Date: Tue, 25 Jan 2000 11:48:20 -0800 From: Alfred Perlstein <bright@wintelcom.net> To: Warner Losh <imp@village.org> Cc: Matthew Dillon <dillon@apollo.backplane.com>, security@FreeBSD.ORG Subject: Re: Merged patches Message-ID: <20000125114820.V26520@fw.wintelcom.net> In-Reply-To: <200001251736.KAA04666@harmony.village.org>; from imp@village.org on Tue, Jan 25, 2000 at 10:36:10AM -0700 References: <200001251733.JAA04770@apollo.backplane.com> <200001251637.JAA04226@harmony.village.org> <200001251733.JAA04770@apollo.backplane.com> <200001251736.KAA04666@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
* Warner Losh <imp@village.org> [000125 10:40] wrote:
> In message <200001251733.JAA04770@apollo.backplane.com> Matthew Dillon writes:
> : I'd increase the default to 200, no higher. 1000 is probably too
> : high a rate.
>
> ok.
>
> : I found a bug in the patch:
> :
> : : #endif
> : :- if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr)))
> : :- goto drop;
> : :+ if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr)) ||
> : :+ IN_MULTICAST(ntohl(ip->ip_src.s_addr)) ||
> : :+ IN_EXPERIMENTAL(ntohl(ip->ip_src.s_addr)))
> : : #ifdef INET6
> : : if (isipv6) {
> : : MALLOC(sin6, struct sockaddr_in6 *, sizeof *sin6,
> :
> : In the above section, the 'goto drop' was removed. Shouldn't that stay
> : in? The body of this 'if' statement is now the conditional that
> : follows it, which is not what I think you meant to do.
>
> You are right.... Uggg, the indenting there is somewhat less than
> optimal. Will have ot fix that later. However, here's the corrected
> patch.
>
> Warner
>
> Index: netinet/tcp_input.c
> ===================================================================
> RCS file: /home/imp/FreeBSD/CVS/src/sys/netinet/tcp_input.c,v
> retrieving revision 1.103
> diff -u -r1.103 tcp_input.c
> --- netinet/tcp_input.c 2000/01/15 14:56:35 1.103
> +++ netinet/tcp_input.c 2000/01/25 17:35:13
> @@ -615,10 +615,6 @@
> break;
> }
> }
I like this except for the fact that ICMP_BANDLIM isn't on by default,
we shouldn't ship something that can fall over.
This just adds "yet one more thing" an admin must tweak to have a
safe/usable box.
I do agree that the code for it should be marked so that people using
our stack for reference can maybe define NOICMP_BANDLIM and get the
less self-preserving code.
Imagine if our inetd didn't offer rate limiting unless it was compiled
with certain defines.
-Alfred
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000125114820.V26520>