Date: Thu, 3 Dec 1998 20:24:56 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: "Andrey A. Chernov" <ache@nagual.pp.ru> Cc: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/sys/netinet icmp_var.h Message-ID: <199812040424.UAA03505@apollo.backplane.com> References: <199812040349.TAA22636@freefall.freebsd.org> <19981204070811.A40154@nagual.pp.ru> <19981204071357.A41880@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
:Just to add: if you get rid of ICMP_BANDLIM option from this header file, :you can remove opt_icmp_bandlim.h from it too! : :I assume you later include opt_icmp_bandlim.h in kernel *.c files which :really need it, it is better variant because now too many files will be :recompiled if BANDLIM option changed. : :-- :Andrey A. Chernov :http://www.nagual.pp.ru/~ache/ :MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y Ok, commited most of your suggestions - sysctl is permanent (but value is -1 and sysctl is read-only if ICMP_BANDLIM not optioned). #ifdef KERNEL's added to icmp_var.h. I still need to #include the option file (inside the #ifdef KERNEL) in order to properly extern the kernel function (also inside an #ifdef KERNEL now). I really do not want to throw multiple externs into the code, and I can't localize the rate limit to the icmp module because there is a critical piece in the tcp module that rate-limits dropwithreset for SYN's received to non-existent ports (a common attack mode) which has nothing to do with ICMP packets. -Matt Matthew Dillon Engineering, HiWay Technologies, Inc. & BEST Internet Communications & God knows what else. <dillon@backplane.com> (Please include original email in any response) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812040424.UAA03505>