1.\" Copyright (c) 2005 Gleb Smirnoff 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd June 9, 2005 28.Dt NG_TCPMSS 4 29.Os 30.Sh NAME 31.Nm ng_tcpmss 32.Nd "netgraph node to adjust TCP MSS option" 33.Sh SYNOPSIS 34.In netgraph.h 35.In netgraph/ng_tcpmss.h 36.Sh DESCRIPTION 37The 38.Nm tcpmss 39node type is designed to alter the Maximum Segment Size option 40of TCP packets. 41This node accepts an arbitrary number of hooks. 42Initially a new hook is considered unconfigured. 43The 44.Dv NG_TCPMSS_CONFIG 45control message is used to configure a hook. 46.Sh CONTROL MESSAGES 47This node type supports the generic control messages, plus the following. 48.Bl -tag -width foo 49.It Dv NGM_TCPMSS_CONFIG Pq Ic config 50This control message configures node to do given MSS adjusting on 51a particular hook. 52It requires the 53.Vt "struct ng_tcpmss_config" 54to be supplied as an argument: 55.Bd -literal 56struct ng_tcpmss_config { 57 char inHook[NG_HOOKSIZ]; 58 char outHook[NG_HOOKSIZ]; 59 uint16_t maxMSS; 60} 61.Ed 62.Pp 63This means: packets received on 64.Va inHook 65would be checked for TCP MSS option and the latter would be 66reduced down to 67.Va maxMSS 68if it exceeds 69.Va maxMSS . 70After that, packets would be sent to hook 71.Va outHook . 72.It Dv NGM_TCPMSS_GET_STATS Pq Ic getstats 73This control message obtains statistics for a given hook. 74The statistics are returned in 75.Vt "struct ng_tcpmss_hookstat" : 76.Bd -literal 77struct ng_tcpmss_hookstat { 78 uint64_t Octets; /* total bytes */ 79 uint64_t Packets; /* total packets */ 80 uint16_t maxMSS; /* maximum MSS */ 81 uint64_t SYNPkts; /* TCP SYN packets */ 82 uint64_t FixedPkts; /* changed packets */ 83}; 84.Ed 85.It Dv NGM_TCPMSS_CLR_STATS Pq Ic clrstats 86This control message clears statistics for a given hook. 87.It Dv NGM_TCPMSS_GETCLR_STATS Pq Ic getclrstats 88This control message obtains and clears statistics for a given hook. 89.El 90.Sh EXAMPLES 91In the following example, packets are injected into the 92.Nm tcpmss 93node using the 94.Xr ng_ipfw 4 95node. 96.Bd -literal -offset indent 97# Create tcpmss node and connect it to ng_ipfw node 98ngctl mkpeer ipfw: tcpmss 100 qqq 99 100# Adjust MSS to 1452 101ngctl msg ipfw:100 config '{ inHook="qqq" outHook="qqq" maxMSS=1452 }' 102 103# Divert traffic into tcpmss node 104ipfw add 300 netgraph 100 tcp from any to any tcpflags syn out via fxp0 105 106# Let packets continue with ipfw after being hacked 107sysctl net.inet.ip.fw.one_pass=0 108.Ed 109.Sh SHUTDOWN 110This node shuts down upon receipt of an 111.Dv NGM_SHUTDOWN 112control message, or when all hooks have been disconnected. 113.Sh SEE ALSO 114.Xr netgraph 4 , 115.Xr ng_ipfw 4 116.Sh HISTORY 117The 118.Nm 119node type was implemented in 120.Fx 6.0 . 121.Sh AUTHORS 122.An Alexey Popov Aq lollypop@flexuser.ru 123.An Gleb Smirnoff Aq glebius@FreeBSD.org 124.Sh BUGS 125When running on SMP, system statistics may be broken. 126