Commit e8eaedf2 authored Jan 05, 2006 by Yasuyuki Kozakai Committed by David S. Miller Jan 05, 2006

[NETFILTER]: Use HOPLIMIT metric as TTL of TCP reset sent by REJECT



HOPLIMIT metric is appropriate to TCP reset sent by REJECT target
than hard-coded max TTL. Thanks to David S. Miller for hint.

Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent 0ae2cfe7

net/ipv4/netfilter/ipt_REJECT.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -203,7 +203,7 @@ static void send_reset(struct sk_buff *oldskb, int hook)
		sizeof(struct tcphdr), 0));

		/* Adjust IP TTL, DF */
		nskb->nh.iph->ttl = MAXTTL;
		nskb->nh.iph->ttl = dst_metric(nskb->dst, RTAX_HOPLIMIT);
		/* Set DF, id = 0 */
		nskb->nh.iph->frag_off = htons(IP_DF);
		nskb->nh.iph->id = 0;