Date: Tue, 01 Dec 1998 15:32:59 -0800 From: Mike Smith <mike@smith.net.au> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: David Greenman <dg@root.com>, freebsd-current@FreeBSD.ORG Subject: Re: D.O.S. attack protection enhancements commit (ICMP_BANDLIM) Message-ID: <199812012333.PAA00825@dingo.cdrom.com> In-Reply-To: Your message of "Mon, 30 Nov 1998 23:26:26 PST." <199812010726.XAA03791@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> :general scheme implemented perhaps inside the ipfw framework would be more > :appropriate. I also generally like to avoid compile time options for things > :like this, but I"m sympathetic for performance reducing enhancements. > : > :-DG > > I figure we would make it the default in 6 months to a year, but > we should have it optioned initially so people can play with it > and also because it defaults to enabled when optioned-in, which I > think is important. Just a consideration; if possible, make it run-time tunable with a boolean sysctl variable. (ie. if the 'off' case is comparable to the 'optioned-out' case in terms of speed.) -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812012333.PAA00825>