tcp: only create new translation when SYN packet

2 files changed, 14 insertions, 6 deletions

diff --git a/sys/src/9/ip/ipaux.c b/sys/src/9/ip/ipaux.c
index a25b49371..aac5971d5 100644
--- a/sys/src/9/ip/ipaux.c
+++ b/sys/src/9/ip/ipaux.c
@@ -436,16 +436,20 @@ transforward(Proto *p, Ipht *ht, uchar *sa, int sp, uchar *da, int dp, Route *r)
 		}
 	}
 
-	/* Bad source address? */
-	if(ipismulticast(sa) || ipforme(p->f, sa) != 0){
-		netlog(p->f, Logtrans, "trans: bad source address: %s!%I!%d -> %I!%d\n",
+	/* No route means dont make a new entry */
+	if(r == nil)
+		return nil;
+
+	/* Bad forward route? */
+	if((ifc = r->ifc) == nil){
+		netlog(p->f, Logtrans, "trans: no interface: %s!%I!%d -> %I!%d\n",
 			p->name, sa, sp, da, dp);
 		return nil;
 	}
 
-	/* Bad forward route? */
-	if(r == nil || (ifc = r->ifc) == nil){
-		netlog(p->f, Logtrans, "trans: no forward route: %s!%I!%d -> %I!%d\n",
+	/* Bad source address? */
+	if(ipismulticast(sa) || ipforme(p->f, sa) != 0){
+		netlog(p->f, Logtrans, "trans: bad source address: %s!%I!%d -> %I!%d\n",
 			p->name, sa, sp, da, dp);
 		return nil;
 	}
diff --git a/sys/src/9/ip/tcp.c b/sys/src/9/ip/tcp.c
index bd4616d93..5b6bda262 100644
--- a/sys/src/9/ip/tcp.c
+++ b/sys/src/9/ip/tcp.c
@@ -3292,6 +3292,10 @@ tcpforward(Proto *tcp, Block *bp, Route *r)
 	dp = nhgets(h4->tcpdport);
 	sp = nhgets(h4->tcpsport);
 
+	/* don't make new translation when not syn packet */
+	if((h4->tcpflag[1] & (ACK|RST|SYN|FIN)) != SYN)
+		r = nil;
+
 	qlock(tcp);
 	q = transforward(tcp, &((Tcppriv*)tcp->priv)->ht, sa, sp, da, dp, r);
 	if(q == nil){