From owner-freebsd-net@FreeBSD.ORG  Thu Dec 14 00:11:29 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 3D5F716A571
	for <freebsd-net@freebsd.org>; Thu, 14 Dec 2006 00:11:29 +0000 (UTC)
	(envelope-from julian@elischer.org)
Received: from outL.internet-mail-service.net (outL.internet-mail-service.net
	[216.240.47.235])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 33C8143E41
	for <freebsd-net@freebsd.org>; Thu, 14 Dec 2006 00:03:08 +0000 (GMT)
	(envelope-from julian@elischer.org)
Received: from shell.idiom.com (HELO idiom.com) (216.240.47.20)
	by out.internet-mail-service.net (qpsmtpd/0.32) with ESMTP;
	Wed, 13 Dec 2006 15:49:15 -0800
Received: from [10.251.18.229] (nat.ironport.com [63.251.108.100])
	by idiom.com (8.12.11/8.12.11) with ESMTP id kBE0489E030557
	for <freebsd-net@freebsd.org>; Wed, 13 Dec 2006 16:04:12 -0800 (PST)
	(envelope-from julian@elischer.org)
Message-ID: <458094E7.1060806@elischer.org>
Date: Wed, 13 Dec 2006 16:03:51 -0800
From: Julian Elischer <julian@elischer.org>
User-Agent: Thunderbird 1.5.0.8 (Macintosh/20061025)
MIME-Version: 1.0
To: FreeBSD Net <freebsd-net@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: question for TCP gurus (in ipfw)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Dec 2006 00:11:29 -0000

in the ipfw function send_reject6() we go to great length to calculate 
the sequence number to put into the ack field of the reject packet..

but it's a RESET we are generating..

do we need to go to all the work of setting the ACK value etc?

could we do either of:
1/ not set the ACK bit  and just not do the extra work. Just send a reset?
or
2/ instead of ACKing all the data in the packet we are resetting,
how about just ACKing the sequence number it starts with
and saving ourselves from doing the work of ACKing all the  data
up to the current packet end. (which is the packet we are rejecting 
anyhow) (It takes some calculation to work out the new ack value
which seems pointless as we are rejecting it..)