On Sat, Oct 27, 2007 at 04:21:23AM +0100, Bruce M. Simpson wrote: > Matus Harvan wrote: >> Hi, >> >> I was wondering if I could get some feedback about the patch and >> whether others think it could be committed. >> > > The UDP catchall patch as submitted here clashes with the blackhole > functionality, and also bypasses the update of the protocol statistics and > unreachable port rate limiting. It is not yet suitable for a production > kernel.
I do not see how it clashes with the blackhole functionality. If catchall is enabled then a UDP packet destined for port, which is not used by any other UDP socket, is passed to rip_input() and would show up on the raw socket. This happens irrespective of te blackhole functionality being enabled or not. I think the protocol statistics for UDP are updated. Which one is missing? The catchall feature has its own rate limit, catchallr. This is different from the unreachable port rate limit. Hence, I don't see a problem in bypassing the unreachable port rate limiting. > It probably shouldn't trigger the log_in_vain message, however that log > message is misleading anyway (the reception of UDP datagrams destined for > unbound ports is not a 'connection attempt'). I think the log_in_vain message is triggered only if the packet is not passed to the raw socket, i.e., if catchalllim is exhausted. Then the normal way for processing the packet is followed. Is this what you have meant with triggering the log_in_vain message? Matus
pgpe4SjVIZ0Gn.pgp
Description: PGP signature
