Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
NG_TCPMSS(4)	       FreeBSD Kernel Interfaces Manual		  NG_TCPMSS(4)

NAME
     ng_tcpmss -- netgraph node	to adjust TCP MSS option

SYNOPSIS
     #include <netgraph.h>
     #include <netgraph/ng_tcpmss.h>

DESCRIPTION
     The tcpmss	node type is designed to alter the Maximum Segment Size	option
     of	TCP packets.  This node	accepts	an arbitrary number of hooks.  Ini-
     tially a new hook is considered unconfigured.  The	NG_TCPMSS_CONFIG con-
     trol message is used to configure a hook.

CONTROL	MESSAGES
     This node type supports the generic control messages, plus	the following.

     NGM_TCPMSS_CONFIG (config)
	  This control message configures node to do given MSS adjusting on a
	  particular hook.  It requires	the struct ng_tcpmss_config to be sup-
	  plied	as an argument:

	  struct ng_tcpmss_config {
		  char		  inHook[NG_HOOKSIZ];
		  char		  outHook[NG_HOOKSIZ];
		  uint16_t	  maxMSS;
	  }

	  This means: packets received on inHook would be checked for TCP MSS
	  option and the latter	would be reduced down to maxMSS	if it exceeds
	  maxMSS.  After that, packets would be	sent to	hook outHook.

     NGM_TCPMSS_GET_STATS (getstats)
	  This control message obtains statistics for a	given hook.  The sta-
	  tistics are returned in struct ng_tcpmss_hookstat:

	  struct ng_tcpmss_hookstat {
		  uint64_t	  Octets;	  /* total bytes */
		  uint64_t	  Packets;	  /* total packets */
		  uint16_t	  maxMSS;	  /* maximum MSS */
		  uint64_t	  SYNPkts;	  /* TCP SYN packets */
		  uint64_t	  FixedPkts;	  /* changed packets */
	  };

     NGM_TCPMSS_CLR_STATS (clrstats)
	  This control message clears statistics for a given hook.

     NGM_TCPMSS_GETCLR_STATS (getclrstats)
	  This control message obtains and clears statistics for a given hook.

EXAMPLES
     In	the following example, packets are injected into the tcpmss node using
     the ng_ipfw(4) node.

	   # Create tcpmss node	and connect it to ng_ipfw node
	   ngctl mkpeer	ipfw: tcpmss 100 qqq

	   # Adjust MSS	to 1452
	   ngctl msg ipfw:100 config '{	inHook="qqq" outHook="qqq" maxMSS=1452 }'

	   # Divert traffic into tcpmss	node
	   ipfw	add 300	netgraph 100 tcp from any to any tcpflags syn out via fxp0

	   # Let packets continue with ipfw after being	hacked
	   sysctl net.inet.ip.fw.one_pass=0

SHUTDOWN
     This node shuts down upon receipt of an NGM_SHUTDOWN control message, or
     when all hooks have been disconnected.

SEE ALSO
     netgraph(4), ng_ipfw(4)

HISTORY
     The ng_tcpmss node	type was implemented in	FreeBSD	6.0.

AUTHORS
     Alexey Popov <lollypop@flexuser.ru>
     Gleb Smirnoff <glebius@FreeBSD.org>

BUGS
     When running on SMP, system statistics may	be broken.

FreeBSD	Ports 11.2		 June 9, 2005		    FreeBSD Ports 11.2

NAME | SYNOPSIS | DESCRIPTION | CONTROL MESSAGES | EXAMPLES | SHUTDOWN | SEE ALSO | HISTORY | AUTHORS | BUGS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=ng_tcpmss&manpath=FreeBSD+12.0-RELEASE+and+Ports>

home | help