diff options
author | Florin Coras <fcoras@cisco.com> | 2017-11-27 02:43:30 -0800 |
---|---|---|
committer | Dave Wallace <dwallacelf@gmail.com> | 2017-11-27 15:25:52 +0000 |
commit | 701311364b8846f25df5ec0d37abd8293b3f9f5e (patch) | |
tree | 3894c8b09252b1607cc1501339015379e81fc5c9 /src | |
parent | c8a26c6d239554bac96c481c840b3f5b3d8a17af (diff) |
tcp: fix proxy connection validation
Change-Id: Icb0274cd3bcabfab8bdff6dec7440a3a15edfbf1
Signed-off-by: Florin Coras <fcoras@cisco.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/vnet/tcp/tcp_input.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/vnet/tcp/tcp_input.c b/src/vnet/tcp/tcp_input.c index d3db7ef1eec..614b94a4b06 100644 --- a/src/vnet/tcp/tcp_input.c +++ b/src/vnet/tcp/tcp_input.c @@ -1870,6 +1870,10 @@ tcp_lookup_is_valid (tcp_connection_t * tc, tcp_header_t * hdr) if (!tc) return 1; + /* Proxy case */ + if (tc->c_lcl_port == 0 && tc->state == TCP_STATE_LISTEN) + return 1; + u8 is_valid = (tc->c_lcl_port == hdr->dst_port && (tc->state == TCP_STATE_LISTEN || tc->c_rmt_port == hdr->src_port)); |