On Sat, 6 Aug 2005, Minh Tran wrote:
I was looking around for the files of Kernel code where SYN messages are
sent, so we can simply inject some code to send back a reset messages or
ignore the SYN requests. I was looking at the function ioctl() which
takes fd of the tcp socket. As i track the function down, there is also
another call to the dev_ioclt() function where all parameters are passed
down. However, i was not sucessful with finding out the description of
this dev_ioclt() function. I am having a bit of trouble in finding out
the way of injecting code in the kernel to deal with SYN packets. I am
thinking of using ipfw to either reset or drop SYN packets.
Would anyone have some hints on the clean way of injecting some code to
deal with SYN packets or could you give me some ideas on which files i
should look at? I really appreciate that. I saw some promising files in
src/sys/netinet but they are not all clear in my mind.
TCP packet input processing occurs in
src/sys/netinet/tcp_input.c:tcp_input(). This is a very large function,
so you will want to search for the following line, which precedes
responsible for the processing of SYN packets that will form new
connections:
if (so->so_options & SO_ACCEPTCONN) {
FreeBSD makes use of a combined syncache/syncookie mechanism, so you're
probably also interested in tcp_syncache.c.
Robert N M Watson
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
