diff options
| author | luwenpeng <[email protected]> | 2023-11-07 17:56:39 +0800 |
|---|---|---|
| committer | luwenpeng <[email protected]> | 2023-11-07 17:57:52 +0800 |
| commit | 2b00650d3e3d25cdd2bd704caa94112e40ff5923 (patch) | |
| tree | a890fff8312e2e3ba1187292913f3bd2c7358da0 | |
| parent | cc1a6f7a8742647dd405dc5df5d055c16fa10f67 (diff) | |
TCP handshake for decrypted traffic disables IP fragmentationv4.8.41-20231108
| -rw-r--r-- | common/src/packet_construct.cpp | 4 | ||||
| -rw-r--r-- | common/src/tfe_packet_io.cpp | 10 |
2 files changed, 11 insertions, 3 deletions
diff --git a/common/src/packet_construct.cpp b/common/src/packet_construct.cpp index 6e17fa9..88f6070 100644 --- a/common/src/packet_construct.cpp +++ b/common/src/packet_construct.cpp @@ -218,7 +218,7 @@ int ipv4_header_construct(char *buffer, uint16_t carry_layer_len, struct in_addr ip_hdr->tos = tos; ip_hdr->tot_len = htons(sizeof(struct iphdr) + carry_layer_len); ip_hdr->id = htons(id); - ip_hdr->frag_off = 0; + ip_hdr->frag_off = htons(frag); ip_hdr->ttl = ttl; ip_hdr->protocol = protocol; ip_hdr->check = 0; @@ -334,7 +334,7 @@ int tcp_packet_v4_construct( // IPv4 Header u_char protocol = IPPROTO_TCP; - uint16_t frag = 0; + uint16_t frag = IP_DF; length += ipv4_header_construct(buffer + length, sizeof(struct tcphdr) + tcp_options_len + payload_len, src_addr, dst_addr, tos, id, frag, ttl, protocol); // TCP header and payload diff --git a/common/src/tfe_packet_io.cpp b/common/src/tfe_packet_io.cpp index 30c5366..e7cc60e 100644 --- a/common/src/tfe_packet_io.cpp +++ b/common/src/tfe_packet_io.cpp @@ -2001,6 +2001,14 @@ void handle_decryption_packet_from_tap(const char *data, int len, void *args) struct session_node *node = session_table_search_by_addr(thread->session_table, &inner_addr); if (node == NULL) { + if (thread->ref_acceptor_ctx->debug) + { + char *str = addr_tuple4_to_str(&inner_addr); + uint16_t ipid = raw_packet_parser_get_most_inner_ipid(&raw_parser); + TFE_LOG_ERROR(logger, "decypted packet from tap %s (ipid: %u) miss session table", str, ipid); + free(str); + } + throughput_metrics_inc(&packet_io_fs->decrypt_rxdrop, 1, len); return; } @@ -2082,7 +2090,7 @@ void handle_raw_packet_from_tap(const char *data, int len, void *args) { char *str = addr_tuple4_to_str(&inner_addr); uint16_t ipid = raw_packet_parser_get_most_inner_ipid(&raw_parser); - TFE_LOG_ERROR(logger, "packet from tap %s (ipid: %u) miss session table", str, ipid); + TFE_LOG_ERROR(logger, "raw packet from tap %s (ipid: %u) miss session table", str, ipid); free(str); } |