Slipping in the window update
Don Lewis
truckman at FreeBSD.org
Mon Jan 10 01:13:11 PST 2005
After a bit more thinking ...
On 10 Jan, Don Lewis wrote:
> and then after the dropafterack label add the code:
>
> + if (thflags & TH_SYN) {
> + if (tp->t_state == TCPS_ESTABLISHED &&
> + tcp_insecure_syn == 0) {
> + if (badport_bandlim(BANDLIM_SYN_ESTABLISHED) < 0)
> + goto drop;
> + tcp_respond(tp, mtod(m, void *), th, m, tp->rcv_nxt,
> + tp->snd_una, TH_ACK);
> [snip]
>
> I don't think this fix would be complete from the response rate limiting
> point of view because this chunk of code in the block that trims to the
> left window edge tosses the TH_SYN flag.
>
> todrop = tp->rcv_nxt - th->th_seq;
> if (todrop > 0) {
> if (thflags & TH_SYN) {
> thflags &= ~TH_SYN;
> th->th_seq++;
> if (th->th_urp > 1)
> th->th_urp--;
> else
> thflags &= ~TH_URG;
> todrop--;
> }
>
> and this block of code doesn't jump to dropafterack, even in the case
> where the entire segment is to the left of the window. Something else
> would have to be done to implement rate limiting for this half of the
> sequence space.
I think this problem could be solved by a minor addition to the above
block of code. If the SYN flag is set and the sequence number of the
segment doesn't match the initial received sequence number of the
connection, then we know this is not a duplicate SYN.
todrop = tp->rcv_nxt - th->th_seq;
if (todrop > 0) {
if (thflags & TH_SYN) {
+ if (th->th_seq != tp->irs)
+ goto dropafterack;
thflags &= ~TH_SYN;
th->th_seq++;
if (th->th_urp > 1)
th->th_urp--;
else
thflags &= ~TH_URG;
todrop--;
}
More information about the freebsd-net
mailing list