const struct net_device *in,
const struct net_device *out,
unsigned int hooknum,
- const struct xt_target *target,
const void *targinfo,
void *userinfo)
{
static int
ipt_tcpmss_checkentry(const char *tablename,
const void *e_void,
- const struct xt_target *target,
void *targinfo,
unsigned int targinfosize,
unsigned int hook_mask)
const struct ipt_tcpmss_info *tcpmssinfo = targinfo;
const struct ipt_entry *e = e_void;
+ if (targinfosize != IPT_ALIGN(sizeof(struct ipt_tcpmss_info))) {
+ DEBUGP("ipt_tcpmss_checkentry: targinfosize %u != %u\n",
+ targinfosize, IPT_ALIGN(sizeof(struct ipt_tcpmss_info)));
+ return 0;
+ }
+
+
if((tcpmssinfo->mss == IPT_TCPMSS_CLAMP_PMTU) &&
((hook_mask & ~((1 << NF_IP_FORWARD)
| (1 << NF_IP_LOCAL_OUT)
return 0;
}
- if (IPT_MATCH_ITERATE(e, find_syn_match))
+ if (e->ip.proto == IPPROTO_TCP
+ && !(e->ip.invflags & IPT_INV_PROTO)
+ && IPT_MATCH_ITERATE(e, find_syn_match))
return 1;
+
printk("TCPMSS: Only works on TCP SYN packets\n");
return 0;
}
static struct ipt_target ipt_tcpmss_reg = {
.name = "TCPMSS",
.target = ipt_tcpmss_target,
- .targetsize = sizeof(struct ipt_tcpmss_info),
- .proto = IPPROTO_TCP,
.checkentry = ipt_tcpmss_checkentry,
.me = THIS_MODULE,
};
-static int __init ipt_tcpmss_init(void)
+static int __init init(void)
{
return ipt_register_target(&ipt_tcpmss_reg);
}
-static void __exit ipt_tcpmss_fini(void)
+static void __exit fini(void)
{
ipt_unregister_target(&ipt_tcpmss_reg);
}
-module_init(ipt_tcpmss_init);
-module_exit(ipt_tcpmss_fini);
+module_init(init);
+module_exit(fini);
git://git.onelab.eu / linux-2.6.git / blobdiff