OpenBSD's tcpdrop(8)
Robert Watson
rwatson at freebsd.org
Sun Jan 23 09:34:05 PST 2005
On Sun, 23 Jan 2005, Maxim Konovalov wrote:
> I've ported OpenBSD's tcpdrop(8) and a relevant kernel part.
> >From the man page, http://tinyurl.com/4lvo9
>
> The tcpdrop command drops the TCP connection specified by the local
> address laddr, port lport and the foreign address faddr, port fport.
>
> There are patches for HEAD and RELENG_4:
>
> http://people.freebsd.org/~maxim/diff/tcpdrop.diff
> http://people.freebsd.org/~maxim/diff/tcpdrop.diff-4
>
> Two questions: do we want to have it in the base system? Does the diff
> look OK (I didn't test IPv6 part)?
The locking in the 6.x version looked reasonable, although you need to
check to see if the (tp) returned by tcp_drop() is NULL or not and then
conditionally unlock the inpcb if it's non-NULL -- otherwise you might
unlock a free'd inpcb. There doesn't seem to be much validation of the
tcp_ident_mapping structure, such as validation that the address lengths,
etc, are correct?
Robert N M Watson
More information about the freebsd-current
mailing list