From owner-freebsd-stable@FreeBSD.ORG  Sat Apr 20 17:26:14 2013
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id D8B147C4
 for <freebsd-stable@freebsd.org>; Sat, 20 Apr 2013 17:26:14 +0000 (UTC)
 (envelope-from gondim@bsdinfo.com.br)
Received: from zeus.linuxinfo.com.br (zeus.linuxinfo.com.br [186.193.48.13])
 by mx1.freebsd.org (Postfix) with ESMTP id 99C3674E
 for <freebsd-stable@freebsd.org>; Sat, 20 Apr 2013 17:26:14 +0000 (UTC)
Received: from zeus.linuxinfo.com.br (zeus.linuxinfo.com.br [127.0.0.1])
 by zeus.linuxinfo.com.br (Postfix) with ESMTP id 1E2EB466A45D
 for <freebsd-stable@freebsd.org>; Sat, 20 Apr 2013 14:24:03 -0300 (BRT)
X-Virus-Scanned: amavisd-new at zeus.linuxinfo.com.br
Received: from zeus.linuxinfo.com.br ([127.0.0.1])
 by zeus.linuxinfo.com.br (zeus.linuxinfo.com.br [127.0.0.1]) (amavisd-new,
 port 10024)
 with ESMTP id htYSgAnDcxCU for <freebsd-stable@freebsd.org>;
 Sat, 20 Apr 2013 14:24:00 -0300 (BRT)
Received: from MacBook-de-Gondim-2.local (unknown [186.193.54.69])
 by zeus.linuxinfo.com.br (Postfix) with ESMTPSA id 8561A466A458
 for <freebsd-stable@freebsd.org>; Sat, 20 Apr 2013 14:24:00 -0300 (BRT)
Message-ID: <5172CFB2.3010708@bsdinfo.com.br>
Date: Sat, 20 Apr 2013 14:26:10 -0300
From: Marcelo Gondim <gondim@bsdinfo.com.br>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8;
 rv:17.0) Gecko/20130328 Thunderbird/17.0.5
MIME-Version: 1.0
To: freebsd-stable@freebsd.org
Subject: Re: Possible DoS in mpd 5.6 pppoe server
References: <5172965A.9080600@bsdinfo.com.br> <5172BDDD.4010509@rdtc.ru>
In-Reply-To: <5172BDDD.4010509@rdtc.ru>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.14
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Apr 2013 17:26:14 -0000

Em 20/04/13 13:10, Eugene Grosbein escreveu:
> On 20.04.2013 20:21, Marcelo Gondim wrote:
>> Hi all,
>>
>> I'm doing tests with mpdas pppoeserver. Tried to simulate an attack of
>> 1000 connections using an incorrect login and after a certain time can
>> cause a kernel panic in the system. Below the panicgenerated:
>>
>> http://pastebin.com/nUXGVR3y
> You seem to use dummynet and the problem is not in mpd/pppoe code,
> it's it the dummynet code. Look at http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/162558
> for workarounds.
Ok  :)  I will try this:

- net.isr.bindthreads=1 in /boot/loader.conf;
- net.isr.direct=1 and net.isr.direct_force=1 in /etc/sysctl.conf