netdev
[Top] [All Lists]

[IPV4] Send TCP reset through dst_output in ipt_REJECT

To: "David S. Miller" <davem@xxxxxxxxxxxxx>
Subject: [IPV4] Send TCP reset through dst_output in ipt_REJECT
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 17 Mar 2005 21:51:45 +1100
Cc: Patrick McHardy <kaber@xxxxxxxxx>, kuznet@xxxxxxxxxxxxx, yoshfuji@xxxxxxxxxxxxxx, netdev@xxxxxxxxxxx
In-reply-to: <20050316144424.689d5981.davem@davemloft.net>
References: <20050315091904.GA6256@gondor.apana.org.au> <20050315095837.GA7130@gondor.apana.org.au> <20050315100522.GA7275@gondor.apana.org.au> <20050315102450.0f3f1618.davem@davemloft.net> <42373142.6090902@trash.net> <20050315204006.GB22349@gondor.apana.org.au> <42374A35.6020308@trash.net> <20050316105100.GA8404@gondor.apana.org.au> <42388263.3090602@trash.net> <20050316144424.689d5981.davem@davemloft.net>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.6+20040907i
Hi Dave:

I noticed that the TCP reset code in ipt_REJECT didn't call dst_output
either so it also bypasses IPsec processing.  Here is a patch to fix
that and use the correct MTU value.

Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Attachment: xfrm-20
Description: Text document

<Prev in Thread] Current Thread [Next in Thread>