ng_tcpmss(4)

NAME

ng_tcpmss - netgraph node to adjust TCP MSS option

SYNOPSIS

#include <netgraph.h>
#include <netgraph/ng_tcpmss.h>

DESCRIPTION

The tcpmss node type is designed to alter the Maximum Seg
ment Size option
of TCP packets. This node accepts an arbitrary number of
hooks. Initially a new hook is considered unconfigured. The
NG_TCPMSS_CONFIG control message is used to configure a hook.

CONTROL MESSAGES

This node type supports the generic control messages, plus
the following.
NGM_TCPMSS_CONFIG (config)
This control message configures node to do given MSS
adjusting on
a particular hook. It requires the struct
ng_tcpmss_config to be
supplied as an argument:
struct ng_tcpmss_config {
char inHook[NG_HOOKSIZ];
char outHook[NG_HOOKSIZ];
uint16_t maxMSS;
}
This means: packets received on inHook would be
checked for TCP
MSS option and the latter would be reduced down to
maxMSS if it
exceeds maxMSS. After that, packets would be sent
to hook
outHook.
NGM_TCPMSS_GET_STATS (getstats)
This control message obtains statistics for a given
hook. The
statistics are returned in struct
ng_tcpmss_hookstat:
struct ng_tcpmss_hookstat {
uint64_t Octets; /* total
bytes */
uint64_t Packets; /* total
packets */
uint16_t maxMSS; /* maximum
MSS */
uint64_t SYNPkts; /* TCP SYN
packets */
uint64_t FixedPkts; /* changed
packets */
};
NGM_TCPMSS_CLR_STATS (clrstats)
This control message clears statistics for a given
hook.
NGM_TCPMSS_GETCLR_STATS (getclrstats)
This control message obtains and clears statistics
for a given
hook.

EXAMPLES

In the following example, packets are injected into the
tcpmss node using
the ng_ipfw(4) node.

# Create tcpmss node and connect it to ng_ipfw node
ngctl mkpeer ipfw: tcpmss 100 qqq
# Adjust MSS to 1452
ngctl msg ipfw:100 config '{ inHook="qqq" out
Hook="qqq" maxMSS=1452 }'
# Divert traffic into tcpmss node
ipfw add 300 netgraph 100 tcp from any to any tcpflags
syn out via fxp0
# Let packets continue with ipfw after being hacked
sysctl net.inet.ip.fw.one_pass=0

SHUTDOWN

This node shuts down upon receipt of an NGM_SHUTDOWN control
message, or
when all hooks have been disconnected.

SEE ALSO

netgraph(4), ng_ipfw(4)

HISTORY

The ng_tcpmss node type was implemented in FreeBSD 6.0.

AUTHORS

Alexey Popov <lollypop@flexuser.ru>
Gleb Smirnoff <glebius@FreeBSD.org>

BUGS

When running on SMP, system statistics may be broken.
BSD June 9, 2005

BSD

Copyright © 2010-2025 Platon Technologies, s.r.o.           Home | Man pages | tLDP | Documents | Utilities | About
Design by styleshout