| ng_tcpmss.4 (147236) | ng_tcpmss.4 (147432) |
|---|---|
| 1.\" Copyright (c) 2005 Gleb Smirnoff 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 8 unchanged lines hidden (view full) --- 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" | 1.\" Copyright (c) 2005 Gleb Smirnoff 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 8 unchanged lines hidden (view full) --- 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" |
| 25.\" $FreeBSD: head/share/man/man4/ng_tcpmss.4 147236 2005-06-10 08:44:19Z glebius $ | 25.\" $FreeBSD: head/share/man/man4/ng_tcpmss.4 147432 2005-06-16 18:46:17Z ru $ |
| 26.\" 27.Dd June 9, 2005 28.Dt NG_TCPMSS 4 29.Os 30.Sh NAME 31.Nm ng_tcpmss | 26.\" 27.Dd June 9, 2005 28.Dt NG_TCPMSS 4 29.Os 30.Sh NAME 31.Nm ng_tcpmss |
| 32.Nd netgraph node to adjust TCP MSS option | 32.Nd "netgraph node to adjust TCP MSS option" |
| 33.Sh SYNOPSIS | 33.Sh SYNOPSIS |
| 34.In netgraph.h |
|
| 34.In netgraph/ng_tcpmss.h 35.Sh DESCRIPTION 36The 37.Nm tcpmss 38node type is designed to alter the Maximum Segment Size option 39of TCP packets. 40This node accepts an arbitrary number of hooks. 41Initially a new hook is considered unconfigured. | 35.In netgraph/ng_tcpmss.h 36.Sh DESCRIPTION 37The 38.Nm tcpmss 39node type is designed to alter the Maximum Segment Size option 40of TCP packets. 41This node accepts an arbitrary number of hooks. 42Initially a new hook is considered unconfigured. |
| 42To configure a hook, user should send | 43The |
| 43.Dv NG_TCPMSS_CONFIG | 44.Dv NG_TCPMSS_CONFIG |
| 44control message to node. | 45control message is used to configure a hook. |
| 45.Sh CONTROL MESSAGES 46This node type supports the generic control messages, plus the following. | 46.Sh CONTROL MESSAGES 47This node type supports the generic control messages, plus the following. |
| 47.Bl -tag -width foo 48.It Dv NGM_TCPMSS_CONFIG Pq Ic config | 48.Bl -tag -width indent 49.It Dv NGM_TCPMSS_CONFIG Pq Li config |
| 49This control message configures node to do given MSS adjusting on | 50This control message configures node to do given MSS adjusting on |
| 50particular hook. | 51a particular hook. |
| 51It requires the 52.Vt "struct ng_tcpmss_config" | 52It requires the 53.Vt "struct ng_tcpmss_config" |
| 53to be supplied as argument: | 54to be supplied as an argument: |
| 54.Bd -literal 55struct ng_tcpmss_config { 56 char inHook[NG_HOOKSIZ]; 57 char outHook[NG_HOOKSIZ]; 58 uint16_t maxMSS; 59} 60.Ed 61.Pp 62This means: packets received on | 55.Bd -literal 56struct ng_tcpmss_config { 57 char inHook[NG_HOOKSIZ]; 58 char outHook[NG_HOOKSIZ]; 59 uint16_t maxMSS; 60} 61.Ed 62.Pp 63This means: packets received on |
| 63.Qq inHook | 64.Va inHook |
| 64would be checked for TCP MSS option and the latter would be 65reduced down to | 65would be checked for TCP MSS option and the latter would be 66reduced down to |
| 66.Qq maxMSS , | 67.Va maxMSS |
| 67if it exceeds | 68if it exceeds |
| 68.Qq maxMSS . 69After that packets would be sent to hook 70.Qq outHook . 71.It Dv NGM_TCPMSS_GET_STATS Pq Ic getstats 72This control message obtains statistics for the given hook. | 69.Va maxMSS . 70After that, packets would be sent to hook 71.Va outHook . 72.It Dv NGM_TCPMSS_GET_STATS Pq Li getstats 73This control message obtains statistics for a given hook. |
| 73The statistics are returned in 74.Vt "struct ng_tcpmss_hookstat" : 75.Bd -literal 76struct ng_tcpmss_hookstat { 77 uint64_t Octets; /* total bytes */ 78 uint64_t Packets; /* total packets */ 79 uint16_t maxMSS; /* maximum MSS */ 80 uint64_t SYNPkts; /* TCP SYN packets */ 81 uint64_t FixedPkts; /* changed packets */ 82}; 83.Ed | 74The statistics are returned in 75.Vt "struct ng_tcpmss_hookstat" : 76.Bd -literal 77struct ng_tcpmss_hookstat { 78 uint64_t Octets; /* total bytes */ 79 uint64_t Packets; /* total packets */ 80 uint16_t maxMSS; /* maximum MSS */ 81 uint64_t SYNPkts; /* TCP SYN packets */ 82 uint64_t FixedPkts; /* changed packets */ 83}; 84.Ed |
| 84.Pp 85.It Dv NGM_TCPMSS_CLR_STATS Pq Ic clrstats 86This control message clears statistics for the given hook. 87.It Dv NGM_TCPMSS_GETCLR_STATS Pq Ic getclrstats 88This control message obtains and clears statistics for the given hook. | 85.It Dv NGM_TCPMSS_CLR_STATS Pq Li clrstats 86This control message clears statistics for a given hook. 87.It Dv NGM_TCPMSS_GETCLR_STATS Pq Li getclrstats 88This control message obtains and clears statistics for a given hook. |
| 89.El 90.Sh EXAMPLES | 89.El 90.Sh EXAMPLES |
| 91In the following example packets are injected into 92.Nm 93node with help of | 91In the following example, packets are injected into the 92.Nm tcpmss 93node using the |
| 94.Xr ng_ipfw 4 95node. 96.Bd -literal -offset indent 97# Create tcpmss node and connect it to ng_ipfw node 98ngctl mkpeer ipfw: tcpmss 100 qqq 99 | 94.Xr ng_ipfw 4 95node. 96.Bd -literal -offset indent 97# Create tcpmss node and connect it to ng_ipfw node 98ngctl mkpeer ipfw: tcpmss 100 qqq 99 |
| 100# Adjust MSS to 1452 | 100# Adjust MSS to 1452 |
| 101ngctl msg ipfw:100 config '{ inHook="qqq" outHook="qqq" maxMSS=1452 }' 102 103# Divert traffic into tcpmss node 104ipfw add 300 netgraph 100 tcp from any to any tcpflags syn out via fxp0 105 106# Let packets continue with ipfw after being hacked 107sysctl net.inet.ip.fw.one_pass=0 108.Ed --- 6 unchanged lines hidden (view full) --- 115.Xr ng_ipfw 4 116.Sh HISTORY 117The 118.Nm 119node type was implemented in 120.Fx 6.0 . 121.Sh AUTHORS 122.An Alexey Popov Aq lollypop@flexuser.ru | 101ngctl msg ipfw:100 config '{ inHook="qqq" outHook="qqq" maxMSS=1452 }' 102 103# Divert traffic into tcpmss node 104ipfw add 300 netgraph 100 tcp from any to any tcpflags syn out via fxp0 105 106# Let packets continue with ipfw after being hacked 107sysctl net.inet.ip.fw.one_pass=0 108.Ed --- 6 unchanged lines hidden (view full) --- 115.Xr ng_ipfw 4 116.Sh HISTORY 117The 118.Nm 119node type was implemented in 120.Fx 6.0 . 121.Sh AUTHORS 122.An Alexey Popov Aq lollypop@flexuser.ru |
| 123and | |
| 124.An Gleb Smirnoff Aq glebius@FreeBSD.org 125.Sh BUGS | 123.An Gleb Smirnoff Aq glebius@FreeBSD.org 124.Sh BUGS |
| 126When running on SMP system statistics may be broken. | 125When running on SMP, system statistics may be broken. |