jvillanyi
commented
6 years ago The patch below fixes this by rearranging the relevant part of ofp_tcp_respond() so that the ports are swapped both for IPv4 and for IPv6:
--- src/ofp_tcp_subr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/ofp_tcp_subr.c b/src/ofp_tcp_subr.c index 1882055..d425847 100644 --- a/src/ofp_tcp_subr.c +++ b/src/ofp_tcp_subr.c @@ -591,9 +591,9 @@ ofp_tcp_respond(struct tcpcb tp, void ipgen, struct ofp_tcphdr *th, odp_packet
endif / INET6 /
{
xchg(ip->ip_dst.s_addr, ip->ip_src.s_addr, uint32_t);-
xchg(nth->th_dport, nth->th_sport, uint16_t); }
-
xchg(nth->th_dport, nth->th_sport, uint16_t);
undef xchg
} /* valid_m */--
I have submitted this patch to the OFP mailing list as well.
In case of IPv6 the RST generated in response to a bad incoming packet has its src and dst tcp ports mixed up: the src port value is in the dst port field of the TCP header and vice versa. This problem does not exist in the IPv4 case.