tcp: fix proxy connection validation

Change-Id: Icb0274cd3bcabfab8bdff6dec7440a3a15edfbf1 Signed-off-by: Florin Coras <fcoras@cisco.com>
author: Florin Coras <fcoras@cisco.com> 2017-11-27 02:43:30 -0800
committer: Dave Wallace <dwallacelf@gmail.com> 2017-11-27 15:25:52 +0000
commit: 701311364b8846f25df5ec0d37abd8293b3f9f5e (patch)
tree: 3894c8b09252b1607cc1501339015379e81fc5c9
parent: c8a26c6d239554bac96c481c840b3f5b3d8a17af (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/src/vnet/tcp/tcp_input.c b/src/vnet/tcp/tcp_input.c
index d3db7ef1eec..614b94a4b06 100644
--- a/src/vnet/tcp/tcp_input.c
+++ b/src/vnet/tcp/tcp_input.c
@@ -1870,6 +1870,10 @@ tcp_lookup_is_valid (tcp_connection_t * tc, tcp_header_t * hdr)
   if (!tc)
     return 1;
 
+  /* Proxy case */
+  if (tc->c_lcl_port == 0 && tc->state == TCP_STATE_LISTEN)
+    return 1;
+
   u8 is_valid = (tc->c_lcl_port == hdr->dst_port
 		 && (tc->state == TCP_STATE_LISTEN
 		     || tc->c_rmt_port == hdr->src_port));
author	Florin Coras <fcoras@cisco.com>	2017-11-27 02:43:30 -0800
committer	Dave Wallace <dwallacelf@gmail.com>	2017-11-27 15:25:52 +0000
commit	701311364b8846f25df5ec0d37abd8293b3f9f5e (patch)
tree	3894c8b09252b1607cc1501339015379e81fc5c9
parent	c8a26c6d239554bac96c481c840b3f5b3d8a17af (diff)