0x0, ttl 55, id 0, offset 0, flags [DF], proto TCP (6), 
length 40) IP2.18000 > IP0.65522: R, cksum 0x7756 (correct), 
2013055350:2013055350(0) ack 2749057556 win 0


This looks to me like a fairly clear violation of the above spec from
793.

Nevertheless, NetBSD accepts this packet as correct if no ipf rules areinvolved.

I wonder if there is any interest from the community to get the ipf'sand NetBSD's notion of "tcp session" to get to sync. - should i file a PR?


Btw. we solved it at work by leaving the "broken" server-hosting provider.

r.

Follow-Ups:
- Re: ipf - RST packet w. sequence num.
  - From: der Mouse

References:
- ipf - RST packet w. sequence num.
  - From: rudolf
- Re: ipf - RST packet w. sequence num.
  - From: der Mouse
- Re: ipf - RST packet w. sequence num.
  - From: rudolf
- Re: ipf - RST packet w. sequence num.
  - From: der Mouse

Prev by Date: Re: PTP host address loops back through destination?
Next by Date: Re: ipf - RST packet w. sequence num.
Previous by Thread: Re: ipf - RST packet w. sequence num.
Next by Thread: Re: ipf - RST packet w. sequence num.
Indexes:

Home | Main Index | Thread Index | Old Index