From owner-freebsd-net@FreeBSD.ORG  Tue Nov  8 22:09:50 2005
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: net@freebsd.org
Delivered-To: freebsd-net@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B395D16A41F
	for <net@freebsd.org>; Tue,  8 Nov 2005 22:09:50 +0000 (GMT)
	(envelope-from marcolz@stack.nl)
Received: from mailhost.stack.nl (vaak.stack.nl [131.155.140.140])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 48B1E43D46
	for <net@freebsd.org>; Tue,  8 Nov 2005 22:09:49 +0000 (GMT)
	(envelope-from marcolz@stack.nl)
Received: from hammer.stack.nl (hammer.stack.nl [IPv6:2001:610:1108:5010::153])
	by mailhost.stack.nl (Postfix) with ESMTP id B1325A2FD6;
	Tue,  8 Nov 2005 23:09:48 +0100 (CET)
Received: by hammer.stack.nl (Postfix, from userid 333)
	id 906FB6526; Tue,  8 Nov 2005 23:09:48 +0100 (CET)
Date: Tue, 8 Nov 2005 23:09:48 +0100
From: Marc Olzheim <marcolz@stack.nl>
To: Lars Eggert <lars.eggert@netlab.nec.de>
Message-ID: <20051108220948.GA2602@stack.nl>
References: <E019841F-389F-4B15-942E-F30F6745ECBF@netlab.nec.de>
	<20051108204603.GA2121@stack.nl>
	<280E31B0-BA54-404A-8CD4-2EF64F767B9A@netlab.nec.de>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="sdtB3X0nJg68CQEu"
Content-Disposition: inline
In-Reply-To: <280E31B0-BA54-404A-8CD4-2EF64F767B9A@netlab.nec.de>
X-Operating-System: FreeBSD hammer.stack.nl 6.0-BETA4 FreeBSD 6.0-BETA4
X-URL: http://www.stack.nl/~marcolz/
User-Agent: Mutt/1.5.11
Cc: Marc Olzheim <marcolz@stack.nl>, net@freebsd.org
Subject: Re: TCP RST handling in 6.0
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2005 22:09:50 -0000


--sdtB3X0nJg68CQEu
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 08, 2005 at 01:56:41PM -0800, Lars Eggert wrote:
> On Nov 8, 2005, at 12:46, Marc Olzheim wrote:
> >Being on the wrong end of a distributed tcp syn flood attack atm. =20
> >on the
> >machine I'm mailing from, is probably enough to convince me of its =20
> >use.
>=20
> The change we are discussing is not protecting you from SYN floods, =20
> it is supposed to protect you from spoofed RSTs.

Whoops, indeed, I misread. Well then, still glad to inform you that I'm
happy with the performance of the machine under a synflood attack :-P

Marc

--sdtB3X0nJg68CQEu
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQFDcSIsezjnobFOgrERAuyaAJ99FFZ5VGYl0RIDr502qXYbH3nUjgCgi2IV
ph1xL/8GVJPs33RCnrO77wc=
=DuhM
-----END PGP SIGNATURE-----

--sdtB3X0nJg68CQEu--