aboutsummaryrefslogtreecommitdiff
path: root/share/man/man4/ng_tcpmss.4
diff options
context:
space:
mode:
Diffstat (limited to 'share/man/man4/ng_tcpmss.4')
-rw-r--r--share/man/man4/ng_tcpmss.4126
1 files changed, 126 insertions, 0 deletions
diff --git a/share/man/man4/ng_tcpmss.4 b/share/man/man4/ng_tcpmss.4
new file mode 100644
index 000000000000..a5ea22a0ab36
--- /dev/null
+++ b/share/man/man4/ng_tcpmss.4
@@ -0,0 +1,126 @@
+.\" Copyright (c) 2005 Gleb Smirnoff
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD$
+.\"
+.Dd June 9, 2005
+.Dt NG_TCPMSS 4
+.Os
+.Sh NAME
+.Nm ng_tcpmss
+.Nd netgraph node to adjust TCP MSS option
+.Sh SYNOPSIS
+.In netgraph/ng_tcpmss.h
+.Sh DESCRIPTION
+The
+.Nm tcpmss
+node type is designed to alter the Maximum Segment Size option
+of TCP packets.
+This node accepts an arbitrary number of hooks.
+Initially a new hook is considered unconfigured.
+To configure a hook, user should send
+.Dv NG_TCPMSS_CONFIG
+control message to node.
+.Sh CONTROL MESSAGES
+This node type supports the generic control messages, plus the following.
+.Bl -tag -width foo
+.It Dv NGM_TCPMSS_CONFIG Pq Ic config
+This control message configures node to do given MSS adjusting on
+particular hook.
+It requires the
+.Vt "struct ng_tcpmss_config"
+to be supplied as argument:
+.Bd -literal
+struct ng_tcpmss_config {
+ char inHook[NG_HOOKSIZ];
+ char outHook[NG_HOOKSIZ];
+ uint16_t maxMSS;
+}
+.Ed
+.Pp
+This means: packets received on
+.Qq inHook
+would be checked for TCP MSS option and the latter would be
+reduced down to
+.Qq maxMSS ,
+if it exceeds
+.Qq maxMSS .
+After that packets would be sent to hook
+.Qq outHook .
+.It Dv NGM_TCPMSS_GET_STATS Pq Ic getstats
+This control message obtains statistics for the given hook.
+The statistics are returned in
+.Vt "struct ng_tcpmss_hookstat" :
+.Bd -literal
+struct ng_tcpmss_hookstat {
+ uint64_t Octets; /* total bytes */
+ uint64_t Packets; /* total packets */
+ uint16_t maxMSS; /* maximum MSS */
+ uint64_t SYNPkts; /* TCP SYN packets */
+ uint64_t FixedPkts; /* changed packets */
+};
+.Ed
+.Pp
+.It Dv NGM_TCPMSS_CLR_STATS Pq Ic clrstats
+This control message clears statistics for the given hook.
+.It Dv NGM_TCPMSS_GETCLR_STATS Pq Ic getclrstats
+This control message obtains and clears statistics for the given hook.
+.El
+.Sh EXAMPLES
+In the following example packets are injected into
+.Nm
+node with help of
+.Xr ng_ipfw 4
+node.
+.Bd -literal -offset indent
+# Create tcpmss node and connect it to ng_ipfw node
+ngctl mkpeer ipfw: tcpmss 100 qqq
+
+# Adjust MSS to 1452
+ngctl msg ipfw:100 config '{ inHook="qqq" outHook="qqq" maxMSS=1452 }'
+
+# Divert traffic into tcpmss node
+ipfw add 300 netgraph 100 tcp from any to any tcpflags syn out via fxp0
+
+# Let packets continue with ipfw after being hacked
+sysctl net.inet.ip.fw.one_pass=0
+.Ed
+.Sh SHUTDOWN
+This node shuts down upon receipt of an
+.Dv NGM_SHUTDOWN
+control message, or when all hooks have been disconnected.
+.Sh SEE ALSO
+.Xr netgraph 4 ,
+.Xr ng_ipfw 4
+.Sh HISTORY
+The
+.Nm
+node type was implemented in
+.Fx 6.0 .
+.Sh AUTHORS
+.An Alexey Popov Aq lollypop@flexuser.ru
+and
+.An Gleb Smirnoff Aq glebius@FreeBSD.org
+.Sh BUGS
+When running on SMP system statistics may be broken.