Fix MSS clamping.
http://ag/553410 added an iptables chain and rule to do MSS
clamping for tethered clients, but did not add the chain to any
other chains, so the rule had no effect.
Fix this by adding the chain to the proper forwarding chains.
Also rename some of the new variables and constants so they are
more consistent with the previous code.
Bug: 17552732
Bug: 17727533
Change-Id: I9fcae31de5c0283d7d9f1dac989de84f77c5e53c
diff --git a/server/NatController.cpp b/server/NatController.cpp
index d9a779c..e66d971 100644
--- a/server/NatController.cpp
+++ b/server/NatController.cpp
@@ -36,6 +36,7 @@
#include "RouteController.h"
const char* NatController::LOCAL_FORWARD = "natctrl_FORWARD";
+const char* NatController::LOCAL_MANGLE_FORWARD = "natctrl_mangle_FORWARD";
const char* NatController::LOCAL_NAT_POSTROUTING = "natctrl_nat_POSTROUTING";
const char* NatController::LOCAL_TETHER_COUNTERS_CHAIN = "natctrl_tether_counters";
@@ -97,10 +98,7 @@
{{IPTABLES_PATH, "-F", LOCAL_TETHER_COUNTERS_CHAIN,}, 0},
{{IPTABLES_PATH, "-X", LOCAL_TETHER_COUNTERS_CHAIN,}, 0},
{{IPTABLES_PATH, "-N", LOCAL_TETHER_COUNTERS_CHAIN,}, 1},
- {{IPTABLES_PATH, "-t", "mangle", "-F", LOCAL_FORWARD,}, 0},
- {{IPTABLES_PATH, "-t", "mangle", "-X", LOCAL_FORWARD,}, 0},
- {{IPTABLES_PATH, "-t", "mangle", "-N", LOCAL_FORWARD,}, 1},
- {{IPTABLES_PATH, "-t", "mangle", "-A", LOCAL_FORWARD, "-p", "tcp", "--tcp-flags",
+ {{IPTABLES_PATH, "-t", "mangle", "-A", LOCAL_MANGLE_FORWARD, "-p", "tcp", "--tcp-flags",
"SYN", "SYN", "-j", "TCPMSS", "--clamp-mss-to-pmtu"}, 0},
};
for (unsigned int cmdNum = 0; cmdNum < ARRAY_SIZE(defaultCommands); cmdNum++) {