Merge pull request #2275 from nybidari:iptables

PiperOrigin-RevId: 309783486
author: gVisor bot <gvisor-bot@google.com> 2020-05-04 11:23:55 -0700
committer: gVisor bot <gvisor-bot@google.com> 2020-05-04 11:23:55 -0700
commit: 711439b1c3560b916dd5ffcbf906452d1ac960b0 (patch)
tree: f5cbc53b348da6a7c22edc033bad6f54c29d7545 /pkg/tcpip/header
parent: cbc5bef2a66ece1f9e63b213d4dfa616db488df8 (diff)
parent: b660f16d18827f0310594c80d9387de11430f15f (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/pkg/tcpip/header/tcp.go b/pkg/tcpip/header/tcp.go
index 13480687d..21581257b 100644
--- a/pkg/tcpip/header/tcp.go
+++ b/pkg/tcpip/header/tcp.go
@@ -594,3 +594,20 @@ func AddTCPOptionPadding(options []byte, offset int) int {
 	}
 	return paddingToAdd
 }
+
+// Acceptable checks if a segment that starts at segSeq and has length segLen is
+// "acceptable" for arriving in a receive window that starts at rcvNxt and ends
+// before rcvAcc, according to the table on page 26 and 69 of RFC 793.
+func Acceptable(segSeq seqnum.Value, segLen seqnum.Size, rcvNxt, rcvAcc seqnum.Value) bool {
+	if rcvNxt == rcvAcc {
+		return segLen == 0 && segSeq == rcvNxt
+	}
+	if segLen == 0 {
+		// rcvWnd is incremented by 1 because that is Linux's behavior despite the
+		// RFC.
+		return segSeq.InRange(rcvNxt, rcvAcc.Add(1))
+	}
+	// Page 70 of RFC 793 allows packets that can be made "acceptable" by trimming
+	// the payload, so we'll accept any payload that overlaps the receieve window.
+	return rcvNxt.LessThan(segSeq.Add(segLen)) && segSeq.LessThan(rcvAcc)
+}
author	gVisor bot <gvisor-bot@google.com>	2020-05-04 11:23:55 -0700
committer	gVisor bot <gvisor-bot@google.com>	2020-05-04 11:23:55 -0700
commit	711439b1c3560b916dd5ffcbf906452d1ac960b0 (patch)
tree	f5cbc53b348da6a7c22edc033bad6f54c29d7545 /pkg/tcpip/header
parent	cbc5bef2a66ece1f9e63b213d4dfa616db488df8 (diff)
parent	b660f16d18827f0310594c80d9387de11430f15f (diff)