Subject: Re: tcpdrop for NetBSD
To: Martin Husemann <martin@duskware.de>
From: D'Arcy J.M. Cain <darcy@NetBSD.org>
List: tech-net
Date: 05/11/2005 05:22:32
On Wed, 11 May 2005 08:35:39 +0200
Martin Husemann <martin@duskware.de> wrote:
> This is not an argument pro/cons including this functionality, but can
> you please give an example of why/when this would be usefull? I think
> I never missed this feature myself, so I'm curious.
How about after a DDOS when you have a bunch of connections in some sort
of waiting state. You have blocked the offending site but now you have
a bunch of connections hanging around waiting for a timeout. It would
be nice to be able to get rid of them right away if they are affecting
other's access.
--
D'Arcy J.M. Cain <darcy@NetBSD.org>
http://www.NetBSD.org/