tcpdrop(8) for DragonFly
Matthew Dillon
dillon at apollo.backplane.com
Sat Nov 13 14:49:15 PST 2004
I like the idea, but we can't implement it that way. It is not legal
in DragonFly to every directly call tcp_drop(tp, ...) or in fact do
anything directly at all with a tcpcb. The appropriate network protocol
message must be constructed dispatched to the tcp protocol thread
responsible for that tcpcb so the drop doesn't race other protocol
operations.
Using sysctl is an interesting twist. I'm not sure if I like the
idea but I have to admit that it does seem to be a fairly clean way
to do it.
-Matt
Matthew Dillon
<dillon at xxxxxxxxxxxxx>
:Hello
:
:tcpdrop is an utility that shipped with OpenBSD 3.6. As the name
:indicates, it can be used to drop a TCP connection from the command line,
:which can be useful during denial of service attacks, or if some
:connection is causing congestion on a link.
:
:The patch at
:
:http://andre.people.digirati.com.br/dragonfly/patches/tcpdrop/tcp_subr.patch
:
:adds the "net.inet.tcp.drop" and "net.inet6.tcp6.drop" sysctls. I don't
:have how to test the inet6 one, so I just based it on the other existing
:sysctls. The inet4 one worked fine.
:
:The code for the tcpdrop utility is at
:
:http://andre.people.digirati.com.br/dragonfly/patches/tcpdrop/tcpdrop/
:
:These are the corresponding commit messages on OpenBSD:
:
:http://marc.theaimsgroup.com/?l=openbsd-cvs&m=108286763417660&w=2
:http://marc.theaimsgroup.com/?l=openbsd-cvs&m=108300920411879&w=2
:
:Best regards,
:Andre
More information about the Submit
mailing list