Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a3116ac5 authored by KOVACS Krisztian's avatar KOVACS Krisztian Committed by David S. Miller
Browse files

tcp: Port redirection support for TCP 



Current TCP code relies on the local port of the listening socket
being the same as the destination address of the incoming
connection. Port redirection used by many transparent proxying
techniques obviously breaks this, so we have to store the original
destination port address.

This patch extends struct inet_request_sock and stores the incoming
destination port value there. It also modifies the handshake code to
use that value as the source port when sending reply packets.

Signed-off-by: default avatarKOVACS Krisztian <hidden@sch.bme.hu>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 86b08d86

include/net/inet_sock.h

+1 −1
Original line number Diff line number Diff line
@@ -61,8 +61,8 @@ struct inet_request_sock { 
	struct request_sock	req;

#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)

	u16			inet6_rsk_offset;

	/* 2 bytes hole, try to pack */

#endif

	__be16			loc_port;

	__be32			loc_addr;

	__be32			rmt_addr;

	__be16			rmt_port;

include/net/tcp.h

+1 −0
Original line number Diff line number Diff line
@@ -976,6 +976,7 @@ static inline void tcp_openreq_init(struct request_sock *req, 
	ireq->acked = 0;

	ireq->ecn_ok = 0;

	ireq->rmt_port = tcp_hdr(skb)->source;

	ireq->loc_port = tcp_hdr(skb)->dest;

}



extern void tcp_enter_memory_pressure(struct sock *sk);

net/ipv4/inet_connection_sock.c

+2 −0
Original line number Diff line number Diff line
@@ -516,6 +516,8 @@ struct sock *inet_csk_clone(struct sock *sk, const struct request_sock *req, 
		newicsk->icsk_bind_hash = NULL;



		inet_sk(newsk)->dport = inet_rsk(req)->rmt_port;

		inet_sk(newsk)->num = ntohs(inet_rsk(req)->loc_port);

		inet_sk(newsk)->sport = inet_rsk(req)->loc_port;

		newsk->sk_write_space = sk_stream_write_space;



		newicsk->icsk_retransmits = 0;

net/ipv4/syncookies.c

+1 −0
Original line number Diff line number Diff line
@@ -297,6 +297,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, 
	treq->rcv_isn		= ntohl(th->seq) - 1;

	treq->snt_isn		= cookie;

	req->mss		= mss;

	ireq->loc_port		= th->dest;

	ireq->rmt_port		= th->source;

	ireq->loc_addr		= ip_hdr(skb)->daddr;

	ireq->rmt_addr		= ip_hdr(skb)->saddr;

net/ipv4/tcp_output.c

+1 −1
Original line number Diff line number Diff line
@@ -2275,7 +2275,7 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, 
	th->syn = 1;

	th->ack = 1;

	TCP_ECN_make_synack(req, th);

	th->source = inet_sk(sk)->sport;

	th->source = ireq->loc_port;

	th->dest = ireq->rmt_port;

	/* Setting of flags are superfluous here for callers (and ECE is

	 * not even correctly set)