FreeBSD and the Rose Attack / NewDawn
Maxim Konovalov
maxim at macomnet.ru
Fri May 13 05:32:15 PDT 2005
[...]
> So, test out my attached patch with varying settings of
> maxfragspersecond and see if it makes any difference for you.
[...]
diff -u -r /usr/src/sys.old/netinet/ip_var.h /usr/src/sys/netinet/ip_var.h
--- /usr/src/sys.old/netinet/ip_var.h Sun Apr 17 18:05:06 2005
+++ /usr/src/sys/netinet/ip_var.h Thu May 12 21:16:47 2005
@@ -61,6 +61,8 @@
struct mbuf *ipq_frags; /* to ip headers of fragments */
struct in_addr ipq_src,ipq_dst;
u_char ipq_nfrags; /* # frags in this packet */
+ u_short ipq_len; /* length of final packet */
+ u_short ipq_curlen; /* how much we've gotten so far */
struct label *ipq_label; /* MAC label */
};
#endif /* _KERNEL */
%%%
Am I right the above delta is a letfover from Suleiman's work and it's
not needed at all?
--
Maxim Konovalov
More information about the freebsd-net
mailing list