From a4f87565ae89ce3c299390e1ba228e35d70e904f Mon Sep 17 00:00:00 2001
From: Daiyuu Nobori <dnobori.gitcommit@coe.ad.jp>
Date: Wed, 1 Jan 2020 17:51:38 +0900
Subject: [PATCH] Bugfix: Fix the SecureNAT connection problem with ignoring
 TCP ECN bit enabled packets

---
 src/Cedar/Virtual.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Cedar/Virtual.c b/src/Cedar/Virtual.c
index 512449b6..1cac3370 100644
--- a/src/Cedar/Virtual.c
+++ b/src/Cedar/Virtual.c
@@ -1446,7 +1446,7 @@ void NnTcpRecvForInternet(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT
 		// Create a new session because there is no existing one
 		UINT public_port;
 
-		if (old_tcp->Flag != TCP_SYN)
+		if (((old_tcp->Flag & TCP_SYN) && ((old_tcp->Flag & TCP_ACK) == 0)) == false)
 		{
 			// If there is no existing session, pass through only for SYN packet
 			return;