patch-2.4.27 linux-2.4.27/net/ipv4/netfilter/ipt_unclean.c
Next file: linux-2.4.27/net/ipv4/netfilter/iptable_mangle.c
Previous file: linux-2.4.27/net/ipv4/netfilter/ipt_owner.c
Back to the patch index
Back to the overall index
- Lines: 27
- Date:
2004-08-07 16:26:06.995442970 -0700
- Orig file:
linux-2.4.26/net/ipv4/netfilter/ipt_unclean.c
- Orig date:
2003-11-28 10:26:21.000000000 -0800
diff -urN linux-2.4.26/net/ipv4/netfilter/ipt_unclean.c linux-2.4.27/net/ipv4/netfilter/ipt_unclean.c
@@ -467,9 +467,8 @@
/* Fragment checks. */
/* CHECK: More fragments, but doesn't fill 8-byte boundary. */
- if ((ntohs(iph->frag_off) & IP_MF)
- && (ntohs(iph->tot_len) % 8) != 0) {
- limpk("Truncated fragment %u long.\n", ntohs(iph->tot_len));
+ if ((ntohs(iph->frag_off) & IP_MF) && datalen % 8 != 0) {
+ limpk("Truncated fragment %u long.\n", datalen);
return 0;
}
@@ -479,14 +478,6 @@
return 0;
}
- /* CHECK: DF set and offset or MF set. */
- if ((ntohs(iph->frag_off) & IP_DF)
- && (offset || (ntohs(iph->frag_off) & IP_MF))) {
- limpk("DF set and offset=%u, MF=%u.\n",
- offset, ntohs(iph->frag_off) & IP_MF);
- return 0;
- }
-
/* CHECK: Zero-sized fragments. */
if ((offset || (ntohs(iph->frag_off) & IP_MF))
&& datalen == 0) {
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)