From owner-freebsd-bugs Sun Jul 11 6:20: 4 1999 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id DBECE14E38 for ; Sun, 11 Jul 1999 06:20:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id GAA25952; Sun, 11 Jul 1999 06:20:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from kaa.kfunigraz.ac.at (KAA16.kfunigraz.ac.at [143.50.16.17]) by hub.freebsd.org (Postfix) with ESMTP id 2095814E38 for ; Sun, 11 Jul 1999 06:10:27 -0700 (PDT) (envelope-from dada@balu.kfunigraz.ac.at) Received: from balu.kfunigraz.ac.at (balu [143.50.16.16]) by kaa.kfunigraz.ac.at (8.9.2/8.9.2) with ESMTP id PAA11021 for ; Sun, 11 Jul 1999 15:09:58 +0200 (MDT) Received: from localhost.kfunigraz.ac.at (IDENT:K5G43lt5u140qKNiXJ5L6z0Joc8c93xE@BONLINEA22.kfunigraz.ac.at [143.50.36.22]) by balu.kfunigraz.ac.at (8.9.2/8.9.2) with ESMTP id PAA10350 for ; Sun, 11 Jul 1999 15:10:46 +0200 (MDT) Received: (from dada@localhost) by localhost.kfunigraz.ac.at (8.8.8/x.y.z) id PAA00670; Sun, 11 Jul 1999 15:08:12 +0200 (CEST) (envelope-from dada) Message-Id: <199907111308.PAA00670@localhost.kfunigraz.ac.at> Date: Sun, 11 Jul 1999 15:08:12 +0200 (CEST) From: dada@sbox.tu-graz.ac.at Reply-To: dada@sbox.tu-graz.ac.at To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: kern/12594: wrong sysctl descriptions Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 12594 >Category: kern >Synopsis: wrong sysctl descriptions >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Sun Jul 11 06:20:01 PDT 1999 >Closed-Date: >Last-Modified: >Originator: Martin Kammerhofer >Release: FreeBSD-current >Organization: Graz University of Technology >Environment: >Description: Some of the description strings for network related sysctls are wrong: --- src/sys/netinet/tcp_usrreq.c 1999/05/03 23:57:32 1.43 ! SYSCTL_INT(_net_inet_tcp, TCPCTL_SENDSPACE, sendspace, CTLFLAG_RW, ! &tcp_sendspace , 0, "Maximum outgoing TCP datagram size"); u_long tcp_recvspace = 1024*16; ! SYSCTL_INT(_net_inet_tcp, TCPCTL_RECVSPACE, recvspace, CTLFLAG_RW, ! &tcp_recvspace , 0, "Maximum incoming TCP datagram size"); These are default WINDOW sizes, not segment sizes. (In other words: the TCP socket reserves this much space.) It is definitely NOT the MSS (maximum segment size). Using the term 'datagram' for a TCP socket might lead to confusion, because most people associate 'datagram' with 'UDP'. --- src/sys/netinet/udp_usrreq.c 1999/05/03 23:57:32 1.51 static int log_in_vain = 0; SYSCTL_INT(_net_inet_udp, OID_AUTO, log_in_vain, CTLFLAG_RW, ! &log_in_vain, 0, "Log all incoming UDP packets"); Logs only those where nobody is listening at the local port, obviously does NOT log ALL datagrams. SYSCTL_INT(_net_inet_udp, UDPCTL_MAXDGRAM, maxdgram, CTLFLAG_RW, ! &udp_sendspace, 0, "Maximum outgoing UDP datagram size"); static u_long udp_recvspace = 40 * (1024 + sizeof(struct sockaddr_in)); SYSCTL_INT(_net_inet_udp, UDPCTL_RECVSPACE, recvspace, CTLFLAG_RW, ! &udp_recvspace, 0, "Maximum incoming UDP datagram size"); This is NOT the max datagram size, it is the socketspace again here. (In practice much less UDP data can be queued if the datagram sizes to not fit mbufs/mclusters well). --- src/sys/netinet/raw_ip.c 1999/05/03 23:57:30 1.59 ! SYSCTL_INT(_net_inet_raw, OID_AUTO, maxdgram, CTLFLAG_RW, ! &rip_sendspace, 0, "Maximum outgoing raw IP datagram size"); ! SYSCTL_INT(_net_inet_raw, OID_AUTO, recvspace, CTLFLAG_RW, ! &rip_recvspace, 0, "Maximum incoming raw IP datagram size"); Same problem here: Description suggests it's a per-packet quantity, but it's about the socket queues. --- src/sys/netinet/tcp_input.c 1999/05/03 23:57:30 1.85 static int log_in_vain = 0; SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_RW, ! &log_in_vain, 0, "Log all incoming TCP connections"); Same as with udp: Logs only those where nobody is listening. Btw log_in_vain has no rate limiting whatsoever. Enabling logging makes a machine vulnerable to a easy D.O.S. attack - just port scan it! :-\ (BTW, both log_in_vain varieties will NOT catch stealth scanning, i.e. scanning with other than SYN packets.) Please make those sysctl knobs clear and unambigous. Thinking a few seconds about good descriptions could avoid later questions and much frustration from confused users. >How-To-Repeat: grep -1 SYSCTL /src/sys/netinet/*.c | more >Fix: Put in correct descriptions. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message