Browse Source

Add 'all' option for mss clamp

tags/2.1
Brielle Bruns 6 years ago
parent
commit
78772c0cdf
2 changed files with 5 additions and 1 deletions
  1. +2
    -0
      CHANGELOG
  2. +3
    -1
      lib/iptables.inc

+ 2
- 0
CHANGELOG View File

@@ -1,6 +1,8 @@
2.1 Alpha 2 - 03/15/2015
- Unset variables in loops to make sure theres no leakage of
variables into the next run of the loop
04/09/2015
- Allow use of 'all' in MSS rules to match all forwarding/out traffic

2.1 Alpha 1 - 11/29/2014
- Added support for custom fields in NAT and ACL rules, as this allows


+ 3
- 1
lib/iptables.inc View File

@@ -184,9 +184,11 @@ function enable_mss_clamp {
[[ -z ${msssize} ]] && msssize="-"
[[ ${msssize} != "-" ]] && msssize="--set-mss ${msssize}"
[[ ${msssize} == "-" ]] && msssize="--clamp-mss-to-pmtu"
[[ ${interface} == "all" ]] && interface=""
[[ ${interface} != "all" ]] && interface="-o ${interface}"
${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR} Read: ${interface} ${mss} ${type} ${msssize}"
${VER_IPTABLES} -A ${type} -p tcp --tcp-flags SYN,RST SYN -j TCPMSS \
-o ${interface} -m tcpmss --mss ${mss} ${msssize}
${interface} -m tcpmss --mss ${mss} ${msssize}
unset interface mss type msssize
done < "${FWCONFIGDIR}/ipv${IPVER}/mss-clamp.conf"



Loading…
Cancel
Save