On Fri, Jan 04, 2002 at 06:02:10PM -0500, Louis A. Mamakos wrote: > > One possibility is that the code in icmp_input() processing the > PMTU discovery-induced ICMP message could verify that the returned > header in fact is associated with a connection on the host and > maybe even has sane sequence numbers (for TCP segments).
The code does that today src/sys/netinet/tcp_subr.c in tcp_ctlinput() added in rev 1.94 on february 26th 2001 when it was moved from src/sys/netinet/in_pcb.c in_pcbnotify() added in rev 1.70 on december 24th 2000 > This would make it more difficult to just spray these packets at host > and drop the MTU on routes. /Jesper -- Jesper Skriver, jesper(at)skriver(dot)dk - CCIE #5456 Work: Network manager @ AS3292 (Tele Danmark DataNetworks) Private: FreeBSD committer @ AS2109 (A much smaller network ;-) One Unix to rule them all, One Resolver to find them, One IP to bring them all and in the zone to bind them. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message