From owner-freebsd-net  Wed Dec 13 10:51:33 2000
From owner-freebsd-net@FreeBSD.ORG  Wed Dec 13 10:51:31 2000
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from field.videotron.net (field.videotron.net [205.151.222.108])
	by hub.freebsd.org (Postfix) with ESMTP
	id 55FA437B400; Wed, 13 Dec 2000 10:51:31 -0800 (PST)
Received: from modemcable213.3-201-24.mtl.mc.videotron.ca ([24.201.3.213])
 by field.videotron.net (Sun Internet Mail Server sims.3.5.1999.12.14.10.29.p8)
 with ESMTP id <0G5I00935SDDN1@field.videotron.net>; Wed, 13 Dec 2000 13:51:13 -0500 (EST)
Date: Wed, 13 Dec 2000 13:52:25 -0500 (EST)
From: Bosko Milekic <bmilekic@technokratis.com>
Subject: Ratelimint Enhancement patch (Please Review One Last Time!)
To: freebsd-net@freebsd.org
Cc: green@freebsd.org
Message-id: <Pine.BSF.4.21.0012131150310.24654-100000@jehovah.technokratis.com>
MIME-version: 1.0
Content-type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


  Hi,

  	A while ago (it's been at least two weeks now), Mike Silbersack
  requested a review for:

  http://www.silby.com/patches/ratelimit-enhancement-2.patch

  To quote the description on his web page, this diff will:

  * ICMP ECHO and TSTAMP replies are now rate-limited.
  * RSTs generated due to packets sent to open and unopen ports
    are now seperated into separate queues.
  * Each rate limiting queue now has its own description, as 
    follows:
       Suppressing udp flood/scan: 212/200 pps
       Suppressing outgoing RST due to port scan: 202/200 pps
       Suppressing outgoing RST due to ACK flood: 19725/200 pps
       Suppressing ping flood: 230/200 pps
       Suppressing icmp tstamp flood: 210/200 pps

  While the descriptions for the two RST cases can be accused
  of oversimplification, they should cut down on questions by
  users confused with the current terminology.  Experienced
  users can always run a packet sniffer if they need more
  exact knowledge of what's occuring.

	The diff was initially reviewed by me and green, and the recommended
  changes were mainly stylistic. I want to commit this code, but I'm
  posting it up here in case someone has any final objections or review.

  Thanks,
  Bosko Milekic
  bmilekic@technokratis.com




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message