HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS316435

Add ipfw_pmod kernel module.
rS316435
Actions

Description

Add ipfw_pmod kernel module.

The module is designed for modification of a packets of any protocols.
For now it implements only TCP MSS modification. It adds the external
action handler for "tcp-setmss" action.

A rule with tcp-setmss action does additional check for protocol and
TCP flags. If SYN flag is present, it parses TCP options and modifies
MSS option if its value is greater than configured value in the rule.
Then it adjustes TCP checksum if needed. After handling the search
continues with the next rule.

Obtained from: Yandex LLC
MFC after: 2 weeks
Relnotes: yes
Sponsored by: Yandex LLC
No objection from: network
Differential Revision: https://reviews.freebsd.org/D10150

Details

Provenance
aeAuthored on
Differential Revision
D10150: Add ipfw protocol modification module ipfw_pmod
Parents
rS316434: Add O_EXTERNAL_DATA opcode support.
Branches
Unknown
Tags
Unknown

Changes (13)

PathSize
head/
sbin/
ipfw/
sys/
conf/
modules/
netpfil/
ipfw/
pmod/

rS316435

View Options

head/sbin/ipfw/ipfw.8

Loading...
View Options

head/sbin/ipfw/ipfw2.c

Loading...
View Options

head/sbin/ipfw/ipfw2.h

Loading...
View Options

head/sys/conf/NOTES

Loading...
View Options

head/sys/conf/files

Loading...
View Options

head/sys/conf/options

Loading...
View Options

head/sys/modules/Makefile

Loading...
View Options

head/sys/modules/ipfw_pmod/

Loading...
View Options

head/sys/modules/ipfw_pmod/Makefile

Loading...
View Options

head/sys/netpfil/ipfw/pmod/

Loading...
View Options

head/sys/netpfil/ipfw/pmod/ip_fw_pmod.c

Loading...
View Options

head/sys/netpfil/ipfw/pmod/pmod.h

Loading...
View Options

head/sys/netpfil/ipfw/pmod/tcpmod.c

Loading...