tcpdrop(8) for DragonFly

Matthew Dillon dillon at apollo.backplane.com
Sat Nov 13 14:49:15 PST 2004


    I like the idea, but we can't implement it that way.  It is not legal
    in DragonFly to every directly call tcp_drop(tp, ...) or in fact do
    anything directly at all with a tcpcb.  The appropriate network protocol
    message must be constructed dispatched to the tcp protocol thread
    responsible for that tcpcb so the drop doesn't race other protocol
    operations.

    Using sysctl is an interesting twist.  I'm not sure if I like the 
    idea but I have to admit that it does seem to be a fairly clean way
    to do it.

					-Matt
					Matthew Dillon 
					<dillon at xxxxxxxxxxxxx>


:Hello
:
:tcpdrop is an utility that shipped with OpenBSD 3.6. As the name
:indicates, it can be used to drop a TCP connection from the command line,
:which can be useful during denial of service attacks, or if some
:connection is causing congestion on a link.
:
:The patch at
:
:http://andre.people.digirati.com.br/dragonfly/patches/tcpdrop/tcp_subr.patch
:
:adds the "net.inet.tcp.drop" and "net.inet6.tcp6.drop" sysctls. I don't
:have how to test the inet6 one, so I just based it on the other existing
:sysctls. The inet4 one worked fine.
:
:The code for the tcpdrop utility is at
:
:http://andre.people.digirati.com.br/dragonfly/patches/tcpdrop/tcpdrop/
:
:These are the corresponding commit messages on OpenBSD:
:
:http://marc.theaimsgroup.com/?l=openbsd-cvs&m=108286763417660&w=2
:http://marc.theaimsgroup.com/?l=openbsd-cvs&m=108300920411879&w=2
:
:Best regards,
:Andre







More information about the Submit mailing list