tcpdrop(8) for DragonFly

Matthew Dillon dillon at
Sun Nov 14 10:31:22 PST 2004

:Joerg Sonnenberger said:
:> The original intent was actually to be able to completely shutdown a
:> connection, because e.g. for a DOS, you don't care about the other side,
:> which most likely doesn't care about you.
:Yes, that was the idea. I guess this is the dilemma of being a good net
:citizen versus being DOS-free. But since we're dealing with the bad guys
:anyway, I don't think that simply dropping them would be a bad thing...

    It sounds like the sysctl should have two options, but at least for 
    any initial implementation it should use shutdown rather then drop.
    There are plenty of ways to deal with TIME_WAIT that would not impose
    much additional overhead verses a drop.

					Matthew Dillon 
					<dillon at xxxxxxxxxxxxx>

More information about the Submit mailing list