Skip to content

TCPRewriter

Jump to bottom Edit New page
Tom Barbette edited this page Oct 3, 2018 · 2 revisions

TCPRewriter Element Documentation

NAME

TCPRewriter — Click element; rewrites TCP packets' addresses, ports, and sequence numbers

SYNOPSIS

TCPRewriter(INPUTSPEC1, ..., INPUTSPECn [, KEYWORDS])

DESCRIPTION

Rewrites TCP flows by changing their source address, source port, destination address, and/or destination port, and optionally, their sequence numbers and acknowledgement numbers. It also changes the destination IP address annotation; see the DST_ANNO keyword argument below.

This element is an IPRewriter-like element. Please read the IPRewriter documentation for more information and a detailed description of its INPUTSPEC arguments.

In addition to IPRewriter's functionality, the TCPRewriter element can add or subtract amounts from incoming packets' sequence and acknowledgement numbers, including any SACK acknowledgement numbers. Each newly created mapping starts with these deltas at zero; other elements can request changes to a given mapping. For example, FTPPortMapper uses this facility.

Keyword arguments determine how often stale mappings should be removed.

  • TCP_TIMEOUT time — Time out TCP connections every time seconds. Default is 24 hours. This timeout applies to TCP connections for which payload data has been seen flowing in both directions.
  • TCP_DONE_TIMEOUT time — Time out completed TCP connections every time seconds. Default is 4 minutes. FIN and RST flags mark TCP connections as complete.
  • TCP_NODATA_TIMEOUT time — Time out non-bidirectional TCP connections every time seconds. Default is 5 minutes. A non-bidirectional TCP connection is one in which payload data hasn't been seen in at least one direction.
  • TCP_GUARANTEE time — Preserve each TCP connection mapping for at least time seconds after each successfully processed packet. Defaults to 5 seconds. Incoming flows are dropped if an TCPRewriter's mapping table is full of guaranteed flows.
  • REAP_INTERVAL time — Reap timed-out connections every time seconds. Default is 15 minutes.
  • MAPPING_CAPACITY capacity — Set the maximum number of mappings this rewriter can hold to capacity. Capacity can either be an integer or the name of another rewriter-like element, in which case this element will share the other element's capacity.
  • DST_ANNO — Boolean. If true, then set the destination IP address annotation on passing packets to the rewritten destination address. Default is true.

ELEMENT HANDLERS

  • table (read-only) — Returns a human-readable description of the TCPRewriter's current mapping table.

  • lookup (read) — Takes a flow as a space-separated

          saddr sport daddr dport

    and attempts to find a forward mapping for that flow. If found, rewrites the flow and returns in the same format. Otherwise, returns nothing.

SEE ALSO

IPRewriter, IPAddrRewriter, IPAddrPairRewriter, IPRewriterPatterns, FTPPortMapper

Generated by click-elem2man from ../elements/tcpudp/tcprewriter.hh:8 on 2018/10/03.

Add a custom footer
Clone this wiki locally