Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 1 Oct 1997 18:37:36 -0700
From:      Don Lewis <Don.Lewis@tsc.tdk.com>
To:        Richard Jones <richard@a42.deep-thought.org>, Paul Traina <pst@juniper.net>
Cc:        "Jordan K. Hubbard" <jkh@time.cdrom.com>, dg@root.com, Don Lewis <Don.Lewis@tsc.tdk.com>, hackers@FreeBSD.ORG, bugs@FreeBSD.ORG
Subject:   Re: FreeBSD TCP stack and RST processing [subj changed]
Message-ID:  <199710020137.SAA16461@salsa.gv.tsc.tdk.com>
In-Reply-To: Richard Jones <richard@a42.deep-thought.org> "Re: FreeBSD TCP stack and RST processing [subj changed]" (Oct  2, 11:09am)
next in thread | previous in thread | raw e-mail | index | archive | help 

On Oct 2, 11:09am, Richard Jones wrote:
} Subject: Re: FreeBSD TCP stack and RST processing [subj changed]
} Paul Traina <pst@juniper.net> wrote:
} > I put it in there for a reason, Steven's III showed a case where you could
} > pummel the box with a barage of, I believe, syn ack's and basicly melt things.
} > Sorry my memory is so foggy on the issue now.  I'll go back and try to 
} > remember.

Steven's III?  I don't have that one, since I figured that I already knew
how NNTP worked.

} Hmm..but if you barrage the system with SYN ACK's when the system is in a 
} listen state, you shouldn't jump into SYN_RECEIVED should you?

Nope.  This case is handled earlier:

        case TCPS_LISTEN: {
                struct mbuf *am;
                register struct sockaddr_in *sin;
                
                if (tiflags & TH_RST)
                        goto drop;
                if (tiflags & TH_ACK)
                        goto dropwithreset;
                if ((tiflags & TH_SYN) == 0)
                        goto drop;


} The code
} which does the if (TH_RST) stuff is prolly ok...its the addition of the
} case SYN_RECEIVED up the top that does the trick.

As in goobers it up.

} Its ok to look for
} an ACK when in SYN_SENT on RST's coz thats what is expected, and if you
} get other than expected and drop then its no big deal unless you can force
} a remote freebsd system to send out (pure) SYN's to non-connected
} ports, unlikely.  I  only have the snippets posted to the list available, but 
} based on them I'd say remove the case SYN_RECEIVED that was added.

That's what I did in my local source tree.

} You might 
} get away with getting rid of the ACK flag check without losing anything, but 
} any side effects should be thought through.

Yeah, the case of what to do if you receive an ACK in the SYN_RECEIVED
case bothers me as well.

			---  Truck

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710020137.SAA16461>