Date: Fri, 12 May 2000 19:36:10 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: net@freebsd.org Subject: MFC of mbuf wait and other patch Message-ID: <Pine.BSF.4.21.0005121927480.1239-100000@achilles.silby.com>
next in thread | raw e-mail | index | archive | help
I now have two patches I'd enjoy if people looked at: The first is a patch I posted a week or two ago here which rate limits icmp echo responses and timestamp responses; while it doesn't address any particular DoS, I think it'd be wise to include, even if only in current for now. You can obtain it from: http://www.silby.com/patches/ip_icmp.c.patch The second patch is my backport of bosko milekic's mbuf waiting code to 3.4. The patch ported cleanly, but I'm seeing mbuf leaks in some cases when I reach the exhaustion stage. Unfortunately, since I only have a 3.4 box, I cannot tell if this is due to an error in my backport, or some case that isn't handled by the code. If you're running 4 or 5 and wish to see the results you get from the attack I'm running on myself, please e-mail me and I'll send you instructions on how to recreate it. That aside, the patch does stop the box from panicing, so it's still a win for us 3.xers - if you're running 3.4, please help test the patch. The mbuf wait patch is at: http://www.silby.com/patches/mbuf-wait-mfc.patch Thanks, Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0005121927480.1239-100000>