Bugtraq mailing list archives

Re: FreeBSD's RST validation

From: bmah () CA Sandia GOV (Bruce A. Mah)
Date: Mon, 31 Aug 1998 19:58:16 -0700


If memory serves me right, Don Lewis wrote:

Now that I look at this change some more, I think your added tests are
a NOP because of the code just above this:

              if ((tiflags & TH_ACK) &&
                    (SEQ_LEQ(ti->ti_ack, tp->iss) ||
                     SEQ_GT(ti->ti_ack, tp->snd_max))) {
                      [ snip comment ]
                        if (taop->tao_ccsent != 0)
                                goto drop;
                        else
                                goto dropwithreset;

If the ACK is outside the window, the packet will already have been
dropped before we even look for the RST flag.


Ah, yes.  You're absolutely right.  So it appears only the second of the
original patches is useful (if it's correct, that is).

This was a good day for me...I learned something.

Thanks!

Bruce.

Current thread:

Re: FreeBSD's RST validation Don Lewis (Aug 31)
- Re: FreeBSD's RST validation Bruce A. Mah (Aug 31)
- <Possible follow-ups>
- Re: FreeBSD's RST validation Don Lewis (Aug 31)
  - Re: FreeBSD's RST validation Bruce A. Mah (Aug 31)