From a938f14317c83085d5465fa8855e1cf7be319739 Mon Sep 17 00:00:00 2001 From: HimbeerserverDE Date: Wed, 3 May 2023 21:24:41 +0200 Subject: add method to change the tcp mss --- src/rule_methods.rs | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) (limited to 'src/rule_methods.rs') diff --git a/src/rule_methods.rs b/src/rule_methods.rs index 6db9acc..7f3c4c9 100644 --- a/src/rule_methods.rs +++ b/src/rule_methods.rs @@ -7,9 +7,9 @@ use crate::data_type::ip_to_vec; use crate::error::BuilderError; use crate::expr::ct::{ConnTrackState, Conntrack, ConntrackKey}; use crate::expr::{ - Bitwise, Cmp, CmpOp, HighLevelPayload, IPv4HeaderField, IPv6HeaderField, Immediate, Masquerade, - Meta, MetaType, Nat, NatType, NetworkHeaderField, Register, TCPHeaderField, - TransportHeaderField, UDPHeaderField, VerdictKind, + Bitwise, Cmp, CmpOp, ExtHdr, ExtHdrOp, HighLevelPayload, IPv4HeaderField, IPv6HeaderField, + Immediate, Masquerade, Meta, MetaType, Nat, NatType, NetworkHeaderField, Register, + TCPHeaderField, TransportHeaderField, UDPHeaderField, VerdictKind, }; use crate::{ProtocolFamily, Rule}; @@ -247,6 +247,23 @@ impl Rule { }); self } + /// Adds the `ExtHdr` expression to the rule. The packet will have + /// its MSS rewritten. + pub fn set_mss(mut self, mss: u16) -> Self { + self.add_expr(Immediate::new_data( + mss.to_be_bytes().to_vec(), + Register::Reg1, + )); + self.add_expr( + ExtHdr::default() + .with_sreg(Register::Reg1) + .with_typ(2u8) + .with_offset(2u32) + .with_len(2u32) + .with_op(ExtHdrOp::TCPOpt), + ); + self + } } /// Looks up the interface index for a given interface name. -- cgit v1.2.3