From owner-freebsd-pf@FreeBSD.ORG  Tue Feb  7 21:44:25 2012
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0B038106566C
	for <freebsd-pf@freebsd.org>; Tue,  7 Feb 2012 21:44:25 +0000 (UTC)
	(envelope-from prvs=37759e5cc=Thomas.Carroll@pnnl.gov)
Received: from emailgw03.pnl.gov (emailgw03.pnl.gov [192.101.109.31])
	by mx1.freebsd.org (Postfix) with ESMTP id E33B78FC08
	for <freebsd-pf@freebsd.org>; Tue,  7 Feb 2012 21:44:23 +0000 (UTC)
Received: from we16293.pnl.gov (HELO [130.20.185.116]) ([130.20.185.116])
	by emailgw03.pnl.gov with ESMTP; 07 Feb 2012 12:44:21 -0800
Message-ID: <4F318D0D.7090601@pnnl.gov>
Date: Tue, 07 Feb 2012 12:43:57 -0800
From: Tom C <Thomas.Carroll@pnnl.gov>
User-Agent: Mozilla/5.0 (Windows NT 5.1;
	rv:9.0) Gecko/20111222 Thunderbird/9.0.1
MIME-Version: 1.0
To: freebsd-pf@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Match on MSS value
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2012 21:44:25 -0000

Good afternoon!

Is there a way within pf to match TCP SYN packets with a given MSS
value? I want to distinguish between TCP traffic with small MSS values
(e.g., mss < 1300) and ``normal'' values.

Thanks in advance.

~ Tom C