From owner-freebsd-hackers@FreeBSD.ORG Sat Aug 6 11:43:02 2005 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B60C516A41F for ; Sat, 6 Aug 2005 11:43:02 +0000 (GMT) (envelope-from mtran@groupwise.swin.edu.au) Received: from mailmonitor.cc.swin.edu.au (mailmonitor.cc.swin.edu.au [136.186.1.65]) by mx1.FreeBSD.org (Postfix) with ESMTP id F293343D82 for ; Sat, 6 Aug 2005 11:43:01 +0000 (GMT) (envelope-from mtran@groupwise.swin.edu.au) Received: from groupwise.swin.edu.au (Not Verified[136.186.3.217]) by mailmonitor.cc.swin.edu.au with NetIQ MailMarshal (v6, 0, 3, 8) id ; Sat, 06 Aug 2005 21:42:59 +1000 Received: from INET-DOM-MTA by groupwise.swin.edu.au with Novell_GroupWise; Sat, 06 Aug 2005 21:42:59 +1000 Message-Id: X-Mailer: Novell GroupWise Internet Agent 6.5.4 Date: Sat, 06 Aug 2005 21:42:44 +1000 From: "Minh Tran" To: Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Mailman-Approved-At: Sat, 06 Aug 2005 11:50:05 +0000 Subject: Kernel code of reseting/ignoring tcp SYN packets X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Aug 2005 11:43:02 -0000 ** Reply Requested When Convenient ** Hi everyone, I was looking around for the files of Kernel code where SYN messages are = sent, so we can simply inject some code to send back a reset messages or ignore= =20the SYN requests. I was looking at the function ioctl() which takes fd of the tcp socket.=20 As i track the function down, there is also another call to the dev_ioclt= () function where all parameters are passed down.=20 However, i was not sucessful with finding out the description of this dev= _ioclt() function.=20 I am having a bit of trouble in finding out the way of injecting code in = the kernel to deal with SYN packets.=20 I am thinking of using ipfw to either reset or drop SYN packets. Would anyone have some hints on the clean way of injecting some code to d= eal with SYN packets=20 or could you give me some ideas on which files i should look at? I really= =20appreciate that. I saw some promising files in src/sys/netinet but they are not all clear = in my mind. Thanks heaps! Swinburne University of Technology CRICOS Provider Code: 00111D NOTICE This e-mail and any attachments are confidential and intended only for th= e use of the addressee. They may contain information that is privileged o= r protected by copyright. If you are not the intended recipient, any diss= emination, distribution, printing, copying or use is strictly prohibited.= =20The University does not warrant that this e-mail and any attachments a= re secure and there is also a risk that it may be corrupted in transmissi= on. It is your responsibility to check any attachments for viruses or def= ects before opening them. If you have received this transmission in error= , please contact us on +61 3 9214 8000 and delete it immediately from you= r system. We do not accept liability in connection with computer virus, d= ata corruption, delay, interruption, unauthorised access or unauthorised = amendment.