commit 124d77eb1fadb9364f8caf1baffbaefce5781026
author Dmitry Shmidt <dimitrysh@google.com> Wed Dec 18 12:18:37 2013 -0800
committer Android Git Automerger <android-git-automerger@android.com> Wed Dec 18 12:18:37 2013 -0800
tree 06cd5cdb9809c0cc1ffd5ca3467322c6174ed8e0
parent bf4420633fd1a84a7dcabeebe768d7a14ed76c7e
parent 7f4117ee430e5069bffc89ad4e3841845586951a

am 7f4117ee: Merge "tethering: Add --dhcp-authoritative to dnsmasq daemon"

* commit '7f4117ee430e5069bffc89ad4e3841845586951a':
  tethering: Add --dhcp-authoritative to dnsmasq daemon

CommandListener.cpp

diff --git a/CommandListener.cpp b/CommandListener.cpp
index f1bec15..0ca5d8f 100644
--- a/CommandListener.cpp
+++ b/CommandListener.cpp
@@ -90,6 +90,7 @@
 static const char* MANGLE_POSTROUTING[] = {
         BandwidthController::LOCAL_MANGLE_POSTROUTING,
         IdletimerController::LOCAL_MANGLE_POSTROUTING,
+        SecondaryTableController::LOCAL_MANGLE_POSTROUTING,
         NULL,
 };
 

SecondaryTableController.cpp

diff --git a/SecondaryTableController.cpp b/SecondaryTableController.cpp
index d12f4c8..736b5fe 100644
--- a/SecondaryTableController.cpp
+++ b/SecondaryTableController.cpp
@@ -37,6 +37,7 @@
 #include "SecondaryTableController.h"
 
 const char* SecondaryTableController::LOCAL_MANGLE_OUTPUT = "st_mangle_OUTPUT";
+const char* SecondaryTableController::LOCAL_MANGLE_POSTROUTING = "st_mangle_POSTROUTING";
 const char* SecondaryTableController::LOCAL_MANGLE_EXEMPT = "st_mangle_EXEMPT";
 const char* SecondaryTableController::LOCAL_MANGLE_IFACE_FORMAT = "st_mangle_%s_OUTPUT";
 const char* SecondaryTableController::LOCAL_NAT_POSTROUTING = "st_nat_POSTROUTING";
@@ -422,6 +423,18 @@
                 "0",
                 NULL);
 
+        /* Best effort, because some kernels might not have the needed TCPMSS */
+        execIptables(V4V6,
+                "-t",
+                "mangle",
+                "-A",
+                LOCAL_MANGLE_POSTROUTING,
+                "-p", "tcp", "-o", iface, "--tcp-flags", "SYN,RST", "SYN",
+                "-j",
+                "TCPMSS",
+                "--clamp-mss-to-pmtu",
+                NULL);
+
     } else {
         ret = execIptables(V4V6,
                 "-t",
@@ -450,6 +463,18 @@
                 "-X",
                 chain_str,
                 NULL);
+
+        /* Best effort, because some kernels might not have the needed TCPMSS */
+        execIptables(V4V6,
+                "-t",
+                "mangle",
+                "-D",
+                LOCAL_MANGLE_POSTROUTING,
+                "-p", "tcp", "-o", iface, "--tcp-flags", "SYN,RST", "SYN",
+                "-j",
+                "TCPMSS",
+                "--clamp-mss-to-pmtu",
+                NULL);
     }
 
     //set up the needed source IP rewriting

SecondaryTableController.h

diff --git a/SecondaryTableController.h b/SecondaryTableController.h
index 81bb863..a153685 100644
--- a/SecondaryTableController.h
+++ b/SecondaryTableController.h
@@ -59,6 +59,7 @@
     int setupIptablesHooks();
 
     static const char* LOCAL_MANGLE_OUTPUT;
+    static const char* LOCAL_MANGLE_POSTROUTING;
     static const char* LOCAL_MANGLE_EXEMPT;
     static const char* LOCAL_MANGLE_IFACE_FORMAT;
     static const char* LOCAL_NAT_POSTROUTING;