shithub: plan9front

Download patch

ref: 34a662c6af90f4bd5f2ae184aeb126342e4e799e
parent: 6b5de9ee6738c0f52122978130d4a8a508d75739
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Fri Dec 30 10:10:37 EST 2022

tcp: only create new translation when SYN packet

--- a/sys/src/9/ip/ipaux.c
+++ b/sys/src/9/ip/ipaux.c
@@ -436,16 +436,20 @@
 		}
 	}
 
-	/* Bad source address? */
-	if(ipismulticast(sa) || ipforme(p->f, sa) != 0){
-		netlog(p->f, Logtrans, "trans: bad source address: %s!%I!%d -> %I!%d\n",
+	/* No route means dont make a new entry */
+	if(r == nil)
+		return nil;
+
+	/* Bad forward route? */
+	if((ifc = r->ifc) == nil){
+		netlog(p->f, Logtrans, "trans: no interface: %s!%I!%d -> %I!%d\n",
 			p->name, sa, sp, da, dp);
 		return nil;
 	}
 
-	/* Bad forward route? */
-	if(r == nil || (ifc = r->ifc) == nil){
-		netlog(p->f, Logtrans, "trans: no forward route: %s!%I!%d -> %I!%d\n",
+	/* Bad source address? */
+	if(ipismulticast(sa) || ipforme(p->f, sa) != 0){
+		netlog(p->f, Logtrans, "trans: bad source address: %s!%I!%d -> %I!%d\n",
 			p->name, sa, sp, da, dp);
 		return nil;
 	}
--- a/sys/src/9/ip/tcp.c
+++ b/sys/src/9/ip/tcp.c
@@ -3292,6 +3292,10 @@
 	dp = nhgets(h4->tcpdport);
 	sp = nhgets(h4->tcpsport);
 
+	/* don't make new translation when not syn packet */
+	if((h4->tcpflag[1] & (ACK|RST|SYN|FIN)) != SYN)
+		r = nil;
+
 	qlock(tcp);
 	q = transforward(tcp, &((Tcppriv*)tcp->priv)->ht, sa, sp, da, dp, r);
 	if(q == nil){