From owner-cvs-all  Fri Dec 22  1:27:43 2000
From owner-cvs-all@FreeBSD.ORG  Fri Dec 22 01:27:39 2000
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from freesbee.wheel.dk (freesbee.wheel.dk [193.162.159.97])
	by hub.freebsd.org (Postfix) with ESMTP
	id 80B6937B400; Fri, 22 Dec 2000 01:27:35 -0800 (PST)
Received: by freesbee.wheel.dk (Postfix, from userid 1001)
	id 5D8EF3E49; Fri, 22 Dec 2000 10:27:34 +0100 (CET)
Date: Fri, 22 Dec 2000 10:27:34 +0100
From: Jesper Skriver <jesper@skriver.dk>
To: Don Lewis <Don.Lewis@tsc.tdk.com>
Cc: Kris Kennaway <kris@FreeBSD.ORG>,
	Poul-Henning Kamp <phk@critter.freebsd.dk>,
	security-officer@FreeBSD.ORG, cvs-all@FreeBSD.ORG,
	freebsd-net@FreeBSD.ORG
Subject: Re: what to do now ?  Was: cvs commit: src/sys/netinet ip_icmp.c tcp_subr.c tcp_var.h
Message-ID: <20001222102734.B86219@skriver.dk>
References: <20001218182600.C1856@skriver.dk> <20001219222730.A29741@skriver.dk> <200012201046.CAA19456@salsa.gv.tsc.tdk.com> <20001220155118.N81814@skriver.dk> <200012212336.PAA27025@salsa.gv.tsc.tdk.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <200012212336.PAA27025@salsa.gv.tsc.tdk.com>; from Don.Lewis@tsc.tdk.com on Thu, Dec 21, 2000 at 03:36:52PM -0800
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Thu, Dec 21, 2000 at 03:36:52PM -0800, Don Lewis wrote:
> On Dec 20,  3:51pm, Jesper Skriver wrote:

> } > We should also bail out if the sequence check fails,
> } > since it isn't possible for there to be another connection with the same
> } > src/srcport/dst/dstport, so there is no sense in continuing the search.
> } 
> } That is was we do right ?
> } 
> } First we check if src/dst ip address and port numbers match, if not we
> } bail out, so if we reach the above check we know these match, then we
> } check for tcp sequence number, if this doesn't match we bail out.
> 
> If the src/dst addresses and port numbers don't match, we start the next
> iteration of the loop.  If the sequence numbers don't match, we want to
> exit the loop.  I believe the continue should be changed to a break.

Agree, a minor change I'll get PHK to put into the diff he's about to
commit.

> I'll pretty much be off the net until the new year, so I won't be able
> to perform any further reviews until then.

Happy new year and a merry Xmas.

/Jesper

-- 
Jesper Skriver, jesper(at)skriver(dot)dk  -  CCIE #5456
Work:    Network manager @ AS3292 (Tele Danmark DataNetworks)
Private: Geek            @ AS2109 (A much smaller network ;-)

One Unix to rule them all, One Resolver to find them,
One IP to bring them all and in the zone to bind them.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message