On Thu, 12 Oct 2006 15:54:49 -0700 Rick Jones <[EMAIL PROTECTED]> wrote:
> > More to the point, on what basis would the application be rejecting a > > connection request based solely on the SYN? > > True, it isn't like there would suddenly be any call user data as in XTI/TLI. > > > There are only two pieces of information available: the remote IP > > address and port, and the total number of pending requests. The > > latter is already addressed through the backlog size, and netfilter > > rules can already be used to reject based on IP address. > > It would though allow an application to have an even more restricted set of > allowed IP's than was set in netfilter. Rather like allowing the application > to > set socket buffer sizes rather than relying on the system's default. > Some version of BSD sockets had this behaviour, perhaps you should use the same model. It was some socket option, I can't remember; what ever it wasn't widely adopted. Nothing says you can't just use shutdown() to force a RST on the addresses you don't want to talk to. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
