/*------------------------------------------------------------------------ * tcpok - determine if a received segment is acceptable *------------------------------------------------------------------------ */ Bool tcpok(struct tcb *ptcb, struct ep *pep) { struct ip *pip = (struct ip *)pep->ep_data; struct tcp *ptcp = (struct tcp *) pip->ip_data; int seglen, rwindow; tcpseq wlast, slast, sup; Bool rv; if (ptcb->tcb_state < TCPS_SYNRCVD) return TRUE; seglen = pip->ip_len - IP_HLEN(pip) - TCP_HLEN(ptcp); /* add SYN and FIN */ if (ptcp->tcp_code & TCPF_SYN) ++seglen; if (ptcp->tcp_code & TCPF_FIN) ++seglen; rwindow = ptcb->tcb_rbsize - ptcb->tcb_rbcount; if (rwindow == 0 && seglen == 0) return ptcp->tcp_seq == ptcb->tcb_rnext; wlast = ptcb->tcb_rnext + rwindow - 1; rv = (ptcp->tcp_seq - ptcb->tcb_rnext) >= 0 && (ptcp->tcp_seq - wlast) <= 0; if (seglen == 0) return rv; slast = ptcp->tcp_seq + seglen - 1; rv |= (slast - ptcb->tcb_rnext) >= 0 && (slast - wlast) <= 0; /* If no window, strip data but keep ACK, RST and URG */ if (rwindow == 0) pip->ip_len = IP_HLEN(pip) + TCP_HLEN(ptcp); return rv; }
/*------------------------------------------------------------------------ * tcpreset - generate a reset in response to a bad packet *------------------------------------------------------------------------ */ int tcpreset(struct ep *pepin) { struct ep *pepout; struct ip *pipin = (struct ip *)pepin->ep_data, *pipout; struct tcp *ptcpin = (struct tcp *)pipin->ip_data, *ptcpout; int datalen; if (ptcpin->tcp_code & TCPF_RST) return OK; /* no RESETs on RESETs */ pepout = (struct ep *)getbuf(Net.netpool); if ((int)pepout == SYSERR) return SYSERR; pipout = (struct ip *)pepout->ep_data; pipout->ip_src = pipin->ip_dst; pipout->ip_dst = pipin->ip_src; ptcpout = (struct tcp *)pipout->ip_data; ptcpout->tcp_sport = ptcpin->tcp_dport; ptcpout->tcp_dport = ptcpin->tcp_sport; if (ptcpin->tcp_code & TCPF_ACK) { ptcpout->tcp_seq = ptcpin->tcp_ack; ptcpout->tcp_code = TCPF_RST; } else { ptcpout->tcp_seq = 0; ptcpout->tcp_code = TCPF_RST|TCPF_ACK; } datalen = pipin->ip_len - IP_HLEN(pipin) - TCP_HLEN(ptcpin); if (ptcpin->tcp_code & TCPF_SYN) datalen++; if (ptcpin->tcp_code & TCPF_FIN) datalen++; ptcpout->tcp_ack = ptcpin->tcp_seq + datalen; ptcpout->tcp_offset = TCPHOFFSET; ptcpout->tcp_window = ptcpout->tcp_urgptr = 0; tcph2net(ptcpout); ptcpout->tcp_cksum = 0; ptcpout->tcp_cksum = tcpcksum(pepout, TCPMHLEN); TcpOutSegs++; TcpOutRsts++; return ipsend(pipin->ip_src, pepout, TCPMHLEN, IPT_TCP, IPP_NORMAL, IP_TTL); }
/*------------------------------------------------------------------------ * tcpackit - generate an ACK for a received TCP packet *------------------------------------------------------------------------ */ int tcpackit(struct tcb *ptcb, struct ep *pepin) { struct ep *pepout; struct ip *pipin = (struct ip *)pepin->ep_data, *pipout; struct tcp *ptcpin = (struct tcp *)pipin->ip_data, *ptcpout; if (ptcpin->tcp_code & TCPF_RST) return OK; if (pipin->ip_len <= IP_HLEN(pipin) + TCP_HLEN(ptcpin) && !(ptcpin->tcp_code & (TCPF_SYN|TCPF_FIN))) return OK; /* duplicate ACK */ pepout = (struct ep *)getbuf(Net.netpool); if ((int)pepout == SYSERR) return SYSERR; pepout->ep_order = ~0; pipout = (struct ip *)pepout->ep_data; pipout->ip_src = pipin->ip_dst; pipout->ip_dst = pipin->ip_src; ptcpout = (struct tcp *)pipout->ip_data; ptcpout->tcp_sport = ptcpin->tcp_dport; ptcpout->tcp_dport = ptcpin->tcp_sport; ptcpout->tcp_seq = ptcb->tcb_snext; ptcpout->tcp_ack = ptcb->tcb_rnext; ptcpout->tcp_code = TCPF_ACK; ptcpout->tcp_offset = TCPHOFFSET; ptcpout->tcp_window = tcprwindow(ptcb); ptcpout->tcp_urgptr = 0; ptcpout->tcp_cksum = 0; tcph2net(ptcpout); pepout->ep_order &= ~EPO_TCP; ptcpout->tcp_cksum = tcpcksum(pepout, TCPMHLEN); TcpOutSegs++; return ipsend(pipin->ip_src, pepout, TCPMHLEN, IPT_TCP, IPP_NORMAL, IP_TTL); }