From owner-freebsd-stable@FreeBSD.ORG  Sat Apr 20 17:33:16 2013
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 5DC23A50
 for <freebsd-stable@freebsd.org>; Sat, 20 Apr 2013 17:33:16 +0000 (UTC)
 (envelope-from egrosbein@rdtc.ru)
Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13::5])
 by mx1.freebsd.org (Postfix) with ESMTP id AC04D797
 for <freebsd-stable@freebsd.org>; Sat, 20 Apr 2013 17:33:15 +0000 (UTC)
Received: from eg.sd.rdtc.ru (localhost [127.0.0.1])
 by eg.sd.rdtc.ru (8.14.6/8.14.6) with ESMTP id r3KHX6Eg043713;
 Sun, 21 Apr 2013 00:33:07 +0700 (NOVT)
 (envelope-from egrosbein@rdtc.ru)
Message-ID: <5172D14D.8040009@rdtc.ru>
Date: Sun, 21 Apr 2013 00:33:01 +0700
From: Eugene Grosbein <egrosbein@rdtc.ru>
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
 rv:17.0) Gecko/20130415 Thunderbird/17.0.5
MIME-Version: 1.0
To: Marcelo Gondim <gondim@bsdinfo.com.br>
Subject: Re: Possible DoS in mpd 5.6 pppoe server
References: <5172965A.9080600@bsdinfo.com.br> <5172BDDD.4010509@rdtc.ru>
 <5172CFB2.3010708@bsdinfo.com.br>
In-Reply-To: <5172CFB2.3010708@bsdinfo.com.br>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Apr 2013 17:33:16 -0000

On 21.04.2013 00:26, Marcelo Gondim wrote:

>> You seem to use dummynet and the problem is not in mpd/pppoe code,
>> it's it the dummynet code. Look at http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/162558
>> for workarounds.
> Ok  :)  I will try this:
> 
> - net.isr.bindthreads=1 in /boot/loader.conf;
> - net.isr.direct=1 and net.isr.direct_force=1 in /etc/sysctl.conf

For 9.x and newer, net.isr.XXX knobs names have changed but defaults are fine -
if you have not messed them, you should be OK.