On Fri, Jul 4, 2025 at 8:27 PM Florian Westphal <fw@xxxxxxxxx> wrote: > > Zhongqiu Duan <dzq.aishenghu0@xxxxxxxxx> wrote: > > The mss and wscale fields is optional for synproxy statement, this patch > > to make the same behavior for synproxy object, and also makes the > > timestamp and sack-perm flags no longer order-sensitive. > > Whats the use case for omitting the mss field? > It seems this should be made mandatory, no? > Agree, I think mss should be set in almost all cases. This patch is mainly to keep the same syntax support between the synproxy statement and object. > Also I think we should reject wscale > 14 from the parsers (can be done > in extra patch). > > And also reject it in kernel by updating the nla_policy in > net/netfiler/nft_synproxy.c in the kernel.
