From: Patrick McHardy <kaber@trash.net>
To: Arnaud Ebalard <arno@natisbad.org>
Cc: netfilter-devel@lists.netfilter.org
Subject: Re: [patch] netfilter: implement TCPMSS target for IPv6
Date: Tue, 16 Jan 2007 14:34:14 +0100 [thread overview]
Message-ID: <45ACD456.6010200@trash.net> (raw)
In-Reply-To: <87ac0jl1az.fsf@boz.loft.chdir.org>
Arnaud Ebalard wrote:
> Sorry for the late post. Just to say that i also _had_ to implement
> that (2.6.19.1 and iptables 1.3.7). I was testing it before pushing
> it ;-) too late. Anyway, patch is below for reference.
Thanks, I've applied the ip6tables TCPMSS extension to SVN.
> Question : I made a specific case for AH (even if deprecated) protected
> traffic to avoid clamping of that packets. ipv6_skip_exthdr() simply
> does not verify that and it seems there is no check against that. Can
> you take a look at find_tcp_hdr in the patch below and tell me if i'm
> wrong ? (function is based on ipv6_find_hdr(), ipv6_prepare(),
> nf_ct_ipv6_skip_exthdr() and ipv6_skip_exthdr() code).
Mhh .. that makes sense, but I tend to prefer to let users take care
of that using their ruleset.
next prev parent reply other threads:[~2007-01-16 13:34 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-14 19:20 [patch] netfilter: implement TCPMSS target for IPv6 David Madore
2007-01-14 20:10 ` Jan Engelhardt
2007-01-15 0:35 ` David Madore
2007-01-15 8:40 ` Patrick McHardy
2007-01-15 8:39 ` Patrick McHardy
2007-01-15 10:12 ` Jan Engelhardt
2007-01-15 10:18 ` Patrick McHardy
2007-01-15 13:01 ` Jan Engelhardt
2007-01-15 14:38 ` Patrick McHardy
2007-01-15 14:40 ` [PATCH] Re: ipt->xt (was: implement TCPMSS target for IPv6) Jan Engelhardt
2007-01-15 14:51 ` [PATCH] Re: ipt->xt Patrick McHardy
2007-01-15 16:34 ` ipt->xt Jan Engelhardt
2007-01-15 16:36 ` ipt->xt Patrick McHardy
2007-01-15 16:39 ` ipt->xt [p2] Jan Engelhardt
2007-01-17 11:31 ` Patrick McHardy
2007-01-17 12:38 ` Jan Engelhardt
2007-01-17 12:40 ` Patrick McHardy
2007-01-17 13:13 ` ipt->xt [p3] Jan Engelhardt
2007-01-17 13:17 ` Jan Engelhardt
2007-01-17 14:14 ` [PATCH 1/3] Fix return values for LOG and ULOG Jan Engelhardt
2007-01-17 14:14 ` [PATCH 2/3] XT: xt_match and xt_target Jan Engelhardt
2007-01-17 14:18 ` [PATCH 3/3] XT: xt_table Jan Engelhardt
2007-01-15 18:42 ` [patch] netfilter: implement TCPMSS target for IPv6 Patrick McHardy
2007-01-15 20:02 ` Jan Engelhardt
2007-01-16 12:20 ` Patrick McHardy
2007-01-16 10:21 ` Arnaud Ebalard
2007-01-16 13:34 ` Patrick McHardy [this message]
2007-01-16 14:22 ` Arnaud Ebalard
2007-01-19 4:27 ` Yasuyuki KOZAKAI
[not found] ` <200701190427.l0J4RO51024049@toshiba.co.jp>
2007-01-19 12:16 ` Patrick McHardy
2007-02-12 16:08 ` Rémi Denis-Courmont
2007-02-12 16:33 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=45ACD456.6010200@trash.net \
--to=kaber@trash.net \
--cc=arno@natisbad.org \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).