OpenBSD's tcpdrop(8)

Peter Wemm peter at wemm.org
Tue Jan 25 18:45:40 PST 2005


On Sunday 23 January 2005 09:33 am, Robert Watson wrote:
> On Sun, 23 Jan 2005, Maxim Konovalov wrote:
> > I've ported OpenBSD's tcpdrop(8) and a relevant kernel part.
> >
> > >From the man page, http://tinyurl.com/4lvo9
> >
> >      The tcpdrop command drops the TCP connection specified by the
> > local address laddr, port lport and the foreign address faddr, port
> > fport.
> >
> > There are patches for HEAD and RELENG_4:
> >
> > http://people.freebsd.org/~maxim/diff/tcpdrop.diff
> > http://people.freebsd.org/~maxim/diff/tcpdrop.diff-4
> >
> > Two questions: do we want to have it in the base system?  Does the
> > diff look OK (I didn't test IPv6 part)?
>
> The locking in the 6.x version looked reasonable, although you need
> to check to see if the (tp) returned by tcp_drop() is NULL or not and
> then conditionally unlock the inpcb if it's non-NULL -- otherwise you
> might unlock a free'd inpcb.  There doesn't seem to be much
> validation of the tcp_ident_mapping structure, such as validation
> that the address lengths, etc, are correct?

We have used something like this at work for a very long time, except 
not with such a nice interface.  It can actually be rather handy!  I'd 
like to see it go in once the rough edges are smoothed out.

-- 
Peter Wemm - peter at wemm.org; peter at FreeBSD.org; peter at yahoo-inc.com
"All of this is for nothing if we don't go to the stars" - JMS/B5


More information about the freebsd-current mailing list