Minh Tran wrote:
** Reply Requested When Convenient **
Hi everyone,
I was looking around for the files of Kernel code where SYN messages are sent,
so we can simply inject some code to send back a reset messages or ignore the
SYN requests.
I was looking at the function ioctl() which takes fd of the tcp socket.
As i track the function down, there is also another call to the dev_ioclt() function where all parameters are passed down.
However, i was not sucessful with finding out the description of this dev_ioclt() function.
I am having a bit of trouble in finding out the way of injecting code in the kernel to deal with SYN packets.
I am thinking of using ipfw to either reset or drop SYN packets.
that's what I would do as it already has that option.
"reset" or "drop" keywords.
reset Discard packets that match this rule, and if the packet is a TCP
packet, try to send a TCP reset (RST) notice. The search termi-
nates.
in addition, in 6.x (or is it just 7?) you can hook an ipfw rule directly into
a netgraph node that you have loaded that could do arbitrary processing.
and even pass it back.
Would anyone have some hints on the clean way of injecting some code to deal with SYN packets
or could you give me some ideas on which files i should look at? I really appreciate that.
I saw some promising files in src/sys/netinet but they are not all clear in my
mind.
Thanks heaps!
Swinburne University of Technology
CRICOS Provider Code: 00111D
NOTICE
This e-mail and any attachments are confidential and intended only for the use
of the addressee. They may contain information that is privileged or protected
by copyright. If you are not the intended recipient, any dissemination,
distribution, printing, copying or use is strictly prohibited. The University
does not warrant that this e-mail and any attachments are secure and there is
also a risk that it may be corrupted in transmission. It is your responsibility
to check any attachments for viruses or defects before opening them. If you
have received this transmission in error, please contact us on +61 3 9214 8000
and delete it immediately from your system. We do not accept liability in
connection with computer virus, data corruption, delay, interruption,
unauthorised access or unauthorised amendment.
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
