Date: Tue, 17 Aug 1999 16:18:13 +0930 (CST)
From: "Daniel O'Connor" <doconnor@gsoft.com.au>
To: Warner Losh <imp@village.org>
Cc: ('current@freebsd.org') <current@FreeBSD.ORG>, (Geoff Rehmet) <geoffr@is.co.za>, (Brian W. Buchanan) <brian@CSUA.Berkeley.EDU>, Archie Cobbs <archie@whistle.com>
Subject: Re: Dropping connections without RST
Message-ID: <XFMail.990817161813.doconnor@gsoft.com.au>
In-Reply-To: <199908170646.AAA36916@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On 17-Aug-99 Warner Losh wrote: > : Not that easily.. how are you going to make ipfw dynamically know > : which ports have listeners and which don't? > By filtering all RST packets? The defeats the purpose of having the computer not generate them in the first place.. Well not totally I suppose, but at least part of the advantage of dropping them completely would be that the machine wouldn't spend any time doing it at all... --- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum [-- Attachment #2 --] -----BEGIN PGP MESSAGE----- Version: 2.6.3ia iQCVAwUBN7kFrVbYW/HEoF9pAQG76wQAmvk2sySVkjcQRqvr0tK5fdPlR8tw14xb LZAkWaeC+Ac00KBobrW+cLzCdKgMln7L3rG+S+qfhFx+651YAIGlSOYm8vraGbho YihkNg5DTY72XKLi7uieV7sJ0yJBTeym8dJKYrQDJyKEtzEgOzEHKwvwCvHHA8ay tgupwu8kAIk= =PVor -----END PGP MESSAGE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.990817161813.doconnor>