Date: Sat, 6 Aug 2005 22:06:58 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: Minh Tran <mtran@groupwise.swin.edu.au> Cc: freebsd-hackers@freebsd.org Subject: Re: Kernel code of reseting/ignoring tcp SYN packets Message-ID: <20050806220421.A11054@fledge.watson.org> In-Reply-To: <s2f52ee3.024@groupwise.swin.edu.au> References: <s2f52ee3.024@groupwise.swin.edu.au>
index | next in thread | previous in thread | raw e-mail
On Sat, 6 Aug 2005, Minh Tran wrote:
> I was looking around for the files of Kernel code where SYN messages are
> sent, so we can simply inject some code to send back a reset messages or
> ignore the SYN requests. I was looking at the function ioctl() which
> takes fd of the tcp socket. As i track the function down, there is also
> another call to the dev_ioclt() function where all parameters are passed
> down. However, i was not sucessful with finding out the description of
> this dev_ioclt() function. I am having a bit of trouble in finding out
> the way of injecting code in the kernel to deal with SYN packets. I am
> thinking of using ipfw to either reset or drop SYN packets.
>
> Would anyone have some hints on the clean way of injecting some code to
> deal with SYN packets or could you give me some ideas on which files i
> should look at? I really appreciate that. I saw some promising files in
> src/sys/netinet but they are not all clear in my mind.
TCP packet input processing occurs in
src/sys/netinet/tcp_input.c:tcp_input(). This is a very large function,
so you will want to search for the following line, which precedes
responsible for the processing of SYN packets that will form new
connections:
if (so->so_options & SO_ACCEPTCONN) {
FreeBSD makes use of a combined syncache/syncookie mechanism, so you're
probably also interested in tcp_syncache.c.
Robert N M Watson
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050806220421.A11054>