netfilter: synproxy: fix erroneous tcp mss option

Now synproxy sends the mss value set by the user on client syn-ack packet instead of the mss value that client announced. Fixes: 48b1de4c110a ("netfilter: add SYNPROXY core/target") Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Fernando Fernandez Mancera <ffmancera@riseup.net> 2019-07-10 12:05:57 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2019-07-16 13:17:01 +0200
commit: b83329fb473f29d34d85d642e3a3313bb2871fa9 (patch)
tree: 446974de0e1933d23c2b080b815a31b473b3f736 /net/netfilter/nf_synproxy_core.c
parent: netfilter: nf_tables: fix module autoload for redir (diff)
download: linux-dev-b83329fb473f29d34d85d642e3a3313bb2871fa9.tar.xz
linux-dev-b83329fb473f29d34d85d642e3a3313bb2871fa9.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/net/netfilter/nf_synproxy_core.c b/net/netfilter/nf_synproxy_core.c
index b101f187eda8..09718e5a9e41 100644
--- a/net/netfilter/nf_synproxy_core.c
+++ b/net/netfilter/nf_synproxy_core.c
@@ -470,7 +470,7 @@ synproxy_send_client_synack(struct net *net,
 	struct iphdr *iph, *niph;
 	struct tcphdr *nth;
 	unsigned int tcp_hdr_size;
-	u16 mss = opts->mss;
+	u16 mss = opts->mss_encode;
 
 	iph = ip_hdr(skb);
 
@@ -884,7 +884,7 @@ synproxy_send_client_synack_ipv6(struct net *net,
 	struct ipv6hdr *iph, *niph;
 	struct tcphdr *nth;
 	unsigned int tcp_hdr_size;
-	u16 mss = opts->mss;
+	u16 mss = opts->mss_encode;
 
 	iph = ipv6_hdr(skb);
author	Fernando Fernandez Mancera <ffmancera@riseup.net>	2019-07-10 12:05:57 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2019-07-16 13:17:01 +0200
commit	b83329fb473f29d34d85d642e3a3313bb2871fa9 (patch)
tree	446974de0e1933d23c2b080b815a31b473b3f736 /net/netfilter/nf_synproxy_core.c
parent	netfilter: nf_tables: fix module autoload for redir (diff)
download	linux-dev-b83329fb473f29d34d85d642e3a3313bb2871fa9.tar.xz linux-dev-b83329fb473f29d34d85d642e3a3313bb2871fa9.zip