From: Brendan O'Dea Date: Fri, 16 Sep 2005 05:54:53 +0000 (+0000) Subject: set mss, adjust checksum X-Git-Tag: 2.2.1-2fdn3.1~19^2^2~1^2~103 X-Git-Url: http://git.sameswireless.fr/l2tpns.git/commitdiff_plain/58617785d5676bdb0dc09b6360c853407f40f372?ds=inline;hp=-c set mss, adjust checksum --- 58617785d5676bdb0dc09b6360c853407f40f372 diff --git a/l2tpns.c b/l2tpns.c index c5d8cc9..732d7e8 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -4,7 +4,7 @@ // Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced // vim: sw=8 ts=8 -char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.135 2005-09-16 05:35:31 bodea Exp $"; +char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.136 2005-09-16 05:54:53 bodea Exp $"; #include #include @@ -990,6 +990,8 @@ void adjust_tcp_mss(sessionidt s, tunnelidt t, uint8_t *buf, int len, uint8_t *t uint8_t *mss = 0; uint8_t *opts; uint8_t *data; + uint16_t orig; + uint32_t sum; if ((tcp[13] & 0x3f) & ~(TCP_FLAG_SYN|TCP_FLAG_ACK)) // only want SYN and SYN,ACK return; @@ -1017,15 +1019,23 @@ void adjust_tcp_mss(sessionidt s, tunnelidt t, uint8_t *buf, int len, uint8_t *t } if (!mss) return; // not found - if (ntohs(*(uint16_t *) mss) <= MSS) return; // mss OK + orig = ntohs(*(uint16_t *) mss); - LOG(5, s, t, "TCP: %s:%u -> %s:%u SYN%s, adjusted mss from %u to %u\n", - fmtaddr(*(in_addr_t *)(buf + 12), 0), ntohs(*(uint16_t *)tcp), - fmtaddr(*(in_addr_t *)(buf + 16), 1), ntohs(*(uint16_t *)(tcp + 2)), - (tcp[13] & TCP_FLAG_ACK) ? ",ACK" : "", - ntohs(*(uint16_t *) mss), MSS); + if (orig <= MSS) return; // mss OK - // FIXME + LOG(5, s, t, "TCP: %s:%u -> %s:%u SYN%s, adjusted mss from %u to %u\n", + fmtaddr(*(in_addr_t *) (buf + 12), 0), ntohs(*(uint16_t *) tcp), + fmtaddr(*(in_addr_t *) (buf + 16), 1), ntohs(*(uint16_t *) (tcp + 2)), + (tcp[13] & TCP_FLAG_ACK) ? ",ACK" : "", orig, MSS); + + // set mss + *(int16_t *) mss = MSS; + + // adjust checksum (see rfc1141) + sum = orig + (~MSS & 0xffff); + sum += ntohs(*(uint16_t *) (tcp + 16)); + sum = (sum & 0xffff) + (sum >> 16); + *(uint16_t *) (tcp + 16) = htons(sum); } // process outgoing (to tunnel) IP