In message <[EMAIL PROTECTED]>, Ville-Pertti Keinonen writ
es:
>> The easiest way to detect this DOS is probably to keep track of the
>>
>> namecache entries
>> -----------------
>> live vnodes
>>
>> ratio, and enforce an upper limit on it.
>
>That seems like a reasonable approach.
>
>If you want to include the other attack I mentioned (I just tried it,
>got up to > 160000 vnodes), then you have to exclude vnodes that are
>only live because of v_cache_src entries from the count.
It should probably only count vnodes in "actual" use.
>BTW: You still haven't committed the v_id patch I sent you in May. Is
>there any specific reason for this?
I seem to remember we stalled on some detail which wouldn't or
couldn't work was it NFS ?
--
Poul-Henning Kamp FreeBSD coreteam member
[EMAIL PROTECTED] "Real hackers run -current on their laptop."
FreeBSD -- It will take a long time before progress goes too far!
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
