diff options
| author | George Hansper <georgeh@anstat.com.au> | 2006-09-20 15:03:23 -0400 |
|---|---|---|
| committer | David S. Miller <davem@sunset.davemloft.net> | 2006-09-22 18:19:57 -0400 |
| commit | c1fe3ca5106d9568791433fa6c7f27e71ac69e1b (patch) | |
| tree | e3a00c265b70caadc7a6b8a17aa82491e354e31e | |
| parent | 71cd83a8bde61612b277fd5bf91503ac1ad61e23 (diff) | |
[NETFILTER]: TCP conntrack: improve dead connection detection
Don't count window updates as retransmissions.
Signed-off-by: George Hansper <georgeh@anstat.com.au>
Signed-off-by: Patrick McHardy <kaber@trash.net>
| -rw-r--r-- | include/linux/netfilter/nf_conntrack_tcp.h | 1 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ip_conntrack_proto_tcp.c | 4 | ||||
| -rw-r--r-- | net/netfilter/nf_conntrack_proto_tcp.c | 4 |
3 files changed, 7 insertions, 2 deletions
diff --git a/include/linux/netfilter/nf_conntrack_tcp.h b/include/linux/netfilter/nf_conntrack_tcp.h index b2feeffde384..6b01ba297727 100644 --- a/include/linux/netfilter/nf_conntrack_tcp.h +++ b/include/linux/netfilter/nf_conntrack_tcp.h | |||
| @@ -49,6 +49,7 @@ struct ip_ct_tcp | |||
| 49 | u_int32_t last_seq; /* Last sequence number seen in dir */ | 49 | u_int32_t last_seq; /* Last sequence number seen in dir */ |
| 50 | u_int32_t last_ack; /* Last sequence number seen in opposite dir */ | 50 | u_int32_t last_ack; /* Last sequence number seen in opposite dir */ |
| 51 | u_int32_t last_end; /* Last seq + len */ | 51 | u_int32_t last_end; /* Last seq + len */ |
| 52 | u_int16_t last_win; /* Last window advertisement seen in dir */ | ||
| 52 | }; | 53 | }; |
| 53 | 54 | ||
| 54 | #endif /* __KERNEL__ */ | 55 | #endif /* __KERNEL__ */ |
diff --git a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c index 75a7237eb8c1..03ae9a04cb37 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c | |||
| @@ -731,13 +731,15 @@ static int tcp_in_window(struct ip_ct_tcp *state, | |||
| 731 | if (state->last_dir == dir | 731 | if (state->last_dir == dir |
| 732 | && state->last_seq == seq | 732 | && state->last_seq == seq |
| 733 | && state->last_ack == ack | 733 | && state->last_ack == ack |
| 734 | && state->last_end == end) | 734 | && state->last_end == end |
| 735 | && state->last_win == win) | ||
| 735 | state->retrans++; | 736 | state->retrans++; |
| 736 | else { | 737 | else { |
| 737 | state->last_dir = dir; | 738 | state->last_dir = dir; |
| 738 | state->last_seq = seq; | 739 | state->last_seq = seq; |
| 739 | state->last_ack = ack; | 740 | state->last_ack = ack; |
| 740 | state->last_end = end; | 741 | state->last_end = end; |
| 742 | state->last_win = win; | ||
| 741 | state->retrans = 0; | 743 | state->retrans = 0; |
| 742 | } | 744 | } |
| 743 | } | 745 | } |
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c index 9fc0ee61f92a..238bbb5b72ef 100644 --- a/net/netfilter/nf_conntrack_proto_tcp.c +++ b/net/netfilter/nf_conntrack_proto_tcp.c | |||
| @@ -688,13 +688,15 @@ static int tcp_in_window(struct ip_ct_tcp *state, | |||
| 688 | if (state->last_dir == dir | 688 | if (state->last_dir == dir |
| 689 | && state->last_seq == seq | 689 | && state->last_seq == seq |
| 690 | && state->last_ack == ack | 690 | && state->last_ack == ack |
| 691 | && state->last_end == end) | 691 | && state->last_end == end |
| 692 | && state->last_win == win) | ||
| 692 | state->retrans++; | 693 | state->retrans++; |
| 693 | else { | 694 | else { |
| 694 | state->last_dir = dir; | 695 | state->last_dir = dir; |
| 695 | state->last_seq = seq; | 696 | state->last_seq = seq; |
| 696 | state->last_ack = ack; | 697 | state->last_ack = ack; |
| 697 | state->last_end = end; | 698 | state->last_end = end; |
| 699 | state->last_win = win; | ||
| 698 | state->retrans = 0; | 700 | state->retrans = 0; |
| 699 | } | 701 | } |
| 700 | } | 702 | } |