Date: Tue, 25 Jan 2005 18:45:38 -0800 From: Peter Wemm <peter@wemm.org> To: freebsd-current@freebsd.org Cc: current@freebsd.org Subject: Re: OpenBSD's tcpdrop(8) Message-ID: <200501251845.39192.peter@wemm.org> In-Reply-To: <Pine.NEB.3.96L.1050123172951.46157P-100000@fledge.watson.org> References: <Pine.NEB.3.96L.1050123172951.46157P-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 23 January 2005 09:33 am, Robert Watson wrote: > On Sun, 23 Jan 2005, Maxim Konovalov wrote: > > I've ported OpenBSD's tcpdrop(8) and a relevant kernel part. > > > > >From the man page, http://tinyurl.com/4lvo9 > > > > The tcpdrop command drops the TCP connection specified by the > > local address laddr, port lport and the foreign address faddr, port > > fport. > > > > There are patches for HEAD and RELENG_4: > > > > http://people.freebsd.org/~maxim/diff/tcpdrop.diff > > http://people.freebsd.org/~maxim/diff/tcpdrop.diff-4 > > > > Two questions: do we want to have it in the base system? Does the > > diff look OK (I didn't test IPv6 part)? > > The locking in the 6.x version looked reasonable, although you need > to check to see if the (tp) returned by tcp_drop() is NULL or not and > then conditionally unlock the inpcb if it's non-NULL -- otherwise you > might unlock a free'd inpcb. There doesn't seem to be much > validation of the tcp_ident_mapping structure, such as validation > that the address lengths, etc, are correct? We have used something like this at work for a very long time, except not with such a nice interface. It can actually be rather handy! I'd like to see it go in once the rough edges are smoothed out. -- Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com "All of this is for nothing if we don't go to the stars" - JMS/B5
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501251845.39192.peter>