Re: RFC3168, section 6.1.1.1 - ECN and retransmit of SYN

From: Valdis.Kletnieks@vt.edu
Date: Fri Feb 21 2003 - 17:05:41 EST

On Fri, 21 Feb 2003 23:43:58 +0200, Mika Liljeberg said:

> That's right. Unfortunately, the way most people *will* deal with it is
> by turning ECN off permanently and forgetting about it. That won't help
> ECN become widely adopted.

That's what I'm trying to avoid doing. ;)

(As an aside, yes, the URL to the previous marc.theaimsgroup thread *is*
what I'm talking about).

It turns out that I *CAN* do it all with iptables *IF* the following
untested code actually works (this assumes that mangle is re-called on
a retransmit)

# If we've already marked this packet, strip/log/send...
iptables -t mangle -A OUTPUT -p tcp --syn -m mark --mark 99 --ecn-tcp-remove
iptables -t mangle -A OUTPUT -p tcp --syn -m mark --mark 99 -j LOG
iptables -t mangle -A OUTPUT -p tcp --syn -m mark --mark 99 -j ACCEPT
# Else tag it - if it makes it on the first try, good. If not, re-enter above
iptables -t mangle -A OUTPUT -p tcp --syn -m mark --set-mark 99

Does the mangle/output chain get called again for a retransmitted
packet, or only once?

/Valdis


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

This archive was generated by hypermail 2b29 : Sun Feb 23 2003 - 22:00:34 EST