Author: marek Date: 2009-09-11 17:56:56 +0000 (Fri, 11 Sep 2009) New Revision: 1435
Modified: trunk/batman/linux/tun.c Log: [batman] add iptables MSS CLAMP rule in mangle table as suggested by Michael Rack
Modified: trunk/batman/linux/tun.c =================================================================== --- trunk/batman/linux/tun.c 2009-09-11 17:56:53 UTC (rev 1434) +++ trunk/batman/linux/tun.c 2009-09-11 17:56:56 UTC (rev 1435) @@ -40,6 +40,9 @@ #define IPTABLES_ADD_MASQ "iptables -t nat -A POSTROUTING -o %s -j MASQUERADE" #define IPTABLES_DEL_MASQ "iptables -t nat -D POSTROUTING -o %s -j MASQUERADE"
+#define IPTABLES_ADD_MSS "iptables -t mangle -I POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o %s -j TCPMSS --clamp-mss-to-pmtu" +#define IPTABLES_DEL_MSS "iptables -t mangle -D POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o %s -j TCPMSS --clamp-mss-to-pmtu" + #define IPTABLES_ADD_ACC "iptables -t nat -I POSTROUTING -s %s/%i -j ACCEPT" #define IPTABLES_DEL_ACC "iptables -t nat -D POSTROUTING -s %s/%i -j ACCEPT"
@@ -101,17 +104,23 @@ }
void add_nat_rule(char *dev) { - char cmd[100]; + char cmd[150];
sprintf(cmd, IPTABLES_ADD_MASQ, dev); exec_iptables_rule(cmd, ROUTE_ADD); + + sprintf(cmd, IPTABLES_ADD_MSS, dev); + exec_iptables_rule(cmd, ROUTE_ADD); }
void del_nat_rule(char *dev) { - char cmd[100]; + char cmd[150];
sprintf(cmd, IPTABLES_DEL_MASQ, dev); exec_iptables_rule(cmd, ROUTE_DEL); + + sprintf(cmd, IPTABLES_ADD_MSS, dev); + exec_iptables_rule(cmd, ROUTE_DEL); }
void hna_local_update_nat(uint32_t hna_ip, uint8_t netmask, int8_t route_action) {