| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 May 2007 14:04:05 -0400 From: Benjamin LaHaise <bcrl@...ck.org> To: John Heffner <jheffner@....edu> Cc: Evgeniy Polyakov <johnpol@....mipt.ru>, David Miller <davem@...emloft.net>, netdev@...r.kernel.org Subject: Re: [PATCH] TCP FIN gets dropped prematurely, results in ack storm On Tue, May 01, 2007 at 01:54:03PM -0400, John Heffner wrote: > Looking at your trace, it seems like the behavior of the test system > 192.168.2.2 is broken in two ways. First, like you said it has broken > state in that it has forgotten that it sent the FIN. Once you do that, > the connection state is corrupt and all bets are off. It's sending an > out-of-window segment that's getting tossed by Linux, and Linux > generates an ack in response. This is in direct RFC compliance. The > second problem is that the other system is generating these broken acks > in response to the legitimate acks Linux is sending, causing the ack > war. I can't really guess why it's doing that... I know it's a bug, and I'm trying to fix it, but that doesn't change the fact that A) the system is already deployed and B) Linux is not retransmitting the FIN, which (from Linux's point of view) remains unacknowledged by the other side. The patch might be wrong, but the goal of fixing the behaviour isn't. -ben -- "Time is of no importance, Mr. President, only life is important." Don't Email: <zyntrop@...ck.org>. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists