Date: Fri, 13 May 2005 16:32:09 +0400 (MSD) From: Maxim Konovalov <maxim@macomnet.ru> To: Mike Silbersack <silby@silby.com> Cc: Gandalf The White <gandalf@digital.net> Subject: Re: FreeBSD and the Rose Attack / NewDawn Message-ID: <20050513162930.B12839@mp2.macomnet.net> In-Reply-To: <20050513005221.S731@odysseus.silby.com> References: <BEA93507.1B3D1%gandalf@digital.net> <20050513005221.S731@odysseus.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[...] > So, test out my attached patch with varying settings of > maxfragspersecond and see if it makes any difference for you. [...] diff -u -r /usr/src/sys.old/netinet/ip_var.h /usr/src/sys/netinet/ip_var.h --- /usr/src/sys.old/netinet/ip_var.h Sun Apr 17 18:05:06 2005 +++ /usr/src/sys/netinet/ip_var.h Thu May 12 21:16:47 2005 @@ -61,6 +61,8 @@ struct mbuf *ipq_frags; /* to ip headers of fragments */ struct in_addr ipq_src,ipq_dst; u_char ipq_nfrags; /* # frags in this packet */ + u_short ipq_len; /* length of final packet */ + u_short ipq_curlen; /* how much we've gotten so far */ struct label *ipq_label; /* MAC label */ }; #endif /* _KERNEL */ %%% Am I right the above delta is a letfover from Suleiman's work and it's not needed at all? -- Maxim Konovalov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050513162930.B12839>