tcp: Never hash match closed connections
>From a practical point of view, when a TCP connection ends, whether by FIN or by RST, we set the CLOSED event, then some time later we remove the connection from the hash table and clean it up. However, from a protocol point of view, once it's closed, it's gone, and any new packets with matching addresses and ports are either forming a new connection, or are invalid packets to discard. Enforce these semantics in the TCP hash logic by never hash matching closed connections. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
David Gibson
Stefano Brivio
parent
805dd109a4
commit
5fb376de6e
1 changed files with 1 additions and 1 deletions
2
tcp.c
2
tcp.c
|
|
@ -1146,7 +1146,7 @@ static int tcp_hash_match(const struct tcp_tap_conn *conn,
|
||||||
const union inany_addr *faddr,
|
const union inany_addr *faddr,
|
||||||
in_port_t eport, in_port_t fport)
|
in_port_t eport, in_port_t fport)
|
||||||
{
|
{
|
||||||
if (inany_equals(&conn->faddr, faddr) &&
|
if (conn->events != CLOSED && inany_equals(&conn->faddr, faddr) &&
|
||||||
conn->eport == eport && conn->fport == fport)
|
conn->eport == eport && conn->fport == fport)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue