Re: Dynamic IP hack (PR#294)

Alan Cox (alan@lxorguk.ukuu.org.uk)
Mon, 19 Oct 1998 01:10:51 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan Cox: "Re: Cyrix Detection -- NO SMP, please ?????"
Previous message: Gregory Maxwell: "Re: Cyrix Detection -- NO SMP, please ?????"

> On Mon, Oct 19, 1998 at 01:47:57AM +0200, Alan Cox wrote:
> > 2. Killing connections on a drop. This potentially violates the RFC
> > check rules on time wait unless you are very careful. Also tell me
> > why it cant be done in user space by turning /proc/net/ into a set
> > of temporary 'reject' filter rules
>
> The RFC TIME_WAIT rules only make sense when the connection endpoint
> (address/port) still exists. For a dynamic address that is gone that isn't
> the case.

A reconnect within 2 minutes may recreate it. Ok still tell me why ipfwadm
rules wont do instead and we'll forget the time-wait issue

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: Cyrix Detection -- NO SMP, please ?????"
Previous message: Gregory Maxwell: "Re: Cyrix Detection -- NO SMP, please ?????"