tproxy: copy transparent flag when creating a time wait
The transparent socket option setting was not copied to the time wait socket when an inet socket was being replaced by a time wait socket. This broke the --transparent option of the socket match and may have caused that FIN packets belonging to sockets in FIN_WAIT2 or TIME_WAIT state were being dropped by the packet filter. Signed-off-by: KOVACS Krisztian <hidden@balabit.hu> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
8bae8bd6cb
commit
58af19e387
@ -328,6 +328,7 @@ void tcp_time_wait(struct sock *sk, int state, int timeo)
|
|||||||
struct tcp_timewait_sock *tcptw = tcp_twsk((struct sock *)tw);
|
struct tcp_timewait_sock *tcptw = tcp_twsk((struct sock *)tw);
|
||||||
const int rto = (icsk->icsk_rto << 2) - (icsk->icsk_rto >> 1);
|
const int rto = (icsk->icsk_rto << 2) - (icsk->icsk_rto >> 1);
|
||||||
|
|
||||||
|
tw->tw_transparent = inet_sk(sk)->transparent;
|
||||||
tw->tw_rcv_wscale = tp->rx_opt.rcv_wscale;
|
tw->tw_rcv_wscale = tp->rx_opt.rcv_wscale;
|
||||||
tcptw->tw_rcv_nxt = tp->rcv_nxt;
|
tcptw->tw_rcv_nxt = tp->rcv_nxt;
|
||||||
tcptw->tw_snd_nxt = tp->snd_nxt;
|
tcptw->tw_snd_nxt = tp->snd_nxt;
|
||||||
|
Loading…
Reference in New Issue
Block a user