Date: Fri, 21 Jan 2000 21:42:06 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Warner Losh <imp@village.org> Cc: Brett Glass <brett@lariat.org>, freebsd-security@FreeBSD.ORG Subject: Re: Some observations on stream.c and streamnt.c Message-ID: <200001220542.VAA67508@apollo.backplane.com> References: <4.2.2.20000121210443.01981600@localhost> <4.2.2.20000120194543.019a8d50@localhost> <Pine.BSF.4.10.10001211419010.3943-100000@tetron02.tetronsoftware.com> <20000121162757.A7080@osaka.louisville.edu> <xzpk8l2lul4.fsf@flood.ping.uio.no> <4.2.2.20000121195112.0196a220@localhost> <200001220452.VAA17629@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
:: during the call. When the user hangs up, your PPP software might want to
:: send a bunch of RSTs to shut down the caller's sessions (if it's been
:: tracking them). Or just do what a router does, and flag the machine
:: as down.
:
:I'm afraid I don't understand this. If the user disconnects, how can
:you send him RSTs? There's no connection. W/o ppp keeping state
:information, it can't send them to the other end. Also, it breaks
:lots of things. Really bad idea.
:..
:Warner
User A connects, runs netscape, opens an NNTP connection.
User A disconnects (without closing the session).
User B connects, gets same IP assignment, runs netscape, opens an
NNTP connection.
-> same port pair winds up being used
-> server returns RST
-> client retries and this time makes a (new) connection
***
Or, alternatively,
User A connects, runs netscape, opens an NNTP connection.
User A disconnects (without closing the session).
-> server times out, closes the connection
User A reconnects, gets same IP address (this is more common if the
user has a static IP but some portmasters try to assign the same IP
if it wasn't reused).
User starts typing in previously openned telnet session.
-> server returns an RST.
(In this case if the server does not return a RST the user's
session does not close immediately and instead freezes up for
2 minutes).
***
I can think of other situations, but the static-IP-dialup one
(the second one above) is the one I care about the most because
users really hate stalled-out telnet sessions. I know I do... if I
type something and the connection is dead I want the window to disappear
instantly.
Similar problems occur when you are running a connection over a
shoddy network. One side may timeout and disconnect without the
other knowing. Without RST's it takes longer to recognize the failure.
-Matt
Matthew Dillon
<dillon@backplane.com>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001220542.VAA67508>