Andre Oppermann wrote:
Makes sense.
Can we ever have a packet that has a source address with INADDR_BROADCAST
or IN_MULTICAST? I can't think of such a case.
Can we ever have a packet with destination address INADDR_ANY? Maybe
for BOOTP? But then the source address would be 0.0.0.0 too?
IIRC, in
I've been thinking about this all day...
Thus spake Jesper Skriver <[EMAIL PROTECTED]> [23:53:26 11/12/03:
: > + /*
: > +* Only unicast IP, not from loopback, no L2 or IP broadcast,
: > +* no multicast, no INADDR_ANY
: > +*/
: > + if ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) ||
Jesper Skriver wrote:
>
> On Thu, Nov 13, 2003 at 12:13:14AM +0100, Andre Oppermann wrote:
> > Jesper Skriver wrote:
> > >
> > > On Sun, Nov 09, 2003 at 05:19:07PM +0100, Andre Oppermann wrote:
> > > > Hello all,
> > > >
> > > > this patch contains three things (to be separated for committing):
>
On Thu, Nov 13, 2003 at 12:13:14AM +0100, Andre Oppermann wrote:
> Jesper Skriver wrote:
> >
> > On Sun, Nov 09, 2003 at 05:19:07PM +0100, Andre Oppermann wrote:
> > > Hello all,
> > >
> > > this patch contains three things (to be separated for committing):
> ...
> > > ip_fastforward
> > >
> > >
Jesper Skriver wrote:
>
> On Sun, Nov 09, 2003 at 05:19:07PM +0100, Andre Oppermann wrote:
> > Hello all,
> >
> > this patch contains three things (to be separated for committing):
...
> > ip_fastforward
> >
> > - removes ip_flow forwarding code
> > - adds full direct process-to-completion IP
On Sun, Nov 09, 2003 at 05:19:07PM +0100, Andre Oppermann wrote:
> Hello all,
>
> this patch contains three things (to be separated for committing):
>
> tcp_hostcache
>
> - removes protocol cloning from routing table (IPv4+6)
> - removes rtentry pointer from inpcb and in6pcb
> - removes i
Hajimu UMEMOTO wrote:
>
> Hi,
>
> > On Wed, 12 Nov 2003 16:22:38 +0100
> > Andre Oppermann <[EMAIL PROTECTED]> said:
>
> oppermann> Ok, I found the bug. It was in the ipv6 hash function where I made
> oppermann> a mistake with the hashmask.
> oppermann> The updated patch is here:
> opper
Hi,
> On Wed, 12 Nov 2003 16:22:38 +0100
> Andre Oppermann <[EMAIL PROTECTED]> said:
oppermann> Ok, I found the bug. It was in the ipv6 hash function where I made
oppermann> a mistake with the hashmask.
oppermann> The updated patch is here:
oppermann> http://www.nrg4u.com/freebsd/tcphost
Hajimu UMEMOTO wrote:
>
> Hi,
>
> > On Tue, 11 Nov 2003 19:26:41 +0100
> > Andre Oppermann <[EMAIL PROTECTED]> said:
>
> oppermann> I have fixed the panic. It was a stupid braino in the test whether
> oppermann> we have to free the allocated route. It was trying to free a null
> opperman
Hajimu UMEMOTO wrote:
>
> Hi,
>
> > On Tue, 11 Nov 2003 19:26:41 +0100
> > Andre Oppermann <[EMAIL PROTECTED]> said:
>
> oppermann> I have fixed the panic. It was a stupid braino in the test whether
> oppermann> we have to free the allocated route. It was trying to free a null
> opperman
Ken Menzel wrote:
>
> Hi Andre,
>Your patch applies just fine for me now on Oct 10th current
> sources. Everything seems to be working fine on dual processor Dell
> 2500 with SMP kernel. This is a network backup machine. I don't see
> any problems, just as fast as always and seems to be sol
Hi,
> On Tue, 11 Nov 2003 19:26:41 +0100
> Andre Oppermann <[EMAIL PROTECTED]> said:
oppermann> I have fixed the panic. It was a stupid braino in the test whether
oppermann> we have to free the allocated route. It was trying to free a null
oppermann> pointer route which obviously doesn't
Hajimu UMEMOTO wrote:
>
> Hi,
>
> > On Sun, 09 Nov 2003 17:19:07 +0100
> > Andre Oppermann <[EMAIL PROTECTED]> said:
>
> oppermann> The patch is here (relative to -CURRENT as of 2003-11-09):
>
> oppermann> http://www.nrg4u.com/freebsd/tcphostcache+ipfastforward-20031109.patch
>
> It p
Hi,
> On Tue, 11 Nov 2003 18:06:05 +0100
> Andre Oppermann <[EMAIL PROTECTED]> said:
oppermann> However there is a problem in netkey/key.c with the static variable
oppermann> ipsec_esp_auth which is unused if IPSEC_ESP is not defined.
Thanks. I've just committed to define ipsec_esp_auth
Hajimu UMEMOTO wrote:
>
> Hi,
>
> > On Sun, 09 Nov 2003 17:19:07 +0100
> > Andre Oppermann <[EMAIL PROTECTED]> said:
>
> oppermann> The patch is here (relative to -CURRENT as of 2003-11-09):
> oppermann> http://www.nrg4u.com/freebsd/tcphostcache+ipfastforward-20031109.patch
>
> The pat
Hi,
> On Sun, 09 Nov 2003 17:19:07 +0100
> Andre Oppermann <[EMAIL PROTECTED]> said:
oppermann> The patch is here (relative to -CURRENT as of 2003-11-09):
oppermann> http://www.nrg4u.com/freebsd/tcphostcache+ipfastforward-20031109.patch
It panics at boot around invoking rtsol(8):
Fata
Hi Andre,
Your patch applies just fine for me now on Oct 10th current
sources. Everything seems to be working fine on dual processor Dell
2500 with SMP kernel. This is a network backup machine. I don't see
any problems, just as fast as always and seems to be solid so far,
it has only been run
Hi,
> On Sun, 09 Nov 2003 17:19:07 +0100
> Andre Oppermann <[EMAIL PROTECTED]> said:
oppermann> The patch is here (relative to -CURRENT as of 2003-11-09):
oppermann> http://www.nrg4u.com/freebsd/tcphostcache+ipfastforward-20031109.patch
The patch cannot be compiled:
cc -c -O -pipe -mar
Leo Bicknell wrote:
>
> In a message written on Mon, Nov 10, 2003 at 01:45:48PM -0600, Mike Silbersack wrote:
> > > At the moment is visible via "sysctl -a net.inet.tcp.hostcache.list".
> > > Syncache ain't visible via netstat either. So far you had to use
> > > route get x.x.x.x to see the rtmetr
In a message written on Mon, Nov 10, 2003 at 01:45:48PM -0600, Mike Silbersack wrote:
> > At the moment is visible via "sysctl -a net.inet.tcp.hostcache.list".
> > Syncache ain't visible via netstat either. So far you had to use
> > route get x.x.x.x to see the rtmetrics for a (host-)route. So I'm
On Mon, 10 Nov 2003, Andre Oppermann wrote:
> > - Ensures that a cached entry isn't added until the 3WHS is completed.
> >
> > This should help make synfloods with random source addresses less
> > damaging.
>
> The cache will only be updated if the tcp connection is being closed.
> All update
Hajimu UMEMOTO wrote:
>
> Hi,
>
> > On Sun, 09 Nov 2003 17:19:07 +0100
> > Andre Oppermann <[EMAIL PROTECTED]> said:
>
> oppermann> Hajimu-san, I'm looking especially for comments on whether my changes
> oppermann> to IPv6 are correct wrt IPv6 concepts. (I hope they are).
>
> I don't se
Hi,
> On Sun, 09 Nov 2003 17:19:07 +0100
> Andre Oppermann <[EMAIL PROTECTED]> said:
oppermann> Hajimu-san, I'm looking especially for comments on whether my changes
oppermann> to IPv6 are correct wrt IPv6 concepts. (I hope they are).
I don't see the patch in detail, yet, it seems your c
On Nov 10, 2003, at 1:39 AM, Andre Oppermann wrote:
Jonathan Mini wrote:
All in all I don't think it is worth adding this complexity.
I agree.
This is actually a small value for TCP connections which are being
used to forward messages, especially on gigabit links.
Heavily-intensive
web applicati
Mike Silbersack wrote:
>
> On Sun, 9 Nov 2003, Andre Oppermann wrote:
>
> > Hello all,
> >
> > this patch contains three things (to be separated for committing):
>
> I don't have much time free in the next week, so I cannot do a complete
> review. However, I just did a quick readthrough.
>
> >
Jonathan Mini wrote:
>
> On Nov 9, 2003, at 2:47 PM, Andre Oppermann wrote:
>
> > Jonathan Mini wrote:
> >>
> >> On Nov 9, 2003, at 8:19 AM, Andre Oppermann wrote:
> >>
> >>> - DoS attack 2: make MSS very low on local side of connection
> >>> and send mny small packet to remote host. Fo
On Sun, 9 Nov 2003, Andre Oppermann wrote:
> Hello all,
>
> this patch contains three things (to be separated for committing):
I don't have much time free in the next week, so I cannot do a complete
review. However, I just did a quick readthrough.
> tcp_hostcache
This looks good to me, I've
On Nov 9, 2003, at 2:47 PM, Andre Oppermann wrote:
Jonathan Mini wrote:
On Nov 9, 2003, at 8:19 AM, Andre Oppermann wrote:
- DoS attack 2: make MSS very low on local side of connection
and send mny small packet to remote host. For every packet
(eg. 2 bytes payload) a sowakeup is don
Jonathan Mini wrote:
>
> On Nov 9, 2003, at 8:19 AM, Andre Oppermann wrote:
>
> > - DoS attack 2: make MSS very low on local side of connection
> > and send mny small packet to remote host. For every packet
> > (eg. 2 bytes payload) a sowakeup is done to the listening
> > proces
On Nov 9, 2003, at 8:19 AM, Andre Oppermann wrote:
- DoS attack 2: make MSS very low on local side of connection
and send mny small packet to remote host. For every packet
(eg. 2 bytes payload) a sowakeup is done to the listening
process. Consumes a lot of CPU there.
This sounds
30 matches
Mail list logo
