On Tuesday 2009-03-24 22:12, Steven Jan Springl wrote:
>Is there a problem with mss in this release?
>If I specify rule:
>-A OUTPUT -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1000:1500 -j ACCEPT
>I get error:
> Invalid mss '1000' specified.
>
>It appears that mss values less than 65536 are rejected, while values of 65536
>or greater are accepted. Is this not the wrong way around?
Indeed. There is an uncommon coding pattern (compared to the rest of
the iptables sources) in the function at hand. Patch below.
usually:
if (!strtoui(...))
you_fail;
return ok;
libxt_tcpmss:
if (strtoui(...))
return ok;
you_fail;
Pullable from the usual location at git://dev.medozas.de/iptables
Updating 6e70f46..ed7925b
Fast forward
extensions/libxt_tcpmss.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
parent 6e70f46f2a146bb7c657f71724c999147a5925dc (v1.4.3.1)
commit ed7925b77010dd17531ea0424b49d2b72af4add9
Author: Jan Engelhardt <jengelh@xxxxxxxxxx>
Date: Tue Mar 24 22:26:25 2009 +0100
libxt_tcpmss: fix an inversion while parsing --mss
Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
---
extensions/libxt_tcpmss.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c
index 43a4a0d..46529f9 100644
--- a/extensions/libxt_tcpmss.c
+++ b/extensions/libxt_tcpmss.c
@@ -26,7 +26,7 @@ parse_tcp_mssvalue(const char *mssvalue)
{
unsigned int mssvaluenum;
- if (!xtables_strtoui(mssvalue, NULL, &mssvaluenum, 0, UINT16_MAX))
+ if (xtables_strtoui(mssvalue, NULL, &mssvaluenum, 0, UINT16_MAX))
return mssvaluenum;
xtables_error(PARAMETER_PROBLEM,
--
# Created with git-export-patch
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
