Date: Wed, 31 Oct 2007 22:17:21 +0100 From: Matus Harvan <mharvan@inf.ethz.ch> To: "Bruce M. Simpson" <bms@FreeBSD.org> Cc: freebsd-net@freebsd.org, Brooks Davis <brooks@freebsd.org>, Max Laier <max@love2party.net> Subject: Re: UDP catchall Message-ID: <20071031211721.GA2086@styx.ethz.ch> In-Reply-To: <4722AEB3.1010208@FreeBSD.org> References: <20070909201837.GA18107@inf.ethz.ch> <20071026154057.GG1049@styx.ethz.ch> <4722AEB3.1010208@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--bg08WKrSYDhXBjb5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Oct 27, 2007 at 04:21:23AM +0100, Bruce M. Simpson wrote: > Matus Harvan wrote: >> Hi, >>=20 >> I was wondering if I could get some feedback about the patch and >> whether others think it could be committed. >> =20 >=20 > The UDP catchall patch as submitted here clashes with the blackhole=20 > functionality, and also bypasses the update of the protocol statistics an= d=20 > unreachable port rate limiting. It is not yet suitable for a production= =20 > kernel. I do not see how it clashes with the blackhole functionality. If catchall is enabled then a UDP packet destined for port, which is not used by any other UDP socket, is passed to rip_input() and would show up on the raw socket. This happens irrespective of te blackhole functionality being enabled or not. I think the protocol statistics for UDP are updated. Which one is missing? The catchall feature has its own rate limit, catchallr. This is different from the unreachable port rate limit. Hence, I don't see a problem in bypassing the unreachable port rate limiting. > It probably shouldn't trigger the log_in_vain message, however that log= =20 > message is misleading anyway (the reception of UDP datagrams destined for= =20 > unbound ports is not a 'connection attempt'). I think the log_in_vain message is triggered only if the packet is not passed to the raw socket, i.e., if catchalllim is exhausted. Then the normal way for processing the packet is followed. Is this what you have meant with triggering the log_in_vain message? Matus --bg08WKrSYDhXBjb5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFHKPDh43LQWDWf0QIRAp0kAJ9LZsnXDEhjzzg/NOpSQJg+SJ8T7gCgmSPY dvLHqUqa60rnD2loyevFx/k= =O/iz -----END PGP SIGNATURE----- --bg08WKrSYDhXBjb5--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071031211721.GA2086>