Hi Patrick, On h, okt 01, 2007 at 04:09:21 +0200, Patrick McHardy wrote: > KOVACS Krisztian wrote: > >>>ipv4/tcp_output.c > >>>index 666d8a5..69dd230 100644 > >>>--- a/net/ipv4/tcp_output.c > >>>+++ b/net/ipv4/tcp_output.c > >>>@@ -2153,7 +2153,11 @@ struct sk_buff * tcp_make_synack(struct sock > >>>*sk, struct dst_entry *dst, th->syn = 1; > >>> th->ack = 1; > >>> TCP_ECN_make_synack(req, th); > >>>+#if defined(CONFIG_IP_NF_TPROXY) || > >>>defined(CONFIG_IP_NF_TPROXY_MODULE) + th->source = ireq->loc_port; > >>>+#else > >>> th->source = inet_sk(sk)->sport; > >>>+#endif > >> > >>I think this should simply use loc_port unconditionally. > > > > > > Unfortunately ireq->loc_port does not exist unless tproxy is enabled in > > the config. (We could remove all these #ifdefs but that would mean > > extending inet_request_sock with 2 bytes even if tproxy is not enabled.) > > > There's a 2 byte hole with IPv6 where you could put this in. > I think even without IPv6 the small waste is not worth the > increased testing complexity. Ok, I'll remove the ifdefs then and add loc_port in that hole. Thanks for your feedback. -- KOVACS Krisztian - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
