![[LWN Logo]](/images/lwn.banner.gif)
From: alan@lxorguk.ukuu.org.uk (Alan Cox) Subject: Re: 2.0.34 BUG: TCP KeepAlive processing To: robn@verdi.et.tudelft.nl (Rob van Nieuwkerk) Date: Sun, 7 Jun 1998 16:23:07 +0100 (BST) > This change in behaviour is related to a change in net/ipv4/tcp_input.c: > the last statement of tcp_ack() was changed from "return 1;" to > "return 0;" in 2.0.34 (line 1728). Changing it back to the 2.0.33 > one gives back the wanted behaviour. Yep. The problem is putting it back to the 2.0.33 behaviour also allows a third party using only remote packet counts (eg snmp access) to find the sequence number of a tcp session and attack it. (Linux and other OS's) I'll look at work arounds in .35 - the obvious one is to ack just 1 byte out of window in the direction used by old BSD keepalives. Alan - To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.rutgers.edu