Re: teardrop and Linux as a router

Paul Rusty Russell (Paul.Russell@rustcorp.com.au)
Tue, 25 Nov 1997 10:06:04 +1100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Rik van Riel: "Re: pageable page tables"
Previous message: W. Reilly Cooley, Esq.: "[2.1.65] Known bug? 'rmmod ipv6'->Oops"

In message <m0xZuud-0005FtC@lightning.swansea.linux.org.uk> you write:
> > else if((ntohs(ip->tot_len)<8+(ip->ihl<<2))&&(ip->protocol==IPPROTO_TCP \
> > || ip->protocol==IPPROTO_UDP))
> > return FW_BLOCK;
> > [...]
> >
> > methinks that blocking those "ugly" packets without any notification
> > is a crime ;-) What about a simple patch ? (attached below)
>
> Now allow me to send you millions of them filling your disk, driving your
> load through the roof and generally becoming a denial of service issue.

Which is what net_ratelimit() is for.
[ This is done in my Generic IP chains patch -- gratuitous plug ].

Rusty.

--
 .sig lost in the mail.

Next message: Rik van Riel: "Re: pageable page tables"
Previous message: W. Reilly Cooley, Esq.: "[2.1.65] Known bug? 'rmmod ipv6'->Oops"