iptables: add test file for TCPMSS extension

Message ID	1508187729-3926-1-git-send-email-aastha.gupta4104@gmail.com
State	Accepted
Delegated to:	Pablo Neira
Headers	show Return-Path: <netfilter-devel-owner@vger.kernel.org> From: Aastha Gupta <aastha.gupta4104@gmail.com> To: outreachy-kernel@googlegroups.com, Pablo Neira Ayuso <pablo@netfilter.org>, netfilter-devel@vger.kernel.org Cc: Aastha Gupta <aastha.gupta4104@gmail.com> Subject: [PATCH] iptables: add test file for TCPMSS extension Date: Tue, 17 Oct 2017 02:32:09 +0530 Message-Id: <1508187729-3926-1-git-send-email-aastha.gupta4104@gmail.com> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk
Series	iptables: add test file for TCPMSS extension \| expand iptables: add test file for TCPMSS extension

Message ID

1508187729-3926-1-git-send-email-aastha.gupta4104@gmail.com

State

Accepted

Delegated to:

Pablo Neira

Headers

From: Aastha Gupta <aastha.gupta4104@gmail.com>
To: outreachy-kernel@googlegroups.com,
	Pablo Neira Ayuso <pablo@netfilter.org>, netfilter-devel@vger.kernel.org
Cc: Aastha Gupta <aastha.gupta4104@gmail.com>
Subject: [PATCH] iptables: add test file for TCPMSS extension
Date: Tue, 17 Oct 2017 02:32:09 +0530
Message-Id: <1508187729-3926-1-git-send-email-aastha.gupta4104@gmail.com>
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk

Series

iptables: add test file for TCPMSS extension | expand

This adds test file for the recently added TCPMSS extension. Signed-off-by: Aastha Gupta <aastha.gupta4104@gmail.com> --- extensions/libxt_TCPMSS.txlate | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 extensions/libxt_TCPMSS.txlate

Comments

Pablo Neira Ayuso Oct. 17, 2017, 11:56 a.m. UTC | #1

On Tue, Oct 17, 2017 at 02:32:09AM +0530, Aastha Gupta wrote:
> This adds test file for the recently added TCPMSS extension.

I'm taking this last version, it doesn't say v4 but looking at timing,
it is the last one you have submitted.

Applied, thanks. If there is anything you need to fix, send me a
follow up patch.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Pablo Neira Ayuso Oct. 17, 2017, noon UTC | #2

On Tue, Oct 17, 2017 at 01:56:28PM +0200, Pablo Neira Ayuso wrote:
> On Tue, Oct 17, 2017 at 02:32:09AM +0530, Aastha Gupta wrote:
> > This adds test file for the recently added TCPMSS extension.
> 
> I'm taking this last version, it doesn't say v4 but looking at timing,
> it is the last one you have submitted.
> 
> Applied, thanks. If there is anything you need to fix, send me a
> follow up patch.

Oh, I understand, this is the test file. Other patches add the
translation.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/extensions/libxt_TCPMSS.txlate b/extensions/libxt_TCPMSS.txlate
new file mode 100644
index 0000000..6a64d2c
--- /dev/null
+++ b/extensions/libxt_TCPMSS.txlate
@@ -0,0 +1,5 @@ 
+iptables-translate -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
+nft add rule ip filter FORWARD tcp flags & (syn|rst) == syn counter tcp option maxseg size set rt mtu
+
+iptables-translate -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 90
+nft add rule ip filter FORWARD tcp flags & (syn|rst) == syn counter tcp option maxseg size set 90

iptables: add test file for TCPMSS extension

Commit Message

Comments

Patch