Date: Tue, 08 May 2001 13:12:03 -0600 From: huntting@glarp.com To: freebsd-current@freebsd.org Subject: user connection request data w/ recvmsg(2)/getsockopt(2) Message-ID: <200105081912.f48JC3053365@hunkular.glarp.com>
next in thread | raw e-mail | index | archive | help
The following jucy tidbit has been hiding in the accept(2) man page
for several years, but has apparently never been implemented.
One can obtain user connection request data without confirming the con-
nection by issuing a recvmsg(2) call with an msg_iovlen of 0 and a non-
zero msg_controllen, or by issuing a getsockopt(2) request. Similarly,
one can provide user connection rejection information by issuing a
sendmsg(2) call with providing only the control information, or by call-
ing setsockopt(2).
There is no mention of this feature in the man pages for getsockopt(2),
recvmsg(2) or sendmsg(2).
Rather than correct the accept(2), I'd really like to see this
feature implemented in the kernel, and incorporated into tcp wrapper.
I think it would really help limit limit the effectivness of
portscanning.
Who's idea was this origionally and do they have thoughts on why
it should or should not be implemented? Any gottchas?
brad
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200105081912.f48JC3053365>