Subject: Re: erroneous ack packet, ideas please?
To: Kevin M. Lahey <firstname.lastname@example.org>
From: Andrew Brown <email@example.com>
Date: 07/10/1997 15:44:10
> From: Kevin M. Lahey
>>i've been modifying the tcp stack to add tcp eagers listeners and i'm
>>a little confused about something that i've started seeing.
>What are eager listeners? It certainly sounds like a cool thing :-),
>even if I have no idea what it is...
solaris 2.3 and 2.4 had something called tcp_eager_listeners which was
(i believe) implemented as a system-wide setting to affect tcp
connections. what it did was cause the accept() call to return after
receipt of the initial syn packet, not after the entire three-way
handshake had completed. i believe the idea was that one could more
effectively screen connections by making the services appear not to be
supported, rather than (ala tcp wrappers) first accepting the
connection, and then dropping it.
i've got my box at home to the point where accept() returns after the
first syn (via a setsockopt() on the "master" socket), subsequent syns
are simply "absorbed", and i can then *choose* to keep the connection
and finish the tcp handshake (via an ioctl() on the "slave" socket).
after this, it behaves like a completely normal socket except for the
extra ack packet that i don't understand.
i haven't got the reset packet working yet (although my computer
notices that that's what i'm trying to do) and then there would be
some finishing work (like making it a config option, and adding a
sysctl so that you can compile it in but turn it off for later), but
other than that, i'm pretty much done.
|-----< "CODE WARRIOR" >-----|
firstname.lastname@example.org (TheMan) * "ah! i see you have the internet
email@example.com that goes *ping*!"
firstname.lastname@example.org * "information is power -- share the wealth."