diff options
| author | Martin Topholm <mph@one.com> | 2013-11-14 09:35:31 -0500 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-11-18 06:53:38 -0500 |
| commit | c1898c4c295b735c05af4c09664993fd8f257c2b (patch) | |
| tree | 869130e70b5c9b01734bbb3211a4fdb45c8dde9a /net | |
| parent | a6441b7a39f18acb68c83cd738f1310881aa8a0b (diff) | |
netfilter: synproxy: correct wscale option passing
Timestamp are used to store additional syncookie parameters such as sack,
ecn, and wscale. The wscale value we need to encode is the client's
wscale, since we can't recover that later in the session. Next overwrite
the wscale option so the later synproxy_send_client_synack will send
the backend's wscale to the client.
Signed-off-by: Martin Topholm <mph@one.com>
Reviewed-by: Jesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/nf_synproxy_core.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/net/netfilter/nf_synproxy_core.c b/net/netfilter/nf_synproxy_core.c index cdf4567ba9b3..9858e3e51a3a 100644 --- a/net/netfilter/nf_synproxy_core.c +++ b/net/netfilter/nf_synproxy_core.c | |||
| @@ -151,9 +151,10 @@ void synproxy_init_timestamp_cookie(const struct xt_synproxy_info *info, | |||
| 151 | opts->tsecr = opts->tsval; | 151 | opts->tsecr = opts->tsval; |
| 152 | opts->tsval = tcp_time_stamp & ~0x3f; | 152 | opts->tsval = tcp_time_stamp & ~0x3f; |
| 153 | 153 | ||
| 154 | if (opts->options & XT_SYNPROXY_OPT_WSCALE) | 154 | if (opts->options & XT_SYNPROXY_OPT_WSCALE) { |
| 155 | opts->tsval |= info->wscale; | 155 | opts->tsval |= opts->wscale; |
| 156 | else | 156 | opts->wscale = info->wscale; |
| 157 | } else | ||
| 157 | opts->tsval |= 0xf; | 158 | opts->tsval |= 0xf; |
| 158 | 159 | ||
| 159 | if (opts->options & XT_SYNPROXY_OPT_SACK_PERM) | 160 | if (opts->options & XT_SYNPROXY_OPT_SACK_PERM) |