diff options
-rw-r--r-- | include/net/tcp.h | 24 | ||||
-rw-r--r-- | net/ipv4/tcp.c | 8 | ||||
-rw-r--r-- | net/ipv4/tcp_input.c | 2 | ||||
-rw-r--r-- | net/ipv4/tcp_output.c | 59 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_proto_tcp.c | 32 | ||||
-rw-r--r-- | net/netfilter/xt_TCPMSS.c | 4 |
6 files changed, 58 insertions, 71 deletions
diff --git a/include/net/tcp.h b/include/net/tcp.h index 573166484413..9e68e25c8b82 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h | |||
@@ -602,6 +602,17 @@ extern u32 __tcp_select_window(struct sock *sk); | |||
602 | */ | 602 | */ |
603 | #define tcp_time_stamp ((__u32)(jiffies)) | 603 | #define tcp_time_stamp ((__u32)(jiffies)) |
604 | 604 | ||
605 | #define tcp_flag_byte(th) (((u_int8_t *)th)[13]) | ||
606 | |||
607 | #define TCPHDR_FIN 0x01 | ||
608 | #define TCPHDR_SYN 0x02 | ||
609 | #define TCPHDR_RST 0x04 | ||
610 | #define TCPHDR_PSH 0x08 | ||
611 | #define TCPHDR_ACK 0x10 | ||
612 | #define TCPHDR_URG 0x20 | ||
613 | #define TCPHDR_ECE 0x40 | ||
614 | #define TCPHDR_CWR 0x80 | ||
615 | |||
605 | /* This is what the send packet queuing engine uses to pass | 616 | /* This is what the send packet queuing engine uses to pass |
606 | * TCP per-packet control information to the transmission | 617 | * TCP per-packet control information to the transmission |
607 | * code. We also store the host-order sequence numbers in | 618 | * code. We also store the host-order sequence numbers in |
@@ -620,19 +631,6 @@ struct tcp_skb_cb { | |||
620 | __u32 end_seq; /* SEQ + FIN + SYN + datalen */ | 631 | __u32 end_seq; /* SEQ + FIN + SYN + datalen */ |
621 | __u32 when; /* used to compute rtt's */ | 632 | __u32 when; /* used to compute rtt's */ |
622 | __u8 flags; /* TCP header flags. */ | 633 | __u8 flags; /* TCP header flags. */ |
623 | |||
624 | /* NOTE: These must match up to the flags byte in a | ||
625 | * real TCP header. | ||
626 | */ | ||
627 | #define TCPCB_FLAG_FIN 0x01 | ||
628 | #define TCPCB_FLAG_SYN 0x02 | ||
629 | #define TCPCB_FLAG_RST 0x04 | ||
630 | #define TCPCB_FLAG_PSH 0x08 | ||
631 | #define TCPCB_FLAG_ACK 0x10 | ||
632 | #define TCPCB_FLAG_URG 0x20 | ||
633 | #define TCPCB_FLAG_ECE 0x40 | ||
634 | #define TCPCB_FLAG_CWR 0x80 | ||
635 | |||
636 | __u8 sacked; /* State flags for SACK/FACK. */ | 634 | __u8 sacked; /* State flags for SACK/FACK. */ |
637 | #define TCPCB_SACKED_ACKED 0x01 /* SKB ACK'd by a SACK block */ | 635 | #define TCPCB_SACKED_ACKED 0x01 /* SKB ACK'd by a SACK block */ |
638 | #define TCPCB_SACKED_RETRANS 0x02 /* SKB retransmitted */ | 636 | #define TCPCB_SACKED_RETRANS 0x02 /* SKB retransmitted */ |
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index 49d0d2b8900c..779d40c3b96e 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c | |||
@@ -511,7 +511,7 @@ int tcp_ioctl(struct sock *sk, int cmd, unsigned long arg) | |||
511 | 511 | ||
512 | static inline void tcp_mark_push(struct tcp_sock *tp, struct sk_buff *skb) | 512 | static inline void tcp_mark_push(struct tcp_sock *tp, struct sk_buff *skb) |
513 | { | 513 | { |
514 | TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_PSH; | 514 | TCP_SKB_CB(skb)->flags |= TCPHDR_PSH; |
515 | tp->pushed_seq = tp->write_seq; | 515 | tp->pushed_seq = tp->write_seq; |
516 | } | 516 | } |
517 | 517 | ||
@@ -527,7 +527,7 @@ static inline void skb_entail(struct sock *sk, struct sk_buff *skb) | |||
527 | 527 | ||
528 | skb->csum = 0; | 528 | skb->csum = 0; |
529 | tcb->seq = tcb->end_seq = tp->write_seq; | 529 | tcb->seq = tcb->end_seq = tp->write_seq; |
530 | tcb->flags = TCPCB_FLAG_ACK; | 530 | tcb->flags = TCPHDR_ACK; |
531 | tcb->sacked = 0; | 531 | tcb->sacked = 0; |
532 | skb_header_release(skb); | 532 | skb_header_release(skb); |
533 | tcp_add_write_queue_tail(sk, skb); | 533 | tcp_add_write_queue_tail(sk, skb); |
@@ -815,7 +815,7 @@ new_segment: | |||
815 | skb_shinfo(skb)->gso_segs = 0; | 815 | skb_shinfo(skb)->gso_segs = 0; |
816 | 816 | ||
817 | if (!copied) | 817 | if (!copied) |
818 | TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_PSH; | 818 | TCP_SKB_CB(skb)->flags &= ~TCPHDR_PSH; |
819 | 819 | ||
820 | copied += copy; | 820 | copied += copy; |
821 | poffset += copy; | 821 | poffset += copy; |
@@ -1061,7 +1061,7 @@ new_segment: | |||
1061 | } | 1061 | } |
1062 | 1062 | ||
1063 | if (!copied) | 1063 | if (!copied) |
1064 | TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_PSH; | 1064 | TCP_SKB_CB(skb)->flags &= ~TCPHDR_PSH; |
1065 | 1065 | ||
1066 | tp->write_seq += copy; | 1066 | tp->write_seq += copy; |
1067 | TCP_SKB_CB(skb)->end_seq += copy; | 1067 | TCP_SKB_CB(skb)->end_seq += copy; |
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 548d575e6cc6..04334661fa28 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c | |||
@@ -3286,7 +3286,7 @@ static int tcp_clean_rtx_queue(struct sock *sk, int prior_fackets, | |||
3286 | * connection startup slow start one packet too | 3286 | * connection startup slow start one packet too |
3287 | * quickly. This is severely frowned upon behavior. | 3287 | * quickly. This is severely frowned upon behavior. |
3288 | */ | 3288 | */ |
3289 | if (!(scb->flags & TCPCB_FLAG_SYN)) { | 3289 | if (!(scb->flags & TCPHDR_SYN)) { |
3290 | flag |= FLAG_DATA_ACKED; | 3290 | flag |= FLAG_DATA_ACKED; |
3291 | } else { | 3291 | } else { |
3292 | flag |= FLAG_SYN_ACKED; | 3292 | flag |= FLAG_SYN_ACKED; |
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index b4ed957f201a..51d316dbb058 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c | |||
@@ -294,9 +294,9 @@ static u16 tcp_select_window(struct sock *sk) | |||
294 | /* Packet ECN state for a SYN-ACK */ | 294 | /* Packet ECN state for a SYN-ACK */ |
295 | static inline void TCP_ECN_send_synack(struct tcp_sock *tp, struct sk_buff *skb) | 295 | static inline void TCP_ECN_send_synack(struct tcp_sock *tp, struct sk_buff *skb) |
296 | { | 296 | { |
297 | TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_CWR; | 297 | TCP_SKB_CB(skb)->flags &= ~TCPHDR_CWR; |
298 | if (!(tp->ecn_flags & TCP_ECN_OK)) | 298 | if (!(tp->ecn_flags & TCP_ECN_OK)) |
299 | TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_ECE; | 299 | TCP_SKB_CB(skb)->flags &= ~TCPHDR_ECE; |
300 | } | 300 | } |
301 | 301 | ||
302 | /* Packet ECN state for a SYN. */ | 302 | /* Packet ECN state for a SYN. */ |
@@ -306,7 +306,7 @@ static inline void TCP_ECN_send_syn(struct sock *sk, struct sk_buff *skb) | |||
306 | 306 | ||
307 | tp->ecn_flags = 0; | 307 | tp->ecn_flags = 0; |
308 | if (sysctl_tcp_ecn == 1) { | 308 | if (sysctl_tcp_ecn == 1) { |
309 | TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_ECE | TCPCB_FLAG_CWR; | 309 | TCP_SKB_CB(skb)->flags |= TCPHDR_ECE | TCPHDR_CWR; |
310 | tp->ecn_flags = TCP_ECN_OK; | 310 | tp->ecn_flags = TCP_ECN_OK; |
311 | } | 311 | } |
312 | } | 312 | } |
@@ -361,7 +361,7 @@ static void tcp_init_nondata_skb(struct sk_buff *skb, u32 seq, u8 flags) | |||
361 | skb_shinfo(skb)->gso_type = 0; | 361 | skb_shinfo(skb)->gso_type = 0; |
362 | 362 | ||
363 | TCP_SKB_CB(skb)->seq = seq; | 363 | TCP_SKB_CB(skb)->seq = seq; |
364 | if (flags & (TCPCB_FLAG_SYN | TCPCB_FLAG_FIN)) | 364 | if (flags & (TCPHDR_SYN | TCPHDR_FIN)) |
365 | seq++; | 365 | seq++; |
366 | TCP_SKB_CB(skb)->end_seq = seq; | 366 | TCP_SKB_CB(skb)->end_seq = seq; |
367 | } | 367 | } |
@@ -820,7 +820,7 @@ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it, | |||
820 | tcb = TCP_SKB_CB(skb); | 820 | tcb = TCP_SKB_CB(skb); |
821 | memset(&opts, 0, sizeof(opts)); | 821 | memset(&opts, 0, sizeof(opts)); |
822 | 822 | ||
823 | if (unlikely(tcb->flags & TCPCB_FLAG_SYN)) | 823 | if (unlikely(tcb->flags & TCPHDR_SYN)) |
824 | tcp_options_size = tcp_syn_options(sk, skb, &opts, &md5); | 824 | tcp_options_size = tcp_syn_options(sk, skb, &opts, &md5); |
825 | else | 825 | else |
826 | tcp_options_size = tcp_established_options(sk, skb, &opts, | 826 | tcp_options_size = tcp_established_options(sk, skb, &opts, |
@@ -843,7 +843,7 @@ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it, | |||
843 | *(((__be16 *)th) + 6) = htons(((tcp_header_size >> 2) << 12) | | 843 | *(((__be16 *)th) + 6) = htons(((tcp_header_size >> 2) << 12) | |
844 | tcb->flags); | 844 | tcb->flags); |
845 | 845 | ||
846 | if (unlikely(tcb->flags & TCPCB_FLAG_SYN)) { | 846 | if (unlikely(tcb->flags & TCPHDR_SYN)) { |
847 | /* RFC1323: The window in SYN & SYN/ACK segments | 847 | /* RFC1323: The window in SYN & SYN/ACK segments |
848 | * is never scaled. | 848 | * is never scaled. |
849 | */ | 849 | */ |
@@ -866,7 +866,7 @@ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it, | |||
866 | } | 866 | } |
867 | 867 | ||
868 | tcp_options_write((__be32 *)(th + 1), tp, &opts); | 868 | tcp_options_write((__be32 *)(th + 1), tp, &opts); |
869 | if (likely((tcb->flags & TCPCB_FLAG_SYN) == 0)) | 869 | if (likely((tcb->flags & TCPHDR_SYN) == 0)) |
870 | TCP_ECN_send(sk, skb, tcp_header_size); | 870 | TCP_ECN_send(sk, skb, tcp_header_size); |
871 | 871 | ||
872 | #ifdef CONFIG_TCP_MD5SIG | 872 | #ifdef CONFIG_TCP_MD5SIG |
@@ -880,7 +880,7 @@ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it, | |||
880 | 880 | ||
881 | icsk->icsk_af_ops->send_check(sk, skb); | 881 | icsk->icsk_af_ops->send_check(sk, skb); |
882 | 882 | ||
883 | if (likely(tcb->flags & TCPCB_FLAG_ACK)) | 883 | if (likely(tcb->flags & TCPHDR_ACK)) |
884 | tcp_event_ack_sent(sk, tcp_skb_pcount(skb)); | 884 | tcp_event_ack_sent(sk, tcp_skb_pcount(skb)); |
885 | 885 | ||
886 | if (skb->len != tcp_header_size) | 886 | if (skb->len != tcp_header_size) |
@@ -1023,7 +1023,7 @@ int tcp_fragment(struct sock *sk, struct sk_buff *skb, u32 len, | |||
1023 | 1023 | ||
1024 | /* PSH and FIN should only be set in the second packet. */ | 1024 | /* PSH and FIN should only be set in the second packet. */ |
1025 | flags = TCP_SKB_CB(skb)->flags; | 1025 | flags = TCP_SKB_CB(skb)->flags; |
1026 | TCP_SKB_CB(skb)->flags = flags & ~(TCPCB_FLAG_FIN | TCPCB_FLAG_PSH); | 1026 | TCP_SKB_CB(skb)->flags = flags & ~(TCPHDR_FIN | TCPHDR_PSH); |
1027 | TCP_SKB_CB(buff)->flags = flags; | 1027 | TCP_SKB_CB(buff)->flags = flags; |
1028 | TCP_SKB_CB(buff)->sacked = TCP_SKB_CB(skb)->sacked; | 1028 | TCP_SKB_CB(buff)->sacked = TCP_SKB_CB(skb)->sacked; |
1029 | 1029 | ||
@@ -1328,8 +1328,7 @@ static inline unsigned int tcp_cwnd_test(struct tcp_sock *tp, | |||
1328 | u32 in_flight, cwnd; | 1328 | u32 in_flight, cwnd; |
1329 | 1329 | ||
1330 | /* Don't be strict about the congestion window for the final FIN. */ | 1330 | /* Don't be strict about the congestion window for the final FIN. */ |
1331 | if ((TCP_SKB_CB(skb)->flags & TCPCB_FLAG_FIN) && | 1331 | if ((TCP_SKB_CB(skb)->flags & TCPHDR_FIN) && tcp_skb_pcount(skb) == 1) |
1332 | tcp_skb_pcount(skb) == 1) | ||
1333 | return 1; | 1332 | return 1; |
1334 | 1333 | ||
1335 | in_flight = tcp_packets_in_flight(tp); | 1334 | in_flight = tcp_packets_in_flight(tp); |
@@ -1398,7 +1397,7 @@ static inline int tcp_nagle_test(struct tcp_sock *tp, struct sk_buff *skb, | |||
1398 | * Nagle can be ignored during F-RTO too (see RFC4138). | 1397 | * Nagle can be ignored during F-RTO too (see RFC4138). |
1399 | */ | 1398 | */ |
1400 | if (tcp_urg_mode(tp) || (tp->frto_counter == 2) || | 1399 | if (tcp_urg_mode(tp) || (tp->frto_counter == 2) || |
1401 | (TCP_SKB_CB(skb)->flags & TCPCB_FLAG_FIN)) | 1400 | (TCP_SKB_CB(skb)->flags & TCPHDR_FIN)) |
1402 | return 1; | 1401 | return 1; |
1403 | 1402 | ||
1404 | if (!tcp_nagle_check(tp, skb, cur_mss, nonagle)) | 1403 | if (!tcp_nagle_check(tp, skb, cur_mss, nonagle)) |
@@ -1487,7 +1486,7 @@ static int tso_fragment(struct sock *sk, struct sk_buff *skb, unsigned int len, | |||
1487 | 1486 | ||
1488 | /* PSH and FIN should only be set in the second packet. */ | 1487 | /* PSH and FIN should only be set in the second packet. */ |
1489 | flags = TCP_SKB_CB(skb)->flags; | 1488 | flags = TCP_SKB_CB(skb)->flags; |
1490 | TCP_SKB_CB(skb)->flags = flags & ~(TCPCB_FLAG_FIN | TCPCB_FLAG_PSH); | 1489 | TCP_SKB_CB(skb)->flags = flags & ~(TCPHDR_FIN | TCPHDR_PSH); |
1491 | TCP_SKB_CB(buff)->flags = flags; | 1490 | TCP_SKB_CB(buff)->flags = flags; |
1492 | 1491 | ||
1493 | /* This packet was never sent out yet, so no SACK bits. */ | 1492 | /* This packet was never sent out yet, so no SACK bits. */ |
@@ -1518,7 +1517,7 @@ static int tcp_tso_should_defer(struct sock *sk, struct sk_buff *skb) | |||
1518 | const struct inet_connection_sock *icsk = inet_csk(sk); | 1517 | const struct inet_connection_sock *icsk = inet_csk(sk); |
1519 | u32 send_win, cong_win, limit, in_flight; | 1518 | u32 send_win, cong_win, limit, in_flight; |
1520 | 1519 | ||
1521 | if (TCP_SKB_CB(skb)->flags & TCPCB_FLAG_FIN) | 1520 | if (TCP_SKB_CB(skb)->flags & TCPHDR_FIN) |
1522 | goto send_now; | 1521 | goto send_now; |
1523 | 1522 | ||
1524 | if (icsk->icsk_ca_state != TCP_CA_Open) | 1523 | if (icsk->icsk_ca_state != TCP_CA_Open) |
@@ -1644,7 +1643,7 @@ static int tcp_mtu_probe(struct sock *sk) | |||
1644 | 1643 | ||
1645 | TCP_SKB_CB(nskb)->seq = TCP_SKB_CB(skb)->seq; | 1644 | TCP_SKB_CB(nskb)->seq = TCP_SKB_CB(skb)->seq; |
1646 | TCP_SKB_CB(nskb)->end_seq = TCP_SKB_CB(skb)->seq + probe_size; | 1645 | TCP_SKB_CB(nskb)->end_seq = TCP_SKB_CB(skb)->seq + probe_size; |
1647 | TCP_SKB_CB(nskb)->flags = TCPCB_FLAG_ACK; | 1646 | TCP_SKB_CB(nskb)->flags = TCPHDR_ACK; |
1648 | TCP_SKB_CB(nskb)->sacked = 0; | 1647 | TCP_SKB_CB(nskb)->sacked = 0; |
1649 | nskb->csum = 0; | 1648 | nskb->csum = 0; |
1650 | nskb->ip_summed = skb->ip_summed; | 1649 | nskb->ip_summed = skb->ip_summed; |
@@ -1669,7 +1668,7 @@ static int tcp_mtu_probe(struct sock *sk) | |||
1669 | sk_wmem_free_skb(sk, skb); | 1668 | sk_wmem_free_skb(sk, skb); |
1670 | } else { | 1669 | } else { |
1671 | TCP_SKB_CB(nskb)->flags |= TCP_SKB_CB(skb)->flags & | 1670 | TCP_SKB_CB(nskb)->flags |= TCP_SKB_CB(skb)->flags & |
1672 | ~(TCPCB_FLAG_FIN|TCPCB_FLAG_PSH); | 1671 | ~(TCPHDR_FIN|TCPHDR_PSH); |
1673 | if (!skb_shinfo(skb)->nr_frags) { | 1672 | if (!skb_shinfo(skb)->nr_frags) { |
1674 | skb_pull(skb, copy); | 1673 | skb_pull(skb, copy); |
1675 | if (skb->ip_summed != CHECKSUM_PARTIAL) | 1674 | if (skb->ip_summed != CHECKSUM_PARTIAL) |
@@ -2020,7 +2019,7 @@ static void tcp_retrans_try_collapse(struct sock *sk, struct sk_buff *to, | |||
2020 | 2019 | ||
2021 | if (!sysctl_tcp_retrans_collapse) | 2020 | if (!sysctl_tcp_retrans_collapse) |
2022 | return; | 2021 | return; |
2023 | if (TCP_SKB_CB(skb)->flags & TCPCB_FLAG_SYN) | 2022 | if (TCP_SKB_CB(skb)->flags & TCPHDR_SYN) |
2024 | return; | 2023 | return; |
2025 | 2024 | ||
2026 | tcp_for_write_queue_from_safe(skb, tmp, sk) { | 2025 | tcp_for_write_queue_from_safe(skb, tmp, sk) { |
@@ -2112,7 +2111,7 @@ int tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb) | |||
2112 | * since it is cheap to do so and saves bytes on the network. | 2111 | * since it is cheap to do so and saves bytes on the network. |
2113 | */ | 2112 | */ |
2114 | if (skb->len > 0 && | 2113 | if (skb->len > 0 && |
2115 | (TCP_SKB_CB(skb)->flags & TCPCB_FLAG_FIN) && | 2114 | (TCP_SKB_CB(skb)->flags & TCPHDR_FIN) && |
2116 | tp->snd_una == (TCP_SKB_CB(skb)->end_seq - 1)) { | 2115 | tp->snd_una == (TCP_SKB_CB(skb)->end_seq - 1)) { |
2117 | if (!pskb_trim(skb, 0)) { | 2116 | if (!pskb_trim(skb, 0)) { |
2118 | /* Reuse, even though it does some unnecessary work */ | 2117 | /* Reuse, even though it does some unnecessary work */ |
@@ -2301,7 +2300,7 @@ void tcp_send_fin(struct sock *sk) | |||
2301 | mss_now = tcp_current_mss(sk); | 2300 | mss_now = tcp_current_mss(sk); |
2302 | 2301 | ||
2303 | if (tcp_send_head(sk) != NULL) { | 2302 | if (tcp_send_head(sk) != NULL) { |
2304 | TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_FIN; | 2303 | TCP_SKB_CB(skb)->flags |= TCPHDR_FIN; |
2305 | TCP_SKB_CB(skb)->end_seq++; | 2304 | TCP_SKB_CB(skb)->end_seq++; |
2306 | tp->write_seq++; | 2305 | tp->write_seq++; |
2307 | } else { | 2306 | } else { |
@@ -2318,7 +2317,7 @@ void tcp_send_fin(struct sock *sk) | |||
2318 | skb_reserve(skb, MAX_TCP_HEADER); | 2317 | skb_reserve(skb, MAX_TCP_HEADER); |
2319 | /* FIN eats a sequence byte, write_seq advanced by tcp_queue_skb(). */ | 2318 | /* FIN eats a sequence byte, write_seq advanced by tcp_queue_skb(). */ |
2320 | tcp_init_nondata_skb(skb, tp->write_seq, | 2319 | tcp_init_nondata_skb(skb, tp->write_seq, |
2321 | TCPCB_FLAG_ACK | TCPCB_FLAG_FIN); | 2320 | TCPHDR_ACK | TCPHDR_FIN); |
2322 | tcp_queue_skb(sk, skb); | 2321 | tcp_queue_skb(sk, skb); |
2323 | } | 2322 | } |
2324 | __tcp_push_pending_frames(sk, mss_now, TCP_NAGLE_OFF); | 2323 | __tcp_push_pending_frames(sk, mss_now, TCP_NAGLE_OFF); |
@@ -2343,7 +2342,7 @@ void tcp_send_active_reset(struct sock *sk, gfp_t priority) | |||
2343 | /* Reserve space for headers and prepare control bits. */ | 2342 | /* Reserve space for headers and prepare control bits. */ |
2344 | skb_reserve(skb, MAX_TCP_HEADER); | 2343 | skb_reserve(skb, MAX_TCP_HEADER); |
2345 | tcp_init_nondata_skb(skb, tcp_acceptable_seq(sk), | 2344 | tcp_init_nondata_skb(skb, tcp_acceptable_seq(sk), |
2346 | TCPCB_FLAG_ACK | TCPCB_FLAG_RST); | 2345 | TCPHDR_ACK | TCPHDR_RST); |
2347 | /* Send it off. */ | 2346 | /* Send it off. */ |
2348 | TCP_SKB_CB(skb)->when = tcp_time_stamp; | 2347 | TCP_SKB_CB(skb)->when = tcp_time_stamp; |
2349 | if (tcp_transmit_skb(sk, skb, 0, priority)) | 2348 | if (tcp_transmit_skb(sk, skb, 0, priority)) |
@@ -2363,11 +2362,11 @@ int tcp_send_synack(struct sock *sk) | |||
2363 | struct sk_buff *skb; | 2362 | struct sk_buff *skb; |
2364 | 2363 | ||
2365 | skb = tcp_write_queue_head(sk); | 2364 | skb = tcp_write_queue_head(sk); |
2366 | if (skb == NULL || !(TCP_SKB_CB(skb)->flags & TCPCB_FLAG_SYN)) { | 2365 | if (skb == NULL || !(TCP_SKB_CB(skb)->flags & TCPHDR_SYN)) { |
2367 | printk(KERN_DEBUG "tcp_send_synack: wrong queue state\n"); | 2366 | printk(KERN_DEBUG "tcp_send_synack: wrong queue state\n"); |
2368 | return -EFAULT; | 2367 | return -EFAULT; |
2369 | } | 2368 | } |
2370 | if (!(TCP_SKB_CB(skb)->flags & TCPCB_FLAG_ACK)) { | 2369 | if (!(TCP_SKB_CB(skb)->flags & TCPHDR_ACK)) { |
2371 | if (skb_cloned(skb)) { | 2370 | if (skb_cloned(skb)) { |
2372 | struct sk_buff *nskb = skb_copy(skb, GFP_ATOMIC); | 2371 | struct sk_buff *nskb = skb_copy(skb, GFP_ATOMIC); |
2373 | if (nskb == NULL) | 2372 | if (nskb == NULL) |
@@ -2381,7 +2380,7 @@ int tcp_send_synack(struct sock *sk) | |||
2381 | skb = nskb; | 2380 | skb = nskb; |
2382 | } | 2381 | } |
2383 | 2382 | ||
2384 | TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_ACK; | 2383 | TCP_SKB_CB(skb)->flags |= TCPHDR_ACK; |
2385 | TCP_ECN_send_synack(tcp_sk(sk), skb); | 2384 | TCP_ECN_send_synack(tcp_sk(sk), skb); |
2386 | } | 2385 | } |
2387 | TCP_SKB_CB(skb)->when = tcp_time_stamp; | 2386 | TCP_SKB_CB(skb)->when = tcp_time_stamp; |
@@ -2460,7 +2459,7 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, | |||
2460 | * not even correctly set) | 2459 | * not even correctly set) |
2461 | */ | 2460 | */ |
2462 | tcp_init_nondata_skb(skb, tcp_rsk(req)->snt_isn, | 2461 | tcp_init_nondata_skb(skb, tcp_rsk(req)->snt_isn, |
2463 | TCPCB_FLAG_SYN | TCPCB_FLAG_ACK); | 2462 | TCPHDR_SYN | TCPHDR_ACK); |
2464 | 2463 | ||
2465 | if (OPTION_COOKIE_EXTENSION & opts.options) { | 2464 | if (OPTION_COOKIE_EXTENSION & opts.options) { |
2466 | if (s_data_desired) { | 2465 | if (s_data_desired) { |
@@ -2592,7 +2591,7 @@ int tcp_connect(struct sock *sk) | |||
2592 | skb_reserve(buff, MAX_TCP_HEADER); | 2591 | skb_reserve(buff, MAX_TCP_HEADER); |
2593 | 2592 | ||
2594 | tp->snd_nxt = tp->write_seq; | 2593 | tp->snd_nxt = tp->write_seq; |
2595 | tcp_init_nondata_skb(buff, tp->write_seq++, TCPCB_FLAG_SYN); | 2594 | tcp_init_nondata_skb(buff, tp->write_seq++, TCPHDR_SYN); |
2596 | TCP_ECN_send_syn(sk, buff); | 2595 | TCP_ECN_send_syn(sk, buff); |
2597 | 2596 | ||
2598 | /* Send it off. */ | 2597 | /* Send it off. */ |
@@ -2698,7 +2697,7 @@ void tcp_send_ack(struct sock *sk) | |||
2698 | 2697 | ||
2699 | /* Reserve space for headers and prepare control bits. */ | 2698 | /* Reserve space for headers and prepare control bits. */ |
2700 | skb_reserve(buff, MAX_TCP_HEADER); | 2699 | skb_reserve(buff, MAX_TCP_HEADER); |
2701 | tcp_init_nondata_skb(buff, tcp_acceptable_seq(sk), TCPCB_FLAG_ACK); | 2700 | tcp_init_nondata_skb(buff, tcp_acceptable_seq(sk), TCPHDR_ACK); |
2702 | 2701 | ||
2703 | /* Send it off, this clears delayed acks for us. */ | 2702 | /* Send it off, this clears delayed acks for us. */ |
2704 | TCP_SKB_CB(buff)->when = tcp_time_stamp; | 2703 | TCP_SKB_CB(buff)->when = tcp_time_stamp; |
@@ -2732,7 +2731,7 @@ static int tcp_xmit_probe_skb(struct sock *sk, int urgent) | |||
2732 | * end to send an ack. Don't queue or clone SKB, just | 2731 | * end to send an ack. Don't queue or clone SKB, just |
2733 | * send it. | 2732 | * send it. |
2734 | */ | 2733 | */ |
2735 | tcp_init_nondata_skb(skb, tp->snd_una - !urgent, TCPCB_FLAG_ACK); | 2734 | tcp_init_nondata_skb(skb, tp->snd_una - !urgent, TCPHDR_ACK); |
2736 | TCP_SKB_CB(skb)->when = tcp_time_stamp; | 2735 | TCP_SKB_CB(skb)->when = tcp_time_stamp; |
2737 | return tcp_transmit_skb(sk, skb, 0, GFP_ATOMIC); | 2736 | return tcp_transmit_skb(sk, skb, 0, GFP_ATOMIC); |
2738 | } | 2737 | } |
@@ -2762,13 +2761,13 @@ int tcp_write_wakeup(struct sock *sk) | |||
2762 | if (seg_size < TCP_SKB_CB(skb)->end_seq - TCP_SKB_CB(skb)->seq || | 2761 | if (seg_size < TCP_SKB_CB(skb)->end_seq - TCP_SKB_CB(skb)->seq || |
2763 | skb->len > mss) { | 2762 | skb->len > mss) { |
2764 | seg_size = min(seg_size, mss); | 2763 | seg_size = min(seg_size, mss); |
2765 | TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_PSH; | 2764 | TCP_SKB_CB(skb)->flags |= TCPHDR_PSH; |
2766 | if (tcp_fragment(sk, skb, seg_size, mss)) | 2765 | if (tcp_fragment(sk, skb, seg_size, mss)) |
2767 | return -1; | 2766 | return -1; |
2768 | } else if (!tcp_skb_pcount(skb)) | 2767 | } else if (!tcp_skb_pcount(skb)) |
2769 | tcp_set_skb_tso_segs(sk, skb, mss); | 2768 | tcp_set_skb_tso_segs(sk, skb, mss); |
2770 | 2769 | ||
2771 | TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_PSH; | 2770 | TCP_SKB_CB(skb)->flags |= TCPHDR_PSH; |
2772 | TCP_SKB_CB(skb)->when = tcp_time_stamp; | 2771 | TCP_SKB_CB(skb)->when = tcp_time_stamp; |
2773 | err = tcp_transmit_skb(sk, skb, 1, GFP_ATOMIC); | 2772 | err = tcp_transmit_skb(sk, skb, 1, GFP_ATOMIC); |
2774 | if (!err) | 2773 | if (!err) |
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c index 9dd8cd4fb6e6..802dbffae8b4 100644 --- a/net/netfilter/nf_conntrack_proto_tcp.c +++ b/net/netfilter/nf_conntrack_proto_tcp.c | |||
@@ -736,27 +736,19 @@ static bool tcp_in_window(const struct nf_conn *ct, | |||
736 | return res; | 736 | return res; |
737 | } | 737 | } |
738 | 738 | ||
739 | #define TH_FIN 0x01 | ||
740 | #define TH_SYN 0x02 | ||
741 | #define TH_RST 0x04 | ||
742 | #define TH_PUSH 0x08 | ||
743 | #define TH_ACK 0x10 | ||
744 | #define TH_URG 0x20 | ||
745 | #define TH_ECE 0x40 | ||
746 | #define TH_CWR 0x80 | ||
747 | |||
748 | /* table of valid flag combinations - PUSH, ECE and CWR are always valid */ | 739 | /* table of valid flag combinations - PUSH, ECE and CWR are always valid */ |
749 | static const u8 tcp_valid_flags[(TH_FIN|TH_SYN|TH_RST|TH_ACK|TH_URG) + 1] = | 740 | static const u8 tcp_valid_flags[(TCPHDR_FIN|TCPHDR_SYN|TCPHDR_RST|TCPHDR_ACK| |
741 | TCPHDR_URG) + 1] = | ||
750 | { | 742 | { |
751 | [TH_SYN] = 1, | 743 | [TCPHDR_SYN] = 1, |
752 | [TH_SYN|TH_URG] = 1, | 744 | [TCPHDR_SYN|TCPHDR_URG] = 1, |
753 | [TH_SYN|TH_ACK] = 1, | 745 | [TCPHDR_SYN|TCPHDR_ACK] = 1, |
754 | [TH_RST] = 1, | 746 | [TCPHDR_RST] = 1, |
755 | [TH_RST|TH_ACK] = 1, | 747 | [TCPHDR_RST|TCPHDR_ACK] = 1, |
756 | [TH_FIN|TH_ACK] = 1, | 748 | [TCPHDR_FIN|TCPHDR_ACK] = 1, |
757 | [TH_FIN|TH_ACK|TH_URG] = 1, | 749 | [TCPHDR_FIN|TCPHDR_ACK|TCPHDR_URG] = 1, |
758 | [TH_ACK] = 1, | 750 | [TCPHDR_ACK] = 1, |
759 | [TH_ACK|TH_URG] = 1, | 751 | [TCPHDR_ACK|TCPHDR_URG] = 1, |
760 | }; | 752 | }; |
761 | 753 | ||
762 | /* Protect conntrack agaist broken packets. Code taken from ipt_unclean.c. */ | 754 | /* Protect conntrack agaist broken packets. Code taken from ipt_unclean.c. */ |
@@ -803,7 +795,7 @@ static int tcp_error(struct net *net, struct nf_conn *tmpl, | |||
803 | } | 795 | } |
804 | 796 | ||
805 | /* Check TCP flags. */ | 797 | /* Check TCP flags. */ |
806 | tcpflags = (((u_int8_t *)th)[13] & ~(TH_ECE|TH_CWR|TH_PUSH)); | 798 | tcpflags = (tcp_flag_byte(th) & ~(TCPHDR_ECE|TCPHDR_CWR|TCPHDR_PSH)); |
807 | if (!tcp_valid_flags[tcpflags]) { | 799 | if (!tcp_valid_flags[tcpflags]) { |
808 | if (LOG_INVALID(net, IPPROTO_TCP)) | 800 | if (LOG_INVALID(net, IPPROTO_TCP)) |
809 | nf_log_packet(pf, 0, skb, NULL, NULL, NULL, | 801 | nf_log_packet(pf, 0, skb, NULL, NULL, NULL, |
diff --git a/net/netfilter/xt_TCPMSS.c b/net/netfilter/xt_TCPMSS.c index 1841388c770a..eb81c380da1b 100644 --- a/net/netfilter/xt_TCPMSS.c +++ b/net/netfilter/xt_TCPMSS.c | |||
@@ -220,15 +220,13 @@ tcpmss_tg6(struct sk_buff *skb, const struct xt_action_param *par) | |||
220 | } | 220 | } |
221 | #endif | 221 | #endif |
222 | 222 | ||
223 | #define TH_SYN 0x02 | ||
224 | |||
225 | /* Must specify -p tcp --syn */ | 223 | /* Must specify -p tcp --syn */ |
226 | static inline bool find_syn_match(const struct xt_entry_match *m) | 224 | static inline bool find_syn_match(const struct xt_entry_match *m) |
227 | { | 225 | { |
228 | const struct xt_tcp *tcpinfo = (const struct xt_tcp *)m->data; | 226 | const struct xt_tcp *tcpinfo = (const struct xt_tcp *)m->data; |
229 | 227 | ||
230 | if (strcmp(m->u.kernel.match->name, "tcp") == 0 && | 228 | if (strcmp(m->u.kernel.match->name, "tcp") == 0 && |
231 | tcpinfo->flg_cmp & TH_SYN && | 229 | tcpinfo->flg_cmp & TCPHDR_SYN && |
232 | !(tcpinfo->invflags & XT_TCP_INV_FLAGS)) | 230 | !(tcpinfo->invflags & XT_TCP_INV_FLAGS)) |
233 | return true; | 231 | return true; |
234 | 232 | ||