current-users: Re: pppoe documentation

Subject: Re: pppoe documentation
To: None <current-users@NetBSD.ORG>
From: Martin Husemann <martin@duskware.de>
List: current-users
Date: 03/02/2002 09:27:38
--0OAP2g/MAC+5xKAE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

I tested the patch Hauke referenced, and it works just great!

It lacks a bit of flexibility (i.e. knobs to turn it on for special NAT rules)
but it actually does just what I want for my configuration, so I can live
with that.

I'll talk to some people and consider applying it to -current.

Hauke, can you check who wrote it, so we can give proper credit?

Martin

P.S.: for those who missed it, here is what to do: apply the attached patch
to sys/netinet/ip_nat.c and add "options MSS_CLAMPING" to your kernel
config file.


--0OAP2g/MAC+5xKAE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=patch

Index: ip_nat.c
===================================================================
RCS file: /cvsroot/syssrc/sys/netinet/ip_nat.c,v
retrieving revision 1.44
diff -c -u -r1.44 ip_nat.c
--- ip_nat.c	2002/01/24 08:23:44	1.44
+++ ip_nat.c	2002/03/02 08:22:14
@@ -2469,6 +2469,42 @@
 				 */
 				if (nat->nat_age == fr_tcpclosed)
 					nat->nat_age = fr_tcplastack;
+#ifdef MSS_CLAMPING
+ 				/*
+ 				 * Do a MSS CLAMPING on a SYN packet, only deal IPv4 for now.
+ 				 */
+ 				if ((tcp->th_flags & TH_SYN) != 0)
+ 				{
+ 					int hlen = tcp->th_off << 2;
+ 					if (hlen > sizeof(*tcp)) {
+ 						uint8_t *cp = (uint8_t *)tcp + sizeof(*tcp);
+ 						uint32_t opt, mss, newmss, sumd;
+ 						
+ 						newmss = ifp->if_mtu - sizeof(struct ip) - sizeof(*tcp);
+ 						while (hlen > 0) {
+ 							opt = *cp++;
+ 							switch(opt) {
+ 							  case TCPOPT_MAXSEG:
+ 								++cp;
+ 								mss = (uint32_t)ntohs(*(short *)cp);
+ 								if (mss > newmss) {
+ 									*(short *)cp = htons((short)(newmss));
+ 									CALC_SUMD(mss, newmss, sumd);
+ 									fix_outcksum(fin, csump, sumd);
+ 								}
+ 								hlen = 0;
+ 								break;
+ 							  case TCPOPT_EOL:
+ 							  case TCPOPT_NOP:
+ 								hlen--;
+ 							  default:
+ 								hlen -= *cp;
+ 								cp += *cp - 2;
+ 							}
+ 						}
+ 					}
+ 				}
+#endif
 				MUTEX_EXIT(&nat->nat_lock);
 			} else if (fin->fin_p == IPPROTO_UDP) {
 				udphdr_t *udp = (udphdr_t *)tcp;

--0OAP2g/MAC+5xKAE--