From patchwork Thu Nov 14 14:35:31 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Martin Topholm <mph@one.com>
X-Patchwork-Id: 291252
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 1AAD12C00C4
	for <incoming@patchwork.ozlabs.org>;
	Fri, 15 Nov 2013 01:43:59 +1100 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753331Ab3KNOn4 (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Thu, 14 Nov 2013 09:43:56 -0500
Received: from kontorsmtp2.one.com ([195.47.247.17]:41987 "EHLO
	kontorsmtp2.one.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753909Ab3KNOnu (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Thu, 14 Nov 2013 09:43:50 -0500
Received: from localhost.localdomain (unknown [46.30.211.31])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by kontorsmtp2.one.com (Postfix) with ESMTP id C6E6F2E4F;
	Thu, 14 Nov 2013 15:35:34 +0100 (CET)
From: Martin Topholm <mph@one.com>
To: pablo@netfilter.org
Cc: brouer@redhat.com, kaber@trash.net,
	netfilter-devel@vger.kernel.org, netdev@vger.kernel.org
Subject: [PATCH 2/2] netfilter: synproxy: correct wscale option passing
Date: Thu, 14 Nov 2013 15:35:31 +0100
Message-Id: <1384439731-16296-3-git-send-email-mph@one.com>
X-Mailer: git-send-email 1.8.4
In-Reply-To: <1384439731-16296-1-git-send-email-mph@one.com>
References: <1384439731-16296-1-git-send-email-mph@one.com>
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

Timestamp are used to store additional syncookie parameters such as sack,
ecn, and wscale. The wscale value we need to encode is the client's
wscale, since we can't recover that later in the session. Next overwrite
the wscale option so the later synproxy_send_client_synack will send
the backend's wscale to the client.

Signed-off-by: Martin Topholm <mph@one.com>
Reviewed-by: Jesper Dangaard Brouer <brouer@redhat.com>
---
 net/netfilter/nf_synproxy_core.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/net/netfilter/nf_synproxy_core.c b/net/netfilter/nf_synproxy_core.c
index cdf4567..9858e3e 100644
--- a/net/netfilter/nf_synproxy_core.c
+++ b/net/netfilter/nf_synproxy_core.c
@@ -151,9 +151,10 @@ void synproxy_init_timestamp_cookie(const struct xt_synproxy_info *info,
 	opts->tsecr = opts->tsval;
 	opts->tsval = tcp_time_stamp & ~0x3f;
 
-	if (opts->options & XT_SYNPROXY_OPT_WSCALE)
-		opts->tsval |= info->wscale;
-	else
+	if (opts->options & XT_SYNPROXY_OPT_WSCALE) {
+		opts->tsval |= opts->wscale;
+		opts->wscale = info->wscale;
+	} else
 		opts->tsval |= 0xf;
 
 	if (opts->options & XT_SYNPROXY_OPT_SACK_PERM)