iptables: iptables-compat translation for TCPMSS

Since path mtu support was added, we can now add iptables-compat translation for TCPMSS extension. Signed-off-by: Aastha Gupta <aastha.gupta4104@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Aastha Gupta <aastha.gupta4104@gmail.com> 2017-10-15 17:32:19 +0530
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2017-10-17 14:12:47 +0200
commit: bebce197adb422dd1f887593ba5257b0e6121cc5 (patch)
tree: 68664acf03f67eebe5a26e10b58c619531cfde42 /extensions
parent: dbbab0aa328f136502373a1031e64eb53fa113e5 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
index 4b71e44a..0d9b200e 100644
--- a/extensions/libxt_TCPMSS.c
+++ b/extensions/libxt_TCPMSS.c
@@ -91,6 +91,19 @@ static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
 		printf(" --set-mss %u", mssinfo->mss);
 }
 
+static int TCPMSS_xlate(struct xt_xlate *xl,
+			const struct xt_xlate_tg_params *params)
+{
+	const struct xt_tcpmss_info *mssinfo =
+		(const struct xt_tcpmss_info *)params->target->data;
+	if (mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)
+		xt_xlate_add(xl, "tcp option maxseg size set rt mtu");
+	else
+		xt_xlate_add(xl, "tcp option maxseg size set %d", mssinfo->mss);
+
+	return 1;
+}
+
 static struct xtables_target tcpmss_tg_reg[] = {
 	{
 		.family        = NFPROTO_IPV4,
@@ -104,6 +117,7 @@ static struct xtables_target tcpmss_tg_reg[] = {
 		.x6_parse      = TCPMSS_parse,
 		.x6_fcheck     = TCPMSS_check,
 		.x6_options    = TCPMSS4_opts,
+		.xlate         = TCPMSS_xlate,
 	},
 	{
 		.family        = NFPROTO_IPV6,
author	Aastha Gupta <aastha.gupta4104@gmail.com>	2017-10-15 17:32:19 +0530
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2017-10-17 14:12:47 +0200
commit	bebce197adb422dd1f887593ba5257b0e6121cc5 (patch)
tree	68664acf03f67eebe5a26e10b58c619531cfde42 /extensions
parent	dbbab0aa328f136502373a1031e64eb53fa113e5 (diff)