recv SYN after FIN or RST is considered to be TCP port reuse
This commit is contained in:
luwenpeng
@@ -658,7 +658,8 @@ static struct session *session_manager_lookup_tcp_session(struct session_manager
|
||||
|
||||
enum flow_direction dir = identify_direction_by_history(sess, key);
|
||||
struct tcp_half *half = &sess->tcp_halfs[dir];
|
||||
if (half->isn && half->isn != tcp_hdr_get_seq(hdr))
|
||||
if ((half->isn && half->isn != tcp_hdr_get_seq(hdr)) || // recv SYN with different ISN
|
||||
((half->history & TH_FIN) || (half->history & TH_RST))) // recv SYN after FIN or RST
|
||||
{
|
||||
// TCP port reuse, evict old session
|
||||
session_manager_evicte_session(mgr, sess, now, PORT_REUSE_EVICT);
|
||||
|
||||
@@ -24,15 +24,16 @@ extern "C"
|
||||
struct tcp_half
|
||||
{
|
||||
struct tcp_reassembly *assembler;
|
||||
struct tcp_segment in_order;
|
||||
uint32_t in_order_ref;
|
||||
struct tcp_segment in_order; // current packet in order segment
|
||||
uint32_t in_order_ref; // reference count of current packet in order segment
|
||||
|
||||
uint32_t isn;
|
||||
uint32_t seq;
|
||||
uint32_t ack;
|
||||
uint16_t len;
|
||||
uint8_t flags;
|
||||
uint8_t history;
|
||||
uint32_t seq; // current packet sequence number
|
||||
uint32_t ack; // current packet ack number
|
||||
uint16_t len; // current packet payload length
|
||||
uint8_t flags; // current packet flags
|
||||
|
||||
uint32_t isn; // current direction initial sequence number
|
||||
uint8_t history; // current direction received flags
|
||||
};
|
||||
|
||||
/*
|
||||
|
||||
@@ -21,19 +21,19 @@ struct session_transition
|
||||
* SESSION_STATE_OPENING -> SESSION_STATE_ACTIVE ( TCP_DATA | UDP_DATA )
|
||||
* SESSION_STATE_OPENING -> SESSION_STATE_CLOSING ( TCP_FIN | TCP_RST | TIMEOUT )
|
||||
* SESSION_STATE_OPENING -> SESSION_STATE_DISCARD ( USER_CLOSE )
|
||||
* SESSION_STATE_OPENING -> SESSION_STATE_CLOSED ( LRU_EVICT )
|
||||
* SESSION_STATE_OPENING -> SESSION_STATE_CLOSED ( LRU_EVICT | PORT_REUSE_EVICT )
|
||||
*
|
||||
* SESSION_STATE_ACTIVE -> SESSION_STATE_ACTIVE ( NONE )
|
||||
* SESSION_STATE_ACTIVE -> SESSION_STATE_CLOSING ( TCP_FIN | TCP_RST | TIMEOUT )
|
||||
* SESSION_STATE_ACTIVE -> SESSION_STATE_DISCARD ( USER_CLOSE )
|
||||
* SESSION_STATE_ACTIVE -> SESSION_STATE_CLOSED ( LRU_EVICT )
|
||||
* SESSION_STATE_ACTIVE -> SESSION_STATE_CLOSED ( LRU_EVICT | PORT_REUSE_EVICT)
|
||||
*
|
||||
* SESSION_STATE_CLOSING -> SESSION_STATE_CLOSING ( NONE )
|
||||
* SESSION_STATE_CLOSING -> SESSION_STATE_DISCARD ( USER_CLOSE )
|
||||
* SESSION_STATE_CLOSING -> SESSION_STATE_CLOSED ( LRU_EVICT | TIMEOUT )
|
||||
* SESSION_STATE_CLOSING -> SESSION_STATE_CLOSED ( LRU_EVICT | PORT_REUSE_EVICT | TIMEOUT )
|
||||
*
|
||||
* SESSION_STATE_DISCARD -> SESSION_STATE_DISCARD ( NONE )
|
||||
* SESSION_STATE_DISCARD -> SESSION_STATE_CLOSED ( LRU_EVICT | TIMEOUT )
|
||||
* SESSION_STATE_DISCARD -> SESSION_STATE_CLOSED ( LRU_EVICT | PORT_REUSE_EVICT | TIMEOUT )
|
||||
*/
|
||||
|
||||
static void session_inputs_to_str(int inputs, char *buff, int len)
|
||||
|
||||
@@ -243,7 +243,7 @@ int build_tcp_packet(const struct packet *first, uint16_t ip_id, uint8_t ip_ttl,
|
||||
switch (curr->type)
|
||||
{
|
||||
case LAYER_TYPE_TCP:
|
||||
trim = curr->hdr_len + curr->pld_len - sizeof(struct tcphdr) + pld_len;
|
||||
trim = curr->hdr_len + curr->pld_len - sizeof(struct tcphdr) - pld_len;
|
||||
if (len - trim > buff_size)
|
||||
{
|
||||
return -ENOMEM;
|
||||
@@ -330,7 +330,7 @@ int build_udp_packet(const struct packet *first, const char *udp_pld, int pld_le
|
||||
switch (curr->type)
|
||||
{
|
||||
case LAYER_TYPE_UDP:
|
||||
trim = curr->hdr_len + curr->pld_len - sizeof(struct udphdr) + pld_len;
|
||||
trim = curr->hdr_len + curr->pld_len - sizeof(struct udphdr) - pld_len;
|
||||
if (len - trim > buff_size)
|
||||
{
|
||||
return -ENOMEM;
|
||||
|
||||
Reference in New Issue
Block a user