Date: Sat, 06 Aug 2005 19:52:17 -0700 From: Julian Elischer <julian@elischer.org> To: Minh Tran <mtran@groupwise.swin.edu.au> Cc: freebsd-hackers@freebsd.org Subject: Re: Kernel code of reseting/ignoring tcp SYN packets Message-ID: <42F57761.6030607@elischer.org> In-Reply-To: <s2f52ee3.024@groupwise.swin.edu.au> References: <s2f52ee3.024@groupwise.swin.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Minh Tran wrote:
> ** Reply Requested When Convenient **
>
> Hi everyone,
>
> I was looking around for the files of Kernel code where SYN messages are sent,
> so we can simply inject some code to send back a reset messages or ignore the SYN requests.
> I was looking at the function ioctl() which takes fd of the tcp socket.
> As i track the function down, there is also another call to the dev_ioclt() function where all parameters are passed down.
> However, i was not sucessful with finding out the description of this dev_ioclt() function.
> I am having a bit of trouble in finding out the way of injecting code in the kernel to deal with SYN packets.
> I am thinking of using ipfw to either reset or drop SYN packets.
that's what I would do as it already has that option.
"reset" or "drop" keywords.
reset Discard packets that match this rule, and if the packet is a TCP
packet, try to send a TCP reset (RST) notice. The search termi-
nates.
in addition, in 6.x (or is it just 7?) you can hook an ipfw rule directly into
a netgraph node that you have loaded that could do arbitrary processing.
and even pass it back.
>
> Would anyone have some hints on the clean way of injecting some code to deal with SYN packets
> or could you give me some ideas on which files i should look at? I really appreciate that.
> I saw some promising files in src/sys/netinet but they are not all clear in my mind.
>
> Thanks heaps!
>
>
> Swinburne University of Technology
> CRICOS Provider Code: 00111D
>
> NOTICE
> This e-mail and any attachments are confidential and intended only for the use of the addressee. They may contain information that is privileged or protected by copyright. If you are not the intended recipient, any dissemination, distribution, printing, copying or use is strictly prohibited. The University does not warrant that this e-mail and any attachments are secure and there is also a risk that it may be corrupted in transmission. It is your responsibility to check any attachments for viruses or defects before opening them. If you have received this transmission in error, please contact us on +61 3 9214 8000 and delete it immediately from your system. We do not accept liability in connection with computer virus, data corruption, delay, interruption, unauthorised access or unauthorised amendment.
>
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42F57761.6030607>