From bebce197adb422dd1f887593ba5257b0e6121cc5 Mon Sep 17 00:00:00 2001
From: Aastha Gupta <aastha.gupta4104@gmail.com>
Date: Sun, 15 Oct 2017 17:32:19 +0530
Subject: iptables: iptables-compat translation for TCPMSS

Since path mtu support was added, we can now add
iptables-compat translation for TCPMSS extension.

Signed-off-by: Aastha Gupta <aastha.gupta4104@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 extensions/libxt_TCPMSS.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
index 4b71e44a..0d9b200e 100644
--- a/extensions/libxt_TCPMSS.c
+++ b/extensions/libxt_TCPMSS.c
@@ -91,6 +91,19 @@ static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
 		printf(" --set-mss %u", mssinfo->mss);
 }
 
+static int TCPMSS_xlate(struct xt_xlate *xl,
+			const struct xt_xlate_tg_params *params)
+{
+	const struct xt_tcpmss_info *mssinfo =
+		(const struct xt_tcpmss_info *)params->target->data;
+	if (mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)
+		xt_xlate_add(xl, "tcp option maxseg size set rt mtu");
+	else
+		xt_xlate_add(xl, "tcp option maxseg size set %d", mssinfo->mss);
+
+	return 1;
+}
+
 static struct xtables_target tcpmss_tg_reg[] = {
 	{
 		.family        = NFPROTO_IPV4,
@@ -104,6 +117,7 @@ static struct xtables_target tcpmss_tg_reg[] = {
 		.x6_parse      = TCPMSS_parse,
 		.x6_fcheck     = TCPMSS_check,
 		.x6_options    = TCPMSS4_opts,
+		.xlate         = TCPMSS_xlate,
 	},
 	{
 		.family        = NFPROTO_IPV6,
-- 
cgit v1.2.3