FreeBSD Manual Pages

home | help

NG_TCPMSS(4)		    Kernel Interfaces Manual		  NG_TCPMSS(4)

NAME
       ng_tcpmss -- netgraph node to adjust TCP	MSS option

SYNOPSIS
       #include	<netgraph.h>
       #include	<netgraph/ng_tcpmss.h>

DESCRIPTION
       The  tcpmss node	type is	designed to alter the Maximum Segment Size op-
       tion of TCP packets.  This node accepts an arbitrary number  of	hooks.
       Initially  a new	hook is	considered unconfigured.  The NG_TCPMSS_CONFIG
       control message is used to configure a hook.

CONTROL	MESSAGES
       This node type supports the generic control messages, plus the  follow-
       ing.

       NGM_TCPMSS_CONFIG (config)
	    This  control message configures node to do	given MSS adjusting on
	    a particular hook.	It requires the	struct ng_tcpmss_config	to  be
	    supplied as	an argument:

	    struct ng_tcpmss_config {
		    char	    inHook[NG_HOOKSIZ];
		    char	    outHook[NG_HOOKSIZ];
		    uint16_t	    maxMSS;
	    }

	    This  means:  packets  received on inHook would be checked for TCP
	    MSS	option and the latter would be reduced down to	maxMSS	if  it
	    exceeds  maxMSS.   After  that,  packets  would  be	 sent  to hook
	    outHook.

       NGM_TCPMSS_GET_STATS (getstats)
	    This control message obtains statistics for	 a  given  hook.   The
	    statistics are returned in struct ng_tcpmss_hookstat:

	    struct ng_tcpmss_hookstat {
		    uint64_t	    Octets;	    /* total bytes */
		    uint64_t	    Packets;	    /* total packets */
		    uint16_t	    maxMSS;	    /* maximum MSS */
		    uint64_t	    SYNPkts;	    /* TCP SYN packets */
		    uint64_t	    FixedPkts;	    /* changed packets */
	    };

       NGM_TCPMSS_CLR_STATS (clrstats)
	    This control message clears	statistics for a given hook.

       NGM_TCPMSS_GETCLR_STATS (getclrstats)
	    This  control  message  obtains  and clears	statistics for a given
	    hook.

EXAMPLES
       In the following	example, packets are injected into the tcpmss node us-
       ing the ng_ipfw(4) node.

	     # Create tcpmss node and connect it to ng_ipfw node
	     ngctl mkpeer ipfw:	tcpmss 100 qqq

	     # Adjust MSS to 1452
	     ngctl msg ipfw:100	config '{ inHook="qqq" outHook="qqq" maxMSS=1452 }'

	     # Divert traffic into tcpmss node
	     ipfw add 300 netgraph 100 tcp from	any to any tcpflags syn	out via	fxp0

	     # Let packets continue with ipfw after being hacked
	     sysctl net.inet.ip.fw.one_pass=0

SHUTDOWN
       This node shuts down upon receipt of an NGM_SHUTDOWN  control  message,
       or when all hooks have been disconnected.

SEE ALSO
       netgraph(4), ng_ipfw(4)

HISTORY
       The ng_tcpmss node type was implemented in FreeBSD 6.0.

AUTHORS
       Alexey Popov <lollypop@flexuser.ru>
       Gleb Smirnoff <glebius@FreeBSD.org>

BUGS
       When running on SMP, system statistics may be broken.

FreeBSD	14.3			 June 9, 2005			  NG_TCPMSS(4)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=ng_tcpmss&sektion=4&manpath=FreeBSD+14.3-RELEASE+and+Ports>

home | help

Header And Logo

Peripheral Links

Site Navigation

FreeBSD Manual Pages

Header And Logo

Peripheral Links

Search

Site Navigation

FreeBSD Manual Pages