Pablo Neira Ayuso <pa...@netfilter.org> wrote: > > opts.options &= info->options; > > + client_mssinfo = opts.mss; > > + opts.mss = info->mss; > > No need for this new client_mssinfo variable, right? I mean, you can > just set: > > opts.mss = info->mss; > > and use it from synproxy_send_client_synack().
I thought that as well but we need both mss values, the one configured in the target (info->mss) and the ine received from the peer. The former is what we announce to peer in the syn/ack (as tcp option), the latter is what we need to encode in the syncookie (to decode it on cookie ack).
