m->m_data += sizeof(struct tcpiphdr)+off-sizeof(struct tcphdr);
m->m_len -= sizeof(struct tcpiphdr)+off-sizeof(struct tcphdr);
- if (slirp->restricted) {
- for (ex_ptr = slirp->exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next) {
- if (ex_ptr->ex_fport == ti->ti_dport &&
- ti->ti_dst.s_addr == ex_ptr->ex_addr.s_addr) {
- break;
- }
- }
- if (!ex_ptr)
- goto drop;
- }
/*
* Locate pcb for segment.
*/
* as if it was LISTENING, and continue...
*/
if (so == NULL) {
+ if (slirp->restricted) {
+ /* Any hostfwds will have an existing socket, so we only get here
+ * for non-hostfwd connections. These should be dropped, unless it
+ * happens to be a guestfwd.
+ */
+ for (ex_ptr = slirp->exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next) {
+ if (ex_ptr->ex_fport == ti->ti_dport &&
+ ti->ti_dst.s_addr == ex_ptr->ex_addr.s_addr) {
+ break;
+ }
+ }
+ if (!ex_ptr) {
+ goto dropwithreset;
+ }
+ }
+
if ((tiflags & (TH_SYN|TH_FIN|TH_RST|TH_URG|TH_ACK)) != TH_SYN)
goto dropwithreset;
so->so_ti = ti;
tp->t_timer[TCPT_KEEP] = TCPTV_KEEP_INIT;
tp->t_state = TCPS_SYN_RECEIVED;
+ tcp_template(tp);
}
return;
tp->rcv_up = tp->rcv_nxt;
dodata:
+ /*
+ * If this is a small packet, then ACK now - with Nagel
+ * congestion avoidance sender won't send more until
+ * he gets an ACK.
+ */
+ if (ti->ti_len && (unsigned)ti->ti_len <= 5 &&
+ ((struct tcpiphdr_2 *)ti)->first_char == (char)27) {
+ tp->t_flags |= TF_ACKNOW;
+ }
+
/*
* Process the segment text, merging it into the TCP sequencing queue,
* and arranging for acknowledgment of receipt if necessary.
}
}
- /*
- * If this is a small packet, then ACK now - with Nagel
- * congestion avoidance sender won't send more until
- * he gets an ACK.
- *
- * See above.
- */
- if (ti->ti_len && (unsigned)ti->ti_len <= 5 &&
- ((struct tcpiphdr_2 *)ti)->first_char == (char)27) {
- tp->t_flags |= TF_ACKNOW;
- }
-
/*
* Return any desired output.
*/
* Drop space held by incoming segment and return.
*/
m_free(m);
-
- return;
}
static void