From 189dbc5853ce73448ca0d2423bbac3aa23712478 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Fri, 11 Sep 2009 16:19:41 +0200
Subject: conntrackd: fix MTU for TCP channels

Use the TCP header size (20 bytes) instead of the UDP header size
(8 bytes) to calculate the maximum packet size.

Reported-by: Samuel Gauthier <samuel.gauthier@6wind.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/channel.c       | 9 ++++-----
 src/channel_mcast.c | 1 +
 src/channel_tcp.c   | 1 +
 src/channel_udp.c   | 1 +
 4 files changed, 7 insertions(+), 5 deletions(-)

(limited to 'src')

diff --git a/src/channel.c b/src/channel.c
index 76fb057..7374d1b 100644
--- a/src/channel.c
+++ b/src/channel.c
@@ -29,8 +29,6 @@ void channel_init(void)
 	ops[CHANNEL_TCP] = &channel_tcp;
 }
 
-#define HEADERSIZ 28 /* IP header (20 bytes) + UDP header 8 (bytes) */
-
 struct channel_buffer {
 	char	*data;
 	int	size;
@@ -38,7 +36,7 @@ struct channel_buffer {
 };
 
 static struct channel_buffer *
-channel_buffer_open(int mtu)
+channel_buffer_open(int mtu, int headersiz)
 {
 	struct channel_buffer *b;
 
@@ -46,7 +44,7 @@ channel_buffer_open(int mtu)
 	if (b == NULL)
 		return NULL;
 
-	b->size = mtu - HEADERSIZ;
+	b->size = mtu - headersiz;
 
 	b->data = malloc(b->size);
 	if (b->data == NULL) {
@@ -108,7 +106,8 @@ channel_open(struct channel_conf *conf)
 	c->ops = ops[conf->channel_type];
 
 	if (conf->channel_flags & CHANNEL_F_BUFFERED) {
-		c->buffer = channel_buffer_open(c->channel_ifmtu);
+		c->buffer = channel_buffer_open(c->channel_ifmtu,
+						c->ops->headersiz);
 		if (c->buffer == NULL) {
 			free(c);
 			return NULL;
diff --git a/src/channel_mcast.c b/src/channel_mcast.c
index 9fcacac..35801d7 100644
--- a/src/channel_mcast.c
+++ b/src/channel_mcast.c
@@ -126,6 +126,7 @@ channel_mcast_accept_isset(struct channel *c, fd_set *readfds)
 }
 
 struct channel_ops channel_mcast = {
+	.headersiz	= 28, /* IP header (20 bytes) + UDP header 8 (bytes) */
 	.open		= channel_mcast_open,
 	.close		= channel_mcast_close,
 	.send		= channel_mcast_send,
diff --git a/src/channel_tcp.c b/src/channel_tcp.c
index 9fb4b07..f132840 100644
--- a/src/channel_tcp.c
+++ b/src/channel_tcp.c
@@ -136,6 +136,7 @@ channel_tcp_accept(struct channel *c)
 }
 
 struct channel_ops channel_tcp = {
+	.headersiz	= 40, /* IP header (20 bytes) + TCP header 20 (bytes) */
 	.open		= channel_tcp_open,
 	.close		= channel_tcp_close,
 	.send		= channel_tcp_send,
diff --git a/src/channel_udp.c b/src/channel_udp.c
index 5c88647..a46a2b1 100644
--- a/src/channel_udp.c
+++ b/src/channel_udp.c
@@ -126,6 +126,7 @@ channel_udp_accept_isset(struct channel *c, fd_set *readfds)
 }
 
 struct channel_ops channel_udp = {
+	.headersiz	= 28, /* IP header (20 bytes) + UDP header 8 (bytes) */
 	.open		= channel_udp_open,
 	.close		= channel_udp_close,
 	.send		= channel_udp_send,
-- 
cgit v1.2.3