netfilter: tproxy: prepare TCP_NEW_SYN_RECV support
TCP request socks soon will be visible in ehash table. Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
a8399231f0
commit
8b58014779
1 changed files with 12 additions and 6 deletions
|
@ -42,15 +42,21 @@ enum nf_tproxy_lookup_t {
|
|||
|
||||
static bool tproxy_sk_is_transparent(struct sock *sk)
|
||||
{
|
||||
if (sk->sk_state != TCP_TIME_WAIT) {
|
||||
if (inet_sk(sk)->transparent)
|
||||
return true;
|
||||
sock_put(sk);
|
||||
} else {
|
||||
switch (sk->sk_state) {
|
||||
case TCP_TIME_WAIT:
|
||||
if (inet_twsk(sk)->tw_transparent)
|
||||
return true;
|
||||
inet_twsk_put(inet_twsk(sk));
|
||||
break;
|
||||
case TCP_NEW_SYN_RECV:
|
||||
if (inet_rsk(inet_reqsk(sk))->no_srccheck)
|
||||
return true;
|
||||
break;
|
||||
default:
|
||||
if (inet_sk(sk)->transparent)
|
||||
return true;
|
||||
}
|
||||
|
||||
sock_gen_put(sk);
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue