Merge pull request #1478 from sever-sever/T4622

firewall: T4622: Add TCP MSS option
author: Christian Poessinger <christian@poessinger.com> 2022-08-25 06:27:01 +0200
committer: GitHub <noreply@github.com> 2022-08-25 06:27:01 +0200
commit: 20090229009d0aa783560c74207dbccb1014ebe0 (patch)
tree: 8399170707ffb028e42426c013dd3fb19a803a79 /python
parent: eb4a7ee3afc0765671ce0fa379ab5e3518e9e49e (diff)
parent: fd15f9d2ab6a7e5bbc07ff2e8b10c064984492ce (diff)
download: vyos-1x-20090229009d0aa783560c74207dbccb1014ebe0.tar.gz
vyos-1x-20090229009d0aa783560c74207dbccb1014ebe0.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py
index 3e2de4c3f..663c4394a 100644
--- a/python/vyos/firewall.py
+++ b/python/vyos/firewall.py
@@ -297,6 +297,11 @@ def parse_rule(rule_conf, fw_name, rule_id, ip_name):
     if tcp_flags:
         output.append(parse_tcp_flags(tcp_flags))
 
+    # TCP MSS
+    tcp_mss = dict_search_args(rule_conf, 'tcp', 'mss')
+    if tcp_mss:
+        output.append(f'tcp option maxseg size {tcp_mss}')
+
     output.append('counter')
 
     if 'set' in rule_conf:
author	Christian Poessinger <christian@poessinger.com>	2022-08-25 06:27:01 +0200
committer	GitHub <noreply@github.com>	2022-08-25 06:27:01 +0200
commit	20090229009d0aa783560c74207dbccb1014ebe0 (patch)
tree	8399170707ffb028e42426c013dd3fb19a803a79 /python
parent	eb4a7ee3afc0765671ce0fa379ab5e3518e9e49e (diff)
parent	fd15f9d2ab6a7e5bbc07ff2e8b10c064984492ce (diff)
download	vyos-1x-20090229009d0aa783560c74207dbccb1014ebe0.tar.gz vyos-1x-20090229009d0aa783560c74207dbccb1014ebe0.zip