Date: Tue, 3 Jun 1997 15:01:18 +0200 (SAT) From: John Hay <jhay@zibbi.mikom.csir.co.za> To: adam@homeport.org (Adam Shostack) Cc: security@FreeBSD.ORG Subject: Re: TCP RST Handling in 2.2 (fwd) Message-ID: <199706031301.PAA09997@zibbi.mikom.csir.co.za> In-Reply-To: <199706031204.IAA21853@homeport.org> from Adam Shostack at "Jun 3, 97 08:04:54 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> Thats a bug in trumpet, which should be fixed there. Is there an RFC > which details this mod you're suggesting? I'd hate to see my OpenBSD > boxes react even more negatively to freebsd. Arbitrary extra rst > packets arriving worry me. I agree that it is a bug in trumpet, but I still don't think another machine should be able to just kill my connections like it is now. > > (Right now, they refuse to talk NFS to a freebsd server with virtual > interfaces, since the kernel doesn't send packets back with the right > IP address. OpenBSD assumes that a spoof is taking place.) > > Adam > > PS To Darren: This is the change I was refering to, not fixing the > bug you were pointing out. > > John Hay wrote: > > | > | Certainly. It might also be worth implementing the three-way RST > | > | handshake which has been proposed by some to fill some theoretical > | > | gaps in TCP's handling of resets which could (very rarely) result in > | > | innocent connections getting reset. > | > > | > I'd strongly recommend against implementing a non standard > | > TCP mod as anything but an option for those who want to play with it. > | > Please don't put it in the base code. > | > > | > | But if we can get something better than we have now, I would feel a lot > | better. Last week we had the case here where tcp connections between > | machines would just die at random with a "connection reset by peer" > | message. It turned out that there was an old Windows 3.1 box with > | Trumpet Winsock v1.0b which send Reset messages "at random" for connections > | that had nothing to do with it, execept that it was on the same piece > | of ethernet coax. > | John -- John Hay -- John.Hay@mikom.csir.co.za
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706031301.PAA09997>