Date: 10 Sep 1996 19:19:20 -0400 From: mycroft@mit.edu (Charles M. Hannum) To: "Jonathan M. Bresler" <jmb@freefall.freebsd.org> Cc: roberto@keltia.freenix.fr (Ollivier Robert), freebsd-security@FreeBSD.ORG, BUGTRAQ@NETSPACE.ORG Subject: Re: Panix Attack: synflooding and source routing? Message-ID: <el2d8zuvtza.fsf@zygorthian-space-raiders.MIT.EDU> In-Reply-To: "Jonathan M. Bresler"'s message of Sat, 7 Sep 1996 19:52:59 -0700 (PDT) References: <199609080253.TAA11619@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
"Jonathan M. Bresler" <jmb@freefall.freebsd.org> writes: > > --- tcp_input.c.old Sat Sep 7 22:49:11 1996 > +++ tcp_input.c Sat Sep 7 22:49:44 1996 > @@ -451,5 +451,6 @@ > */ > tp->t_idle = 0; > - tp->t_timer[TCPT_KEEP] = tcp_keepidle; > + if (TCPS_HAVEESTABLISHED(tp->t_state)) > + tp->t_timer[TCPT_KEEP] = tcp_keepidle; > > /* I'm not sure this is complete. In the case where we get an ACK that causes us to transition from SYN-RECEIVED to ESTABLISHED (or a SYN+ACK that causes us to transition from SYN-SENT to ESTABLISHED), this seems to leave the keepalive timer still set to the initial connection timeout. While this isn't necessarily a bug, per se, it could cause the first keepalive probe to be done earlier than it should be. Stevens even points this out: `But applying this fix then requires that the keepalive timer be set to its initial value of 2 hours when the connection moves to the established state.' Also, it's worth noting explicitly that this change also affects (and *should* affect) SYN-SENT state in the same fashion as SYN-RECEIVED state; namely that we don't reset the timer until we've actually established the connection. This is relevant if we get just an ACK or just a SYN while in SYN-SENT and either remain in SYN-SENT or transition to SYN-RECEIVED. With all of the above in mind, the following change seems correct: Index: tcp_input.c =================================================================== RCS file: /cvsroot/src/sys/netinet/tcp_input.c,v retrieving revision 1.24 diff -c -2 -r1.24 tcp_input.c *** tcp_input.c 1996/09/09 14:51:20 1.24 --- tcp_input.c 1996/09/10 23:06:14 *************** *** 424,428 **** */ tp->t_idle = 0; ! tp->t_timer[TCPT_KEEP] = tcp_keepidle; /* --- 424,429 ---- */ tp->t_idle = 0; ! if (TCPS_HAVEESTABLISHED(tp->t_state)) ! tp->t_timer[TCPT_KEEP] = tcp_keepidle; /* *************** *** 668,671 **** --- 669,673 ---- soisconnected(so); tp->t_state = TCPS_ESTABLISHED; + tp->t_timer[TCPT_KEEP] = tcp_keepidle; /* Do window scaling on this connection? */ if ((tp->t_flags & (TF_RCVD_SCALE|TF_REQ_SCALE)) == *************** *** 911,914 **** --- 913,917 ---- soisconnected(so); tp->t_state = TCPS_ESTABLISHED; + tp->t_timer[TCPT_KEEP] = tcp_keepidle; /* Do window scaling? */ if ((tp->t_flags & (TF_RCVD_SCALE|TF_REQ_SCALE)) ==
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?el2d8zuvtza.fsf>