On Wed, Apr 19, 2017 at 09:22:08AM -0700, Eric Dumazet wrote: > On Wed, 2017-04-19 at 17:58 +0200, Pablo Neira Ayuso wrote: > > On Wed, Apr 19, 2017 at 09:23:42AM +0800, gfree.wind@xxxxxxxxxxx wrote: > > > From: Gao Feng <fgao@xxxxxxxxxx> > > > > > > The window scale may be enlarged from 14 to 15 according to the itef > > > draft https://tools.ietf.org/html/draft-nishida-tcpm-maxwin-03. > > > > > > Use the macro TCP_MAX_WSCALE to support it easily with TCP stack in > > > the future. > > > > Applied, thanks. > > Note that linux kernel is not ready yet for a TCP_MAX_WSCALE being > changed to 15. > > Signed 32bit sk counters can already be abused with 1GB TCP windows, for > malicious peers sending SACK forcing linux to increase its memory usage > above 2GB and overflows are pretty bad. We have tend to use our own definitions for the TCP connection tracking so far. This one I checked it refers RFC1323 too. If this semantics may change from one way to another in a way that may break conntracking, please let me know, I can toss it here. Thanks Eric! -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
