Tobias DiPasquale wrote:
On 5/16/05, Quinton Hoole <quinton@xxxxxxxxx> wrote:I'll be needing to mangle other fields. My ultimate goal is to "stamp" a 32 or 64 bit value into each packet for security reasons.
This newbie needs to add and/or rewrite data in the IP Options fields. The MANGLE chain looks like the place to do this, but I don't see the appropriate target extensions to achieve it. It seems easy to mangle most other fields (DSCP, ECN, TOS, TTL etc) but no mention of the OPTIONS fields.
Is mangling of IP options fields supported by netfilter/iptables?
Which IP options are you looking to be able to mangle? If you just
need to be able to mangle the MSS, then check out the TCPMSS target
included in the vanilla Linux kernel.
This would also be a good place
to start if you need to create an iptables target that mangles an IP
option of another type.
Great, thanks.
Q
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
