On 5/16/05, Quinton Hoole <quinton@xxxxxxxxx> wrote: > This newbie needs to add and/or rewrite data in the IP Options fields. > The MANGLE chain looks like the place to do this, but I don't see the > appropriate target extensions to achieve it. It seems easy to mangle > most other fields (DSCP, ECN, TOS, TTL etc) but no mention of the > OPTIONS fields. > > Is mangling of IP options fields supported by netfilter/iptables? Which IP options are you looking to be able to mangle? If you just need to be able to mangle the MSS, then check out the TCPMSS target included in the vanilla Linux kernel. This would also be a good place to start if you need to create an iptables target that mangles an IP option of another type. You might also check out the IPV4OPTSSTRIP target in patch-o-matic (http://svn.netfilter.org), but I don't know how much utility this will have for you. -- [ Tobias DiPasquale ] 0x636f6465736c696e67657240676d61696c2e636f6d
