iptables: iptables-compat translation for TCPMSS

author Aastha Gupta <aastha.gupta4104@gmail.com>

Sun, 15 Oct 2017 12:02:19 +0000 (17:32 +0530)

committer Pablo Neira Ayuso <pablo@netfilter.org>

Tue, 17 Oct 2017 12:12:47 +0000 (14:12 +0200)
author Aastha Gupta <aastha.gupta4104@gmail.com>
Sun, 15 Oct 2017 12:02:19 +0000 (17:32 +0530)
committer Pablo Neira Ayuso <pablo@netfilter.org>
Tue, 17 Oct 2017 12:12:47 +0000 (14:12 +0200)
diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c

index 4b71e44a4c733d3165f89d1414f3f2435d9a7476..0d9b200ebc72f4a5232c23cb1d5f4835de8ef515 100644 (file)
--- a/extensions/libxt_TCPMSS.c
+++ b/extensions/libxt_TCPMSS.c
@@ -91,6 +91,19 @@ static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
                 printf(" --set-mss %u", mssinfo->mss);
  }
  
+static int TCPMSS_xlate(struct xt_xlate *xl,
+                       const struct xt_xlate_tg_params *params)
+{
+       const struct xt_tcpmss_info *mssinfo =
+               (const struct xt_tcpmss_info *)params->target->data;
+       if (mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)
+               xt_xlate_add(xl, "tcp option maxseg size set rt mtu");
+       else
+               xt_xlate_add(xl, "tcp option maxseg size set %d", mssinfo->mss);
+
+       return 1;
+}
+
  static struct xtables_target tcpmss_tg_reg[] = {
         {
                 .family        = NFPROTO_IPV4,
@@ -104,6 +117,7 @@ static struct xtables_target tcpmss_tg_reg[] = {
                 .x6_parse      = TCPMSS_parse,
                 .x6_fcheck     = TCPMSS_check,
                 .x6_options    = TCPMSS4_opts,
+               .xlate         = TCPMSS_xlate,
         },
         {
                 .family        = NFPROTO_IPV6,
author	Aastha Gupta <aastha.gupta4104@gmail.com>
	Sun, 15 Oct 2017 12:02:19 +0000 (17:32 +0530)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 17 Oct 2017 12:12:47 +0000 (14:12 +0200)