Kernel code of reseting/ignoring tcp SYN packets
John-Mark Gurney
gurney_j at resnet.uoregon.edu
Wed Aug 10 05:04:33 GMT 2005
Minh Tran wrote this message on Sat, Aug 06, 2005 at 21:42 +1000:
> I was looking around for the files of Kernel code where SYN messages are sent,
> so we can simply inject some code to send back a reset messages or ignore the SYN requests.
You should probably simply look at ipfw... you can match outgoing syn
requests with something like:
ipfw add deny ip from any to any out setup
> I am having a bit of trouble in finding out the way of injecting code in the kernel to deal with SYN packets.
> I am thinking of using ipfw to either reset or drop SYN packets.
>
> Would anyone have some hints on the clean way of injecting some code to deal with SYN packets
> or could you give me some ideas on which files i should look at? I really appreciate that.
> I saw some promising files in src/sys/netinet but they are not all clear in my mind.
The file that does the sending of SYN packets is sys/netinet/tcp_output.c
in the function tcp_output... but I'd highly recommend you look at ipfw
or divert sockets...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the freebsd-hackers
mailing list