Date: Wed, 01 Oct 1997 15:30:15 -0700 From: Paul Traina <pst@juniper.net> To: dg@root.com Cc: Don Lewis <Don.Lewis@tsc.tdk.com>, Richard Jones <richard@a42.deep-thought.org>, hackers@freebsd.org, bugs@freebsd.org Subject: Re: FreeBSD TCP stack and RST processing [subj changed] Message-ID: <199710012230.PAA03697@base.juniper.net> In-Reply-To: Your message of "Wed, 01 Oct 1997 04:51:35 PDT." <199710011151.EAA08698@implode.root.com>
next in thread | previous in thread | raw e-mail | index | archive | help
It's been so long since I touched this that I won't offer an opinion.
The original idea was ripped from Stevens by vjs and then from me, if
memory serves me.
From: David Greenman <dg@root.com>
Subject: Re: FreeBSD TCP stack and RST processing [subj changed]
>This code appears to be correct, and agrees with what's in the book.
>
>However ... there is some code *earlier* in tcp_input() that looks like it
>botches this situation:
...
>It looks like we just drop the packet containing the RST! The example code
>in the book does not execute this code in the SYN_RECEIVED state. I don't
>know the history of this code, so I don't know why it was changed.
>
>copied to freebsd-bugs
This appears to have been broken in rev 1.52:
----------------------------
revision 1.52
date: 1996/10/07 04:32:39; author: pst; state: Exp; lines: +23 -13
Increase robustness of FreeBSD against high-rate connection attempt
denial of service attacks.
Reviewed by: bde,wollman,olah
Inspired by: vjs@sgi.com
----------------------------
...
***************
*** 753,758 ****
--- 758,765 ----
}
/*
+ * If the state is SYN_RECEIVED:
+ * do just the ack and RST checks from SYN_SENT state.
* If the state is SYN_SENT:
* if seg contains an ACK, but not for our SYN, drop the input.
* if seg contains a RST, then drop the connection.
***************
*** 764,769 ****
--- 771,777 ----
* arrange for segment to be acked (eventually)
* continue processing rest of data/controls, beginning with URG
*/
+ case TCPS_SYN_RECEIVED:
case TCPS_SYN_SENT:
if ((taop = tcp_gettaocache(inp)) == NULL) {
taop = &tao_noncached;
***************
*** 791,796 ****
--- 799,806 ----
tp = tcp_drop(tp, ECONNREFUSED);
goto drop;
}
+ if (tp->t_state == TCPS_SYN_RECEIVED)
+ break;
if ((tiflags & TH_SYN) == 0)
goto drop;
tp->snd_wnd = ti->ti_win; /* initial send window */
-DG
David Greenman
Core-team/Principal Architect, The FreeBSD Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710012230.PAA03697>