[En-Nut-Discussion] TCP header unused bits error (bug???) with fix

Grzegorz Płoński grzegorz.plonski at numeron.pl
Mon Nov 22 21:41:11 CET 2004 

Hello, 

 

Today I've got connected through ppp to the version  "sarge" of Debian, on which the postfix was mounted. I wanted to post an e-mail. 

 

Unfortunately, every attempt of opening port 25 was a failure. I didn't try to open other ports, but I think it would be the same. 

 

In the Debian logs I found the following: 

()

Nov 22 16:19:19 numerek postfix/smtpd[19542]: connect from dc13.internetdsl.tpnet.pl[80.53.238.13]

Nov 22 16:19:19 numerek kernel: ipt_unclean: TCP reserved bits not zero <----------------------------------------------ERROR

Nov 22 16:19:22 numerek last message repeated 2 times

 

Nov 22 16:22:54 numerek postfix/smtpd[19545]: connect from dc13.internetdsl.tpnet.pl[80.53.238.13]

Nov 22 16:22:54 numerek kernel: ipt_unclean: TCP reserved bits not zero <----------------------------------------------ERROR

Nov 22 16:22:57 numerek last message repeated 2 times

(/)

 

 

 

I also found a remedy to this problem - you simly have to set the unused bits to zero. The correction has to be made in module tcpout.c, function  NutTcpOutput before calculating the checksum (perhaps there is a better place - let Harald comment on that) 

 

//***************************************************

 

 /*

  * Clear unused bits by Greg Plonski, 2004-11-22

  */

                         

    th->th_x2 = 0;  // <-------------------------------  INSERTED

 

    /*

     * Calculate TCP checksum.

     */

    csum =

        NutIpPseudoChkSumPartial(sock->so_local_addr, sock->so_remote_addr,

                                 IPPROTO_TCP,

                                 htons(nb->nb_tp.sz + nb->nb_ap.sz));

    csum = NutIpChkSumPartial(csum, th, nb->nb_tp.sz);

    th->th_sum = NutIpChkSum(csum, nb->nb_ap.vp, nb->nb_ap.sz);

 

 

//***************************************************

 

 

I use version  3.4.2. NutOS too. So the error I found may have already been corercted. 

 

 

Debian which showed the error can be found at: 

http://www.debian.org/releases/testing/index.en.html <http://www.debian.org/releases/testing/index.en.html> 

 

 

Greg

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.egnite.de/pipermail/en-nut-discussion/attachments/20041122/53c7a2e7/attachment-0001.html>

More information about the En-Nut-Discussion mailing list