Date: Sun, 8 May 2005 22:13:29 -0400 From: Suleiman Souhlal <ssouhlal@FreeBSD.org> To: Gandalf The White <gandalf@digital.net> Cc: freebsd-net@FreeBSD.org Subject: Re: FreeBSD and the Rose Attack / NewDawn Message-ID: <52F4D230-9D2D-4D75-93DC-FF54BB902D98@FreeBSD.org> In-Reply-To: <BEA2382D.1B2B2%gandalf@digital.net> References: <BEA2382D.1B2B2%gandalf@digital.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, On May 7, 2005, at 10:17 AM, Gandalf The White wrote: > Take a look at the Linux implementation, they did a pretty good > job. It > consists of something like: > 0) Store the size of packet in a variable > 1) Add up the number of bytes the fragments received and continue > to store / > accept fragments until ... > 2) You get the final fragment. If you have enough bytes to look > like you > have the entire packet then send the fragment off for reassembly, > otherwise > keep accepting fragments until you get enough fragments for the whole > packet. The patch at http://people.freebsd.org/~ssouhlal/testing/ ip_reass-20050507.diff does just this. Could you kindly test it? Bye, -- Suleiman Souhlal | ssouhlal@vt.edu The FreeBSD Project | ssouhlal@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52F4D230-9D2D-4D75-93DC-FF54BB902D98>