netfilter: synproxy: send mss option to backend

When the synproxy_parse_options is called on the client ack the mss option will not be present. Consequently mss wont be included in the backend syn packet, which falls back to 536 bytes mss. Therefore XT_SYNPROXY_OPT_MSS is explicitly flagged when recovering mss value from cookie. Signed-off-by: Martin Topholm <mph@one.com> Reviewed-by: Jesper Dangaard Brouer <brouer@redhat.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Martin Topholm <mph@one.com> 2013-11-14 14:35:30 (GMT)
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-11-18 11:53:36 (GMT)
commit: a6441b7a39f18acb68c83cd738f1310881aa8a0b (patch)
tree: 4a7eee423866ce6ee48c8a64ba43c30fbe2e97ee /net/ipv4/netfilter
parent: 4819224853dff325f0aabdb3dc527d768fa482e3 (diff)
download: linux-fsl-qoriq-a6441b7a39f18acb68c83cd738f1310881aa8a0b.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/net/ipv4/netfilter/ipt_SYNPROXY.c b/net/ipv4/netfilter/ipt_SYNPROXY.c
index 01cffea..f13bd91 100644
--- a/net/ipv4/netfilter/ipt_SYNPROXY.c
+++ b/net/ipv4/netfilter/ipt_SYNPROXY.c
@@ -244,6 +244,7 @@ synproxy_recv_client_ack(const struct synproxy_net *snet,
 
 	this_cpu_inc(snet->stats->cookie_valid);
 	opts->mss = mss;
+	opts->options |= XT_SYNPROXY_OPT_MSS;
 
 	if (opts->options & XT_SYNPROXY_OPT_TIMESTAMP)
 		synproxy_check_timestamp_cookie(opts);
author	Martin Topholm <mph@one.com>	2013-11-14 14:35:30 (GMT)
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-11-18 11:53:36 (GMT)
commit	a6441b7a39f18acb68c83cd738f1310881aa8a0b (patch)
tree	4a7eee423866ce6ee48c8a64ba43c30fbe2e97ee /net/ipv4/netfilter
parent	4819224853dff325f0aabdb3dc527d768fa482e3 (diff)
download	linux-fsl-qoriq-a6441b7a39f18acb68c83cd738f1310881aa8a0b.tar.xz