On Fri, Nov 30, 2001 at 12:43:44PM +0100, Guillaume Morin wrote: > Dans un message du 30 Nov à 12:58, mdevin@ozemail.com.au écrivait : > > Here is some example ones from my syslog: > > Nov 30 12:32:00 beast kernel: ipt_unclean: TCP flags bad: 4 > > Nov 30 12:32:00 beast kernel: unclean_::IN=ppp0 OUT= MAC= > > SRC=212.43.237.66 DST=144.134.71.208 LEN=40 TOS=0x00 PREC=0x00 TTL=238 > > ID=40412 PROTO=TCP SPT=80 DPT=33041 WINDOW=0 RES=0x00 RST URGP=0 > > It is just an unclean bug that has been there forever. You can safely > ignore those warnings. Applying this patch will fix that problem and fix > another unclean problem : I appologise upfront for my ignorance on this matter. But how do you apply such a patch? > > diff -uNr linux-2.4.14-pre8/net/ipv4/netfilter/ipt_unclean.c linux-tcprb-fixed/net/ipv4/netfilter/ipt_unclean.c > --- linux-2.4.14-pre8/net/ipv4/netfilter/ipt_unclean.c Wed Oct 31 14:38:23 2001 > +++ linux-tcprb-fixed/net/ipv4/netfilter/ipt_unclean.c Sun Nov 4 08:30:58 2001 > @@ -257,6 +257,8 @@ > #define TH_PUSH 0x08 > #define TH_ACK 0x10 > #define TH_URG 0x20 > +#define TH_ECE 0x40 > +#define TH_CWR 0x80 > > /* TCP-specific checks. */ > static int > @@ -328,9 +330,10 @@ > } > > /* CHECK: TCP flags. */ > - tcpflags = ((u_int8_t *)tcph)[13]; > + tcpflags = (((u_int8_t *)tcph)[13] & ~(TH_ECE|TH_CWR)); > if (tcpflags != TH_SYN > && tcpflags != (TH_SYN|TH_ACK) > + && tcpflags != TH_RST > && tcpflags != (TH_RST|TH_ACK) > && tcpflags != (TH_RST|TH_ACK|TH_PUSH) > && tcpflags != (TH_FIN|TH_ACK) > Thanks for the info. I am glad that it is not something that I have done wrong to cause these. I did only start to notice them after upgrading to the 2.4.14 kernel from 2.4.4 - and I didn't change my iptables rules in between. Regards. Mark.
Attachment:
pgptwIFG0Peaf.pgp
Description: PGP signature