Skip to content

Commit

Permalink
netfilter: synproxy: correct wscale option passing
Browse files Browse the repository at this point in the history 
Timestamp are used to store additional syncookie parameters such as sack,
ecn, and wscale. The wscale value we need to encode is the client's
wscale, since we can't recover that later in the session. Next overwrite
the wscale option so the later synproxy_send_client_synack will send
the backend's wscale to the client.

Signed-off-by: Martin Topholm <mph@one.com>
Reviewed-by: Jesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  • Loading branch information
Martin Topholm authored and Pablo Neira Ayuso committed Nov 18, 2013
1 parent a6441b7 commit c1898c4
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions net/netfilter/nf_synproxy_core.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -151,9 +151,10 @@ void synproxy_init_timestamp_cookie(const struct xt_synproxy_info *info,
opts->tsecr = opts->tsval;
opts->tsval = tcp_time_stamp & ~0x3f;

if (opts->options & XT_SYNPROXY_OPT_WSCALE)
opts->tsval |= info->wscale;
else
if (opts->options & XT_SYNPROXY_OPT_WSCALE) {
opts->tsval |= opts->wscale;
opts->wscale = info->wscale;
} else
opts->tsval |= 0xf;

if (opts->options & XT_SYNPROXY_OPT_SACK_PERM)
Expand Down

0 comments on commit c1898c4

Please sign in to comment.