| To: | davem@xxxxxxxxxx (David S. Miller) |
|---|---|
| Subject: | Re: ERRATA Re: [PATCH] fix for netfilter/nat/pppoe crashes (hopefully) |
| From: | kuznet@xxxxxxxxxxxxx |
| Date: | Fri, 3 Aug 2001 21:40:56 +0400 (MSK DST) |
| Cc: | laforge@xxxxxxxxxxxx, rusty@xxxxxxxxxxxxxxx, marc@xxxxxxx, netfilter-devel@xxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx |
| In-reply-to: | <15210.14446.81297.26145@xxxxxxxxxxxxxxx> from "David S. Miller" at Aug 2, 1 10:36:46 pm |
| Sender: | owner-netdev@xxxxxxxxxxx |
Hello! > > Sorry Rusty, but check on sizeof(struct tcphdr) is IMHO wrong, again. > > I think there is no way you can validly drop an ICMP packet just > because the TCP checksum field is not there in the embedded header. > > So I think I basically agree with Harald. Reminder to Paul: 99% of icmp errors have only 8 bytes of tcp header enough to get ports and sequence number and that's all. All the rest is an option, which is not respected by the most of routers and even host OSes. Alexey |
| Previous by Date: | Re: Linux 2.4 network performance oddities, Alexey Kuznetsov |
|---|---|
| Next by Date: | Re: ERRATA Re: [PATCH] fix for netfilter/nat/pppoe crashes (hopefully), kuznet |
| Previous by Thread: | Re: ERRATA Re: [PATCH] fix for netfilter/nat/pppoe crashes (hopefully), David S. Miller |
| Next by Thread: | Re: ERRATA Re: [PATCH] fix for netfilter/nat/pppoe crashes (hopefully), Rusty Russell |
| Indexes: | [Date] [Thread] [Top] [All Lists] |