/tcpmss-uspace

TCP MSS clamping in userspace

Primary LanguageCGNU General Public License v2.0GPL-2.0

tcpmss-uspace.c

tcpmss-uspace is TCPMSS iptables target equivalent in userspace.

Using tcpmss-uspace w/ nftables

tcpmss-uspace can be used to clamp MSS on nftables env, where xt TCPMSS is not yet supported (as of May 2017)..

Sample nftables.conf:

table ip mangle {
  chain postrouting {
    type filter hook postrouting priority 100;
    oifname "ppp0" tcp flags & (syn | rst) == syn counter queue num 0  
  }
}

then, run tcpmss-uspace as root:

sudo ./tcpmss-uspace 0 1414

License

tcpmss-uspace is provided under GPLv2 to match libnetfilter_queue.