Hi Patrick, On Thu, 4 Oct 2007, Patrick McHardy wrote: > Jozsef Kadlecsik wrote: > > I think the code segment is correct. However, the end of the segment > > is miscalculated by segment_seq_plus_len because the offset added to > > 'dataoff' by the get_l4proto function of IPv4/IPv6 is not taken into > > account. Please check whether the patch below fixes it: > > Actually that offset should always be zero for anything but packets > encapsulated within ICMP, which don't pass though TCP conntrack. Here we calculate the sequence number of the last octet in the packet from the actual data length of the skbuff, so by the 'dataoff' argument of segment_seq_plus_len we must pass the length of the IP(v4|6) header. But the 'dataoff' parameter supplied by the nf_conntrack core is larger by skb_network_offset(skb) therefore 'dataoff' must be decremented by it before passing to segment_seq_plus_len. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
