tcp.c

Go to the documentation of this file.

/* TCP handling code.
 *
 *      $Id: tcp.c,v 1.23 2002/05/16 16:15:11 joel Exp $
 */

#include <stdio.h>
#include <string.h>
#include <netinet/in.h>
#include <linux/ip.h>
#include <linux/tcp.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <pthread.h>
#include <assert.h>

#include "misc.h"
#include "tcpproxy.h"
#include "scheduler.h"
#include "tcptimer.h"
#include "tcp.h"

/*
 * Global Variables
 */
static unsigned win_clamp_size = TCP_WIN_CLAMP_SIZE;  /* Clamped window size.  */
static Ttcp_cb tcp_tab[TCP_MAX_CONN];      /* Initialised to zero by init_tcp. */
static pthread_mutex_t tcp_tab_mut;        /* Mutex for the tcp table.         */

/*----------------------------------------------------------------------
 * init_tcp -  initialises all tcp data structures
 *----------------------------------------------------------------------
 */
void init_tcp()
{
    int i;
    //DPRINT("init_tcp: entered.\n");

    memset(tcp_tab, 0, sizeof(Ttcp_cb)*TCP_MAX_CONN);
    pthread_mutex_init(&tcp_tab_mut, NULL);
    for(i=0; i<TCP_MAX_CONN; i++) {
        tcp_tab[i].state = TCPS_FREE;
        tcp_tab[i].out_queue = -1;
        pthread_mutex_init(&tcp_tab[i].mut, NULL);
    }
}

/*----------------------------------------------------------------------
 * cleanup_tcp -  cleans up after tcp
 *----------------------------------------------------------------------
 */
void cleanup_tcp()
{
  //DPRINT("cleanup_tcp: entered.\n");
}

/*----------------------------------------------------------------------
 * seq_cmp -  compares two sequence values; because of integer overflow,
 *            as long as the values differ by no more than one-half the
 *            largest sequence space value, the compare will work.
 *            a - b = -ve : a is before b
 *            a - b = 0   : a equals b
 *            a - b = +ve : a is after b
 *----------------------------------------------------------------------
 */
inline int seq_cmp(unsigned a, unsigned b)
{
    return (int)(a - b);
}

/*----------------------------------------------------------------------
 * allow_conn -  returns true if a tcp connection is allowed, false
 *               otherwise.
 *----------------------------------------------------------------------
 */
inline int allow_conn(Tpacket_data *pd)
{
    if(ntohs(pd->trans.tcp->dest) == 5009)
        return 0;
    return 1;
}

/*----------------------------------------------------------------------
 * get_queue_weight -  returns the weight to be allocated to a queue,
 *                     based on the cid.
 *----------------------------------------------------------------------
 */
unsigned get_queue_weight(Ttcp_cid *cid)
{
    if(ntohs(cid->sport) == 5005)
        return QUEUE_WEIGHT_HIGH;
    else
        return QUEUE_WEIGHT_NORMAL;
}

/*----------------------------------------------------------------------
 * alloc_tcp_cb -  allocates a control block for a tcp connection.
 *                 value of cid must be such that saddr is that of the
 *                 host on proxied link (e.g. the mobile host).
 *                 ASSUMES tcp_tab_mut HELD
 *----------------------------------------------------------------------
 */
Ttcp_cb *alloc_tcp_cb(Tpacket_data *pd, Ttcp_cid *cid)
{
    Ttcp_cb *cb;
    int queue_num;
    unsigned weight;
    int i;

    for(i=0; i<TCP_MAX_CONN; i++)
        if(tcp_tab[i].state == TCPS_FREE)
            break;

    if(i < TCP_MAX_CONN) {
        weight = get_queue_weight(cid);
        queue_num = alloc_tcp_queue(weight);
        if(queue_num >= 0) {
            cb = &tcp_tab[i];
            memcpy(&(cb->cid), cid, sizeof(Ttcp_cid));
            cb->state = TCPS_NEW;
            cb->init = 0;
            cb->out_queue = queue_num;
            DPRINT("tcb_cb_alloc: allocated new connection block.\n");      
        } else {
            cb = NULL;
            DPRINT("alloc_tcp_cb: no free tcp output queues.\n");
        }
    } else {
        cb = NULL;
        DPRINT("alloc_tcp_cb: no free control blocks.\n");
    }

    return cb;
}

/*----------------------------------------------------------------------
 * dealloc_tcp_cb -  deallocates a control block for a tcp connection
 *                   ASSUMES cb->mut HELD
 *----------------------------------------------------------------------
 */
int dealloc_tcp_cb(Ttcp_cb *cb)
{
    DPRINT("dealloc_tcp_cb: entered.\n");
    close_tcp_queue(cb->out_queue);
    cb->state = TCPS_FREE;    
    return 0;
}

inline int valid_ack(Ttcp_cb *cb, Tpacket_data *pd)
{
    if(pd->dir == PACKET_DIR_IN) {
        return (ntohl(pd->trans.tcp->ack_seq) == cb->mh_seq);
    } else {
        return (ntohl(pd->trans.tcp->ack_seq) == cb->fh_seq);
    }
}

/*----------------------------------------------------------------------
 * tcp_chksum - verifies checksum for tcp
 *              returns zero for valid checksum, non-zero otherwise.
 *----------------------------------------------------------------------
 */
unsigned short tcp_chksum(struct iphdr *ip)
{
    unsigned short *ptr;
    unsigned short len, words;
    unsigned long chksum = 0;
    int i;

    /* TCP pseudo header format, which is included in checksum:
     *
     * +--------+--------+--------+--------+
     * |           Source Address          |
     * +--------+--------+--------+--------+
     * |         Destination Address       |
     * +--------+--------+--------+--------+
     * |  zero  | Proto  |    TCP Length   |
     * +--------+--------+--------+--------+
     */
                        
    /* Add src and dst addresses to chksum. */
    ptr = (unsigned short*) &(ip->saddr);
    for(i=0; i<4; i++)
        chksum += *ptr++;

    ptr = ((unsigned short*)ip) + ip->ihl*2;  /* Set ptr to start of tcp hdr. */
    len = ntohs(ip->tot_len) - ip->ihl*4;  /* Calculate ip data len. */
    chksum += htons(TCP_PROTO) + htons(len);  /* Add protocol type and TCP segment length in. */    

    words = len >> 1;  /* Convert len to length in 16 bit words. */

    for(i=0; i<words; i++)  /* Add words in TCP segment in. */
        chksum += *ptr++;

    if(len % 2)  /* If len is odd, pad final byte and add it in. */
        chksum += htons((unsigned short) (*((char *)ptr) << 8));

    chksum = (chksum >> 16) + (chksum & 0xffff);  /* Add carry. */
    chksum += (chksum >> 16);                     /* And again. */
    chksum = ~chksum & 0xffff;  /* Take ones complement and mask off high bits. */

    return (short) chksum;
}

/*----------------------------------------------------------------------
 * send_tcp_rst -  sends a TCP reset packet;
 *                 the old for the RST.
 *----------------------------------------------------------------------
 */
int send_tcp_rst (Tpacket_data *pd)
{
    struct iphdr *ip_out, *ip_in = pd->ip;
    struct tcphdr *tcp_out, *tcp_in = pd->trans.tcp;
    int pkt_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
    int data_len;

    DPRINT("send_tcp_rst: entered.\n");

    if(tcp_in->rst) {
        DPRINT("send_tcp_rst: not sending RST in response to RST.\n");
        return 0;  /* Don't send RST in response to RST. */
    }
    ip_out = (struct iphdr *) xmalloc(pkt_len);
    tcp_out = (struct tcphdr*) (ip_out + 1);
    
    /* Set fields in IP header. */
    ip_out->version = IP_VERSION;
    ip_out->ihl = sizeof(struct iphdr)/4;
    ip_out->tos = 0;
    ip_out->tot_len = htons(pkt_len);
    ip_out->id = 0;
    ip_out->frag_off = htons(0x40<<8);  // Don't fragment bit set, offset zero.
    ip_out->ttl = IP_START_TTL;
    ip_out->protocol = TCP_PROTO;
    ip_out->saddr = ip_in->daddr;
    ip_out->daddr = ip_in->saddr;

    /* Set fields in TCP header. */
    tcp_out->source = tcp_in->dest;
    tcp_out->dest = tcp_in->source;
    if(tcp_in->ack) {
        tcp_out->seq = tcp_in->ack_seq;
        tcp_flag_word(tcp_out) = TCP_FLAG_RST;
    } else {
        tcp_out->seq = 0;
        tcp_flag_word(tcp_out) = TCP_FLAG_RST | TCP_FLAG_ACK;
    }
    data_len = ntohs(ip_in->tot_len) - ip_in->ihl*4 - tcp_in->doff*4;
    if(tcp_in->syn)
        data_len++;  /* Syn counts as one byte in the stream. */
    if(tcp_in->fin)
        data_len++;  /* Fin counts as one byte in the stream. */
    tcp_out->ack_seq = htonl(ntohl(tcp_in->seq) + data_len);
    tcp_out->doff = sizeof(struct tcphdr)/4;
    tcp_out->res1 = 0;
    tcp_out->window = tcp_out->urg_ptr = tcp_out->check = 0;
    tcp_out->check = tcp_chksum(ip_out);

    /* Free old payload and put new paylod into packet data structure. */
    xfree(pd->payload);
    pd->payload = (char *)ip_out;
    pd->ip = ip_out;
    pd->trans.tcp = tcp_out;
    
    /* Set length of packet in ipq_packet_msg_t struct within pd. */
    pd->ipq_pm.data_len = pkt_len;

    /* Reverse packet direction. */
    if(pd->dir == PACKET_DIR_IN)
        pd->dir = PACKET_DIR_OUT;
    else
        pd->dir = PACKET_DIR_IN;
        
    /* Queued as hipri because there is no TCP connection, thus no queue. */
    return queue_hipri(pd);
}

/*----------------------------------------------------------------------
 * clamp_tcp_win -  clamps tcp window if it is too high;
 *                  modifies the packet passed to it.
 *----------------------------------------------------------------------
 */
int clamp_tcp_win (Tpacket_data *pd)
{    
    struct tcphdr *tcp = pd->trans.tcp;    
    unsigned window = ntohs(tcp->window);
    if(window > win_clamp_size)
    {
        tcp->window = htons(win_clamp_size);
        tcp->check = 0;
        tcp->check = tcp_chksum(pd->ip);
        //DPRINT("clamp_tcp_win: window clamped: %d -> %d\n", window, win_clamp_size);
        return 1;
    } else {
        //DPRINT("clamp_tcp_win: window ok: %d\n", window);
        return 0;
    }
}

/*----------------------------------------------------------------------
 * tcp_data_size -  returns the size of the tcp data in a packet, which
 *                  includes syn and fin flags (one byte each).
 *----------------------------------------------------------------------
 */
inline int tcp_data_size(Tpacket_data *pd)
{
    struct tcphdr *tcp = pd->trans.tcp;
    int size = 0;

    size += tcp->syn ? 1 : 0;
    size += tcp->fin ? 1 : 0;
    size += pd->ipq_pm.data_len - pd->ip->ihl*4 - tcp->doff*4;

    return size;
}

/*----------------------------------------------------------------------
 * tcps_err
 *----------------------------------------------------------------------
 */
int tcps_err (Ttcp_cb *cb, Tpacket_data *pd)
{
    EPRINT("tcps_err: entered.\n");
    assert(UNREACHABLE);
}

/*----------------------------------------------------------------------
 * tcps_new
 *----------------------------------------------------------------------
 */
int tcps_new (Ttcp_cb *cb, Tpacket_data *pd) 
{
    if(pd->dir == PACKET_DIR_IN) {  /* Incoming packet. */
        cb->state = TCPS_SYN_RECV;
        DPRINT("tcps_new: state new->syn_recv.\n");

    } else {                        /* Outgoing packet. */
        cb->state = TCPS_SYN_SENT;
        add_timer(TCP_TWO_MSL, tcp_timeout, cb);
        DPRINT("tcps_new: state new->syn_sent.\n");
    }
    return 0;
}

/*----------------------------------------------------------------------
 * tcps_syn_sent
 *----------------------------------------------------------------------
 */
int tcps_syn_sent (Ttcp_cb *cb, Tpacket_data *pd)
{
    struct tcphdr *tcp = pd->trans.tcp;

    if(pd->dir == PACKET_DIR_IN) {  /* Incoming packet. */
        if(tcp->syn) {
            clear_timer(tcp_timeout, cb);
            if(tcp->ack) {
                if(valid_ack(cb, pd)) {
                    cb->state = TCPS_ESTABLISHED;
                    DPRINT("tcps_syn_sent: syn-ack, state syn_sent->established.\n");
                } else {
                    DPRINT("tcps_syn_sent: bad ack number.\n");
                }
            } else {
                cb->state = TCPS_SYN_RECV;
                DPRINT("tcps_syn_sent: syn, state syn_sent->syn_recv.\n");
            }
        } else {
            DPRINT("tcps_syn_sent: no syn bit, invalid packet.\n");
        }

    } else {                        /* Outgoing packet. */
        DPRINT("tcps_syn_sent: state syn_sent.\n");
    }
    return 0;
}

/*----------------------------------------------------------------------
 * tcps_syn_recv
 *----------------------------------------------------------------------
 */
int tcps_syn_recv (Ttcp_cb *cb, Tpacket_data *pd)
{
    struct tcphdr *tcp = pd->trans.tcp;

    if(pd->dir == PACKET_DIR_IN) {  /* Incoming packet. */
        if(tcp->ack) {
            if(valid_ack(cb, pd)) {
                cb->state = TCPS_ESTABLISHED;
                DPRINT("tcps_syn_recv: ack, state syn_recv->established.\n");
            } else {
                DPRINT("tcps_syn_recv: bad ack number.\n");
            }
        } else {
            DPRINT("tcps_syn_recv: state syn_recv.\n");
        }

    } else {                        /* Outgoing packet. */
        if(tcp->fin) {
            cb->state = TCPS_FIN_WAIT1;
            DPRINT("tcps_syn_recv: fin, state syn_recv->fin_wait1.\n");
        } else {
            DPRINT("tcps_syn_recv: state syn_recv.\n");
        }
    }
    return 0;
}

/*----------------------------------------------------------------------
 * tcps_established
 *----------------------------------------------------------------------
 */
int tcps_established (Ttcp_cb *cb, Tpacket_data *pd)
{
    struct tcphdr *tcp = pd->trans.tcp;

    if(pd->dir == PACKET_DIR_IN) {  /* Incoming packet. */
        if(tcp->fin) {
            cb->state = TCPS_CLOSE_WAIT;
            DPRINT("tcps_established: fin, state established->close_wait.\n");
        } else {
            DPRINT("tcps_established: normal traffic.\n");
        } 
    } else {                        /* Outgoing packet. */
        if(tcp->fin) {
            cb->state = TCPS_FIN_WAIT1;
            DPRINT("tcps_established: fin, state established->fin_wait1.\n");
        } else {
            DPRINT("tcps_established: normal traffic.\n");
        }
    }
    return 0;
}

/*----------------------------------------------------------------------
 * tcps_fin_wait1
 *----------------------------------------------------------------------
 */
int tcps_fin_wait1 (Ttcp_cb *cb, Tpacket_data *pd)
{
    struct tcphdr *tcp = pd->trans.tcp;

    if(pd->dir == PACKET_DIR_IN) {  /* Incoming packet. */
        if(tcp->fin) {
            if(tcp->ack) {
                if(valid_ack(cb, pd)) {
                    cb->state = TCPS_TIME_WAIT;
                    add_timer(TCP_TWO_MSL, tcp_timeout, cb);
                    DPRINT("tcps_fin_wait1: fin-ack, state fin_wait1->time_wait.\n");
                } else {
                    cb->state = TCPS_CLOSING;
                    DPRINT("tcps_fin_wait1: fin, state fin_wait1->closing.\n");
                }
            } else {
                DPRINT("tcps_fin_wait1: fin without ack bit set, invalid packet.\n");
            }
        } else if(tcp->ack) {
            if(valid_ack(cb, pd))
            {
                cb->state = TCPS_FIN_WAIT2;
                DPRINT("tcps_fin_wait1: ack, state fin_wait1->fin_wait2.\n");
            } else {
                DPRINT("tcps_fin_wait1: state fin_wait1.\n");
            }
        } else {
            DPRINT("tcps_fin_wait1: no ack bit set, bad packet.\n");
        }
        
    } else {                        /* Outgoing packet. */
        DPRINT("tcps_fin_wait1: state fin_wait1.\n");
    }
    return 0;
}

/*----------------------------------------------------------------------
 * tcps_fin_wait2
 *----------------------------------------------------------------------
 */
int tcps_fin_wait2 (Ttcp_cb *cb, Tpacket_data *pd)
{
    struct tcphdr *tcp = pd->trans.tcp;

    if(pd->dir == PACKET_DIR_IN) {  /* Incoming packet. */
        if(tcp->fin) {
            cb->state = TCPS_TIME_WAIT;
            add_timer(TCP_TWO_MSL, tcp_timeout, cb);
            DPRINT("tcps_fin_wait2: fin, state fin_wait2->time_wait.\n");
        } else {
            DPRINT("tcps_fin_wait2: state fin_wait2.\n");
        }
        
    } else {                        /* Outgoing packet. */
        DPRINT("tcps_fin_wait2: state fin_wait2.\n");
    }
    return 0;
}

/*----------------------------------------------------------------------
 * tcps_time_wait
 *----------------------------------------------------------------------
 */
int tcps_time_wait (Ttcp_cb *cb, Tpacket_data *pd)
{
    if(pd->dir == PACKET_DIR_IN) {  /* Incoming packet. */
        DPRINT("tcps_time_wait: state time_wait.\n");

    } else {                        /* Outgoing packet. */
        DPRINT("tcps_time_wait: state time_wait.\n");
    }
    return 0;
}

/*----------------------------------------------------------------------
 * tcps_closed
 *----------------------------------------------------------------------
 */
int tcps_closed (Ttcp_cb *cb, Tpacket_data *pd)
{
    if(pd->dir == PACKET_DIR_IN) {  /* Incoming packet. */
        EPRINT("tcps_closed: shouldn't ever get here.\n");
        assert(UNREACHABLE);
    } else {                        /* Outgoing packet. */
        EPRINT("tcps_closed: shouldn't ever get here.\n");
        assert(UNREACHABLE);
    }
    return 0;
}

/*----------------------------------------------------------------------
 * tcps_close_wait
 *----------------------------------------------------------------------
 */
int tcps_close_wait (Ttcp_cb *cb, Tpacket_data *pd)
{
    struct tcphdr *tcp = pd->trans.tcp;

    if(pd->dir == PACKET_DIR_IN) {  /* Incoming packet. */
        DPRINT("tcps_close_wait: state close_wait.\n");

    } else {                        /* Outgoing packet. */
        if(tcp->fin) {
            if(tcp->ack) {
                if(valid_ack(cb, pd)) {  /* MH FIN with ACK for the FIN that FH sent. */
                    cb->state = TCPS_LAST_ACK;
                    add_timer(TCP_TWO_MSL, tcp_timeout, cb);
                    DPRINT("tcp_close_wait: fin, state close_wait->last_ack.\n");
                } else {  /* MH FIN without ACK for FIN from FH (FINs sent at same time). */
                    cb->state = TCPS_CLOSING;
                    DPRINT("tcp_close_wait: fin, state close_wait->closing "
                           "(wasn't actually in close_wait).\n");
                }
            } else {
                DPRINT("tcps_close_wait: fin without ack bit set, invalid packet.\n");
            }
        } else {
            DPRINT("tcps_close_wait: state close_wait.\n");
        }
    }
    return 0;
}

/*----------------------------------------------------------------------
 * tcps_last_ack
 *----------------------------------------------------------------------
 */
int tcps_last_ack (Ttcp_cb *cb, Tpacket_data *pd)
{
    struct tcphdr *tcp = pd->trans.tcp;

    if(pd->dir == PACKET_DIR_IN) {  /* Incoming packet. */
        if(tcp->ack) {
            if(valid_ack(cb, pd)) {
                cb->state = TCPS_CLOSED;
                DPRINT("tcps_last_ack: ack, state last_ack->closed.\n");
            } else {
                DPRINT("tcps_last_ack: bad ack number.\n");
            }
        } else {
            DPRINT("tcps_last_ack: no ack bit set, bad packet.\n");
        }
        
    } else {                        /* Outgoing packet. */
        DPRINT("tcps_last_ack: state last_ack.\n");
    }
    return 0;
}

/*----------------------------------------------------------------------
 * tcps_closing
 *----------------------------------------------------------------------
 */
int tcps_closing (Ttcp_cb *cb, Tpacket_data *pd)
{
    struct tcphdr *tcp = pd->trans.tcp;

    if(pd->dir == PACKET_DIR_IN) {  /* Incoming packet. */
        if(tcp->ack) {
            if(valid_ack(cb, pd)) {
                cb->state = TCPS_TIME_WAIT;
                add_timer(TCP_TWO_MSL, tcp_timeout, cb);
                DPRINT("tcps_closing: ack, state closing->time_wait.\n");
            } else {
                DPRINT("tcps_closing: bad ack number.\n");
            }               
        } else {
            DPRINT("tcps_closing: state closing.\n");
        }

    } else {                        /* Outgoing packet. */
        DPRINT("tcps_closing: state closing.\n");
    }
    return 0;
}

/* Array holding pointers to tcp state routines. */
int (*tcp_switch[TCPS_MAX_STATES])() = {
    tcps_err,           /* TCPS_FREE        */
    tcps_new,           /* TCPS_NEW         */
    tcps_syn_sent,      /* TCPS SYN_SENT    */
    tcps_syn_recv,      /* TCPS_SYN_RECV    */
    tcps_established,   /* TCPS_ESTABLISHED */
    tcps_fin_wait1,     /* TCPS_FIN_WAIT1   */
    tcps_fin_wait2,     /* TCPS_FIN_WAIT2   */
    tcps_time_wait,     /* TCPS_TIME_WAIT   */
    tcps_closed,        /* TCPS_CLOSED       */
    tcps_close_wait,    /* TCPS_CLOSE_WAIT  */
    tcps_last_ack,      /* TCPS_LAST_ACK    */
    tcps_closing        /* TCPS_CLOSING     */
};

/*----------------------------------------------------------------------
 * tcp_timeout -  called by tcp_timer when a tcp state times out
 *----------------------------------------------------------------------
 */
void tcp_timeout(void *ptr)
{
    Ttcp_cb *cb = (Ttcp_cb *)ptr;

    assert(cb != NULL);

    mutex_lock("tcp_timeout", &cb->mut);
    switch(cb->state)
    {
    case TCPS_SYN_SENT:
        DPRINT("tcp_timeout: state syn_sent.\n");
        break;
    case TCPS_LAST_ACK:
        DPRINT("tcp_timeout: state last_ack.\n");
        break;
    case TCPS_TIME_WAIT:
        DPRINT("tcp_timeout: state time_wait.\n");
        break;
    default:
        EPRINT("tcp_timeout: called with tcp in a state which does not have a timeout: %d\n", 
               cb->state);
        mutex_unlock("tcp_timeout", &cb->mut);
        return;
        break;
    }
    cb->state = TCPS_CLOSED;
    dealloc_tcp_cb(cb);
    mutex_unlock("tcp_timeout", &cb->mut);    
}

/*----------------------------------------------------------------------
 * handle_tcp -  deals with TCP packets from the main packet handler
 *----------------------------------------------------------------------
 */
int handle_tcp(Tpacket_data *pd)
{
    struct iphdr *ip = pd->ip;
    struct tcphdr *tcp;
    Ttcp_cid cid;  /* Connection id. */
    Ttcp_cid rcid; /* Connection id, with src and dst reversed. */
    Ttcp_cb *cb;
    int i;

    assert(pd != NULL);

    /* Check if there is enough data for a valid tcp header. */
    if((ip->ihl * 4 + 20) >  pd->ipq_pm.data_len) {
        DPRINT("handle_tcp: malformed TCP packet: not enough data.\n");
        dealloc_packet_data(pd);
        return 1;
    }

    tcp = pd->trans.tcp;

    if(tcp_chksum(pd->ip)) {
        DPRINT("handle_tcp: bad TCP checksum: %u\n", ntohs(tcp->check));
        dealloc_packet_data(pd);
        return 1;
    }

    DPRINT("tcp sport: %u, dport: %u, seq: %u, ack: %u, hlen: %u, flags: %c%c%c%c%c%c\n",
           ntohs(tcp->source), ntohs(tcp->dest), ntohl(tcp->seq), ntohl(tcp->ack_seq),
           tcp->doff,
           (tcp->urg ?'U':'.'), (tcp->ack ?'A':'.'), (tcp->psh ?'P':'.'),
           (tcp->rst ?'R':'.'), (tcp->syn ?'S':'.'), (tcp->fin ?'F':'.'));
    
    cid.saddr = ip->saddr;
    cid.daddr = ip->daddr;
    cid.sport = tcp->source;
    cid.dport = tcp->dest;
    rcid.saddr = ip->daddr;
    rcid.daddr = ip->saddr;
    rcid.sport = tcp->dest;
    rcid.dport = tcp->source;
    
    mutex_lock("handle_tcp", &tcp_tab_mut);

    for(cb=&tcp_tab[0], i=0; i<TCP_MAX_CONN; i++, cb++) {
        if(cb->state != TCPS_FREE) {
            if(memcmp(&(cb->cid), &cid, sizeof(Ttcp_cid)) == 0 ||
               memcmp(&(cb->cid), &rcid, sizeof(Ttcp_cid)) == 0)
                break;
        }
    }

    if(i >= TCP_MAX_CONN) {  /* Connection doesn't already exists. */
        if(tcp->syn & !tcp->ack) {  /* Connect */
            if(allow_conn(pd)) {  /* Connection allowed. */
                Ttcp_cid *ncid; /* 'Normalised' cid. */

                /* Determine direction of packet, and call add_stream with appropriate cid,
                 * abiding by cid rule for tcp_stream_node (see struct def).
                 */
                if(pd->dir == PACKET_DIR_IN)
                    ncid = &rcid;  /* Packet to mobile host. */
                else
                    ncid = &cid;  /* Packet from mobile host. */

                cb = alloc_tcp_cb(pd, ncid);                

                if(cb == NULL) {
                    dealloc_packet_data(pd);
                    mutex_unlock("handle_tcp", &tcp_tab_mut);
                    return -1;
                }
            } else {  /* Connection denied. */
                mutex_unlock("handle_tcp", &tcp_tab_mut);
                DPRINT("handle_tcp: connection denied: %s:%u > ",
                       inet_ntoa(*(struct in_addr*)&(cid.saddr)), ntohs(cid.sport));
                DPRINT("%s:%u\n",
                       inet_ntoa(*(struct in_addr*)&(cid.daddr)), ntohs(cid.dport));
                send_tcp_rst(pd);
                return 1;
            }
        } else {  /* New connection, but not initial syn. */        
            DPRINT("handle_tcp: new connection mid-stream.\n");
            mutex_unlock("handle_tcp", &tcp_tab_mut);
            send_tcp_rst(pd);
            return 1;
        }
    }
    assert(cb != NULL);

    mutex_lock("handle_tcp", &cb->mut);
    mutex_unlock("handle_tcp", &tcp_tab_mut);

    /* RST packet, so clear the queue and close the connection. */
    if(tcp->rst) {
        cb->state = TCPS_CLOSED;
        DPRINT("handle_tcp: rst, state ->closed.\n");
        reset_tcp_queue(cb->out_queue);
        queue_hipri(pd);  /* Queue as hipri so the RST is received quickly. */

    } else if((tcp_switch[cb->state])(cb, pd) == 0) {  /* Call state function. */
        /* If packet is to be queued, first update seq and ack_seq numbers. */
        unsigned ack_seq = ntohl(tcp->ack_seq);
        unsigned seq = ntohl(tcp->seq) + tcp_data_size(pd);

        if(pd->dir == PACKET_DIR_IN)
        {
            if(tcp->ack) {
                if((cb->init & TCP_INIT_MH_ACK) == 0) {
                    cb->mh_ack = ack_seq;
                    cb->init |= TCP_INIT_MH_ACK;
                    DPRINT("handle_tcp: init mh_ack=%u\n", ack_seq);
                } else if(seq_cmp(ack_seq, cb->mh_ack) > 0) {
                    cb->mh_ack = ack_seq;
                }
            }
            if((cb->init & TCP_INIT_FH_SEQ) == 0) {
                cb->fh_seq = seq;
                cb->init |= TCP_INIT_FH_SEQ;
                DPRINT("handle_tcp: init fh_seq=%u\n", seq);        
            } else if(seq_cmp(seq, cb->fh_seq) > 0) {
                cb->fh_seq = seq;
            }
        } else {
            if(tcp->ack) {
                if((cb->init & TCP_INIT_FH_ACK) == 0) {
                    cb->fh_ack = ack_seq;
                    cb->init |= TCP_INIT_FH_ACK;
                    DPRINT("handle_tcp: init fh_ack=%d\n", ack_seq);
                } else if(seq_cmp(ack_seq, cb->fh_ack) > 0) {               
                    cb->fh_ack = ack_seq;
                    /* Signal to the scheduler that an ack has arrived, with the number of
                     * bytes it is acking. */
                    mh_ack_rcvd(ack_seq, cb->out_queue);
                }
            }
            if((cb->init & TCP_INIT_MH_SEQ) == 0) {
                cb->mh_seq = seq;
                cb->init |= TCP_INIT_MH_SEQ;
                DPRINT("handle_tcp: init mh_seq=%u\n", seq);
            } else if(seq_cmp(seq, cb->mh_seq) > 0) {
                cb->mh_seq = seq;
            }
        }
        clamp_tcp_win(pd);             /* Clamp advertised window size. */
        queue_tcp(pd, cb->out_queue);  /* Queue the packet.             */
    }

    if(cb->state == TCPS_CLOSED)  /* Deallocate cb if connection closed. */
    {
        clear_timer(tcp_timeout, cb);
        dealloc_tcp_cb(cb);
    }

    mutex_unlock("handle_tcp", &cb->mut);
   
    return 0;
}

---