leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity

netfilter: ipt_REJECT: postpone the checksum calculation.

Browse Source 
postpone the checksum calculation, then if the output NIC supports checksum
offloading, we can utlize it. And though the output NIC doesn't support
checksum offloading, but we'll mangle this packet, this can free us from
updating the checksum, as the checksum calculation occurs later.

Signed-off-by: Changli Gao <xiaosuo@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
Changli Gao 2010-07-05 10:39:17 +02:00 committed by Patrick McHardy
parent ea8fbe8f19
commit 98b0e84aaa
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
net/ipv4/netfilter/ipt_REJECT.c
View File

@ -95,10 +95,11 @@ static void send_reset(struct sk_buff *oldskb, int hook)
} }
tcph->rst = 1; tcph->rst = 1;
tcph->check = tcp_v4_check(sizeof(struct tcphdr), tcph->check = ~tcp_v4_check(sizeof(struct tcphdr), niph->saddr,
niph->saddr, niph->daddr, niph->daddr, 0);
csum_partial(tcph, nskb->ip_summed = CHECKSUM_PARTIAL;
sizeof(struct tcphdr), 0)); nskb->csum_start = (unsigned char *)tcph - nskb->head;
nskb->csum_offset = offsetof(struct tcphdr, check);
addr_type = RTN_UNSPEC; addr_type = RTN_UNSPEC;
if (hook != NF_INET_FORWARD if (hook != NF_INET_FORWARD
@ -115,7 +116,6 @@ static void send_reset(struct sk_buff *oldskb, int hook)
goto free_nskb; goto free_nskb;
niph->ttl = dst_metric(skb_dst(nskb), RTAX_HOPLIMIT); niph->ttl = dst_metric(skb_dst(nskb), RTAX_HOPLIMIT);
nskb->ip_summed = CHECKSUM_NONE;
/* "Never happens" */ /* "Never happens" */
if (nskb->len > dst_mtu(skb_dst(nskb))) if (nskb->len > dst_mtu(skb_dst(nskb)))