Actions
Bug #895
closedresponse: rst packet bug
Affected Versions:
Effort:
Difficulty:
Label:
Description
Reported privately:
In the function "RejectSendLibnet11L3IPv4TCP", why add 1 to ack?
It breaks the TCP protocol.
/* build the package */
if ((libnet_build_tcp (
lpacket.sp, /* source port */
lpacket.dp, /* dst port */
lpacket.seq, /* seq number */
lpacket.ack+1, /* ack number */
TH_RST|TH_ACK, /* flags */
lpacket.window, /* window size */
0, /* checksum */
0, /* urgent flag */
LIBNET_TCP_H, /* header length */
NULL, /* payload */
0, /* payload length */
c, /* libnet context */
0)) < 0) /* libnet ptag */
Updated by Victor Julien about 11 years ago
The rst stuff is not in good shape. In my tests the observations in the private report are correct. The +1 doesn't make sense.
A few other things:
- rst seems unreliable even fixing this ticket
- rst is not sent out of the monitor interface. In my test eth0 is normally connected, eth1 is the (ip-less) monitor interface. RST seem to be coming from eth0 (at least they have the mac from eth0).
Not sure why the +1 was added. It was part of a FreeBSD/IPFW patch.
Updated by Eric Leblond about 11 years ago
- Status changed from Assigned to Closed
- % Done changed from 80 to 100
Actions