help understanding a netfilter comment
From: Giacomo (jacum_at_libero.it)
Date: 09/12/05
- Previous message: Jaggu: "Re: help..accessing load address of user space programs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 12 Sep 2005 11:46:15 GMT
Good morning, i did not understand what problems are concerned with
"The checked segment is in window, but our windows are *not*
equivalent with the ones of the sender/receiver"
I have a problem programming a nat module for linux kernel and i would like
to understand
the problem pointed out in this comment to see if it could be the cause of
malfunction.
When translating addresses and ports, is it necessary to deal with windows
or other parameters
such as seq/ack numbers? (I don't touch payload, just ips and ports).
Thanks in advance, Giacomo.
The comment is extracted from ip_conntrack_proto_tcp.c
/*
* The TCP state transition table needs a few words...
*
* We are the man in the middle. All the packets go through us
* but might get lost in transit to the destination.
* It is assumed that the destinations can't receive segments
* we haven't seen.
*
* The checked segment is in window, but our windows are *not*
* equivalent with the ones of the sender/receiver. We always
* try to guess the state of the current sender.
*
* The meaning of the states are:
*
* NONE: initial state
....
- Previous message: Jaggu: "Re: help..accessing load address of user space programs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
