|
@@ -42,15 +42,21 @@ enum nf_tproxy_lookup_t {
|
|
|
|
|
|
|
|
static bool tproxy_sk_is_transparent(struct sock *sk)
|
|
static bool tproxy_sk_is_transparent(struct sock *sk)
|
|
|
{
|
|
{
|
|
|
- if (sk->sk_state != TCP_TIME_WAIT) {
|
|
|
|
|
- if (inet_sk(sk)->transparent)
|
|
|
|
|
- return true;
|
|
|
|
|
- sock_put(sk);
|
|
|
|
|
- } else {
|
|
|
|
|
|
|
+ switch (sk->sk_state) {
|
|
|
|
|
+ case TCP_TIME_WAIT:
|
|
|
if (inet_twsk(sk)->tw_transparent)
|
|
if (inet_twsk(sk)->tw_transparent)
|
|
|
return true;
|
|
return true;
|
|
|
- inet_twsk_put(inet_twsk(sk));
|
|
|
|
|
|
|
+ break;
|
|
|
|
|
+ case TCP_NEW_SYN_RECV:
|
|
|
|
|
+ if (inet_rsk(inet_reqsk(sk))->no_srccheck)
|
|
|
|
|
+ return true;
|
|
|
|
|
+ break;
|
|
|
|
|
+ default:
|
|
|
|
|
+ if (inet_sk(sk)->transparent)
|
|
|
|
|
+ return true;
|
|
|
}
|
|
}
|
|
|
|
|
+
|
|
|
|
|
+ sock_gen_put(sk);
|
|
|
return false;
|
|
return false;
|
|
|
}
|
|
}
|
|
|
|
|
|
Eric Dumazet