From c083fb9011ac18b297ba9316a946325bf29974cc Mon Sep 17 00:00:00 2001
From: Libor Peltan <libor.peltan@nic.cz>
Date: Wed, 13 Oct 2021 09:48:17 +0200
Subject: [PATCH] xdp-tcp: respond invalid SYN or RST with challenge ACK

---
 src/libknot/xdp/tcp.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/libknot/xdp/tcp.c b/src/libknot/xdp/tcp.c
index 086da38da9..8723966e57 100644
--- a/src/libknot/xdp/tcp.c
+++ b/src/libknot/xdp/tcp.c
@@ -293,9 +293,7 @@ int knot_tcp_recv(knot_tcp_relay_t *relays, knot_xdp_msg_t *msgs, uint32_t count
 					}
 				}
 			} else {
-				relay->auto_answer = KNOT_XDP_MSG_RST; // TODO consider resetting the OLD conn and accepting new one
-				relay->auto_seqno = msg->ackno;
-				relay->del_from = pconn;
+				relay->auto_answer = KNOT_XDP_MSG_ACK;
 			}
 			break;
 		case KNOT_XDP_MSG_ACK:
@@ -354,6 +352,8 @@ int knot_tcp_recv(knot_tcp_relay_t *relays, knot_xdp_msg_t *msgs, uint32_t count
 				relay->action = XDP_TCP_RESET;
 				tcp_table_del(pconn, tcp_table);
 				relay->conn = NULL;
+			} else if (conn != NULL) {
+				relay->auto_answer = KNOT_XDP_MSG_ACK;
 			}
 			break;
 		default:
-- 
GitLab