Limbo

Limbo

概要

実装

  255: /*
  256:  *  New calls are put in limbo rather than having a conversation structure
  257:  *  allocated.  Thus, a SYN attack results in lots of limbo'd calls but not
  258:  *  any real Conv structures mucking things up.  Calls in limbo rexmit their
  259:  *  SYN ACK every SYNACK_RXTIMER ms up to 4 times, i.e., they disappear after 1 second.
  260:  *
  261:  *  In particular they aren't on a listener's queue so that they don't figure
  262:  *  in the input queue limit.
  263:  *
  264:  *  If 1/2 of a T3 was attacking SYN packets, we'ld have a permanent queue
  265:  *  of 70000 limbo'd calls.  Not great for a linear list but doable.  Therefore
  266:  *  there is no hashing of this list.
  267:  */
  268: typedef struct Limbo Limbo;
  269: struct Limbo
  270: {
  271:         Limbo  *next;
  272: 
  273:         uchar  laddr[IPaddrlen];
  274:         uchar  raddr[IPaddrlen];
  275:         ushort lport;
  276:         ushort rport;
  277:         ulong  irs;             /* initial received sequence */
  278:         ulong  iss;             /* initial sent sequence */
  279:         ushort mss;            /* mss from the other end */
  280:         ushort rcvscale;       /* how much to scale rcvd windows */
  281:         ushort sndscale;       /* how much to scale sent windows */
  282:         ulong  lastsend;        /* last time we sent a synack */
  283:         uchar  version; /* v4 or v6 */
  284:         uchar  rexmits; /* number of retransmissions */
  285: };

* はてなダイアリーキーワード:Limbo