[tcp] Do not send RST for unrecognised connections

On large networks with substantial numbers of monitoring agents, unwanted TCP connection attempts may end up flooding iPXE's ARP cache. Fix by silently dropping packets received for unrecognised TCP connections. This should not cause problems, since many firewalls will also silently drop any such packets. Reported-by: Jarrod Johnson <jarrod.b.johnson@gmail.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
2013-07-12 03:10:03 +02:00 · 2013-07-12 03:10:03 +02:00 · 18d0818f94
parent 936134ed46
commit 18d0818f94
1 changed files with 0 additions and 1 deletions
--- a/src/net/tcp.c
+++ b/src/net/tcp.c
@ -1218,7 +1218,6 @@ static int tcp_rx ( struct io_buffer *iobuf,

 	/* If no connection was found, send RST */
 	if ( ! tcp ) {
-		tcp_xmit_reset ( tcp, st_src, tcphdr );
 		rc = -ENOTCONN;
 		goto discard;
 	}