aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorKOVACS Krisztian <hidden@sch.bme.hu>2008-10-01 10:46:49 -0400
committerDavid S. Miller <davem@davemloft.net>2008-10-01 10:46:49 -0400
commita3116ac5c216fc3c145906a46df9ce542ff7dcf2 (patch)
tree6b2b43b5bacac2b358566e4b7ca0adda45a3e52b /net
parent86b08d867d7de001ab224180ed7865fab93fd56e (diff)
tcp: Port redirection support for TCP
Current TCP code relies on the local port of the listening socket being the same as the destination address of the incoming connection. Port redirection used by many transparent proxying techniques obviously breaks this, so we have to store the original destination port address. This patch extends struct inet_request_sock and stores the incoming destination port value there. It also modifies the handshake code to use that value as the source port when sending reply packets. Signed-off-by: KOVACS Krisztian <hidden@sch.bme.hu> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/ipv4/inet_connection_sock.c2
-rw-r--r--net/ipv4/syncookies.c1
-rw-r--r--net/ipv4/tcp_output.c2
3 files changed, 4 insertions, 1 deletions
diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c
index 432c570c9f5f..21fcc5a9045f 100644
--- a/net/ipv4/inet_connection_sock.c
+++ b/net/ipv4/inet_connection_sock.c
@@ -516,6 +516,8 @@ struct sock *inet_csk_clone(struct sock *sk, const struct request_sock *req,
516 newicsk->icsk_bind_hash = NULL; 516 newicsk->icsk_bind_hash = NULL;
517 517
518 inet_sk(newsk)->dport = inet_rsk(req)->rmt_port; 518 inet_sk(newsk)->dport = inet_rsk(req)->rmt_port;
519 inet_sk(newsk)->num = ntohs(inet_rsk(req)->loc_port);
520 inet_sk(newsk)->sport = inet_rsk(req)->loc_port;
519 newsk->sk_write_space = sk_stream_write_space; 521 newsk->sk_write_space = sk_stream_write_space;
520 522
521 newicsk->icsk_retransmits = 0; 523 newicsk->icsk_retransmits = 0;
diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c
index 929302b2ba94..d346c22aa6ae 100644
--- a/net/ipv4/syncookies.c
+++ b/net/ipv4/syncookies.c
@@ -297,6 +297,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
297 treq->rcv_isn = ntohl(th->seq) - 1; 297 treq->rcv_isn = ntohl(th->seq) - 1;
298 treq->snt_isn = cookie; 298 treq->snt_isn = cookie;
299 req->mss = mss; 299 req->mss = mss;
300 ireq->loc_port = th->dest;
300 ireq->rmt_port = th->source; 301 ireq->rmt_port = th->source;
301 ireq->loc_addr = ip_hdr(skb)->daddr; 302 ireq->loc_addr = ip_hdr(skb)->daddr;
302 ireq->rmt_addr = ip_hdr(skb)->saddr; 303 ireq->rmt_addr = ip_hdr(skb)->saddr;
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index a8499ef3234a..493553c71d32 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -2275,7 +2275,7 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
2275 th->syn = 1; 2275 th->syn = 1;
2276 th->ack = 1; 2276 th->ack = 1;
2277 TCP_ECN_make_synack(req, th); 2277 TCP_ECN_make_synack(req, th);
2278 th->source = inet_sk(sk)->sport; 2278 th->source = ireq->loc_port;
2279 th->dest = ireq->rmt_port; 2279 th->dest = ireq->rmt_port;
2280 /* Setting of flags are superfluous here for callers (and ECE is 2280 /* Setting of flags are superfluous here for callers (and ECE is
2281 * not even correctly set) 2281 * not even correctly set)